Lines Matching full:if
12 #if defined(MBEDTLS_SSL_TEST_IMPOSSIBLE)
28 #if !defined(_MSC_VER)
32 #if !defined(_WIN32)
36 #if defined(MBEDTLS_SSL_CACHE_C)
40 #if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_TICKET_C)
44 #if defined(MBEDTLS_SSL_COOKIE_C)
48 #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) && defined(MBEDTLS_FS_IO)
52 #if defined(_WIN32)
56 #if defined(MBEDTLS_USE_PSA_CRYPTO) || defined(MBEDTLS_SSL_PROTO_TLS1_3)
173 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
174 #if defined(MBEDTLS_FS_IO)
190 … " note: if neither crt_file/key_file nor crt_file2/key_file2 are used,\n" \
191 " preloaded certificate(s) and key(s) are used if available\n" \
205 #if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
207 " key_opaque=%%d Handle your private keys as if they were opaque\n" \
213 #if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
225 #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
239 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED)
248 #if defined(MBEDTLS_USE_PSA_CRYPTO)
276 #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
284 #if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_TICKET_C)
301 #if defined(MBEDTLS_SSL_DTLS_SRTP)
315 #if defined(MBEDTLS_SSL_CACHE_C)
319 #if defined(MBEDTLS_HAVE_TIME)
330 #if defined(SNI_OPTION)
331 #if defined(MBEDTLS_X509_CRL_PARSE_C)
344 #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
352 #if defined(MBEDTLS_SSL_ALPN)
360 #if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY)
368 #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
378 #if defined(MBEDTLS_SSL_PROTO_DTLS)
391 #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
398 #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
408 #if defined(MBEDTLS_SSL_RENEGOTIATION)
418 #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
419 #if defined(MBEDTLS_USE_PSA_CRYPTO)
431 #if defined(MBEDTLS_SSL_EARLY_DATA)
441 #if defined(MBEDTLS_PK_HAVE_ECC_KEYS) || \
457 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
465 #if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
492 #if defined(MBEDTLS_SSL_PROTO_TLS1_3)
516 " increases buffer_size if bigger\n" \
564 #if defined(MBEDTLS_SSL_PROTO_TLS1_3)
581 " query_config=<name> return 0 if the specified\n" \
584 " is printed if it is defined\n" \
619 int key_opaque; /* handle private key as if it were opaque */
628 #if defined(MBEDTLS_USE_PSA_CRYPTO)
632 #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
639 #if defined(MBEDTLS_USE_PSA_CRYPTO)
643 #if defined(MBEDTLS_SSL_PROTO_TLS1_3)
666 #if defined(MBEDTLS_HAVE_TIME)
699 #if defined(MBEDTLS_SSL_EARLY_DATA)
720 if (strcmp(s, "none") == 0) { in get_auth_mode()
723 if (strcmp(s, "optional") == 0) { in get_auth_mode()
726 if (strcmp(s, "required") == 0) { in get_auth_mode()
741 if (++p > end) \
746 #if defined(SNI_OPTION)
772 #if defined(MBEDTLS_X509_CRL_PARSE_C) in sni_free()
785 * '-' means unset. If ca1 is unset, then crl1 is ignored too.
795 #if defined(MBEDTLS_X509_CRL_PARSE_C) in sni_parse()
805 if ((new = mbedtls_calloc(1, sizeof(sni_entry))) == NULL) { in sni_parse()
814 #if defined(MBEDTLS_X509_CRL_PARSE_C) in sni_parse()
819 if ((new->cert = mbedtls_calloc(1, sizeof(mbedtls_x509_crt))) == NULL || in sni_parse()
827 if (mbedtls_x509_crt_parse_file(new->cert, crt_file) != 0 || in sni_parse()
832 if (strcmp(ca_file, "-") != 0) { in sni_parse()
833 if ((new->ca = mbedtls_calloc(1, sizeof(mbedtls_x509_crt))) == NULL) { in sni_parse()
839 if (mbedtls_x509_crt_parse_file(new->ca, ca_file) != 0) { in sni_parse()
844 #if defined(MBEDTLS_X509_CRL_PARSE_C) in sni_parse()
845 if (strcmp(crl_file, "-") != 0) { in sni_parse()
846 if ((new->crl = mbedtls_calloc(1, sizeof(mbedtls_x509_crl))) == NULL) { in sni_parse()
852 if (mbedtls_x509_crl_parse_file(new->crl, crl_file) != 0) { in sni_parse()
858 if (strcmp(auth_str, "-") != 0) { in sni_parse()
859 if ((new->authmode = get_auth_mode(auth_str)) < 0) { in sni_parse()
895 if (name_len == strlen(cur->name) && in sni_callback()
915 if (cur != NULL) { in cert_callback()
919 if (strlen(cur->name) != name_len || in cert_callback()
924 if (cur->ca != NULL) { in cert_callback()
928 if (cur->authmode != DFL_AUTH_MODE) { in cert_callback()
940 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED)
948 #if defined(MBEDTLS_USE_PSA_CRYPTO)
962 #if defined(MBEDTLS_USE_PSA_CRYPTO) in psk_free()
966 if (MBEDTLS_SVC_KEY_ID_GET_KEY_ID(slot) != 0) { in psk_free()
968 if (status != PSA_SUCCESS) { in psk_free()
1001 if ((new = mbedtls_calloc(1, sizeof(psk_entry))) == NULL) { in psk_parse()
1010 if (mbedtls_test_unhexify(new->key, MBEDTLS_PSK_MAX_LEN, in psk_parse()
1036 if (name_len == strlen(cur->name) && in psk_callback()
1038 #if defined(MBEDTLS_USE_PSA_CRYPTO) in psk_callback()
1039 if (MBEDTLS_SVC_KEY_ID_GET_KEY_ID(cur->slot) != 0) { in psk_callback()
1056 #if !defined(_WIN32)
1067 /** Return true if \p ret is a status code indicating that there is an
1068 * operation in progress on an SSL connection, and false if it indicates
1084 #if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
1114 if (ctx->slots_used >= sizeof(ctx->slots) / sizeof(*ctx->slots)) { in ssl_async_set_key()
