Lines Matching full:if
12 #if defined(MBEDTLS_USE_PSA_CRYPTO) || defined(MBEDTLS_SSL_PROTO_TLS1_3)
16 #if defined(MBEDTLS_SSL_TEST_IMPOSSIBLE)
114 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
124 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
125 #if defined(MBEDTLS_FS_IO)
145 #if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
147 " key_opaque=%%d Handle your private key as if it were opaque\n" \
153 #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
167 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED)
172 #if defined(MBEDTLS_USE_PSA_CRYPTO)
191 #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
199 #if defined(MBEDTLS_SSL_SESSION_TICKETS)
213 #if defined(MBEDTLS_SSL_DTLS_SRTP)
229 #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
237 #if defined(MBEDTLS_DHM_C)
244 #if defined(MBEDTLS_SSL_ALPN)
252 #if defined(MBEDTLS_PK_HAVE_ECC_KEYS) || \
268 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
276 #if defined(MBEDTLS_SSL_PROTO_DTLS)
289 #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
296 #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
306 #if defined(MBEDTLS_SSL_RENEGOTIATION)
314 #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
315 #if defined(MBEDTLS_USE_PSA_CRYPTO)
327 #if defined(MBEDTLS_ECP_RESTARTABLE)
334 #if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
348 #if defined(MBEDTLS_SSL_EARLY_DATA)
364 #if defined(MBEDTLS_SSL_PROTO_TLS1_3)
384 … " If 0, in the first exchange only an empty\n" \
440 #if defined(MBEDTLS_SSL_PROTO_TLS1_3)
455 " query_config=<name> return 0 if the specified\n" \
458 " is printed if it is defined\n" \
480 int key_opaque; /* handle private key as if it were opaque */
481 #if defined(MBEDTLS_USE_PSA_CRYPTO)
484 #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
491 #if defined(MBEDTLS_USE_PSA_CRYPTO)
496 #if defined(MBEDTLS_SSL_PROTO_TLS1_3)
545 #if defined(MBEDTLS_SSL_EARLY_DATA)
558 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
562 * Enabled if debug_level > 1 in code below
572 #if !defined(MBEDTLS_X509_REMOVE_INFO) in my_verify()
574 if (depth == 0) { in my_verify()
578 if (opt.debug_level == 0) { in my_verify()
588 if ((*flags) == 0) { in my_verify()
599 #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
608 if (opt.transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in report_cid_usage()
612 /* Check if the use of a CID has been negotiated, in report_cid_usage()
624 if (ret != 0) { in report_cid_usage()
630 if (cid_negotiated == MBEDTLS_SSL_CID_DISABLED) { in report_cid_usage()
631 if (opt.cid_enabled == MBEDTLS_SSL_CID_ENABLED) { in report_cid_usage()
643 if (ret != 0) { in report_cid_usage()
652 if (ret != 0) { in report_cid_usage()
679 if (*session_data != NULL) { in ssl_save_session_serialize()
688 if (ret != 0) { in ssl_save_session_serialize()
698 if (*session_data == NULL) { in ssl_save_session_serialize()
706 if ((ret = mbedtls_ssl_session_save(&exported_session, in ssl_save_session_serialize()
728 if (ret < 0) { in build_http_request()
734 if (opt.request_size != DFL_REQUEST_SIZE) { in build_http_request()
740 if (request_size > buf_size) { in build_http_request()
745 if (opt.request_size != DFL_REQUEST_SIZE && in build_http_request()
754 /* Truncate if request size is smaller than the "natural" size */ in build_http_request()
755 if (opt.request_size != DFL_REQUEST_SIZE && in build_http_request()
760 if (len >= 2) { in build_http_request()
763 if (len >= 1) { in build_http_request()
781 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) in main()
787 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED) in main()
792 #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) in main()
799 #if defined(MBEDTLS_SSL_ALPN) in main()
803 #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) in main()
