1 /*
2 * SSL client with options
3 *
4 * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
5 * SPDX-License-Identifier: Apache-2.0
6 *
7 * Licensed under the Apache License, Version 2.0 (the "License"); you may
8 * not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
10 *
11 * http://www.apache.org/licenses/LICENSE-2.0
12 *
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
15 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 *
19 * This file is part of mbed TLS (https://tls.mbed.org)
20 */
21
22 #if !defined(MBEDTLS_CONFIG_FILE)
23 #include "mbedtls/config.h"
24 #else
25 #include MBEDTLS_CONFIG_FILE
26 #endif
27
28 #if defined(MBEDTLS_PLATFORM_C)
29 #include "mbedtls/platform.h"
30 #else
31 #include <stdio.h>
32 #include <stdlib.h>
33 #define mbedtls_free free
34 #define mbedtls_time time
35 #define mbedtls_time_t time_t
36 #define mbedtls_calloc calloc
37 #define mbedtls_fprintf fprintf
38 #define mbedtls_printf printf
39 #endif
40
41 #if !defined(MBEDTLS_ENTROPY_C) || \
42 !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_SRV_C) || \
43 !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_CTR_DRBG_C)
main(void)44 int main( void )
45 {
46 mbedtls_printf("MBEDTLS_ENTROPY_C and/or "
47 "MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_SRV_C and/or "
48 "MBEDTLS_NET_C and/or MBEDTLS_CTR_DRBG_C and/or not defined.\n");
49 return( 0 );
50 }
51 #else
52
53 #include "mbedtls/net_sockets.h"
54 #include "mbedtls/ssl.h"
55 #include "mbedtls/entropy.h"
56 #include "mbedtls/ctr_drbg.h"
57 #include "mbedtls/certs.h"
58 #include "mbedtls/x509.h"
59 #include "mbedtls/error.h"
60 #include "mbedtls/debug.h"
61 #include "mbedtls/timing.h"
62
63 #include <stdio.h>
64 #include <stdlib.h>
65 #include <string.h>
66
67 #if !defined(_WIN32)
68 #include <signal.h>
69 #endif
70
71 #if defined(MBEDTLS_SSL_CACHE_C)
72 #include "mbedtls/ssl_cache.h"
73 #endif
74
75 #if defined(MBEDTLS_SSL_TICKET_C)
76 #include "mbedtls/ssl_ticket.h"
77 #endif
78
79 #if defined(MBEDTLS_SSL_COOKIE_C)
80 #include "mbedtls/ssl_cookie.h"
81 #endif
82
83 #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
84 #include "mbedtls/memory_buffer_alloc.h"
85 #endif
86
87 #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) && defined(MBEDTLS_FS_IO)
88 #define SNI_OPTION
89 #endif
90
91 #if defined(_WIN32)
92 #include <windows.h>
93 #endif
94
95 #define DFL_SERVER_ADDR NULL
96 #define DFL_SERVER_PORT "4433"
97 #define DFL_DEBUG_LEVEL 0
98 #define DFL_NBIO 0
99 #define DFL_READ_TIMEOUT 0
100 #define DFL_CA_FILE ""
101 #define DFL_CA_PATH ""
102 #define DFL_CRT_FILE ""
103 #define DFL_KEY_FILE ""
104 #define DFL_CRT_FILE2 ""
105 #define DFL_KEY_FILE2 ""
106 #define DFL_PSK ""
107 #define DFL_PSK_IDENTITY "Client_identity"
108 #define DFL_ECJPAKE_PW NULL
109 #define DFL_PSK_LIST NULL
110 #define DFL_FORCE_CIPHER 0
111 #define DFL_VERSION_SUITES NULL
112 #define DFL_RENEGOTIATION MBEDTLS_SSL_RENEGOTIATION_DISABLED
113 #define DFL_ALLOW_LEGACY -2
114 #define DFL_RENEGOTIATE 0
115 #define DFL_RENEGO_DELAY -2
116 #define DFL_RENEGO_PERIOD -1
117 #define DFL_EXCHANGES 1
118 #define DFL_MIN_VERSION -1
119 #define DFL_MAX_VERSION -1
120 #define DFL_ARC4 -1
121 #define DFL_AUTH_MODE -1
122 #define DFL_MFL_CODE MBEDTLS_SSL_MAX_FRAG_LEN_NONE
123 #define DFL_TRUNC_HMAC -1
124 #define DFL_TICKETS MBEDTLS_SSL_SESSION_TICKETS_ENABLED
125 #define DFL_TICKET_TIMEOUT 86400
126 #define DFL_CACHE_MAX -1
127 #define DFL_CACHE_TIMEOUT -1
128 #define DFL_SNI NULL
129 #define DFL_ALPN_STRING NULL
130 #define DFL_DHM_FILE NULL
131 #define DFL_TRANSPORT MBEDTLS_SSL_TRANSPORT_STREAM
132 #define DFL_COOKIES 1
133 #define DFL_ANTI_REPLAY -1
134 #define DFL_HS_TO_MIN 0
135 #define DFL_HS_TO_MAX 0
136 #define DFL_BADMAC_LIMIT -1
137 #define DFL_EXTENDED_MS -1
138 #define DFL_ETM -1
139
140 #define LONG_RESPONSE "<p>01-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \
141 "02-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \
142 "03-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \
143 "04-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \
144 "05-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \
145 "06-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \
146 "07-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah</p>\r\n"
147
148 /* Uncomment LONG_RESPONSE at the end of HTTP_RESPONSE to test sending longer
149 * packets (for fragmentation purposes) */
150 #define HTTP_RESPONSE \
151 "HTTP/1.0 200 OK\r\nContent-Type: text/html\r\n\r\n" \
152 "<h2>mbed TLS Test Server</h2>\r\n" \
153 "<p>Successful connection using: %s</p>\r\n" // LONG_RESPONSE
154
155 /*
156 * Size of the basic I/O buffer. Able to hold our default response.
157 *
158 * You will need to adapt the mbedtls_ssl_get_bytes_avail() test in ssl-opt.sh
159 * if you change this value to something outside the range <= 100 or > 500
160 */
161 #define IO_BUF_LEN 200
162
163 #if defined(MBEDTLS_X509_CRT_PARSE_C)
164 #if defined(MBEDTLS_FS_IO)
165 #define USAGE_IO \
166 " ca_file=%%s The single file containing the top-level CA(s) you fully trust\n" \
167 " default: \"\" (pre-loaded)\n" \
168 " ca_path=%%s The path containing the top-level CA(s) you fully trust\n" \
169 " default: \"\" (pre-loaded) (overrides ca_file)\n" \
170 " crt_file=%%s Your own cert and chain (in bottom to top order, top may be omitted)\n" \
171 " default: see note after key_file2\n" \
172 " key_file=%%s default: see note after key_file2\n" \
173 " crt_file2=%%s Your second cert and chain (in bottom to top order, top may be omitted)\n" \
174 " default: see note after key_file2\n" \
175 " key_file2=%%s default: see note below\n" \
176 " note: if neither crt_file/key_file nor crt_file2/key_file2 are used,\n" \
177 " preloaded certificate(s) and key(s) are used if available\n" \
178 " dhm_file=%%s File containing Diffie-Hellman parameters\n" \
179 " default: preloaded parameters\n"
180 #else
181 #define USAGE_IO \
182 "\n" \
183 " No file operations available (MBEDTLS_FS_IO not defined)\n" \
184 "\n"
185 #endif /* MBEDTLS_FS_IO */
186 #else
187 #define USAGE_IO ""
188 #endif /* MBEDTLS_X509_CRT_PARSE_C */
189
190 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
191 #define USAGE_PSK \
192 " psk=%%s default: \"\" (in hex, without 0x)\n" \
193 " psk_identity=%%s default: \"Client_identity\"\n"
194 #else
195 #define USAGE_PSK ""
196 #endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
197
198 #if defined(MBEDTLS_SSL_SESSION_TICKETS)
199 #define USAGE_TICKETS \
200 " tickets=%%d default: 1 (enabled)\n" \
201 " ticket_timeout=%%d default: 86400 (one day)\n"
202 #else
203 #define USAGE_TICKETS ""
204 #endif /* MBEDTLS_SSL_SESSION_TICKETS */
205
206 #if defined(MBEDTLS_SSL_CACHE_C)
207 #define USAGE_CACHE \
208 " cache_max=%%d default: cache default (50)\n" \
209 " cache_timeout=%%d default: cache default (1d)\n"
210 #else
211 #define USAGE_CACHE ""
212 #endif /* MBEDTLS_SSL_CACHE_C */
213
214 #if defined(SNI_OPTION)
215 #define USAGE_SNI \
216 " sni=%%s name1,cert1,key1,ca1,crl1,auth1[,...]\n" \
217 " default: disabled\n"
218 #else
219 #define USAGE_SNI ""
220 #endif /* SNI_OPTION */
221
222 #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
223 #define USAGE_MAX_FRAG_LEN \
224 " max_frag_len=%%d default: 16384 (tls default)\n" \
225 " options: 512, 1024, 2048, 4096\n"
226 #else
227 #define USAGE_MAX_FRAG_LEN ""
228 #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
229
230 #if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
231 #define USAGE_TRUNC_HMAC \
232 " trunc_hmac=%%d default: library default\n"
233 #else
234 #define USAGE_TRUNC_HMAC ""
235 #endif
236
237 #if defined(MBEDTLS_SSL_ALPN)
238 #define USAGE_ALPN \
239 " alpn=%%s default: \"\" (disabled)\n" \
240 " example: spdy/1,http/1.1\n"
241 #else
242 #define USAGE_ALPN ""
243 #endif /* MBEDTLS_SSL_ALPN */
244
245 #if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY)
246 #define USAGE_COOKIES \
247 " cookies=0/1/-1 default: 1 (enabled)\n" \
248 " 0: disabled, -1: library default (broken)\n"
249 #else
250 #define USAGE_COOKIES ""
251 #endif
252
253 #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
254 #define USAGE_ANTI_REPLAY \
255 " anti_replay=0/1 default: (library default: enabled)\n"
256 #else
257 #define USAGE_ANTI_REPLAY ""
258 #endif
259
260 #if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT)
261 #define USAGE_BADMAC_LIMIT \
262 " badmac_limit=%%d default: (library default: disabled)\n"
263 #else
264 #define USAGE_BADMAC_LIMIT ""
265 #endif
266
267 #if defined(MBEDTLS_SSL_PROTO_DTLS)
268 #define USAGE_DTLS \