1141 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
1167 if (mbedtls_x509_dn_gets(dn, sizeof(dn), &cert->subject) > 0) { in ssl_async_start()
1178 if (mbedtls_pk_check_pair(&cert->pk, in ssl_async_start()
1184 if (slot == config_data->slots_used) { in ssl_async_start()
1192 if (config_data->inject_error == SSL_ASYNC_INJECT_ERROR_START) { in ssl_async_start()
1197 if (input_len > SSL_ASYNC_INPUT_MAX_SIZE) { in ssl_async_start()
1202 if (ctx == NULL) { in ssl_async_start()
1213 if (ctx->remaining_delay == 0) { in ssl_async_start()
1253 if (ctx->remaining_delay > 0) { in ssl_async_resume()
1286 if (config_data->inject_error == SSL_ASYNC_INJECT_ERROR_RESUME) { in ssl_async_resume()
1308 #if defined(MBEDTLS_USE_PSA_CRYPTO)
1309 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED)
1324 if (status != PSA_SUCCESS) { in psa_setup_psk_key_slot()
1334 #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
1343 if (opt.transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in report_cid_usage()
1347 /* Check if the use of a CID has been negotiated */ in report_cid_usage()
1350 if (ret != 0) { in report_cid_usage()
1356 if (cid_negotiated == MBEDTLS_SSL_CID_DISABLED) { in report_cid_usage()
1357 if (opt.cid_enabled == MBEDTLS_SSL_CID_ENABLED) { in report_cid_usage()
1379 #if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_HAVE_TIME)
1395 if (end - p < 4) { in dummy_ticket_write()
1403 if ((ret = mbedtls_ssl_session_save(session, p, end - p, in dummy_ticket_write()
1419 if ((ret = mbedtls_ssl_session_load(session, buf + 4, len - 4)) != 0) { in dummy_ticket_parse()
1437 #if defined(MBEDTLS_SSL_PROTO_TLS1_3) in dummy_ticket_parse()
1474 if (strcmp(buf, "AES-128-CCM")) { in parse_cipher()
1476 } else if (strcmp(buf, "AES-128-GCM")) { in parse_cipher()
1478 } else if (strcmp(buf, "AES-192-CCM")) { in parse_cipher()
1480 } else if (strcmp(buf, "AES-192-GCM")) { in parse_cipher()
1482 } else if (strcmp(buf, "AES-256-CCM")) { in parse_cipher()
1484 } else if (strcmp(buf, "ARIA-128-CCM")) { in parse_cipher()
1486 } else if (strcmp(buf, "ARIA-128-GCM")) { in parse_cipher()
1488 } else if (strcmp(buf, "ARIA-192-CCM")) { in parse_cipher()
1490 } else if (strcmp(buf, "ARIA-192-GCM")) { in parse_cipher()
1492 } else if (strcmp(buf, "ARIA-256-CCM")) { in parse_cipher()
1494 } else if (strcmp(buf, "ARIA-256-GCM")) { in parse_cipher()
1496 } else if (strcmp(buf, "CAMELLIA-128-CCM")) { in parse_cipher()
1498 } else if (strcmp(buf, "CAMELLIA-192-CCM")) { in parse_cipher()
1500 } else if (strcmp(buf, "CAMELLIA-256-CCM")) { in parse_cipher()
1502 } else if (strcmp(buf, "CHACHA20-POLY1305")) { in parse_cipher()
1514 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED) in main()
1515 #if defined(MBEDTLS_USE_PSA_CRYPTO) in main()
1526 #if defined(MBEDTLS_SSL_COOKIE_C) in main()
1532 #if defined(MBEDTLS_TIMING_C) in main()
1535 #if defined(MBEDTLS_SSL_RENEGOTIATION) in main()
1538 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) in main()
1546 #if defined(MBEDTLS_USE_PSA_CRYPTO) in main()
1552 #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) in main()
1555 #if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO) in main()
1558 #if defined(MBEDTLS_SSL_CACHE_C) in main()
1561 #if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_TICKET_C) in main()
1564 #if defined(SNI_OPTION) in main()
1568 #if defined(MBEDTLS_SSL_ALPN) in main()
1571 #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) in main()
1574 #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) in main()
1580 #if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) in main()
1584 #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) && \ in main()
1589 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) in main()
1596 #if defined(MBEDTLS_USE_PSA_CRYPTO) || defined(MBEDTLS_SSL_PROTO_TLS1_3) in main()
1603 #if defined(MBEDTLS_SSL_DTLS_SRTP) in main()
1617 #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) in main()
1619 #if defined(MBEDTLS_MEMORY_DEBUG) in main()
1624 #if defined(MBEDTLS_TEST_HOOKS) in main()
1636 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) in main()
1643 #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) in main()
1646 #if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO) in main()
1649 #if defined(MBEDTLS_SSL_CACHE_C) in main()
1652 #if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_TICKET_C) in main()
1655 #if defined(MBEDTLS_SSL_ALPN) in main()
1658 #if defined(MBEDTLS_SSL_COOKIE_C) in main()
1662 #if defined(MBEDTLS_USE_PSA_CRYPTO) || defined(MBEDTLS_SSL_PROTO_TLS1_3) in main()
1664 if (status != PSA_SUCCESS) { in main()
1671 #if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) in main()
1675 #if !defined(_WIN32) in main()
1707 #if defined(MBEDTLS_USE_PSA_CRYPTO) in main()
1711 #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) in main()
1717 #if defined(MBEDTLS_USE_PSA_CRYPTO) in main()
1721 #if defined(MBEDTLS_SSL_PROTO_TLS1_3) in main()
1744 #if defined(MBEDTLS_HAVE_TIME) in main()
1751 #if defined(MBEDTLS_SSL_EARLY_DATA) in main()
1783 if (argc < 1) { in main()