807 #if defined(MBEDTLS_SSL_DTLS_SRTP) in main()
814 #if defined(MBEDTLS_USE_PSA_CRYPTO) in main()
815 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED) in main()
831 #if defined(MBEDTLS_TIMING_C) in main()
834 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) in main()
840 #if defined(MBEDTLS_USE_PSA_CRYPTO) in main()
846 #if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) in main()
854 #if defined(MBEDTLS_SSL_DTLS_SRTP) in main()
867 #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) && \ in main()
872 #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) in main()
876 #if defined(MBEDTLS_TEST_HOOKS) in main()
888 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) in main()
893 #if defined(MBEDTLS_SSL_ALPN) in main()
897 #if defined(MBEDTLS_USE_PSA_CRYPTO) || defined(MBEDTLS_SSL_PROTO_TLS1_3) in main()
899 if (status != PSA_SUCCESS) { in main()
906 #if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) in main()
932 #if defined(MBEDTLS_USE_PSA_CRYPTO) in main()
935 #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) in main()
940 #if defined(MBEDTLS_USE_PSA_CRYPTO) in main()
945 #if defined(MBEDTLS_SSL_PROTO_TLS1_3) in main()
969 #if defined(MBEDTLS_SSL_EARLY_DATA) in main()
995 if (argc < 1) { in main()
997 if (p != NULL && q != NULL) { in main()
999 } else if (p != NULL && q == NULL) { in main()
1009 if (ret == 0) { in main()
1018 if (strcmp(p, "help") == 0) { in main()
1027 if (strcmp(p, "help_ciphersuites") == 0) { in main()
1039 if ((q = strchr(p, '=')) == NULL) { in main()
1046 if (strcmp(p, "server_name") == 0) { in main()
1048 } else if (strcmp(p, "server_addr") == 0) { in main()
1050 } else if (strcmp(p, "server_port") == 0) { in main()
1052 } else if (strcmp(p, "dtls") == 0) { in main()
1054 if (t == 0) { in main()
1056 } else if (t == 1) { in main()
1061 } else if (strcmp(p, "debug_level") == 0) { in main()
1063 if (opt.debug_level < 0 || opt.debug_level > 65535) { in main()
1066 } else if (strcmp(p, "build_version") == 0) { in main()
1067 if (strcmp(q, "1") == 0) { in main()
1073 } else if (strcmp(p, "context_crt_cb") == 0) { in main()
1075 if (opt.context_crt_cb != 0 && opt.context_crt_cb != 1) { in main()
1078 } else if (strcmp(p, "nbio") == 0) { in main()
1080 if (opt.nbio < 0 || opt.nbio > 2) { in main()
1083 } else if (strcmp(p, "event") == 0) { in main()
1085 if (opt.event < 0 || opt.event > 2) { in main()
1088 } else if (strcmp(p, "read_timeout") == 0) { in main()
1090 } else if (strcmp(p, "max_resend") == 0) { in main()
1092 if (opt.max_resend < 0) { in main()
1095 } else if (strcmp(p, "request_page") == 0) { in main()
1097 } else if (strcmp(p, "request_size") == 0) { in main()
1099 if (opt.request_size < 0 || in main()
1103 } else if (strcmp(p, "ca_file") == 0) { in main()
1105 } else if (strcmp(p, "ca_path") == 0) { in main()
1107 } else if (strcmp(p, "crt_file") == 0) { in main()
1109 } else if (strcmp(p, "key_file") == 0) { in main()
1111 } else if (strcmp(p, "key_pwd") == 0) { in main()
1114 #if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) in main()
1115 else if (strcmp(p, "key_opaque") == 0) { in main()
1119 #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) in main()
1120 else if (strcmp(p, "cid") == 0) { in main()
1122 if (opt.cid_enabled != 0 && opt.cid_enabled != 1) { in main()
1125 } else if (strcmp(p, "cid_renego") == 0) { in main()
1127 if (opt.cid_enabled_renego != 0 && opt.cid_enabled_renego != 1) { in main()
1130 } else if (strcmp(p, "cid_val") == 0) { in main()
1132 } else if (strcmp(p, "cid_val_renego") == 0) { in main()
1136 else if (strcmp(p, "psk") == 0) { in main()
1139 #if defined(MBEDTLS_USE_PSA_CRYPTO) in main()
1140 else if (strcmp(p, "psk_opaque") == 0) { in main()
1144 #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) in main()
1145 else if (strcmp(p, "ca_callback") == 0) { in main()