269 " dtls=%%d default: 0 (TLS)\n" \
270 " hs_timeout=%%d-%%d default: (library default: 1000-60000)\n" \
271 " range of DTLS handshake timeouts in millisecs\n"
272 #else
273 #define USAGE_DTLS ""
274 #endif
275
276 #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
277 #define USAGE_EMS \
278 " extended_ms=0/1 default: (library default: on)\n"
279 #else
280 #define USAGE_EMS ""
281 #endif
282
283 #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
284 #define USAGE_ETM \
285 " etm=0/1 default: (library default: on)\n"
286 #else
287 #define USAGE_ETM ""
288 #endif
289
290 #if defined(MBEDTLS_SSL_RENEGOTIATION)
291 #define USAGE_RENEGO \
292 " renegotiation=%%d default: 0 (disabled)\n" \
293 " renegotiate=%%d default: 0 (disabled)\n" \
294 " renego_delay=%%d default: -2 (library default)\n" \
295 " renego_period=%%d default: (library default)\n"
296 #else
297 #define USAGE_RENEGO ""
298 #endif
299
300 #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
301 #define USAGE_ECJPAKE \
302 " ecjpake_pw=%%s default: none (disabled)\n"
303 #else
304 #define USAGE_ECJPAKE ""
305 #endif
306
307 #define USAGE \
308 "\n usage: ssl_server2 param=<>...\n" \
309 "\n acceptable parameters:\n" \
310 " server_addr=%%d default: (all interfaces)\n" \
311 " server_port=%%d default: 4433\n" \
312 " debug_level=%%d default: 0 (disabled)\n" \
313 " nbio=%%d default: 0 (blocking I/O)\n" \
314 " options: 1 (non-blocking), 2 (added delays)\n" \
315 " read_timeout=%%d default: 0 ms (no timeout)\n" \
316 "\n" \
317 USAGE_DTLS \
318 USAGE_COOKIES \
319 USAGE_ANTI_REPLAY \
320 USAGE_BADMAC_LIMIT \
321 "\n" \
322 " auth_mode=%%s default: (library default: none)\n" \
323 " options: none, optional, required\n" \
324 USAGE_IO \
325 USAGE_SNI \
326 "\n" \
327 USAGE_PSK \
328 USAGE_ECJPAKE \
329 "\n" \
330 " allow_legacy=%%d default: (library default: no)\n" \
331 USAGE_RENEGO \
332 " exchanges=%%d default: 1\n" \
333 "\n" \
334 USAGE_TICKETS \
335 USAGE_CACHE \
336 USAGE_MAX_FRAG_LEN \
337 USAGE_TRUNC_HMAC \
338 USAGE_ALPN \
339 USAGE_EMS \
340 USAGE_ETM \
341 "\n" \
342 " arc4=%%d default: (library default: 0)\n" \
343 " min_version=%%s default: (library default: tls1)\n" \
344 " max_version=%%s default: (library default: tls1_2)\n" \
345 " force_version=%%s default: \"\" (none)\n" \
346 " options: ssl3, tls1, tls1_1, tls1_2, dtls1, dtls1_2\n" \
347 "\n" \
348 " version_suites=a,b,c,d per-version ciphersuites\n" \
349 " in order from ssl3 to tls1_2\n" \
350 " default: all enabled\n" \
351 " force_ciphersuite=<name> default: all enabled\n" \
352 " acceptable ciphersuite names:\n"
353
354 /*
355 * global options
356 */
357 struct options
358 {
359 const char *server_addr; /* address on which the ssl service runs */
360 const char *server_port; /* port on which the ssl service runs */
361 int debug_level; /* level of debugging */
362 int nbio; /* should I/O be blocking? */
363 uint32_t read_timeout; /* timeout on mbedtls_ssl_read() in milliseconds */
364 const char *ca_file; /* the file with the CA certificate(s) */
365 const char *ca_path; /* the path with the CA certificate(s) reside */
366 const char *crt_file; /* the file with the server certificate */
367 const char *key_file; /* the file with the server key */
368 const char *crt_file2; /* the file with the 2nd server certificate */
369 const char *key_file2; /* the file with the 2nd server key */
370 const char *psk; /* the pre-shared key */
371 const char *psk_identity; /* the pre-shared key identity */
372 char *psk_list; /* list of PSK id/key pairs for callback */
373 const char *ecjpake_pw; /* the EC J-PAKE password */
374 int force_ciphersuite[2]; /* protocol/ciphersuite to use, or all */
375 const char *version_suites; /* per-version ciphersuites */
376 int renegotiation; /* enable / disable renegotiation */
377 int allow_legacy; /* allow legacy renegotiation */
378 int renegotiate; /* attempt renegotiation? */
379 int renego_delay; /* delay before enforcing renegotiation */
380 int renego_period; /* period for automatic renegotiation */
381 int exchanges; /* number of data exchanges */
382 int min_version; /* minimum protocol version accepted */
383 int max_version; /* maximum protocol version accepted */
384 int arc4; /* flag for arc4 suites support */
385 int auth_mode; /* verify mode for connection */
386 unsigned char mfl_code; /* code for maximum fragment length */
387 int trunc_hmac; /* accept truncated hmac? */
388 int tickets; /* enable / disable session tickets */
389 int ticket_timeout; /* session ticket lifetime */
390 int cache_max; /* max number of session cache entries */
391 int cache_timeout; /* expiration delay of session cache entries */
392 char *sni; /* string describing sni information */
393 const char *alpn_string; /* ALPN supported protocols */
394 const char *dhm_file; /* the file with the DH parameters */
395 int extended_ms; /* allow negotiation of extended MS? */
396 int etm; /* allow negotiation of encrypt-then-MAC? */
397 int transport; /* TLS or DTLS? */
398 int cookies; /* Use cookies for DTLS? -1 to break them */
399 int anti_replay; /* Use anti-replay for DTLS? -1 for default */
400 uint32_t hs_to_min; /* Initial value of DTLS handshake timer */
401 uint32_t hs_to_max; /* Max value of DTLS handshake timer */
402 int badmac_limit; /* Limit of records with bad MAC */
403 } opt;
404
my_debug(void * ctx,int level,const char * file,int line,const char * str)405 static void my_debug( void *ctx, int level,
406 const char *file, int line,
407 const char *str )
408 {
409 const char *p, *basename;
410
411 /* Extract basename from file */
412 for( p = basename = file; *p != '\0'; p++ )
413 if( *p == '/' || *p == '\\' )
414 basename = p + 1;
415
416 mbedtls_fprintf( (FILE *) ctx, "%s:%04d: |%d| %s", basename, line, level, str );
417 fflush( (FILE *) ctx );
418 }
419
420 /*
421 * Test recv/send functions that make sure each try returns
422 * WANT_READ/WANT_WRITE at least once before sucesseding
423 */
my_recv(void * ctx,unsigned char * buf,size_t len)424 static int my_recv( void *ctx, unsigned char *buf, size_t len )
425 {
426 static int first_try = 1;
427 int ret;
428
429 if( first_try )
430 {
431 first_try = 0;
432 return( MBEDTLS_ERR_SSL_WANT_READ );
433 }
434
435 ret = mbedtls_net_recv( ctx, buf, len );
436 if( ret != MBEDTLS_ERR_SSL_WANT_READ )
437 first_try = 1; /* Next call will be a new operation */
438 return( ret );
439 }
440
my_send(void * ctx,const unsigned char * buf,size_t len)441 static int my_send( void *ctx, const unsigned char *buf, size_t len )
442 {
443 static int first_try = 1;
444 int ret;
445
446 if( first_try )
447 {
448 first_try = 0;
449 return( MBEDTLS_ERR_SSL_WANT_WRITE );
450 }
451
452 ret = mbedtls_net_send( ctx, buf, len );
453 if( ret != MBEDTLS_ERR_SSL_WANT_WRITE )
454 first_try = 1; /* Next call will be a new operation */
455 return( ret );
456 }
457
458 /*
459 * Return authmode from string, or -1 on error
460 */
get_auth_mode(const char * s)461 static int get_auth_mode( const char *s )
462 {
463 if( strcmp( s, "none" ) == 0 )
464 return( MBEDTLS_SSL_VERIFY_NONE );
465 if( strcmp( s, "optional" ) == 0 )
466 return( MBEDTLS_SSL_VERIFY_OPTIONAL );
467 if( strcmp( s, "required" ) == 0 )
468 return( MBEDTLS_SSL_VERIFY_REQUIRED );
469
470 return( -1 );
471 }
472
473 /*
474 * Used by sni_parse and psk_parse to handle coma-separated lists
475 */
476 #define GET_ITEM( dst ) \
477 dst = p; \
478 while( *p != ',' ) \
479 if( ++p > end ) \
480 goto error; \
481 *p++ = '\0';
482
483 #if defined(SNI_OPTION)
484 typedef struct _sni_entry sni_entry;
485
486 struct _sni_entry {
487 const char *name;
488 mbedtls_x509_crt *cert;
489 mbedtls_pk_context *key;
490 mbedtls_x509_crt* ca;
491 mbedtls_x509_crl* crl;
492 int authmode;
493 sni_entry *next;
494 };
495
sni_free(sni_entry * head)496 void sni_free( sni_entry *head )
497 {
498 sni_entry *cur = head, *next;
499
500 while( cur != NULL )
501 {
502 mbedtls_x509_crt_free( cur->cert );
503 mbedtls_free( cur->cert );
504
505 mbedtls_pk_free( cur->key );
506 mbedtls_free( cur->key );
507
508 mbedtls_x509_crt_free( cur->ca );
509 mbedtls_free( cur->ca );
510
511 mbedtls_x509_crl_free( cur->crl );
512 mbedtls_free( cur->crl );
513
514 next = cur->next;
515 mbedtls_free( cur );
516 cur = next;
517 }
518 }
519
520 /*
521 * Parse a string of sextuples name1,crt1,key1,ca1,crl1,auth1[,...]
522 * into a usable sni_entry list. For ca1, crl1, auth1, the special value
523 * '-' means unset. If ca1 is unset, then crl1 is ignored too.
524 *
525 * Modifies the input string! This is not production quality!