1785 if (p != NULL && q != NULL) { in main()
1787 } else if (p != NULL && q == NULL) { in main()
1797 if (ret == 0) { in main()
1806 if (strcmp(p, "help") == 0) { in main()
1815 if (strcmp(p, "help_ciphersuites") == 0) { in main()
1827 if ((q = strchr(p, '=')) == NULL) { in main()
1834 if (strcmp(p, "server_port") == 0) { in main()
1836 } else if (strcmp(p, "server_addr") == 0) { in main()
1838 } else if (strcmp(p, "dtls") == 0) { in main()
1840 if (t == 0) { in main()
1842 } else if (t == 1) { in main()
1847 } else if (strcmp(p, "debug_level") == 0) { in main()
1849 if (opt.debug_level < 0 || opt.debug_level > 65535) { in main()
1852 } else if (strcmp(p, "build_version") == 0) { in main()
1853 if (strcmp(q, "1") == 0) { in main()
1859 } else if (strcmp(p, "nbio") == 0) { in main()
1861 if (opt.nbio < 0 || opt.nbio > 2) { in main()
1864 } else if (strcmp(p, "event") == 0) { in main()
1866 if (opt.event < 0 || opt.event > 2) { in main()
1869 } else if (strcmp(p, "read_timeout") == 0) { in main()
1871 } else if (strcmp(p, "buffer_size") == 0) { in main()
1873 if (opt.buffer_size < 1) { in main()
1876 } else if (strcmp(p, "response_size") == 0) { in main()
1878 if (opt.response_size < 0 || opt.response_size > MBEDTLS_SSL_OUT_CONTENT_LEN) { in main()
1881 if (opt.buffer_size < opt.response_size) { in main()
1884 } else if (strcmp(p, "ca_file") == 0) { in main()
1886 } else if (strcmp(p, "ca_path") == 0) { in main()
1888 } else if (strcmp(p, "crt_file") == 0) { in main()
1890 } else if (strcmp(p, "key_file") == 0) { in main()
1892 } else if (strcmp(p, "key_pwd") == 0) { in main()
1895 #if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) in main()
1896 else if (strcmp(p, "key_opaque") == 0) { in main()
1900 else if (strcmp(p, "crt_file2") == 0) { in main()
1902 } else if (strcmp(p, "key_file2") == 0) { in main()
1904 } else if (strcmp(p, "key_pwd2") == 0) { in main()
1906 } else if (strcmp(p, "dhm_file") == 0) { in main()
1909 #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) in main()
1910 else if (strcmp(p, "async_operations") == 0) { in main()
1912 } else if (strcmp(p, "async_private_delay1") == 0) { in main()
1914 } else if (strcmp(p, "async_private_delay2") == 0) { in main()
1916 } else if (strcmp(p, "async_private_error") == 0) { in main()
1918 if (n < -SSL_ASYNC_INJECT_ERROR_MAX || in main()
1926 #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) in main()
1927 else if (strcmp(p, "cid") == 0) { in main()
1929 if (opt.cid_enabled != 0 && opt.cid_enabled != 1) { in main()
1932 } else if (strcmp(p, "cid_renego") == 0) { in main()
1934 if (opt.cid_enabled_renego != 0 && opt.cid_enabled_renego != 1) { in main()
1937 } else if (strcmp(p, "cid_val") == 0) { in main()
1939 } else if (strcmp(p, "cid_val_renego") == 0) { in main()
1943 else if (strcmp(p, "psk") == 0) { in main()
1946 #if defined(MBEDTLS_USE_PSA_CRYPTO) in main()
1947 else if (strcmp(p, "psk_opaque") == 0) { in main()
1949 } else if (strcmp(p, "psk_list_opaque") == 0) { in main()
1953 #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) in main()
1954 else if (strcmp(p, "ca_callback") == 0) { in main()
1958 else if (strcmp(p, "psk_identity") == 0) { in main()
1960 } else if (strcmp(p, "psk_list") == 0) { in main()
1962 } else if (strcmp(p, "ecjpake_pw") == 0) { in main()
1965 #if defined(MBEDTLS_USE_PSA_CRYPTO) in main()
1966 else if (strcmp(p, "ecjpake_pw_opaque") == 0) { in main()
1970 else if (strcmp(p, "force_ciphersuite") == 0) { in main()
1973 if (opt.force_ciphersuite[0] == 0) { in main()
1978 } else if (strcmp(p, "groups") == 0) { in main()
1981 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) in main()
1982 else if (strcmp(p, "sig_algs") == 0) { in main()
1986 #if defined(MBEDTLS_SSL_EARLY_DATA) in main()
1987 else if (strcmp(p, "early_data") == 0) { in main()
1997 } else if (strcmp(p, "max_early_data_size") == 0) { in main()
2001 else if (strcmp(p, "renegotiation") == 0) { in main()
2005 } else if (strcmp(p, "allow_legacy") == 0) { in main()
2018 } else if (strcmp(p, "renegotiate") == 0) { in main()
2020 if (opt.renegotiate < 0 || opt.renegotiate > 1) { in main()
2023 } else if (strcmp(p, "renego_delay") == 0) { in main()
2025 } else if (strcmp(p, "renego_period") == 0) { in main()
2026 #if defined(_MSC_VER) in main()
2029 if (sscanf(q, "%" SCNu64, &opt.renego_period) != 1) { in main()
2033 if (opt.renego_period < 2) { in main()
2036 } else if (strcmp(p, "exchanges") == 0) { in main()
2038 if (opt.exchanges < 0) { in main()
2042 #if defined(MBEDTLS_SSL_PROTO_TLS1_3) in main()
2043 else if (strcmp(p, "tls13_kex_modes") == 0) { in main()
2044 if (strcmp(q, "psk") == 0) { in main()
2046 } else if (strcmp(q, "psk_ephemeral") == 0) { in main()
2048 } else if (strcmp(q, "ephemeral") == 0) { in main()
2050 } else if (strcmp(q, "ephemeral_all") == 0) { in main()
2052 } else if (strcmp(q, "psk_all") == 0) { in main()
2054 } else if (strcmp(q, "all") == 0) { in main()
2059 * `psk_or_ephemeral` exists in theory, we need this mode to test if in main()
2064 else if (strcmp(q, "psk_or_ephemeral") == 0) { in main()
2073 else if (strcmp(p, "min_version") == 0) { in main()