1149 else if (strcmp(p, "psk_identity") == 0) { in main()
1151 } else if (strcmp(p, "ecjpake_pw") == 0) { in main()
1154 #if defined(MBEDTLS_USE_PSA_CRYPTO) in main()
1155 else if (strcmp(p, "ecjpake_pw_opaque") == 0) { in main()
1159 else if (strcmp(p, "ec_max_ops") == 0) { in main()
1161 } else if (strcmp(p, "force_ciphersuite") == 0) { in main()
1164 if (opt.force_ciphersuite[0] == 0) { in main()
1169 } else if (strcmp(p, "renegotiation") == 0) { in main()
1173 } else if (strcmp(p, "allow_legacy") == 0) { in main()
1186 } else if (strcmp(p, "renegotiate") == 0) { in main()
1188 if (opt.renegotiate < 0 || opt.renegotiate > 1) { in main()
1191 } else if (strcmp(p, "exchanges") == 0) { in main()
1193 if (opt.exchanges < 1) { in main()
1196 } else if (strcmp(p, "reconnect") == 0) { in main()
1198 if (opt.reconnect < 0 || opt.reconnect > 2) { in main()
1201 } else if (strcmp(p, "reco_server_name") == 0) { in main()
1203 } else if (strcmp(p, "reco_delay") == 0) { in main()
1205 if (opt.reco_delay < 0) { in main()
1208 } else if (strcmp(p, "reco_mode") == 0) { in main()
1210 if (opt.reco_mode < 0) { in main()
1213 } else if (strcmp(p, "reconnect_hard") == 0) { in main()
1215 if (opt.reconnect_hard < 0 || opt.reconnect_hard > 1) { in main()
1218 } else if (strcmp(p, "tickets") == 0) { in main()
1220 if (opt.tickets < 0) { in main()
1223 } else if (strcmp(p, "alpn") == 0) { in main()
1225 } else if (strcmp(p, "extended_ms") == 0) { in main()
1235 } else if (strcmp(p, "groups") == 0) { in main()
1238 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) in main()
1239 else if (strcmp(p, "sig_algs") == 0) { in main()
1243 else if (strcmp(p, "etm") == 0) { in main()
1251 #if defined(MBEDTLS_SSL_PROTO_TLS1_3) in main()
1252 #if defined(MBEDTLS_SSL_EARLY_DATA) in main()
1253 else if (strcmp(p, "early_data") == 0) { in main()
1266 else if (strcmp(p, "tls13_kex_modes") == 0) { in main()
1267 if (strcmp(q, "psk") == 0) { in main()
1269 } else if (strcmp(q, "psk_ephemeral") == 0) { in main()
1271 } else if (strcmp(q, "ephemeral") == 0) { in main()
1273 } else if (strcmp(q, "ephemeral_all") == 0) { in main()
1275 } else if (strcmp(q, "psk_all") == 0) { in main()
1277 } else if (strcmp(q, "all") == 0) { in main()
1279 } else if (strcmp(q, "psk_or_ephemeral") == 0) { in main()
1287 else if (strcmp(p, "min_version") == 0) { in main()
1288 if (strcmp(q, "tls12") == 0 || in main()
1292 #if defined(MBEDTLS_SSL_PROTO_TLS1_3) in main()
1293 else if (strcmp(q, "tls13") == 0) { in main()
1300 } else if (strcmp(p, "max_version") == 0) { in main()
1301 if (strcmp(q, "tls12") == 0 || in main()
1305 #if defined(MBEDTLS_SSL_PROTO_TLS1_3) in main()
1306 else if (strcmp(q, "tls13") == 0) { in main()
1313 } else if (strcmp(p, "allow_sha1") == 0) { in main()
1319 } else if (strcmp(p, "force_version") == 0) { in main()
1320 if (strcmp(q, "tls12") == 0) { in main()
1323 } else if (strcmp(q, "dtls12") == 0) { in main()
1328 #if defined(MBEDTLS_SSL_PROTO_TLS1_3) in main()
1329 else if (strcmp(q, "tls13") == 0) { in main()
1337 } else if (strcmp(p, "auth_mode") == 0) { in main()
1338 if (strcmp(q, "none") == 0) { in main()
1340 } else if (strcmp(q, "optional") == 0) { in main()
1342 } else if (strcmp(q, "required") == 0) { in main()
1347 } else if (strcmp(p, "max_frag_len") == 0) { in main()
1348 if (strcmp(q, "512") == 0) { in main()
1350 } else if (strcmp(q, "1024") == 0) { in main()
1352 } else if (strcmp(q, "2048") == 0) { in main()
1354 } else if (strcmp(q, "4096") == 0) { in main()
1359 } else if (strcmp(p, "trunc_hmac") == 0) { in main()
1365 } else if (strcmp(p, "hs_timeout") == 0) { in main()
1366 if ((p = strchr(q, '-')) == NULL) { in main()
1372 if (opt.hs_to_min == 0 || opt.hs_to_max < opt.hs_to_min) { in main()
1375 } else if (strcmp(p, "mtu") == 0) { in main()