526 */
sni_parse(char * sni_string)527 sni_entry *sni_parse( char *sni_string )
528 {
529 sni_entry *cur = NULL, *new = NULL;
530 char *p = sni_string;
531 char *end = p;
532 char *crt_file, *key_file, *ca_file, *crl_file, *auth_str;
533
534 while( *end != '\0' )
535 ++end;
536 *end = ',';
537
538 while( p <= end )
539 {
540 if( ( new = mbedtls_calloc( 1, sizeof( sni_entry ) ) ) == NULL )
541 {
542 sni_free( cur );
543 return( NULL );
544 }
545
546 GET_ITEM( new->name );
547 GET_ITEM( crt_file );
548 GET_ITEM( key_file );
549 GET_ITEM( ca_file );
550 GET_ITEM( crl_file );
551 GET_ITEM( auth_str );
552
553 if( ( new->cert = mbedtls_calloc( 1, sizeof( mbedtls_x509_crt ) ) ) == NULL ||
554 ( new->key = mbedtls_calloc( 1, sizeof( mbedtls_pk_context ) ) ) == NULL )
555 goto error;
556
557 mbedtls_x509_crt_init( new->cert );
558 mbedtls_pk_init( new->key );
559
560 if( mbedtls_x509_crt_parse_file( new->cert, crt_file ) != 0 ||
561 mbedtls_pk_parse_keyfile( new->key, key_file, "" ) != 0 )
562 goto error;
563
564 if( strcmp( ca_file, "-" ) != 0 )
565 {
566 if( ( new->ca = mbedtls_calloc( 1, sizeof( mbedtls_x509_crt ) ) ) == NULL )
567 goto error;
568
569 mbedtls_x509_crt_init( new->ca );
570
571 if( mbedtls_x509_crt_parse_file( new->ca, ca_file ) != 0 )
572 goto error;
573 }
574
575 if( strcmp( crl_file, "-" ) != 0 )
576 {
577 if( ( new->crl = mbedtls_calloc( 1, sizeof( mbedtls_x509_crl ) ) ) == NULL )
578 goto error;
579
580 mbedtls_x509_crl_init( new->crl );
581
582 if( mbedtls_x509_crl_parse_file( new->crl, crl_file ) != 0 )
583 goto error;
584 }
585
586 if( strcmp( auth_str, "-" ) != 0 )
587 {
588 if( ( new->authmode = get_auth_mode( auth_str ) ) < 0 )
589 goto error;
590 }
591 else
592 new->authmode = DFL_AUTH_MODE;
593
594 new->next = cur;
595 cur = new;
596 }
597
598 return( cur );
599
600 error:
601 sni_free( new );
602 sni_free( cur );
603 return( NULL );
604 }
605
606 /*
607 * SNI callback.
608 */
sni_callback(void * p_info,mbedtls_ssl_context * ssl,const unsigned char * name,size_t name_len)609 int sni_callback( void *p_info, mbedtls_ssl_context *ssl,
610 const unsigned char *name, size_t name_len )
611 {
612 const sni_entry *cur = (const sni_entry *) p_info;
613
614 while( cur != NULL )
615 {
616 if( name_len == strlen( cur->name ) &&
617 memcmp( name, cur->name, name_len ) == 0 )
618 {
619 if( cur->ca != NULL )
620 mbedtls_ssl_set_hs_ca_chain( ssl, cur->ca, cur->crl );
621
622 if( cur->authmode != DFL_AUTH_MODE )
623 mbedtls_ssl_set_hs_authmode( ssl, cur->authmode );
624
625 return( mbedtls_ssl_set_hs_own_cert( ssl, cur->cert, cur->key ) );
626 }
627
628 cur = cur->next;
629 }
630
631 return( -1 );
632 }
633
634 #endif /* SNI_OPTION */
635
636 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
637
638 #define HEX2NUM( c ) \
639 if( c >= '0' && c <= '9' ) \
640 c -= '0'; \
641 else if( c >= 'a' && c <= 'f' ) \
642 c -= 'a' - 10; \
643 else if( c >= 'A' && c <= 'F' ) \
644 c -= 'A' - 10; \
645 else \
646 return( -1 );
647
648 /*
649 * Convert a hex string to bytes.
650 * Return 0 on success, -1 on error.
651 */
unhexify(unsigned char * output,const char * input,size_t * olen)652 int unhexify( unsigned char *output, const char *input, size_t *olen )
653 {
654 unsigned char c;
655 size_t j;
656
657 *olen = strlen( input );
658 if( *olen % 2 != 0 || *olen / 2 > MBEDTLS_PSK_MAX_LEN )
659 return( -1 );
660 *olen /= 2;
661
662 for( j = 0; j < *olen * 2; j += 2 )
663 {
664 c = input[j];
665 HEX2NUM( c );
666 output[ j / 2 ] = c << 4;
667
668 c = input[j + 1];
669 HEX2NUM( c );
670 output[ j / 2 ] |= c;
671 }
672
673 return( 0 );
674 }
675
676 typedef struct _psk_entry psk_entry;
677
678 struct _psk_entry
679 {
680 const char *name;
681 size_t key_len;
682 unsigned char key[MBEDTLS_PSK_MAX_LEN];
683 psk_entry *next;
684 };
685
686 /*
687 * Free a list of psk_entry's
688 */
psk_free(psk_entry * head)689 void psk_free( psk_entry *head )
690 {
691 psk_entry *next;
692
693 while( head != NULL )
694 {
695 next = head->next;
696 mbedtls_free( head );
697 head = next;
698 }
699 }
700
701 /*
702 * Parse a string of pairs name1,key1[,name2,key2[,...]]
703 * into a usable psk_entry list.
704 *
705 * Modifies the input string! This is not production quality!
706 */
psk_parse(char * psk_string)707 psk_entry *psk_parse( char *psk_string )
708 {
709 psk_entry *cur = NULL, *new = NULL;
710 char *p = psk_string;
711 char *end = p;
712 char *key_hex;
713
714 while( *end != '\0' )
715 ++end;
716 *end = ',';
717
718 while( p <= end )
719 {
720 if( ( new = mbedtls_calloc( 1, sizeof( psk_entry ) ) ) == NULL )
721 goto error;
722
723 memset( new, 0, sizeof( psk_entry ) );
724
725 GET_ITEM( new->name );
726 GET_ITEM( key_hex );
727
728 if( unhexify( new->key, key_hex, &new->key_len ) != 0 )
729 goto error;
730
731 new->next = cur;
732 cur = new;
733 }
734
735 return( cur );
736
737 error:
738 psk_free( new );
739 psk_free( cur );
740 return( 0 );
741 }
742
743 /*
744 * PSK callback
745 */
psk_callback(void * p_info,mbedtls_ssl_context * ssl,const unsigned char * name,size_t name_len)746 int psk_callback( void *p_info, mbedtls_ssl_context *ssl,
747 const unsigned char *name, size_t name_len )
748 {
749 psk_entry *cur = (psk_entry *) p_info;
750
751 while( cur != NULL )
752 {
753 if( name_len == strlen( cur->name ) &&
754 memcmp( name, cur->name, name_len ) == 0 )
755 {
756 return( mbedtls_ssl_set_hs_psk( ssl, cur->key, cur->key_len ) );
757 }
758
759 cur = cur->next;
760 }
761
762 return( -1 );
763 }
764 #endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
765
766 static mbedtls_net_context listen_fd, client_fd;
767
768 /* Interruption handler to ensure clean exit (for valgrind testing) */
769 #if !defined(_WIN32)
770 static int received_sigterm = 0;
term_handler(int sig)771 void term_handler( int sig )
772 {
773 ((void) sig);
774 received_sigterm = 1;
775 mbedtls_net_free( &listen_fd ); /* causes mbedtls_net_accept() to abort */
776 mbedtls_net_free( &client_fd ); /* causes net_read() to abort */
777 }
778 #endif
779
main(int argc,char * argv[])780 int main( int argc, char *argv[] )
781 {
782 int ret = 0, len, written, frags, exchanges_left;
783 int version_suites[4][2];
784 unsigned char buf[IO_BUF_LEN];
785 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
786 unsigned char psk[MBEDTLS_PSK_MAX_LEN];
787 size_t psk_len = 0;
788 psk_entry *psk_info = NULL;
789 #endif
790 const char *pers = "ssl_server2";
791 unsigned char client_ip[16] = { 0 };
792 size_t cliip_len;
793 #if defined(MBEDTLS_SSL_COOKIE_C)
794 mbedtls_ssl_cookie_ctx cookie_ctx;
795 #endif
796
797 mbedtls_entropy_context entropy;
798 mbedtls_ctr_drbg_context ctr_drbg;
799 mbedtls_ssl_context ssl;
800 mbedtls_ssl_config conf;
801 #if defined(MBEDTLS_TIMING_C)
802 mbedtls_timing_delay_context timer;
803 #endif
804 #if defined(MBEDTLS_SSL_RENEGOTIATION)
805 unsigned char renego_period[8] = { 0 };
806 #endif
807 #if defined(MBEDTLS_X509_CRT_PARSE_C)
808 uint32_t flags;
809 mbedtls_x509_crt cacert;
810 mbedtls_x509_crt srvcert;
811 mbedtls_pk_context pkey;
812 mbedtls_x509_crt srvcert2;
813 mbedtls_pk_context pkey2;
814 int key_cert_init = 0, key_cert_init2 = 0;
815 #endif
816 #if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO)
817 mbedtls_dhm_context dhm;
818 #endif
819 #if defined(MBEDTLS_SSL_CACHE_C)
820 mbedtls_ssl_cache_context cache;
821 #endif
822 #if defined(MBEDTLS_SSL_SESSION_TICKETS)
823 mbedtls_ssl_ticket_context ticket_ctx;
824 #endif
825 #if defined(SNI_OPTION)
826 sni_entry *sni_info = NULL;
827 #endif
828 #if defined(MBEDTLS_SSL_ALPN)
829 const char *alpn_list[10];
830 #endif
831 #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
832 unsigned char alloc_buf[100000];
833 #endif
834
835 int i;
836 char *p, *q;
837 const int *list;
838
839 #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
840 mbedtls_memory_buffer_alloc_init( alloc_buf, sizeof(alloc_buf) );
841 #endif
842
843 /*
844 * Make sure memory references are valid in case we exit early.