2074 if (strcmp(q, "tls12") == 0 || in main()
2078 #if defined(MBEDTLS_SSL_PROTO_TLS1_3) in main()
2079 else if (strcmp(q, "tls13") == 0) { in main()
2086 } else if (strcmp(p, "max_version") == 0) { in main()
2087 if (strcmp(q, "tls12") == 0 || in main()
2091 #if defined(MBEDTLS_SSL_PROTO_TLS1_3) in main()
2092 else if (strcmp(q, "tls13") == 0) { in main()
2099 } else if (strcmp(p, "allow_sha1") == 0) { in main()
2105 } else if (strcmp(p, "force_version") == 0) { in main()
2106 if (strcmp(q, "tls12") == 0) { in main()
2109 } else if (strcmp(q, "dtls12") == 0) { in main()
2114 #if defined(MBEDTLS_SSL_PROTO_TLS1_3) in main()
2115 else if (strcmp(q, "tls13") == 0) { in main()
2123 } else if (strcmp(p, "auth_mode") == 0) { in main()
2124 if ((opt.auth_mode = get_auth_mode(q)) < 0) { in main()
2127 } else if (strcmp(p, "cert_req_ca_list") == 0) { in main()
2129 if (opt.cert_req_ca_list < 0 || opt.cert_req_ca_list > 3) { in main()
2132 if (opt.cert_req_ca_list > 1) { in main()
2136 } else if (strcmp(p, "max_frag_len") == 0) { in main()
2137 if (strcmp(q, "512") == 0) { in main()
2139 } else if (strcmp(q, "1024") == 0) { in main()
2141 } else if (strcmp(q, "2048") == 0) { in main()
2143 } else if (strcmp(q, "4096") == 0) { in main()
2148 } else if (strcmp(p, "alpn") == 0) { in main()
2150 } else if (strcmp(p, "trunc_hmac") == 0) { in main()
2156 } else if (strcmp(p, "extended_ms") == 0) { in main()
2166 } else if (strcmp(p, "etm") == 0) { in main()
2172 } else if (strcmp(p, "tickets") == 0) { in main()
2174 if (opt.tickets < 0) { in main()
2177 } else if (strcmp(p, "dummy_ticket") == 0) { in main()
2179 if (opt.dummy_ticket < 0) { in main()
2182 } else if (strcmp(p, "ticket_rotate") == 0) { in main()
2184 if (opt.ticket_rotate < 0 || opt.ticket_rotate > 1) { in main()
2187 } else if (strcmp(p, "ticket_timeout") == 0) { in main()
2189 if (opt.ticket_timeout < 0) { in main()
2192 } else if (strcmp(p, "ticket_aead") == 0) { in main()
2195 if (opt.ticket_aead == MBEDTLS_CIPHER_NONE) { in main()
2198 } else if (strcmp(p, "cache_max") == 0) { in main()
2200 if (opt.cache_max < 0) { in main()
2204 #if defined(MBEDTLS_HAVE_TIME) in main()
2205 else if (strcmp(p, "cache_timeout") == 0) { in main()
2207 if (opt.cache_timeout < 0) { in main()
2212 else if (strcmp(p, "cache_remove") == 0) { in main()
2214 if (opt.cache_remove < 0 || opt.cache_remove > 1) { in main()
2217 } else if (strcmp(p, "cookies") == 0) { in main()
2219 if (opt.cookies < -1 || opt.cookies > 1) { in main()
2222 } else if (strcmp(p, "anti_replay") == 0) { in main()
2224 if (opt.anti_replay < 0 || opt.anti_replay > 1) { in main()
2227 } else if (strcmp(p, "badmac_limit") == 0) { in main()
2229 if (opt.badmac_limit < 0) { in main()
2232 } else if (strcmp(p, "hs_timeout") == 0) { in main()
2233 if ((p = strchr(q, '-')) == NULL) { in main()
2239 if (opt.hs_to_min == 0 || opt.hs_to_max < opt.hs_to_min) { in main()
2242 } else if (strcmp(p, "mtu") == 0) { in main()
2244 if (opt.dtls_mtu < 0) { in main()
2247 } else if (strcmp(p, "dgram_packing") == 0) { in main()
2249 if (opt.dgram_packing != 0 && in main()
2253 } else if (strcmp(p, "sni") == 0) { in main()
2255 } else if (strcmp(p, "query_config") == 0) { in main()
2259 } else if (strcmp(p, "serialize") == 0) { in main()
2261 if (opt.serialize < 0 || opt.serialize > 2) { in main()
2264 } else if (strcmp(p, "context_file") == 0) { in main()
2266 } else if (strcmp(p, "eap_tls") == 0) { in main()
2268 if (opt.eap_tls < 0 || opt.eap_tls > 1) { in main()
2271 } else if (strcmp(p, "reproducible") == 0) { in main()
2273 } else if (strcmp(p, "nss_keylog") == 0) { in main()
2275 if (opt.nss_keylog < 0 || opt.nss_keylog > 1) { in main()
2278 } else if (strcmp(p, "nss_keylog_file") == 0) { in main()
2280 } else if (strcmp(p, "use_srtp") == 0) { in main()
2282 } else if (strcmp(p, "srtp_force_profile") == 0) { in main()
2284 } else if (strcmp(p, "support_mki") == 0) { in main()
2286 } else if (strcmp(p, "key_opaque_algs") == 0) { in main()
2287 if (key_opaque_alg_parse(q, &opt.key1_opaque_alg1, in main()
2291 } else if (strcmp(p, "key_opaque_algs2") == 0) { in main()
2292 if (key_opaque_alg_parse(q, &opt.key2_opaque_alg1, in main()
2305 if (opt.nss_keylog != 0 && opt.eap_tls != 0) { in main()
2313 if (opt.event == 1 && opt.nbio != 1) { in main()
2318 #if defined(MBEDTLS_DEBUG_C) in main()
2327 if (buf_content_size < strlen(HTTP_RESPONSE) + 80) { in main()
2330 if (opt.response_size != DFL_RESPONSE_SIZE && in main()
2335 if (buf == NULL) { in main()
2342 #if defined(MBEDTLS_USE_PSA_CRYPTO) in main()
2343 if (opt.psk_opaque != 0) { in main()
2344 if (strlen(opt.psk) == 0) { in main()
2350 if (opt.force_ciphersuite[0] <= 0) { in main()
2358 if (opt.psk_list_opaque != 0) { in main()
2359 if (opt.psk_list == NULL) { in main()
2365 if (opt.force_ciphersuite[0] <= 0) { in main()
2374 if (opt.force_ciphersuite[0] > 0) { in main()
2379 if (opt.max_version != -1 && in main()
2385 if (opt.min_version != -1 && in main()
2392 /* If we select a version that's not supported by in main()
2394 if (opt.max_version == -1 || in main()