1377 if (opt.dtls_mtu < 0) { in main()
1380 } else if (strcmp(p, "dgram_packing") == 0) { in main()
1382 if (opt.dgram_packing != 0 && in main()
1386 } else if (strcmp(p, "recsplit") == 0) { in main()
1388 if (opt.recsplit < 0 || opt.recsplit > 1) { in main()
1391 } else if (strcmp(p, "dhmlen") == 0) { in main()
1393 if (opt.dhmlen < 0) { in main()
1396 } else if (strcmp(p, "query_config") == 0) { in main()
1400 } else if (strcmp(p, "serialize") == 0) { in main()
1402 if (opt.serialize < 0 || opt.serialize > 2) { in main()
1405 } else if (strcmp(p, "context_file") == 0) { in main()
1407 } else if (strcmp(p, "eap_tls") == 0) { in main()
1409 if (opt.eap_tls < 0 || opt.eap_tls > 1) { in main()
1412 } else if (strcmp(p, "reproducible") == 0) { in main()
1414 } else if (strcmp(p, "nss_keylog") == 0) { in main()
1416 if (opt.nss_keylog < 0 || opt.nss_keylog > 1) { in main()
1419 } else if (strcmp(p, "nss_keylog_file") == 0) { in main()
1421 } else if (strcmp(p, "skip_close_notify") == 0) { in main()
1423 if (opt.skip_close_notify < 0 || opt.skip_close_notify > 1) { in main()
1426 } else if (strcmp(p, "use_srtp") == 0) { in main()
1428 } else if (strcmp(p, "srtp_force_profile") == 0) { in main()
1430 } else if (strcmp(p, "mki") == 0) { in main()
1432 } else if (strcmp(p, "key_opaque_algs") == 0) { in main()
1433 if (key_opaque_alg_parse(q, &opt.key_opaque_alg1, in main()
1446 if (opt.nss_keylog != 0 && opt.eap_tls != 0) { in main()
1454 if (opt.event == 1 && opt.nbio != 1) { in main()
1459 #if defined(MBEDTLS_DEBUG_C) in main()
1463 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED) in main()
1465 * Unhexify the pre-shared key if any is given in main()
1467 if (strlen(opt.psk)) { in main()
1468 if (mbedtls_test_unhexify(psk, sizeof(psk), in main()
1476 #if defined(MBEDTLS_USE_PSA_CRYPTO) in main()
1477 if (opt.psk_opaque != 0) { in main()
1478 if (opt.psk == NULL) { in main()
1484 if (opt.force_ciphersuite[0] <= 0) { in main()
1493 if (opt.force_ciphersuite[0] > 0) { in main()
1498 if (opt.max_version != -1 && in main()
1504 if (opt.min_version != -1 && in main()
1511 /* If the server selects a version that's not supported by in main()
1513 if (opt.max_version == -1 || in main()
1517 if (opt.min_version < ciphersuite_info->min_tls_version) { in main()
1520 if (opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && in main()
1526 #if defined(MBEDTLS_USE_PSA_CRYPTO) in main()
1527 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED) in main()
1528 if (opt.psk_opaque != 0) { in main()
1530 #if defined(MBEDTLS_MD_CAN_SHA384) in main()
1531 if (ciphersuite_info->mac == MBEDTLS_MD_SHA384) { in main()
1541 #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) in main()
1542 if (mbedtls_test_unhexify(cid, sizeof(cid), in main()
1550 if (opt.cid_enabled_renego == DFL_CID_ENABLED_RENEGO) { in main()
1553 if (opt.cid_val_renego == DFL_CID_VALUE_RENEGO) { in main()
1557 if (mbedtls_test_unhexify(cid_renego, sizeof(cid_renego), in main()
1564 if (opt.groups != NULL) { in main()
1565 if (parse_groups(opt.groups, group_list, GROUP_LIST_SIZE) != 0) { in main()
1570 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) in main()
1571 if (opt.sig_algs != NULL) { in main()
1583 if (*p == ',') { in main()
1587 if (strcmp(q, "rsa_pkcs1_sha256") == 0) { in main()
1589 } else if (strcmp(q, "rsa_pkcs1_sha384") == 0) { in main()
1591 } else if (strcmp(q, "rsa_pkcs1_sha512") == 0) { in main()
1593 } else if (strcmp(q, "ecdsa_secp256r1_sha256") == 0) { in main()
1595 } else if (strcmp(q, "ecdsa_secp384r1_sha384") == 0) { in main()
1597 } else if (strcmp(q, "ecdsa_secp521r1_sha512") == 0) { in main()
1599 } else if (strcmp(q, "rsa_pss_rsae_sha256") == 0) { in main()
1601 } else if (strcmp(q, "rsa_pss_rsae_sha384") == 0) { in main()