845 */
846 mbedtls_net_init( &client_fd );
847 mbedtls_net_init( &listen_fd );
848 mbedtls_ssl_init( &ssl );
849 mbedtls_ssl_config_init( &conf );
850 mbedtls_ctr_drbg_init( &ctr_drbg );
851 #if defined(MBEDTLS_X509_CRT_PARSE_C)
852 mbedtls_x509_crt_init( &cacert );
853 mbedtls_x509_crt_init( &srvcert );
854 mbedtls_pk_init( &pkey );
855 mbedtls_x509_crt_init( &srvcert2 );
856 mbedtls_pk_init( &pkey2 );
857 #endif
858 #if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO)
859 mbedtls_dhm_init( &dhm );
860 #endif
861 #if defined(MBEDTLS_SSL_CACHE_C)
862 mbedtls_ssl_cache_init( &cache );
863 #endif
864 #if defined(MBEDTLS_SSL_SESSION_TICKETS)
865 mbedtls_ssl_ticket_init( &ticket_ctx );
866 #endif
867 #if defined(MBEDTLS_SSL_ALPN)
868 memset( (void *) alpn_list, 0, sizeof( alpn_list ) );
869 #endif
870 #if defined(MBEDTLS_SSL_COOKIE_C)
871 mbedtls_ssl_cookie_init( &cookie_ctx );
872 #endif
873
874 #if !defined(_WIN32)
875 /* Abort cleanly on SIGTERM and SIGINT */
876 signal( SIGTERM, term_handler );
877 signal( SIGINT, term_handler );
878 #endif
879
880 if( argc == 0 )
881 {
882 usage:
883 if( ret == 0 )
884 ret = 1;
885
886 mbedtls_printf( USAGE );
887
888 list = mbedtls_ssl_list_ciphersuites();
889 while( *list )
890 {
891 mbedtls_printf(" %-42s", mbedtls_ssl_get_ciphersuite_name( *list ) );
892 list++;
893 if( !*list )
894 break;
895 mbedtls_printf(" %s\n", mbedtls_ssl_get_ciphersuite_name( *list ) );
896 list++;
897 }
898 mbedtls_printf("\n");
899 goto exit;
900 }
901
902 opt.server_addr = DFL_SERVER_ADDR;
903 opt.server_port = DFL_SERVER_PORT;
904 opt.debug_level = DFL_DEBUG_LEVEL;
905 opt.nbio = DFL_NBIO;
906 opt.read_timeout = DFL_READ_TIMEOUT;
907 opt.ca_file = DFL_CA_FILE;
908 opt.ca_path = DFL_CA_PATH;
909 opt.crt_file = DFL_CRT_FILE;
910 opt.key_file = DFL_KEY_FILE;
911 opt.crt_file2 = DFL_CRT_FILE2;
912 opt.key_file2 = DFL_KEY_FILE2;
913 opt.psk = DFL_PSK;
914 opt.psk_identity = DFL_PSK_IDENTITY;
915 opt.psk_list = DFL_PSK_LIST;
916 opt.ecjpake_pw = DFL_ECJPAKE_PW;
917 opt.force_ciphersuite[0]= DFL_FORCE_CIPHER;
918 opt.version_suites = DFL_VERSION_SUITES;
919 opt.renegotiation = DFL_RENEGOTIATION;
920 opt.allow_legacy = DFL_ALLOW_LEGACY;
921 opt.renegotiate = DFL_RENEGOTIATE;
922 opt.renego_delay = DFL_RENEGO_DELAY;
923 opt.renego_period = DFL_RENEGO_PERIOD;
924 opt.exchanges = DFL_EXCHANGES;
925 opt.min_version = DFL_MIN_VERSION;
926 opt.max_version = DFL_MAX_VERSION;
927 opt.arc4 = DFL_ARC4;
928 opt.auth_mode = DFL_AUTH_MODE;
929 opt.mfl_code = DFL_MFL_CODE;
930 opt.trunc_hmac = DFL_TRUNC_HMAC;
931 opt.tickets = DFL_TICKETS;
932 opt.ticket_timeout = DFL_TICKET_TIMEOUT;
933 opt.cache_max = DFL_CACHE_MAX;
934 opt.cache_timeout = DFL_CACHE_TIMEOUT;
935 opt.sni = DFL_SNI;
936 opt.alpn_string = DFL_ALPN_STRING;
937 opt.dhm_file = DFL_DHM_FILE;
938 opt.transport = DFL_TRANSPORT;
939 opt.cookies = DFL_COOKIES;
940 opt.anti_replay = DFL_ANTI_REPLAY;
941 opt.hs_to_min = DFL_HS_TO_MIN;
942 opt.hs_to_max = DFL_HS_TO_MAX;
943 opt.badmac_limit = DFL_BADMAC_LIMIT;
944 opt.extended_ms = DFL_EXTENDED_MS;
945 opt.etm = DFL_ETM;
946
947 for( i = 1; i < argc; i++ )
948 {
949 p = argv[i];
950 if( ( q = strchr( p, '=' ) ) == NULL )
951 goto usage;
952 *q++ = '\0';
953
954 if( strcmp( p, "server_port" ) == 0 )
955 opt.server_port = q;
956 else if( strcmp( p, "server_addr" ) == 0 )
957 opt.server_addr = q;
958 else if( strcmp( p, "dtls" ) == 0 )
959 {
960 int t = atoi( q );
961 if( t == 0 )
962 opt.transport = MBEDTLS_SSL_TRANSPORT_STREAM;
963 else if( t == 1 )
964 opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM;
965 else
966 goto usage;
967 }
968 else if( strcmp( p, "debug_level" ) == 0 )
969 {
970 opt.debug_level = atoi( q );
971 if( opt.debug_level < 0 || opt.debug_level > 65535 )
972 goto usage;
973 }
974 else if( strcmp( p, "nbio" ) == 0 )
975 {
976 opt.nbio = atoi( q );
977 if( opt.nbio < 0 || opt.nbio > 2 )
978 goto usage;
979 }
980 else if( strcmp( p, "read_timeout" ) == 0 )
981 opt.read_timeout = atoi( q );
982 else if( strcmp( p, "ca_file" ) == 0 )
983 opt.ca_file = q;
984 else if( strcmp( p, "ca_path" ) == 0 )
985 opt.ca_path = q;
986 else if( strcmp( p, "crt_file" ) == 0 )
987 opt.crt_file = q;
988 else if( strcmp( p, "key_file" ) == 0 )
989 opt.key_file = q;
990 else if( strcmp( p, "crt_file2" ) == 0 )
991 opt.crt_file2 = q;
992 else if( strcmp( p, "key_file2" ) == 0 )
993 opt.key_file2 = q;
994 else if( strcmp( p, "dhm_file" ) == 0 )
995 opt.dhm_file = q;
996 else if( strcmp( p, "psk" ) == 0 )
997 opt.psk = q;
998 else if( strcmp( p, "psk_identity" ) == 0 )
999 opt.psk_identity = q;
1000 else if( strcmp( p, "psk_list" ) == 0 )
1001 opt.psk_list = q;
1002 else if( strcmp( p, "ecjpake_pw" ) == 0 )
1003 opt.ecjpake_pw = q;
1004 else if( strcmp( p, "force_ciphersuite" ) == 0 )
1005 {
1006 opt.force_ciphersuite[0] = mbedtls_ssl_get_ciphersuite_id( q );
1007
1008 if( opt.force_ciphersuite[0] == 0 )
1009 {
1010 ret = 2;
1011 goto usage;
1012 }
1013 opt.force_ciphersuite[1] = 0;
1014 }
1015 else if( strcmp( p, "version_suites" ) == 0 )
1016 opt.version_suites = q;
1017 else if( strcmp( p, "renegotiation" ) == 0 )
1018 {
1019 opt.renegotiation = (atoi( q )) ? MBEDTLS_SSL_RENEGOTIATION_ENABLED :
1020 MBEDTLS_SSL_RENEGOTIATION_DISABLED;
1021 }
1022 else if( strcmp( p, "allow_legacy" ) == 0 )
1023 {
1024 switch( atoi( q ) )
1025 {
1026 case -1: opt.allow_legacy = MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE; break;
1027 case 0: opt.allow_legacy = MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION; break;
1028 case 1: opt.allow_legacy = MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION; break;
1029 default: goto usage;
1030 }
1031 }
1032 else if( strcmp( p, "renegotiate" ) == 0 )
1033 {
1034 opt.renegotiate = atoi( q );
1035 if( opt.renegotiate < 0 || opt.renegotiate > 1 )
1036 goto usage;
1037 }
1038 else if( strcmp( p, "renego_delay" ) == 0 )
1039 {
1040 opt.renego_delay = atoi( q );
1041 }
1042 else if( strcmp( p, "renego_period" ) == 0 )
1043 {
1044 opt.renego_period = atoi( q );
1045 if( opt.renego_period < 2 || opt.renego_period > 255 )
1046 goto usage;
1047 }
1048 else if( strcmp( p, "exchanges" ) == 0 )
1049 {
1050 opt.exchanges = atoi( q );
1051 if( opt.exchanges < 0 )
1052 goto usage;
1053 }
1054 else if( strcmp( p, "min_version" ) == 0 )
1055 {
1056 if( strcmp( q, "ssl3" ) == 0 )
1057 opt.min_version = MBEDTLS_SSL_MINOR_VERSION_0;
1058 else if( strcmp( q, "tls1" ) == 0 )
1059 opt.min_version = MBEDTLS_SSL_MINOR_VERSION_1;
1060 else if( strcmp( q, "tls1_1" ) == 0 ||
1061 strcmp( q, "dtls1" ) == 0 )
1062 opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2;
1063 else if( strcmp( q, "tls1_2" ) == 0 ||
1064 strcmp( q, "dtls1_2" ) == 0 )
1065 opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3;
1066 else
1067 goto usage;
1068 }
1069 else if( strcmp( p, "max_version" ) == 0 )
1070 {
1071 if( strcmp( q, "ssl3" ) == 0 )
1072 opt.max_version = MBEDTLS_SSL_MINOR_VERSION_0;
1073 else if( strcmp( q, "tls1" ) == 0 )
1074 opt.max_version = MBEDTLS_SSL_MINOR_VERSION_1;
1075 else if( strcmp( q, "tls1_1" ) == 0 ||
1076 strcmp( q, "dtls1" ) == 0 )
1077 opt.max_version = MBEDTLS_SSL_MINOR_VERSION_2;
1078 else if( strcmp( q, "tls1_2" ) == 0 ||
1079 strcmp( q, "dtls1_2" ) == 0 )