2398 if (opt.min_version < ciphersuite_info->min_tls_version) { in main()
2402 #if defined(MBEDTLS_USE_PSA_CRYPTO) in main()
2403 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED) in main()
2404 if (opt.psk_opaque != 0 || opt.psk_list_opaque != 0) { in main()
2406 #if defined(MBEDTLS_MD_CAN_SHA384) in main()
2407 if (ciphersuite_info->mac == MBEDTLS_MD_SHA384) { in main()
2417 #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) in main()
2418 if (mbedtls_test_unhexify(cid, sizeof(cid), in main()
2426 if (opt.cid_enabled_renego == DFL_CID_ENABLED_RENEGO) { in main()
2429 if (opt.cid_val_renego == DFL_CID_VALUE_RENEGO) { in main()
2433 if (mbedtls_test_unhexify(cid_renego, sizeof(cid_renego), in main()
2440 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED) in main()
2442 * Unhexify the pre-shared key and parse the list if any given in main()
2444 if (mbedtls_test_unhexify(psk, sizeof(psk), in main()
2450 if (opt.psk_list != NULL) { in main()
2451 if ((psk_info = psk_parse(opt.psk_list)) == NULL) { in main()
2458 if (opt.groups != NULL) { in main()
2459 if (parse_groups(opt.groups, group_list, GROUP_LIST_SIZE) != 0) { in main()
2464 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) in main()
2465 if (opt.sig_algs != NULL) { in main()
2477 if (*p == ',') { in main()
2481 if (strcmp(q, "rsa_pkcs1_sha256") == 0) { in main()
2483 } else if (strcmp(q, "rsa_pkcs1_sha384") == 0) { in main()
2485 } else if (strcmp(q, "rsa_pkcs1_sha512") == 0) { in main()
2487 } else if (strcmp(q, "ecdsa_secp256r1_sha256") == 0) { in main()
2489 } else if (strcmp(q, "ecdsa_secp384r1_sha384") == 0) { in main()
2491 } else if (strcmp(q, "ecdsa_secp521r1_sha512") == 0) { in main()
2493 } else if (strcmp(q, "rsa_pss_rsae_sha256") == 0) { in main()
2495 } else if (strcmp(q, "rsa_pss_rsae_sha384") == 0) { in main()
2497 } else if (strcmp(q, "rsa_pss_rsae_sha512") == 0) { in main()
2499 } else if (strcmp(q, "ed25519") == 0) { in main()
2501 } else if (strcmp(q, "ed448") == 0) { in main()
2503 } else if (strcmp(q, "rsa_pss_pss_sha256") == 0) { in main()
2505 } else if (strcmp(q, "rsa_pss_pss_sha384") == 0) { in main()
2507 } else if (strcmp(q, "rsa_pss_pss_sha512") == 0) { in main()
2509 } else if (strcmp(q, "rsa_pkcs1_sha1") == 0) { in main()
2511 } else if (strcmp(q, "ecdsa_sha1") == 0) { in main()
2521 if (i == (SIG_ALG_LIST_SIZE - 1) && *p != '\0') { in main()
2531 #if defined(MBEDTLS_SSL_ALPN) in main()
2532 if (opt.alpn_string != NULL) { in main()
2544 if (*p == ',') { in main()
2561 if (ret != 0) { in main()
2566 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) in main()
2573 if (strcmp(opt.ca_path, "none") == 0 || in main()
2577 #if defined(MBEDTLS_FS_IO) in main()
2578 if (strlen(opt.ca_path)) { in main()
2580 } else if (strlen(opt.ca_file)) { in main()
2585 #if defined(MBEDTLS_PEM_PARSE_C) in main()
2590 if (ret != 0) { in main()
2595 if (ret == 0) { in main()
2600 if (ret != 0) { in main()
2606 if (ret < 0) { in main()
2620 #if defined(MBEDTLS_FS_IO) in main()
2621 if (strlen(opt.crt_file) && strcmp(opt.crt_file, "none") != 0) { in main()
2623 if ((ret = mbedtls_x509_crt_parse_file(&srvcert, opt.crt_file)) != 0) { in main()
2629 if (strlen(opt.key_file) && strcmp(opt.key_file, "none") != 0) { in main()
2631 if ((ret = mbedtls_pk_parse_keyfile(&pkey, opt.key_file, in main()
2638 if (key_cert_init == 1) { in main()
2643 if (strlen(opt.crt_file2) && strcmp(opt.crt_file2, "none") != 0) { in main()
2645 if ((ret = mbedtls_x509_crt_parse_file(&srvcert2, opt.crt_file2)) != 0) { in main()
2651 if (strlen(opt.key_file2) && strcmp(opt.key_file2, "none") != 0) { in main()
2653 if ((ret = mbedtls_pk_parse_keyfile(&pkey2, opt.key_file2, in main()
2660 if (key_cert_init2 == 1) { in main()
2665 if (key_cert_init == 0 && in main()
2671 #if defined(MBEDTLS_RSA_C) in main()
2672 if ((ret = mbedtls_x509_crt_parse(&srvcert, in main()
2679 if ((ret = mbedtls_pk_parse_key(&pkey, in main()
2689 #if defined(MBEDTLS_PK_CAN_ECDSA_SOME) in main()
2690 if ((ret = mbedtls_x509_crt_parse(&srvcert2, in main()
2697 if ((ret = mbedtls_pk_parse_key(&pkey2, in main()
2709 #if defined(MBEDTLS_USE_PSA_CRYPTO) in main()
2710 if (opt.key_opaque != 0) { in main()
2714 if (key_opaque_set_alg_usage(opt.key1_opaque_alg1, in main()
2720 if (ret != 0) { in main()
2731 if (key_opaque_set_alg_usage(opt.key2_opaque_alg1, in main()
2737 if (ret != 0) { in main()
2752 #if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO) in main()
2753 if (opt.dhm_file != NULL) { in main()
2757 if ((ret = mbedtls_dhm_parse_dhmfile(&dhm, opt.dhm_file)) != 0) { in main()
2767 #if defined(SNI_OPTION) in main()
2768 if (opt.sni != NULL) { in main()
2772 if ((sni_info = sni_parse(opt.sni)) == NULL) { in main()
2787 if ((ret = mbedtls_ssl_config_defaults(&conf, in main()
2796 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) in main()
2800 if (opt.allow_sha1 > 0) { in main()
2807 if (opt.auth_mode != DFL_AUTH_MODE) { in main()
2811 if (opt.cert_req_ca_list != DFL_CERT_REQ_CA_LIST) { in main()
2815 #if defined(MBEDTLS_SSL_EARLY_DATA) in main()
2816 if (opt.early_data != DFL_EARLY_DATA) { in main()