1603 } else if (strcmp(q, "rsa_pss_rsae_sha512") == 0) { in main()
1605 } else if (strcmp(q, "ed25519") == 0) { in main()
1607 } else if (strcmp(q, "ed448") == 0) { in main()
1609 } else if (strcmp(q, "rsa_pss_pss_sha256") == 0) { in main()
1611 } else if (strcmp(q, "rsa_pss_pss_sha384") == 0) { in main()
1613 } else if (strcmp(q, "rsa_pss_pss_sha512") == 0) { in main()
1615 } else if (strcmp(q, "rsa_pkcs1_sha1") == 0) { in main()
1617 } else if (strcmp(q, "ecdsa_sha1") == 0) { in main()
1627 if (i == (SIG_ALG_LIST_SIZE - 1) && *p != '\0') { in main()
1637 #if defined(MBEDTLS_SSL_ALPN) in main()
1638 if (opt.alpn_string != NULL) { in main()
1650 if (*p == ',') { in main()
1667 if (ret != 0) { in main()
1672 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) in main()
1679 if (strcmp(opt.ca_path, "none") == 0 || in main()
1683 #if defined(MBEDTLS_FS_IO) in main()
1684 if (strlen(opt.ca_path)) { in main()
1686 } else if (strlen(opt.ca_file)) { in main()
1691 #if defined(MBEDTLS_PEM_PARSE_C) in main()
1696 if (ret != 0) { in main()
1701 if (ret == 0) { in main()
1706 if (ret != 0) { in main()
1712 if (ret < 0) { in main()
1723 * (can be skipped if client authentication is not required) in main()
1728 if (strcmp(opt.crt_file, "none") == 0) { in main()
1731 #if defined(MBEDTLS_FS_IO) in main()
1732 if (strlen(opt.crt_file)) { in main()
1739 if (ret != 0) { in main()
1745 if (strcmp(opt.key_file, "none") == 0) { in main()
1748 #if defined(MBEDTLS_FS_IO) in main()
1749 if (strlen(opt.key_file)) { in main()
1756 if (ret != 0) { in main()
1762 #if defined(MBEDTLS_USE_PSA_CRYPTO) in main()
1763 if (opt.key_opaque != 0) { in main()
1767 if (key_opaque_set_alg_usage(opt.key_opaque_alg1, in main()
1773 if (ret != 0) { in main()
1794 if ((ret = mbedtls_ssl_config_defaults(&conf, in main()
1803 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) in main()
1806 if (opt.allow_sha1 > 0) { in main()
1811 if (opt.context_crt_cb == 0) { in main()
1818 #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) in main()
1819 if (opt.cid_enabled == 1 || opt.cid_enabled_renego == 1) { in main()
1820 if (opt.cid_enabled == 1 && in main()
1827 if (opt.cid_enabled == 1) { in main()
1835 if (ret != 0) { in main()
1843 if (opt.auth_mode != DFL_AUTH_MODE) { in main()
1847 #if defined(MBEDTLS_SSL_PROTO_DTLS) in main()
1848 if (opt.hs_to_min != DFL_HS_TO_MIN || opt.hs_to_max != DFL_HS_TO_MAX) { in main()
1853 if (opt.dgram_packing != DFL_DGRAM_PACKING) { in main()
1858 #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) in main()
1859 if ((ret = mbedtls_ssl_conf_max_frag_len(&conf, opt.mfl_code)) != 0) { in main()
1866 #if defined(MBEDTLS_SSL_DTLS_SRTP) in main()
1869 if (opt.use_srtp == 1) { in main()
1870 if (opt.force_srtp_profile != 0) { in main()
1876 if (ret != 0) { in main()
1883 } else if (opt.force_srtp_profile != 0) { in main()
1889 #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) in main()
1890 if (opt.extended_ms != DFL_EXTENDED_MS) { in main()
1895 #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) in main()
1896 if (opt.etm != DFL_ETM) { in main()
1901 #if defined(MBEDTLS_DHM_C) in main()
1902 if (opt.dhmlen != DFL_DHMLEN) { in main()
1907 #if defined(MBEDTLS_SSL_ALPN) in main()
1908 if (opt.alpn_string != NULL) { in main()
1909 if ((ret = mbedtls_ssl_conf_alpn_protocols(&conf, alpn_list)) != 0) { in main()
1917 if (opt.reproducible) { in main()
1918 #if defined(MBEDTLS_HAVE_TIME) in main()
1919 #if defined(MBEDTLS_PLATFORM_TIME_ALT) in main()
1931 #if defined(MBEDTLS_SSL_SESSION_TICKETS) in main()
1935 if (opt.force_ciphersuite[0] != DFL_FORCE_CIPHER) { in main()
1939 #if defined(MBEDTLS_SSL_PROTO_TLS1_3) in main()
1943 if (opt.allow_legacy != DFL_ALLOW_LEGACY) { in main()
1946 #if defined(MBEDTLS_SSL_RENEGOTIATION) in main()
1950 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) in main()