1080 opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3;
1081 else
1082 goto usage;
1083 }
1084 else if( strcmp( p, "arc4" ) == 0 )
1085 {
1086 switch( atoi( q ) )
1087 {
1088 case 0: opt.arc4 = MBEDTLS_SSL_ARC4_DISABLED; break;
1089 case 1: opt.arc4 = MBEDTLS_SSL_ARC4_ENABLED; break;
1090 default: goto usage;
1091 }
1092 }
1093 else if( strcmp( p, "force_version" ) == 0 )
1094 {
1095 if( strcmp( q, "ssl3" ) == 0 )
1096 {
1097 opt.min_version = MBEDTLS_SSL_MINOR_VERSION_0;
1098 opt.max_version = MBEDTLS_SSL_MINOR_VERSION_0;
1099 }
1100 else if( strcmp( q, "tls1" ) == 0 )
1101 {
1102 opt.min_version = MBEDTLS_SSL_MINOR_VERSION_1;
1103 opt.max_version = MBEDTLS_SSL_MINOR_VERSION_1;
1104 }
1105 else if( strcmp( q, "tls1_1" ) == 0 )
1106 {
1107 opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2;
1108 opt.max_version = MBEDTLS_SSL_MINOR_VERSION_2;
1109 }
1110 else if( strcmp( q, "tls1_2" ) == 0 )
1111 {
1112 opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3;
1113 opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3;
1114 }
1115 else if( strcmp( q, "dtls1" ) == 0 )
1116 {
1117 opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2;
1118 opt.max_version = MBEDTLS_SSL_MINOR_VERSION_2;
1119 opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM;
1120 }
1121 else if( strcmp( q, "dtls1_2" ) == 0 )
1122 {
1123 opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3;
1124 opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3;
1125 opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM;
1126 }
1127 else
1128 goto usage;
1129 }
1130 else if( strcmp( p, "auth_mode" ) == 0 )
1131 {
1132 if( ( opt.auth_mode = get_auth_mode( q ) ) < 0 )
1133 goto usage;
1134 }
1135 else if( strcmp( p, "max_frag_len" ) == 0 )
1136 {
1137 if( strcmp( q, "512" ) == 0 )
1138 opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_512;
1139 else if( strcmp( q, "1024" ) == 0 )
1140 opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_1024;
1141 else if( strcmp( q, "2048" ) == 0 )
1142 opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_2048;
1143 else if( strcmp( q, "4096" ) == 0 )
1144 opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_4096;
1145 else
1146 goto usage;
1147 }
1148 else if( strcmp( p, "alpn" ) == 0 )
1149 {
1150 opt.alpn_string = q;
1151 }
1152 else if( strcmp( p, "trunc_hmac" ) == 0 )
1153 {
1154 switch( atoi( q ) )
1155 {
1156 case 0: opt.trunc_hmac = MBEDTLS_SSL_TRUNC_HMAC_DISABLED; break;
1157 case 1: opt.trunc_hmac = MBEDTLS_SSL_TRUNC_HMAC_ENABLED; break;
1158 default: goto usage;
1159 }
1160 }
1161 else if( strcmp( p, "extended_ms" ) == 0 )
1162 {
1163 switch( atoi( q ) )
1164 {
1165 case 0: opt.extended_ms = MBEDTLS_SSL_EXTENDED_MS_DISABLED; break;
1166 case 1: opt.extended_ms = MBEDTLS_SSL_EXTENDED_MS_ENABLED; break;
1167 default: goto usage;
1168 }
1169 }
1170 else if( strcmp( p, "etm" ) == 0 )
1171 {
1172 switch( atoi( q ) )
1173 {
1174 case 0: opt.etm = MBEDTLS_SSL_ETM_DISABLED; break;
1175 case 1: opt.etm = MBEDTLS_SSL_ETM_ENABLED; break;
1176 default: goto usage;
1177 }
1178 }
1179 else if( strcmp( p, "tickets" ) == 0 )
1180 {
1181 opt.tickets = atoi( q );
1182 if( opt.tickets < 0 || opt.tickets > 1 )
1183 goto usage;
1184 }
1185 else if( strcmp( p, "ticket_timeout" ) == 0 )
1186 {
1187 opt.ticket_timeout = atoi( q );
1188 if( opt.ticket_timeout < 0 )
1189 goto usage;
1190 }
1191 else if( strcmp( p, "cache_max" ) == 0 )
1192 {
1193 opt.cache_max = atoi( q );
1194 if( opt.cache_max < 0 )
1195 goto usage;
1196 }
1197 else if( strcmp( p, "cache_timeout" ) == 0 )
1198 {
1199 opt.cache_timeout = atoi( q );
1200 if( opt.cache_timeout < 0 )
1201 goto usage;
1202 }
1203 else if( strcmp( p, "cookies" ) == 0 )
1204 {
1205 opt.cookies = atoi( q );
1206 if( opt.cookies < -1 || opt.cookies > 1)
1207 goto usage;
1208 }
1209 else if( strcmp( p, "anti_replay" ) == 0 )
1210 {
1211 opt.anti_replay = atoi( q );
1212 if( opt.anti_replay < 0 || opt.anti_replay > 1)
1213 goto usage;
1214 }
1215 else if( strcmp( p, "badmac_limit" ) == 0 )
1216 {
1217 opt.badmac_limit = atoi( q );
1218 if( opt.badmac_limit < 0 )
1219 goto usage;
1220 }
1221 else if( strcmp( p, "hs_timeout" ) == 0 )
1222 {
1223 if( ( p = strchr( q, '-' ) ) == NULL )
1224 goto usage;
1225 *p++ = '\0';
1226 opt.hs_to_min = atoi( q );
1227 opt.hs_to_max = atoi( p );
1228 if( opt.hs_to_min == 0 || opt.hs_to_max < opt.hs_to_min )
1229 goto usage;
1230 }
1231 else if( strcmp( p, "sni" ) == 0 )
1232 {
1233 opt.sni = q;
1234 }
1235 else
1236 goto usage;
1237 }
1238
1239 #if defined(MBEDTLS_DEBUG_C)
1240 mbedtls_debug_set_threshold( opt.debug_level );
1241 #endif
1242
1243 if( opt.force_ciphersuite[0] > 0 )
1244 {
1245 const mbedtls_ssl_ciphersuite_t *ciphersuite_info;
1246 ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( opt.force_ciphersuite[0] );
1247
1248 if( opt.max_version != -1 &&
1249 ciphersuite_info->min_minor_ver > opt.max_version )
1250 {
1251 mbedtls_printf("forced ciphersuite not allowed with this protocol version\n");
1252 ret = 2;
1253 goto usage;
1254 }
1255 if( opt.min_version != -1 &&
1256 ciphersuite_info->max_minor_ver < opt.min_version )
1257 {
1258 mbedtls_printf("forced ciphersuite not allowed with this protocol version\n");
1259 ret = 2;
1260 goto usage;
1261 }
1262
1263 /* If we select a version that's not supported by
1264 * this suite, then there will be no common ciphersuite... */
1265 if( opt.max_version == -1 ||
1266 opt.max_version > ciphersuite_info->max_minor_ver )
1267 {
1268 opt.max_version = ciphersuite_info->max_minor_ver;
1269 }
1270 if( opt.min_version < ciphersuite_info->min_minor_ver )
1271 {
1272 opt.min_version = ciphersuite_info->min_minor_ver;
1273 /* DTLS starts with TLS 1.1 */
1274 if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
1275 opt.min_version < MBEDTLS_SSL_MINOR_VERSION_2 )
1276 opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2;
1277 }
1278
1279 /* Enable RC4 if needed and not explicitly disabled */
1280 if( ciphersuite_info->cipher == MBEDTLS_CIPHER_ARC4_128 )
1281 {
1282 if( opt.arc4 == MBEDTLS_SSL_ARC4_DISABLED )
1283 {
1284 mbedtls_printf("forced RC4 ciphersuite with RC4 disabled\n");
1285 ret = 2;
1286 goto usage;
1287 }
1288
1289 opt.arc4 = MBEDTLS_SSL_ARC4_ENABLED;
1290 }
1291 }
1292
1293 if( opt.version_suites != NULL )
1294 {
1295 const char *name[4] = { 0 };
1296
1297 /* Parse 4-element coma-separated list */
1298 for( i = 0, p = (char *) opt.version_suites;
1299 i < 4 && *p != '\0';
1300 i++ )
1301 {
1302 name[i] = p;
1303
1304 /* Terminate the current string and move on to next one */
1305 while( *p != ',' && *p != '\0' )
1306 p++;
1307 if( *p == ',' )
1308 *p++ = '\0';
1309 }
1310
1311 if( i != 4 )
1312 {
1313 mbedtls_printf( "too few values for version_suites\n" );
1314 ret = 1;
1315 goto exit;
1316 }
1317
1318 memset( version_suites, 0, sizeof( version_suites ) );
1319
1320 /* Get the suites identifiers from their name */
1321 for( i = 0; i < 4; i++ )
1322 {
1323 version_suites[i][0] = mbedtls_ssl_get_ciphersuite_id( name[i] );
1324
1325 if( version_suites[i][0] == 0 )
1326 {
1327 mbedtls_printf( "unknown ciphersuite: '%s'\n", name[i] );
1328 ret = 2;
1329 goto usage;
1330 }
1331 }
1332 }
1333
1334 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
1335 /*