2819 if (opt.max_early_data_size != DFL_MAX_EARLY_DATA_SIZE) { in main()
2825 #if defined(MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED) in main()
2829 if (opt.cert_req_dn_hint == 2 && key_cert_init2) { in main()
2834 #if defined(MBEDTLS_SSL_PROTO_DTLS) in main()
2835 if (opt.hs_to_min != DFL_HS_TO_MIN || opt.hs_to_max != DFL_HS_TO_MAX) { in main()
2839 if (opt.dgram_packing != DFL_DGRAM_PACKING) { in main()
2844 #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) in main()
2845 if ((ret = mbedtls_ssl_conf_max_frag_len(&conf, opt.mfl_code)) != 0) { in main()
2851 #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) in main()
2852 if (opt.cid_enabled == 1 || opt.cid_enabled_renego == 1) { in main()
2853 if (opt.cid_enabled == 1 && in main()
2860 if (opt.cid_enabled == 1) { in main()
2868 if (ret != 0) { in main()
2876 #if defined(MBEDTLS_SSL_DTLS_SRTP) in main()
2879 if (opt.use_srtp == 1) { in main()
2880 if (opt.force_srtp_profile != 0) { in main()
2886 if (ret != 0) { in main()
2898 } else if (opt.force_srtp_profile != 0) { in main()
2904 #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) in main()
2905 if (opt.extended_ms != DFL_EXTENDED_MS) { in main()
2910 #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) in main()
2911 if (opt.etm != DFL_ETM) { in main()
2916 #if defined(MBEDTLS_SSL_ALPN) in main()
2917 if (opt.alpn_string != NULL) { in main()
2918 if ((ret = mbedtls_ssl_conf_alpn_protocols(&conf, alpn_list)) != 0) { in main()
2925 if (opt.reproducible) { in main()
2926 #if defined(MBEDTLS_HAVE_TIME) in main()
2927 #if defined(MBEDTLS_PLATFORM_TIME_ALT) in main()
2937 #if defined(MBEDTLS_SSL_CACHE_C) in main()
2938 if (opt.cache_max != -1) { in main()
2942 #if defined(MBEDTLS_HAVE_TIME) in main()
2943 if (opt.cache_timeout != -1) { in main()
2953 #if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_TICKET_C) in main()
2954 if (opt.tickets != MBEDTLS_SSL_SESSION_TICKETS_DISABLED) { in main()
2955 #if defined(MBEDTLS_HAVE_TIME) in main()
2956 if (opt.dummy_ticket) { in main()
2964 if ((ret = mbedtls_ssl_ticket_setup(&ticket_ctx, in main()
2980 #if defined(MBEDTLS_SSL_PROTO_TLS1_3) in main()
2986 if (opt.ticket_rotate) { in main()
2989 if ((ret = rng_get(&rng, name, sizeof(name))) != 0 || in main()
3001 #if defined(MBEDTLS_SSL_PROTO_DTLS) in main()
3002 if (opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in main()
3003 #if defined(MBEDTLS_SSL_COOKIE_C) in main()
3004 if (opt.cookies > 0) { in main()
3005 if ((ret = mbedtls_ssl_cookie_setup(&cookie_ctx, in main()
3015 #if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) in main()
3016 if (opt.cookies == 0) { in main()
3024 #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) in main()
3025 if (opt.anti_replay != DFL_ANTI_REPLAY) { in main()
3030 if (opt.badmac_limit != DFL_BADMAC_LIMIT) { in main()
3036 if (opt.force_ciphersuite[0] != DFL_FORCE_CIPHER) { in main()
3040 #if defined(MBEDTLS_SSL_PROTO_TLS1_3) in main()
3044 if (opt.allow_legacy != DFL_ALLOW_LEGACY) { in main()
3047 #if defined(MBEDTLS_SSL_RENEGOTIATION) in main()
3050 if (opt.renego_delay != DFL_RENEGO_DELAY) { in main()
3054 if (opt.renego_period != DFL_RENEGO_PERIOD) { in main()
3060 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) in main()
3061 if (strcmp(opt.ca_path, "none") != 0 && in main()
3063 #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) in main()
3064 if (opt.ca_callback != 0) { in main()
3070 if (key_cert_init) { in main()
3072 #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) in main()
3073 if (opt.async_private_delay1 >= 0) { in main()
3076 if (ret < 0) { in main()
3084 if ((ret = mbedtls_ssl_conf_own_cert(&conf, &srvcert, pk)) != 0) { in main()
3089 if (key_cert_init2) { in main()
3091 #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) in main()
3092 if (opt.async_private_delay2 >= 0) { in main()
3095 if (ret < 0) { in main()
3103 if ((ret = mbedtls_ssl_conf_own_cert(&conf, &srvcert2, pk)) != 0) { in main()
3109 #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) in main()
3110 if (opt.async_operations[0] != '-') { in main()
3139 #if defined(SNI_OPTION) in main()
3140 if (opt.sni != NULL) { in main()
3143 #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) in main()
3144 if (opt.async_private_delay2 >= 0) { in main()
3150 if (ret < 0) { in main()
3162 #if defined(MBEDTLS_PK_HAVE_ECC_KEYS) || \ in main()
3165 if (opt.groups != NULL && in main()
3171 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) in main()
3172 if (opt.sig_algs != NULL) { in main()
3177 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED) in main()
3179 if (strlen(opt.psk) != 0 && strlen(opt.psk_identity) != 0) { in main()
3180 #if defined(MBEDTLS_USE_PSA_CRYPTO) in main()
3181 if (opt.psk_opaque != 0) { in main()
3184 if (status != PSA_SUCCESS) { in main()
3189 if ((ret = mbedtls_ssl_conf_psk_opaque(&conf, psk_slot, in main()
3198 if (psk_len > 0) { in main()
3202 if (ret != 0) { in main()
3210 if (opt.psk_list != NULL) { in main()
3211 #if defined(MBEDTLS_USE_PSA_CRYPTO) in main()
3212 if (opt.psk_list_opaque != 0) { in main()
3219 if (status != PSA_SUCCESS) { in main()