1951 if (strcmp(opt.ca_path, "none") != 0 && in main()
1953 #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) in main()
1954 if (opt.ca_callback != 0) { in main()
1960 if (strcmp(opt.crt_file, "none") != 0 && in main()
1962 if ((ret = mbedtls_ssl_conf_own_cert(&conf, &clicert, &pkey)) != 0) { in main()
1970 #if defined(MBEDTLS_PK_HAVE_ECC_KEYS) || \ in main()
1973 if (opt.groups != NULL && in main()
1979 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) in main()
1980 if (opt.sig_algs != NULL) { in main()
1985 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED) in main()
1986 #if defined(MBEDTLS_USE_PSA_CRYPTO) in main()
1987 if (opt.psk_opaque != 0) { in main()
1994 if (status != PSA_SUCCESS) { in main()
1999 if ((ret = mbedtls_ssl_conf_psk_opaque(&conf, slot, in main()
2008 if (psk_len > 0) { in main()
2012 if (ret != 0) { in main()
2019 if (opt.min_version != DFL_MIN_VERSION) { in main()
2023 if (opt.max_version != DFL_MAX_VERSION) { in main()
2027 #if defined(MBEDTLS_SSL_EARLY_DATA) in main()
2028 if (opt.early_data != DFL_EARLY_DATA) { in main()
2033 if ((ret = mbedtls_ssl_setup(&ssl, &conf)) != 0) { in main()
2039 if (opt.eap_tls != 0) { in main()
2042 } else if (opt.nss_keylog != 0) { in main()
2047 #if defined(MBEDTLS_SSL_DTLS_SRTP) in main()
2048 else if (opt.use_srtp != 0) { in main()
2054 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) in main()
2055 if ((ret = mbedtls_ssl_set_hostname(&ssl, opt.server_name)) != 0) { in main()
2062 #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) in main()
2063 if (opt.ecjpake_pw != DFL_ECJPAKE_PW) { in main()
2064 #if defined(MBEDTLS_USE_PSA_CRYPTO) in main()
2065 if (opt.ecjpake_pw_opaque != DFL_ECJPAKE_PW_OPAQUE) { in main()
2076 if (status != PSA_SUCCESS) { in main()
2081 if ((ret = mbedtls_ssl_set_hs_ecjpake_password_opaque(&ssl, in main()
2092 if ((ret = mbedtls_ssl_set_hs_ecjpake_password(&ssl, in main()
2103 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) in main()
2104 if (opt.context_crt_cb == 1) { in main()
2114 #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) in main()
2115 if (opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in main()
2116 if ((ret = mbedtls_ssl_set_cid(&ssl, opt.cid_enabled, in main()
2125 #if defined(MBEDTLS_SSL_PROTO_DTLS) in main()
2126 if (opt.dtls_mtu != DFL_DTLS_MTU) { in main()
2131 #if defined(MBEDTLS_TIMING_C) in main()
2136 #if defined(MBEDTLS_ECP_RESTARTABLE) in main()
2137 if (opt.ec_max_ops != DFL_EC_MAX_OPS) { in main()
2142 #if defined(MBEDTLS_SSL_DTLS_SRTP) in main()
2143 if (opt.use_srtp != 0 && strlen(opt.mki) != 0) { in main()
2144 if (mbedtls_test_unhexify(mki, sizeof(mki), in main()
2151 if ((ret = mbedtls_ssl_dtls_srtp_set_mki_value(&ssl, mki, in main()
2164 if (opt.server_addr == NULL) { in main()
2173 if ((ret = mbedtls_net_connect(&server_fd, in main()
2182 if (opt.nbio > 0) { in main()
2187 if (ret != 0) { in main()
2202 if (ret != MBEDTLS_ERR_SSL_WANT_READ && in main()
2207 if (ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED) { in main()
2214 "auth_mode=optional for testing purposes if " in main()
2223 #if defined(MBEDTLS_ECP_RESTARTABLE) in main()
2224 if (ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) { in main()
2230 if (opt.event == 1 /* level triggered IO */) { in main()
2231 #if defined(MBEDTLS_TIMING_C) in main()
2236 if (ret != 0) { in main()
2256 if ((ret = mbedtls_ssl_get_record_expansion(&ssl)) >= 0) { in main()
2262 #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) in main()
2269 #if defined(MBEDTLS_SSL_ALPN) in main()
2270 if (opt.alpn_string != NULL) { in main()
2277 if (opt.eap_tls != 0) { in main()
2280 if ((ret = mbedtls_ssl_tls_prf(eap_tls_keying.tls_prf_type, in main()
2296 if (j % 8 == 0) { in main()