1336 * Unhexify the pre-shared key and parse the list if any given
1337 */
1338 if( unhexify( psk, opt.psk, &psk_len ) != 0 )
1339 {
1340 mbedtls_printf( "pre-shared key not valid hex\n" );
1341 goto exit;
1342 }
1343
1344 if( opt.psk_list != NULL )
1345 {
1346 if( ( psk_info = psk_parse( opt.psk_list ) ) == NULL )
1347 {
1348 mbedtls_printf( "psk_list invalid" );
1349 goto exit;
1350 }
1351 }
1352 #endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
1353
1354 #if defined(MBEDTLS_SSL_ALPN)
1355 if( opt.alpn_string != NULL )
1356 {
1357 p = (char *) opt.alpn_string;
1358 i = 0;
1359
1360 /* Leave room for a final NULL in alpn_list */
1361 while( i < (int) sizeof alpn_list - 1 && *p != '\0' )
1362 {
1363 alpn_list[i++] = p;
1364
1365 /* Terminate the current string and move on to next one */
1366 while( *p != ',' && *p != '\0' )
1367 p++;
1368 if( *p == ',' )
1369 *p++ = '\0';
1370 }
1371 }
1372 #endif /* MBEDTLS_SSL_ALPN */
1373
1374 /*
1375 * 0. Initialize the RNG and the session data
1376 */
1377 mbedtls_printf( "\n . Seeding the random number generator..." );
1378 fflush( stdout );
1379
1380 mbedtls_entropy_init( &entropy );
1381 if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
1382 (const unsigned char *) pers,
1383 strlen( pers ) ) ) != 0 )
1384 {
1385 mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%x\n", -ret );
1386 goto exit;
1387 }
1388
1389 mbedtls_printf( " ok\n" );
1390
1391 #if defined(MBEDTLS_X509_CRT_PARSE_C)
1392 /*
1393 * 1.1. Load the trusted CA
1394 */
1395 mbedtls_printf( " . Loading the CA root certificate ..." );
1396 fflush( stdout );
1397
1398 #if defined(MBEDTLS_FS_IO)
1399 if( strlen( opt.ca_path ) )
1400 if( strcmp( opt.ca_path, "none" ) == 0 )
1401 ret = 0;
1402 else
1403 ret = mbedtls_x509_crt_parse_path( &cacert, opt.ca_path );
1404 else if( strlen( opt.ca_file ) )
1405 if( strcmp( opt.ca_file, "none" ) == 0 )
1406 ret = 0;
1407 else
1408 ret = mbedtls_x509_crt_parse_file( &cacert, opt.ca_file );
1409 else
1410 #endif
1411 #if defined(MBEDTLS_CERTS_C)
1412 for( i = 0; mbedtls_test_cas[i] != NULL; i++ )
1413 {
1414 ret = mbedtls_x509_crt_parse( &cacert,
1415 (const unsigned char *) mbedtls_test_cas[i],
1416 mbedtls_test_cas_len[i] );
1417 if( ret != 0 )
1418 break;
1419 }
1420 #else
1421 {
1422 ret = 1;
1423 mbedtls_printf("MBEDTLS_CERTS_C not defined.");
1424 }
1425 #endif
1426 if( ret < 0 )
1427 {
1428 mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", -ret );
1429 goto exit;
1430 }
1431
1432 mbedtls_printf( " ok (%d skipped)\n", ret );
1433
1434 /*
1435 * 1.2. Load own certificate and private key
1436 */
1437 mbedtls_printf( " . Loading the server cert. and key..." );
1438 fflush( stdout );
1439
1440 #if defined(MBEDTLS_FS_IO)
1441 if( strlen( opt.crt_file ) && strcmp( opt.crt_file, "none" ) != 0 )
1442 {
1443 key_cert_init++;
1444 if( ( ret = mbedtls_x509_crt_parse_file( &srvcert, opt.crt_file ) ) != 0 )
1445 {
1446 mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse_file returned -0x%x\n\n",
1447 -ret );
1448 goto exit;
1449 }
1450 }
1451 if( strlen( opt.key_file ) && strcmp( opt.key_file, "none" ) != 0 )
1452 {
1453 key_cert_init++;
1454 if( ( ret = mbedtls_pk_parse_keyfile( &pkey, opt.key_file, "" ) ) != 0 )
1455 {
1456 mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile returned -0x%x\n\n", -ret );
1457 goto exit;
1458 }
1459 }
1460 if( key_cert_init == 1 )
1461 {
1462 mbedtls_printf( " failed\n ! crt_file without key_file or vice-versa\n\n" );
1463 goto exit;
1464 }
1465
1466 if( strlen( opt.crt_file2 ) && strcmp( opt.crt_file2, "none" ) != 0 )
1467 {
1468 key_cert_init2++;
1469 if( ( ret = mbedtls_x509_crt_parse_file( &srvcert2, opt.crt_file2 ) ) != 0 )
1470 {
1471 mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse_file(2) returned -0x%x\n\n",
1472 -ret );
1473 goto exit;
1474 }
1475 }
1476 if( strlen( opt.key_file2 ) && strcmp( opt.key_file2, "none" ) != 0 )
1477 {
1478 key_cert_init2++;
1479 if( ( ret = mbedtls_pk_parse_keyfile( &pkey2, opt.key_file2, "" ) ) != 0 )
1480 {
1481 mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile(2) returned -0x%x\n\n",
1482 -ret );
1483 goto exit;
1484 }
1485 }
1486 if( key_cert_init2 == 1 )
1487 {
1488 mbedtls_printf( " failed\n ! crt_file2 without key_file2 or vice-versa\n\n" );
1489 goto exit;
1490 }
1491 #endif
1492 if( key_cert_init == 0 &&
1493 strcmp( opt.crt_file, "none" ) != 0 &&
1494 strcmp( opt.key_file, "none" ) != 0 &&
1495 key_cert_init2 == 0 &&
1496 strcmp( opt.crt_file2, "none" ) != 0 &&
1497 strcmp( opt.key_file2, "none" ) != 0 )
1498 {
1499 #if !defined(MBEDTLS_CERTS_C)
1500 mbedtls_printf( "Not certificated or key provided, and \n"
1501 "MBEDTLS_CERTS_C not defined!\n" );
1502 goto exit;
1503 #else
1504 #if defined(MBEDTLS_RSA_C)
1505 if( ( ret = mbedtls_x509_crt_parse( &srvcert,
1506 (const unsigned char *) mbedtls_test_srv_crt_rsa,
1507 mbedtls_test_srv_crt_rsa_len ) ) != 0 )
1508 {
1509 mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", -ret );
1510 goto exit;
1511 }
1512 if( ( ret = mbedtls_pk_parse_key( &pkey,
1513 (const unsigned char *) mbedtls_test_srv_key_rsa,
1514 mbedtls_test_srv_key_rsa_len, NULL, 0 ) ) != 0 )
1515 {
1516 mbedtls_printf( " failed\n ! mbedtls_pk_parse_key returned -0x%x\n\n", -ret );
1517 goto exit;
1518 }
1519 key_cert_init = 2;
1520 #endif /* MBEDTLS_RSA_C */
1521 #if defined(MBEDTLS_ECDSA_C)
1522 if( ( ret = mbedtls_x509_crt_parse( &srvcert2,
1523 (const unsigned char *) mbedtls_test_srv_crt_ec,
1524 mbedtls_test_srv_crt_ec_len ) ) != 0 )
1525 {
1526 mbedtls_printf( " failed\n ! x509_crt_parse2 returned -0x%x\n\n", -ret );
1527 goto exit;
1528 }
1529 if( ( ret = mbedtls_pk_parse_key( &pkey2,
1530 (const unsigned char *) mbedtls_test_srv_key_ec,
1531 mbedtls_test_srv_key_ec_len, NULL, 0 ) ) != 0 )
1532 {
1533 mbedtls_printf( " failed\n ! pk_parse_key2 returned -0x%x\n\n", -ret );
1534 goto exit;
1535 }
1536 key_cert_init2 = 2;
1537 #endif /* MBEDTLS_ECDSA_C */
1538 #endif /* MBEDTLS_CERTS_C */
1539 }
1540
1541 mbedtls_printf( " ok\n" );
1542 #endif /* MBEDTLS_X509_CRT_PARSE_C */
1543
1544 #if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO)
1545 if( opt.dhm_file != NULL )
1546 {
1547 mbedtls_printf( " . Loading DHM parameters..." );
1548 fflush( stdout );
1549
1550 if( ( ret = mbedtls_dhm_parse_dhmfile( &dhm, opt.dhm_file ) ) != 0 )
1551 {
1552 mbedtls_printf( " failed\n ! mbedtls_dhm_parse_dhmfile returned -0x%04X\n\n",
1553 -ret );
1554 goto exit;
1555 }
1556
1557 mbedtls_printf( " ok\n" );
1558 }
1559 #endif
1560
1561 #if defined(SNI_OPTION)
1562 if( opt.sni != NULL )
1563 {
1564 mbedtls_printf( " . Setting up SNI information..." );
1565 fflush( stdout );
1566
1567 if( ( sni_info = sni_parse( opt.sni ) ) == NULL )
1568 {
1569 mbedtls_printf( " failed\n" );
1570 goto exit;
1571 }
1572
1573 mbedtls_printf( " ok\n" );
1574 }
1575 #endif /* SNI_OPTION */
1576
1577 /*
1578 * 2. Setup the listening TCP socket
1579 */
1580 mbedtls_printf( " . Bind on %s://%s:%s/ ...",
1581 opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? "tcp" : "udp",
1582 opt.server_addr ? opt.server_addr : "*",
1583 opt.server_port );
1584 fflush( stdout );
1585
1586 if( ( ret = mbedtls_net_bind( &listen_fd, opt.server_addr, opt.server_port,
1587 opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ?