3231 #if defined(MBEDTLS_DHM_C) in main()
3235 #if defined(MBEDTLS_FS_IO) in main()
3236 if (opt.dhm_file != NULL) { in main()
3240 if (ret != 0) { in main()
3247 if (opt.min_version != DFL_MIN_VERSION) { in main()
3251 if (opt.max_version != DFL_MIN_VERSION) { in main()
3255 if ((ret = mbedtls_ssl_setup(&ssl, &conf)) != 0) { in main()
3260 if (opt.eap_tls != 0) { in main()
3263 } else if (opt.nss_keylog != 0) { in main()
3268 #if defined(MBEDTLS_SSL_DTLS_SRTP) in main()
3269 else if (opt.use_srtp != 0) { in main()
3280 #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) in main()
3281 if (opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in main()
3282 if ((ret = mbedtls_ssl_set_cid(&ssl, opt.cid_enabled, in main()
3291 #if defined(MBEDTLS_SSL_PROTO_DTLS) in main()
3292 if (opt.dtls_mtu != DFL_DTLS_MTU) { in main()
3297 #if defined(MBEDTLS_TIMING_C) in main()
3313 if ((ret = mbedtls_net_bind(&listen_fd, opt.server_addr, opt.server_port, in main()
3322 #if !defined(_WIN32) in main()
3323 if (received_sigterm) { in main()
3325 if (ret == MBEDTLS_ERR_NET_INVALID_CONTEXT) { in main()
3333 if (ret == MBEDTLS_ERR_SSL_CLIENT_RECONNECT) { in main()
3339 if (ret != 0) { in main()
3356 if ((ret = mbedtls_net_accept(&listen_fd, &client_fd, in main()
3358 #if !defined(_WIN32) in main()
3359 if (received_sigterm) { in main()
3361 if (ret == MBEDTLS_ERR_NET_ACCEPT_FAILED) { in main()
3373 if (opt.nbio > 0) { in main()
3378 if (ret != 0) { in main()
3385 #if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) in main()
3386 if (opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in main()
3387 if ((ret = mbedtls_ssl_set_client_transport_id(&ssl, in main()
3396 #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) in main()
3397 if (opt.ecjpake_pw != DFL_ECJPAKE_PW) { in main()
3398 #if defined(MBEDTLS_USE_PSA_CRYPTO) in main()
3399 if (opt.ecjpake_pw_opaque != DFL_ECJPAKE_PW_OPAQUE) { in main()
3410 if (status != PSA_SUCCESS) { in main()
3415 if ((ret = mbedtls_ssl_set_hs_ecjpake_password_opaque(&ssl, in main()
3426 if ((ret = mbedtls_ssl_set_hs_ecjpake_password(&ssl, in main()
3437 #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) in main()
3438 #if defined(MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED) in main()
3443 * if being set per-handshake using mbedtls_ssl_set_hs_dn_hints()) */ in main()
3444 if (opt.cert_req_dn_hint == 3 && key_cert_init2) { in main()
3460 #if defined(MBEDTLS_SSL_EARLY_DATA) in main()
3461 if (ret == MBEDTLS_ERR_SSL_RECEIVED_EARLY_DATA) { in main()
3464 if (ret > 0) { in main()
3473 #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) in main()
3474 if (ret == MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS && in main()
3481 if (!mbedtls_status_is_ssl_in_progress(ret)) { in main()
3486 if (opt.event == 1 /* level triggered IO */) { in main()
3487 #if defined(MBEDTLS_TIMING_C) in main()
3492 if (ret != 0) { in main()
3498 if (ret == MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED) { in main()
3502 } else if (ret != 0) { in main()
3506 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) in main()
3507 if (ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED) { in main()
3517 #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) in main()
3518 if (opt.async_private_error < 0) { in main()
3538 if ((ret = mbedtls_ssl_get_record_expansion(&ssl)) >= 0) { in main()
3544 #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) || defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT) in main()
3551 #if defined(MBEDTLS_SSL_ALPN) in main()
3552 if (opt.alpn_string != NULL) { in main()
3559 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) in main()
3565 if ((flags = mbedtls_ssl_get_verify_result(&ssl)) != 0) { in main()
3576 #if !defined(MBEDTLS_X509_REMOVE_INFO) in main()
3577 if (mbedtls_ssl_get_peer_cert(&ssl) != NULL) { in main()
3588 if (opt.eap_tls != 0) { in main()
3591 if ((ret = mbedtls_ssl_tls_prf(eap_tls_keying.tls_prf_type, in main()
3607 if (j % 8 == 0) { in main()
3614 if ((ret = mbedtls_ssl_tls_prf(eap_tls_keying.tls_prf_type, NULL, 0, in main()
3627 if (j % 8 == 0) { in main()
3635 #if defined(MBEDTLS_SSL_DTLS_SRTP) in main()
3636 else if (opt.use_srtp != 0) { in main()
3641 if (dtls_srtp_negotiation_result.chosen_dtls_srtp_profile in main()
3646 if ((ret = mbedtls_ssl_tls_prf(dtls_srtp_keying.tls_prf_type, in main()
3662 if (j % 8 == 0) { in main()
3679 if (dtls_srtp_negotiation_result.mki_len > 0) { in main()
3693 #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) in main()
3695 if (ret != 0) { in main()
3699 if (opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { in main()
3700 if ((ret = mbedtls_ssl_set_cid(&ssl, opt.cid_enabled_renego, in main()
3709 #if defined(MBEDTLS_MEMORY_DEBUG) in main()
3716 if (opt.exchanges == 0) { in main()
3731 if (opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM) { in main()
3738 if (mbedtls_status_is_ssl_in_progress(ret)) { in main()
3739 if (opt.event == 1 /* level triggered IO */) { in main()
3740 #if defined(MBEDTLS_TIMING_C) in main()
3750 if (ret <= 0) { in main()