2303 if ((ret = mbedtls_ssl_tls_prf(eap_tls_keying.tls_prf_type, NULL, 0, in main()
2316 if (j % 8 == 0) { in main()
2324 #if defined(MBEDTLS_SSL_DTLS_SRTP) in main()
2325 else if (opt.use_srtp != 0) { in main()
2330 if (dtls_srtp_negotiation_result.chosen_dtls_srtp_profile in main()
2335 if ((ret = mbedtls_ssl_tls_prf(dtls_srtp_keying.tls_prf_type, in main()
2351 if (j % 8 == 0) { in main()
2368 if (dtls_srtp_negotiation_result.mki_len > 0) { in main()
2380 if (opt.reconnect != 0 && ssl.tls_version != MBEDTLS_SSL_VERSION_TLS1_3) { in main()
2384 if (opt.reco_mode == 1) { in main()
2385 if ((ret = ssl_save_session_serialize(&ssl, in main()
2393 if ((ret = mbedtls_ssl_get_session(&ssl, &saved_session)) != 0) { in main()
2402 if (opt.reco_mode == 1) { in main()
2408 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) in main()
2414 if ((flags = mbedtls_ssl_get_verify_result(&ssl)) != 0) { in main()
2426 #if !defined(MBEDTLS_X509_REMOVE_INFO) in main()
2432 #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) in main()
2434 if (ret != 0) { in main()
2438 if (opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in main()
2439 if ((ret = mbedtls_ssl_set_cid(&ssl, opt.cid_enabled_renego, in main()
2449 #if defined(MBEDTLS_SSL_RENEGOTIATION) in main()
2450 if (opt.renegotiate) { in main()
2458 if (ret != MBEDTLS_ERR_SSL_WANT_READ && in main()
2466 #if defined(MBEDTLS_ECP_RESTARTABLE) in main()
2467 if (ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) { in main()
2473 if (opt.event == 1 /* level triggered IO */) { in main()
2474 #if defined(MBEDTLS_TIMING_C) in main()
2486 #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) in main()
2488 if (ret != 0) { in main()
2502 if (ret != 0) { in main()
2506 if (opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM) { in main()
2513 if (ret != MBEDTLS_ERR_SSL_WANT_READ && in main()
2522 if (opt.event == 1 /* level triggered IO */) { in main()
2523 #if defined(MBEDTLS_TIMING_C) in main()
2538 #if defined(MBEDTLS_ECP_RESTARTABLE) in main()
2539 if (ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) { in main()
2544 if (ret != MBEDTLS_ERR_SSL_WANT_READ && in main()
2550 if (opt.event == 1 /* level triggered IO */) { in main()
2551 #if defined(MBEDTLS_TIMING_C) in main()
2559 if (ret < 0) { in main()
2568 if (written < len) { in main()
2581 /* Send a non-empty request if request_size == 0 */ in main()
2582 if (len == 0) { in main()
2594 if (opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM) { in main()
2595 #if defined(MBEDTLS_SSL_PROTO_TLS1_3) && defined(MBEDTLS_SSL_SESSION_TICKETS) in main()
2603 #if defined(MBEDTLS_ECP_RESTARTABLE) in main()
2604 if (ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) { in main()
2609 if (ret == MBEDTLS_ERR_SSL_WANT_READ || in main()
2612 if (opt.event == 1 /* level triggered IO */) { in main()
2613 #if defined(MBEDTLS_TIMING_C) in main()
2622 if (ret <= 0) { in main()
2635 #if defined(MBEDTLS_SSL_PROTO_TLS1_3) in main()
2637 #if defined(MBEDTLS_SSL_SESSION_TICKETS) in main()
2643 if (opt.reconnect != 0) { in main()
2647 if (opt.reco_mode == 1) { in main()
2648 if ((ret = ssl_save_session_serialize(&ssl, in main()
2657 if ((ret = mbedtls_ssl_get_session(&ssl, &saved_session)) != 0) { in main()
2667 if (opt.reco_mode == 1) { in main()
2692 if (ret > 0 && buf[len-1] == '\n') { in main()
2704 #if defined(MBEDTLS_ECP_RESTARTABLE) in main()
2705 if (ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) { in main()
2710 if (ret != MBEDTLS_ERR_SSL_WANT_READ && in main()
2716 if (opt.event == 1 /* level triggered IO */) { in main()
2717 #if defined(MBEDTLS_TIMING_C) in main()
2725 if (ret <= 0) { in main()
2729 if (retry_left-- > 0) { in main()
2756 if (opt.reconnect_hard != 0) { in main()
2762 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) in main()