1588 MBEDTLS_NET_PROTO_TCP : MBEDTLS_NET_PROTO_UDP ) ) != 0 )
1589 {
1590 mbedtls_printf( " failed\n ! mbedtls_net_bind returned -0x%x\n\n", -ret );
1591 goto exit;
1592 }
1593
1594 mbedtls_printf( " ok\n" );
1595
1596 /*
1597 * 3. Setup stuff
1598 */
1599 mbedtls_printf( " . Setting up the SSL/TLS structure..." );
1600 fflush( stdout );
1601
1602 if( ( ret = mbedtls_ssl_config_defaults( &conf,
1603 MBEDTLS_SSL_IS_SERVER,
1604 opt.transport,
1605 MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 )
1606 {
1607 mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned -0x%x\n\n", -ret );
1608 goto exit;
1609 }
1610
1611 if( opt.auth_mode != DFL_AUTH_MODE )
1612 mbedtls_ssl_conf_authmode( &conf, opt.auth_mode );
1613
1614 #if defined(MBEDTLS_SSL_PROTO_DTLS)
1615 if( opt.hs_to_min != DFL_HS_TO_MIN || opt.hs_to_max != DFL_HS_TO_MAX )
1616 mbedtls_ssl_conf_handshake_timeout( &conf, opt.hs_to_min, opt.hs_to_max );
1617 #endif /* MBEDTLS_SSL_PROTO_DTLS */
1618
1619 #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
1620 if( ( ret = mbedtls_ssl_conf_max_frag_len( &conf, opt.mfl_code ) ) != 0 )
1621 {
1622 mbedtls_printf( " failed\n ! mbedtls_ssl_conf_max_frag_len returned %d\n\n", ret );
1623 goto exit;
1624 };
1625 #endif
1626
1627 #if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
1628 if( opt.trunc_hmac != DFL_TRUNC_HMAC )
1629 mbedtls_ssl_conf_truncated_hmac( &conf, opt.trunc_hmac );
1630 #endif
1631
1632 #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
1633 if( opt.extended_ms != DFL_EXTENDED_MS )
1634 mbedtls_ssl_conf_extended_master_secret( &conf, opt.extended_ms );
1635 #endif
1636
1637 #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
1638 if( opt.etm != DFL_ETM )
1639 mbedtls_ssl_conf_encrypt_then_mac( &conf, opt.etm );
1640 #endif
1641
1642 #if defined(MBEDTLS_SSL_ALPN)
1643 if( opt.alpn_string != NULL )
1644 if( ( ret = mbedtls_ssl_conf_alpn_protocols( &conf, alpn_list ) ) != 0 )
1645 {
1646 mbedtls_printf( " failed\n ! mbedtls_ssl_conf_alpn_protocols returned %d\n\n", ret );
1647 goto exit;
1648 }
1649 #endif
1650
1651 mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
1652 mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
1653
1654 #if defined(MBEDTLS_SSL_CACHE_C)
1655 if( opt.cache_max != -1 )
1656 mbedtls_ssl_cache_set_max_entries( &cache, opt.cache_max );
1657
1658 if( opt.cache_timeout != -1 )
1659 mbedtls_ssl_cache_set_timeout( &cache, opt.cache_timeout );
1660
1661 mbedtls_ssl_conf_session_cache( &conf, &cache,
1662 mbedtls_ssl_cache_get,
1663 mbedtls_ssl_cache_set );
1664 #endif
1665
1666 #if defined(MBEDTLS_SSL_SESSION_TICKETS)
1667 if( opt.tickets == MBEDTLS_SSL_SESSION_TICKETS_ENABLED )
1668 {
1669 if( ( ret = mbedtls_ssl_ticket_setup( &ticket_ctx,
1670 mbedtls_ctr_drbg_random, &ctr_drbg,
1671 MBEDTLS_CIPHER_AES_256_GCM,
1672 opt.ticket_timeout ) ) != 0 )
1673 {
1674 mbedtls_printf( " failed\n ! mbedtls_ssl_ticket_setup returned %d\n\n", ret );
1675 goto exit;
1676 }
1677
1678 mbedtls_ssl_conf_session_tickets_cb( &conf,
1679 mbedtls_ssl_ticket_write,
1680 mbedtls_ssl_ticket_parse,
1681 &ticket_ctx );
1682 }
1683 #endif
1684
1685 #if defined(MBEDTLS_SSL_PROTO_DTLS)
1686 if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
1687 {
1688 #if defined(MBEDTLS_SSL_COOKIE_C)
1689 if( opt.cookies > 0 )
1690 {
1691 if( ( ret = mbedtls_ssl_cookie_setup( &cookie_ctx,
1692 mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
1693 {
1694 mbedtls_printf( " failed\n ! mbedtls_ssl_cookie_setup returned %d\n\n", ret );
1695 goto exit;
1696 }
1697
1698 mbedtls_ssl_conf_dtls_cookies( &conf, mbedtls_ssl_cookie_write, mbedtls_ssl_cookie_check,
1699 &cookie_ctx );
1700 }
1701 else
1702 #endif /* MBEDTLS_SSL_COOKIE_C */
1703 #if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY)
1704 if( opt.cookies == 0 )
1705 {
1706 mbedtls_ssl_conf_dtls_cookies( &conf, NULL, NULL, NULL );
1707 }
1708 else
1709 #endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */
1710 {
1711 ; /* Nothing to do */
1712 }
1713
1714 #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
1715 if( opt.anti_replay != DFL_ANTI_REPLAY )
1716 mbedtls_ssl_conf_dtls_anti_replay( &conf, opt.anti_replay );
1717 #endif
1718
1719 #if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT)
1720 if( opt.badmac_limit != DFL_BADMAC_LIMIT )
1721 mbedtls_ssl_conf_dtls_badmac_limit( &conf, opt.badmac_limit );
1722 #endif
1723 }
1724 #endif /* MBEDTLS_SSL_PROTO_DTLS */
1725
1726 if( opt.force_ciphersuite[0] != DFL_FORCE_CIPHER )
1727 mbedtls_ssl_conf_ciphersuites( &conf, opt.force_ciphersuite );
1728
1729 #if defined(MBEDTLS_ARC4_C)
1730 if( opt.arc4 != DFL_ARC4 )
1731 mbedtls_ssl_conf_arc4_support( &conf, opt.arc4 );
1732 #endif
1733
1734 if( opt.version_suites != NULL )
1735 {
1736 mbedtls_ssl_conf_ciphersuites_for_version( &conf, version_suites[0],
1737 MBEDTLS_SSL_MAJOR_VERSION_3,
1738 MBEDTLS_SSL_MINOR_VERSION_0 );
1739 mbedtls_ssl_conf_ciphersuites_for_version( &conf, version_suites[1],
1740 MBEDTLS_SSL_MAJOR_VERSION_3,
1741 MBEDTLS_SSL_MINOR_VERSION_1 );
1742 mbedtls_ssl_conf_ciphersuites_for_version( &conf, version_suites[2],
1743 MBEDTLS_SSL_MAJOR_VERSION_3,
1744 MBEDTLS_SSL_MINOR_VERSION_2 );
1745 mbedtls_ssl_conf_ciphersuites_for_version( &conf, version_suites[3],
1746 MBEDTLS_SSL_MAJOR_VERSION_3,
1747 MBEDTLS_SSL_MINOR_VERSION_3 );
1748 }
1749
1750 if( opt.allow_legacy != DFL_ALLOW_LEGACY )
1751 mbedtls_ssl_conf_legacy_renegotiation( &conf, opt.allow_legacy );
1752 #if defined(MBEDTLS_SSL_RENEGOTIATION)
1753 mbedtls_ssl_conf_renegotiation( &conf, opt.renegotiation );
1754
1755 if( opt.renego_delay != DFL_RENEGO_DELAY )
1756 mbedtls_ssl_conf_renegotiation_enforced( &conf, opt.renego_delay );
1757
1758 if( opt.renego_period != DFL_RENEGO_PERIOD )
1759 {
1760 renego_period[7] = opt.renego_period;
1761 mbedtls_ssl_conf_renegotiation_period( &conf, renego_period );
1762 }
1763 #endif
1764
1765 #if defined(MBEDTLS_X509_CRT_PARSE_C)
1766 if( strcmp( opt.ca_path, "none" ) != 0 &&
1767 strcmp( opt.ca_file, "none" ) != 0 )
1768 {
1769 mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL );
1770 }
1771 if( key_cert_init )
1772 if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey ) ) != 0 )
1773 {
1774 mbedtls_printf( " failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret );
1775 goto exit;
1776 }
1777 if( key_cert_init2 )
1778 if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert2, &pkey2 ) ) != 0 )
1779 {
1780 mbedtls_printf( " failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret );
1781 goto exit;
1782 }
1783 #endif
1784
1785 #if defined(SNI_OPTION)
1786 if( opt.sni != NULL )
1787 mbedtls_ssl_conf_sni( &conf, sni_callback, sni_info );
1788 #endif
1789
1790 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
1791 if( strlen( opt.psk ) != 0 && strlen( opt.psk_identity ) != 0 )
1792 {
1793 ret = mbedtls_ssl_conf_psk( &conf, psk, psk_len,
1794 (const unsigned char *) opt.psk_identity,
1795 strlen( opt.psk_identity ) );
1796 if( ret != 0 )
1797 {
1798 mbedtls_printf( " failed\n mbedtls_ssl_conf_psk returned -0x%04X\n\n", - ret );
1799 goto exit;
1800 }
1801 }
1802
1803 if( opt.psk_list != NULL )
1804 mbedtls_ssl_conf_psk_cb( &conf, psk_callback, psk_info );
1805 #endif
1806
1807 #if defined(MBEDTLS_DHM_C)
1808 /*
1809 * Use different group than default DHM group
1810 */
1811 #if defined(MBEDTLS_FS_IO)
1812 if( opt.dhm_file != NULL )
1813 ret = mbedtls_ssl_conf_dh_param_ctx( &conf, &dhm );
1814 #endif
1815 if( ret != 0 )
1816 {
1817 mbedtls_printf( " failed\n mbedtls_ssl_conf_dh_param returned -0x%04X\n\n", - ret );
1818 goto exit;
1819 }
1820 #endif
1821
1822 if( opt.min_version != DFL_MIN_VERSION )
1823 mbedtls_ssl_conf_min_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, opt.min_version );
1824
1825 if( opt.max_version != DFL_MIN_VERSION )
1826 mbedtls_ssl_conf_max_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, opt.max_version );
1827
1828 if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 )
1829 {
1830 mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned -0x%x\n\n", -ret );
1831 goto exit;
1832 }
1833
1834 if( opt.nbio == 2 )
1835 mbedtls_ssl_set_bio( &ssl, &client_fd, my_send, my_recv, NULL );
1836 else
1837 mbedtls_ssl_set_bio( &ssl, &client_fd, mbedtls_net_send, mbedtls_net_recv,
1838 opt.nbio == 0 ? mbedtls_net_recv_timeout : NULL );
1839
1840 #if defined(MBEDTLS_TIMING_C)
1841 mbedtls_ssl_set_timer_cb( &ssl, &timer, mbedtls_timing_set_delay,
1842 mbedtls_timing_get_delay );
1843 #endif
1844
1845 mbedtls_printf( " ok\n" );
1846
1847 reset:
1848 #if !defined(_WIN32)
1849 if( received_sigterm )
1850 {
1851 mbedtls_printf( " interrupted by SIGTERM\n" );
1852 ret = 0;
1853 goto exit;
1854 }
1855 #endif
1856
1857 if( ret == MBEDTLS_ERR_SSL_CLIENT_RECONNECT )
1858 {
1859 mbedtls_printf( " ! Client initiated reconnection from same port\n" );
1860 goto handshake;
1861 }
1862