3768 if (mbedtls_ssl_get_bytes_avail(&ssl) == 0) { in main()
3775 if (buf[len - 1] == '\n') { in main()
3786 if (larger_buf == NULL) { in main()
3797 if (ret != extra_len || in main()
3811 if (larger_buf[ori_len + extra_len - 1] == '\n') { in main()
3818 if (terminated) { in main()
3840 if (mbedtls_ssl_check_pending(&ssl) == 0 && in main()
3842 #if defined(MBEDTLS_TIMING_C) in main()
3851 /* Note that even if `mbedtls_ssl_check_pending` returns true, in main()
3857 if (ret <= 0) { in main()
3879 #if defined(MBEDTLS_SSL_RENEGOTIATION) in main()
3880 if (opt.renegotiate && exchanges_left == opt.exchanges) { in main()
3885 if (!mbedtls_status_is_ssl_in_progress(ret)) { in main()
3891 if (opt.event == 1 /* level triggered IO */) { in main()
3892 #if defined(MBEDTLS_TIMING_C) in main()
3904 #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) in main()
3906 if (ret != 0) { in main()
3917 /* If the format of the response changes, make sure there is enough in main()
3923 if (opt.response_size != DFL_RESPONSE_SIZE && in main()
3929 /* Truncate if response size is smaller than the "natural" size */ in main()
3930 if (opt.response_size != DFL_RESPONSE_SIZE && in main()
3935 if (len >= 2) { in main()
3938 if (len >= 1) { in main()
3943 if (opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM) { in main()
3947 if (ret == MBEDTLS_ERR_NET_CONN_RESET) { in main()
3952 if (!mbedtls_status_is_ssl_in_progress(ret)) { in main()
3958 if (opt.event == 1 /* level triggered IO */) { in main()
3959 #if defined(MBEDTLS_TIMING_C) in main()
3971 if (!mbedtls_status_is_ssl_in_progress(ret)) { in main()
3976 if (opt.event == 1 /* level triggered IO */) { in main()
3977 #if defined(MBEDTLS_TIMING_C) in main()
3985 if (ret < 0) { in main()
4001 #if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) in main()
4002 if (opt.serialize != 0) { in main()
4008 if (ret != MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL) { in main()
4015 if ((context_buf = mbedtls_calloc(1, buf_len)) == NULL) { in main()
4023 if ((ret = mbedtls_ssl_context_save(&ssl, context_buf, in main()
4034 if (0 < strlen(opt.context_file)) { in main()
4043 if ((b64_buf = mbedtls_calloc(1, b64_len)) == NULL) { in main()
4049 if ((ret = mbedtls_base64_encode(b64_buf, b64_len, &b64_len, in main()
4057 if ((b64_file = fopen(opt.context_file, "w")) == NULL) { in main()
4064 if (b64_len != fwrite(b64_buf, 1, b64_len, b64_file)) { in main()
4085 if (opt.serialize == 1) { in main()
4098 if (opt.serialize == 2) { in main()
4105 if ((ret = mbedtls_ssl_setup(&ssl, &conf)) != 0) { in main()
4113 * up, however you could set up much more if desired, for example in main()
4114 * if you want to share your set up code between the case of in main()
4117 if (opt.nbio == 2) { in main()
4126 #if defined(MBEDTLS_TIMING_C) in main()
4137 if ((ret = mbedtls_ssl_context_load(&ssl, context_buf, in main()
4156 if (--exchanges_left > 0) { in main()
4174 #if defined(MBEDTLS_SSL_CACHE_C) in main()
4175 if (opt.cache_remove > 0) { in main()
4187 if (ret != 0) { in main()
4194 if (opt.query_config_mode == DFL_QUERY_CONFIG_MODE) { in main()
4205 #if defined(MBEDTLS_SSL_CACHE_C) in main()
4208 #if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_TICKET_C) in main()
4211 #if defined(MBEDTLS_SSL_COOKIE_C) in main()
4215 #if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) in main()
4216 if (context_buf != NULL) { in main()
4222 #if defined(SNI_OPTION) in main()
4226 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED) in main()
4228 if ((ret != 0) && (opt.query_config_mode == DFL_QUERY_CONFIG_MODE)) { in main()
4233 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) in main()
4239 #if defined(MBEDTLS_USE_PSA_CRYPTO) in main()
4245 #if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO) in main()
4249 #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) in main()
4251 if (ssl_async_keys.slots[i].pk_owned) { in main()
4259 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED) && \ in main()
4261 if (opt.psk_opaque != 0) { in main()
4262 /* This is ok even if the slot hasn't been in main()
4267 if ((status != PSA_SUCCESS) && in main()
4277 #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) && \ in main()
4283 if ((opt.ecjpake_pw_opaque != DFL_ECJPAKE_PW_OPAQUE)) { in main()
4287 if (psa_get_key_attributes(ecjpake_pw_slot, &check_attributes) != in main()
4289 if (ret == 0) { in main()
4299 #if defined(MBEDTLS_USE_PSA_CRYPTO) || defined(MBEDTLS_SSL_PROTO_TLS1_3) in main()
4301 if (message) { in main()
4302 if (ret == 0) { in main()
4311 #if (defined(MBEDTLS_USE_PSA_CRYPTO) || defined(MBEDTLS_SSL_PROTO_TLS1_3)) \ in main()
4320 #if defined(MBEDTLS_TEST_HOOKS) in main()
4324 if (opt.query_config_mode == DFL_QUERY_CONFIG_MODE) { in main()
4325 if (test_hooks_failure_detected()) { in main()
4326 if (ret == 0) { in main()
4335 #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) in main()
4336 #if defined(MBEDTLS_MEMORY_DEBUG) in main()
4342 if (opt.query_config_mode == DFL_QUERY_CONFIG_MODE) { in main()
4347 if (ret < 0) { in main()
4351 if (opt.query_config_mode == DFL_QUERY_CONFIG_MODE) { in main()