2766 if ((ret = mbedtls_ssl_session_reset(&ssl)) != 0) { in main()
2773 if (ret != MBEDTLS_ERR_SSL_WANT_READ && in main()
2782 if (opt.event == 1 /* level triggered IO */) { in main()
2783 #if defined(MBEDTLS_TIMING_C) in main()
2799 #if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) in main()
2800 if (opt.serialize != 0) { in main()
2806 if (ret != MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL) { in main()
2813 if ((context_buf = mbedtls_calloc(1, buf_len)) == NULL) { in main()
2821 if ((ret = mbedtls_ssl_context_save(&ssl, context_buf, in main()
2832 if (0 < strlen(opt.context_file)) { in main()
2841 if ((b64_buf = mbedtls_calloc(1, b64_len)) == NULL) { in main()
2847 if ((ret = mbedtls_base64_encode(b64_buf, b64_len, &b64_len, in main()
2855 if ((b64_file = fopen(opt.context_file, "w")) == NULL) { in main()
2862 if (b64_len != fwrite(b64_buf, 1, b64_len, b64_file)) { in main()
2876 if (opt.serialize == 1) { in main()
2881 if (opt.serialize == 2) { in main()
2888 if ((ret = mbedtls_ssl_setup(&ssl, &conf)) != 0) { in main()
2894 if (opt.nbio == 2) { in main()
2903 #if defined(MBEDTLS_TIMING_C) in main()
2914 if ((ret = mbedtls_ssl_context_load(&ssl, context_buf, in main()
2933 if (--opt.exchanges > 0) { in main()
2956 if (opt.skip_close_notify == 0) { in main()
2970 if (opt.reconnect != 0) { in main()
2975 #if defined(MBEDTLS_TIMING_C) in main()
2976 if (opt.reco_delay > 0) { in main()
2983 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) in main()
2987 if ((ret = mbedtls_ssl_session_reset(&ssl)) != 0) { in main()
2993 if (opt.reco_mode == 1) { in main()
2994 if ((ret = mbedtls_ssl_session_load(&saved_session, in main()
3003 if ((ret = mbedtls_ssl_set_session(&ssl, &saved_session)) != 0) { in main()
3009 #if defined(MBEDTLS_X509_CRT_PARSE_C) in main()
3010 if (opt.reco_server_name != NULL && in main()
3019 if ((ret = mbedtls_net_connect(&server_fd, in main()
3028 if (opt.nbio > 0) { in main()
3033 if (ret != 0) { in main()
3040 if (ret != 0) { in main()
3044 #if defined(MBEDTLS_SSL_EARLY_DATA) in main()
3045 if (ssl.conf->early_data_enabled == MBEDTLS_SSL_EARLY_DATA_ENABLED) { in main()
3051 if (ret == MBEDTLS_ERR_SSL_CANNOT_WRITE_EARLY_DATA) { in main()
3054 if (ret != MBEDTLS_ERR_SSL_WANT_READ && in main()
3063 if (opt.event == 1 /* level triggered IO */) { in main()
3064 #if defined(MBEDTLS_TIMING_C) in main()
3088 if (ret != MBEDTLS_ERR_SSL_WANT_READ && in main()
3107 if (ret != 0) { in main()
3120 if (session_data != NULL) { in main()
3124 #if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) in main()
3125 if (context_buf != NULL) { in main()
3131 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) in main()
3135 #if defined(MBEDTLS_USE_PSA_CRYPTO) in main()
3140 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED) && \ in main()
3142 if (opt.psk_opaque != 0) { in main()
3143 /* This is ok even if the slot hasn't been in main()
3148 if ((status != PSA_SUCCESS) && in main()
3153 if (ret == 0) { in main()
3161 #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) && \ in main()
3167 if ((opt.ecjpake_pw_opaque != DFL_ECJPAKE_PW_OPAQUE)) { in main()
3171 if (psa_get_key_attributes(ecjpake_pw_slot, &check_attributes) != in main()
3173 if (ret == 0) { in main()
3183 #if defined(MBEDTLS_USE_PSA_CRYPTO) || defined(MBEDTLS_SSL_PROTO_TLS1_3) in main()
3185 if (message) { in main()
3186 if (ret == 0) { in main()
3195 #if (defined(MBEDTLS_USE_PSA_CRYPTO) || defined(MBEDTLS_SSL_PROTO_TLS1_3)) && \ in main()
3202 #if defined(MBEDTLS_TEST_HOOKS) in main()
3203 if (test_hooks_failure_detected()) { in main()
3204 if (ret == 0) { in main()
3212 #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) in main()
3213 #if defined(MBEDTLS_MEMORY_DEBUG) in main()
3220 if (ret < 0) { in main()
3224 if (opt.query_config_mode == DFL_QUERY_CONFIG_MODE) { in main()