1863 #ifdef MBEDTLS_ERROR_C
1864 if( ret != 0 )
1865 {
1866 char error_buf[100];
1867 mbedtls_strerror( ret, error_buf, 100 );
1868 mbedtls_printf("Last error was: %d - %s\n\n", ret, error_buf );
1869 }
1870 #endif
1871
1872 mbedtls_net_free( &client_fd );
1873
1874 mbedtls_ssl_session_reset( &ssl );
1875
1876 /*
1877 * 3. Wait until a client connects
1878 */
1879 mbedtls_printf( " . Waiting for a remote connection ..." );
1880 fflush( stdout );
1881
1882 if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd,
1883 client_ip, sizeof( client_ip ), &cliip_len ) ) != 0 )
1884 {
1885 #if !defined(_WIN32)
1886 if( received_sigterm )
1887 {
1888 mbedtls_printf( " interrupted by signal\n" );
1889 ret = 0;
1890 goto exit;
1891 }
1892 #endif
1893
1894 mbedtls_printf( " failed\n ! mbedtls_net_accept returned -0x%x\n\n", -ret );
1895 goto exit;
1896 }
1897
1898 if( opt.nbio > 0 )
1899 ret = mbedtls_net_set_nonblock( &client_fd );
1900 else
1901 ret = mbedtls_net_set_block( &client_fd );
1902 if( ret != 0 )
1903 {
1904 mbedtls_printf( " failed\n ! net_set_(non)block() returned -0x%x\n\n", -ret );
1905 goto exit;
1906 }
1907
1908 mbedtls_ssl_conf_read_timeout( &conf, opt.read_timeout );
1909
1910 #if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY)
1911 if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
1912 {
1913 if( ( ret = mbedtls_ssl_set_client_transport_id( &ssl,
1914 client_ip, cliip_len ) ) != 0 )
1915 {
1916 mbedtls_printf( " failed\n ! "
1917 "mbedtls_ssl_set_client_transport_id() returned -0x%x\n\n", -ret );
1918 goto exit;
1919 }
1920 }
1921 #endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */
1922
1923 #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
1924 if( opt.ecjpake_pw != DFL_ECJPAKE_PW )
1925 {
1926 if( ( ret = mbedtls_ssl_set_hs_ecjpake_password( &ssl,
1927 (const unsigned char *) opt.ecjpake_pw,
1928 strlen( opt.ecjpake_pw ) ) ) != 0 )
1929 {
1930 mbedtls_printf( " failed\n ! mbedtls_ssl_set_hs_ecjpake_password returned %d\n\n", ret );
1931 goto exit;
1932 }
1933 }
1934 #endif
1935
1936 mbedtls_printf( " ok\n" );
1937
1938 /*
1939 * 4. Handshake
1940 */
1941 handshake:
1942 mbedtls_printf( " . Performing the SSL/TLS handshake..." );
1943 fflush( stdout );
1944
1945 do ret = mbedtls_ssl_handshake( &ssl );
1946 while( ret == MBEDTLS_ERR_SSL_WANT_READ ||
1947 ret == MBEDTLS_ERR_SSL_WANT_WRITE );
1948
1949 if( ret == MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED )
1950 {
1951 mbedtls_printf( " hello verification requested\n" );
1952 ret = 0;
1953 goto reset;
1954 }
1955 else if( ret != 0 )
1956 {
1957 mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", -ret );
1958
1959 #if defined(MBEDTLS_X509_CRT_PARSE_C)
1960 if( ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED )
1961 {
1962 char vrfy_buf[512];
1963 flags = mbedtls_ssl_get_verify_result( &ssl );
1964
1965 mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), " ! ", flags );
1966
1967 mbedtls_printf( "%s\n", vrfy_buf );
1968 }
1969 #endif
1970
1971 goto reset;
1972 }
1973 else /* ret == 0 */
1974 {
1975 mbedtls_printf( " ok\n [ Protocol is %s ]\n [ Ciphersuite is %s ]\n",
1976 mbedtls_ssl_get_version( &ssl ), mbedtls_ssl_get_ciphersuite( &ssl ) );
1977 }
1978
1979 if( ( ret = mbedtls_ssl_get_record_expansion( &ssl ) ) >= 0 )
1980 mbedtls_printf( " [ Record expansion is %d ]\n", ret );
1981 else
1982 mbedtls_printf( " [ Record expansion is unknown (compression) ]\n" );
1983
1984 #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
1985 mbedtls_printf( " [ Maximum fragment length is %u ]\n",
1986 (unsigned int) mbedtls_ssl_get_max_frag_len( &ssl ) );
1987 #endif
1988
1989 #if defined(MBEDTLS_SSL_ALPN)
1990 if( opt.alpn_string != NULL )
1991 {
1992 const char *alp = mbedtls_ssl_get_alpn_protocol( &ssl );
1993 mbedtls_printf( " [ Application Layer Protocol is %s ]\n",
1994 alp ? alp : "(none)" );
1995 }
1996 #endif
1997
1998 #if defined(MBEDTLS_X509_CRT_PARSE_C)
1999 /*
2000 * 5. Verify the server certificate
2001 */
2002 mbedtls_printf( " . Verifying peer X.509 certificate..." );
2003
2004 if( ( flags = mbedtls_ssl_get_verify_result( &ssl ) ) != 0 )
2005 {
2006 char vrfy_buf[512];
2007
2008 mbedtls_printf( " failed\n" );
2009
2010 mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), " ! ", flags );
2011
2012 mbedtls_printf( "%s\n", vrfy_buf );
2013 }
2014 else
2015 mbedtls_printf( " ok\n" );
2016
2017 if( mbedtls_ssl_get_peer_cert( &ssl ) != NULL )
2018 {
2019 char crt_buf[512];
2020
2021 mbedtls_printf( " . Peer certificate information ...\n" );
2022 mbedtls_x509_crt_info( crt_buf, sizeof( crt_buf ), " ",
2023 mbedtls_ssl_get_peer_cert( &ssl ) );
2024 mbedtls_printf( "%s\n", crt_buf );
2025 }
2026 #endif /* MBEDTLS_X509_CRT_PARSE_C */
2027
2028 if( opt.exchanges == 0 )
2029 goto close_notify;
2030
2031 exchanges_left = opt.exchanges;
2032 data_exchange:
2033 /*
2034 * 6. Read the HTTP Request
2035 */
2036 mbedtls_printf( " < Read from client:" );
2037 fflush( stdout );
2038
2039 /*
2040 * TLS and DTLS need different reading styles (stream vs datagram)
2041 */
2042 if( opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM )
2043 {
2044 do
2045 {
2046 int terminated = 0;
2047 len = sizeof( buf ) - 1;
2048 memset( buf, 0, sizeof( buf ) );
2049 ret = mbedtls_ssl_read( &ssl, buf, len );
2050
2051 if( ret == MBEDTLS_ERR_SSL_WANT_READ ||
2052 ret == MBEDTLS_ERR_SSL_WANT_WRITE )
2053 continue;
2054
2055 if( ret <= 0 )
2056 {
2057 switch( ret )
2058 {
2059 case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY:
2060 mbedtls_printf( " connection was closed gracefully\n" );
2061 goto close_notify;
2062
2063 case 0:
2064 case MBEDTLS_ERR_NET_CONN_RESET:
2065 mbedtls_printf( " connection was reset by peer\n" );
2066 ret = MBEDTLS_ERR_NET_CONN_RESET;
2067 goto reset;
2068
2069 default:
2070 mbedtls_printf( " mbedtls_ssl_read returned -0x%x\n", -ret );
2071 goto reset;
2072 }
2073 }
2074
2075 if( mbedtls_ssl_get_bytes_avail( &ssl ) == 0 )
2076 {
2077 len = ret;
2078 buf[len] = '\0';
2079 mbedtls_printf( " %d bytes read\n\n%s\n", len, (char *) buf );
2080
2081 /* End of message should be detected according to the syntax of the
2082 * application protocol (eg HTTP), just use a dummy test here. */
2083 if( buf[len - 1] == '\n' )
2084 terminated = 1;
2085 }
2086 else
2087 {
2088 int extra_len, ori_len;
2089 unsigned char *larger_buf;
2090
2091 ori_len = ret;
2092 extra_len = (int) mbedtls_ssl_get_bytes_avail( &ssl );
2093
2094 larger_buf = mbedtls_calloc( 1, ori_len + extra_len + 1 );
2095 if( larger_buf == NULL )
2096 {
2097 mbedtls_printf( " ! memory allocation failed\n" );
2098 ret = 1;
2099 goto reset;
2100 }
2101
2102 memset( larger_buf, 0, ori_len + extra_len );
2103 memcpy( larger_buf, buf, ori_len );
2104
2105 /* This read should never fail and get the whole cached data */
2106 ret = mbedtls_ssl_read( &ssl, larger_buf + ori_len, extra_len );
2107 if( ret != extra_len ||
2108 mbedtls_ssl_get_bytes_avail( &ssl ) != 0 )
2109 {
2110 mbedtls_printf( " ! mbedtls_ssl_read failed on cached data\n" );
2111 ret = 1;
2112 goto reset;
2113 }
2114
2115 larger_buf[ori_len + extra_len] = '\0';
2116 mbedtls_printf( " %u bytes read (%u + %u)\n\n%s\n",
2117 ori_len + extra_len, ori_len, extra_len,
2118 (char *) larger_buf );
2119
2120 /* End of message should be detected according to the syntax of the
2121 * application protocol (eg HTTP), just use a dummy test here. */
2122 if( larger_buf[ori_len + extra_len - 1] == '\n' )
2123 terminated = 1;
2124
2125 mbedtls_free( larger_buf );
2126 }
2127
2128 if( terminated )
2129 {
2130 ret = 0;
2131 break;
2132 }
2133 }
2134 while( 1 );
2135 }
2136 else /* Not stream, so datagram */
2137 {
2138 len = sizeof( buf ) - 1;
2139 memset( buf, 0, sizeof( buf ) );
2140
2141 do ret = mbedtls_ssl_read( &ssl, buf, len );
2142 while( ret == MBEDTLS_ERR_SSL_WANT_READ ||
2143 ret == MBEDTLS_ERR_SSL_WANT_WRITE );
2144
2145 if( ret <= 0 )
2146 {
2147 switch( ret )
2148 {
2149 case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY:
2150 mbedtls_printf( " connection was closed gracefully\n" );
2151 ret = 0;
2152 goto close_notify;
2153
2154 default:
2155 mbedtls_printf( " mbedtls_ssl_read returned -0x%x\n", -ret );
2156 goto reset;
2157 }
2158 }
2159
2160 len = ret;
2161 buf[len] = '\0';
2162 mbedtls_printf( " %d bytes read\n\n%s", len, (char *) buf );
2163 ret = 0;
2164 }
2165
2166 /*
2167 * 7a. Request renegotiation while client is waiting for input from us.
2168 * (only on the first exchange, to be able to test retransmission)
2169 */
2170 #if defined(MBEDTLS_SSL_RENEGOTIATION)
2171 if( opt.renegotiate && exchanges_left == opt.exchanges )
2172 {
2173 mbedtls_printf( " . Requestion renegotiation..." );
2174 fflush( stdout );
2175
2176 while( ( ret = mbedtls_ssl_renegotiate( &ssl ) ) != 0 )
2177 {
2178 if( ret != MBEDTLS_ERR_SSL_WANT_READ &&
2179 ret != MBEDTLS_ERR_SSL_WANT_WRITE )
2180 {
2181 mbedtls_printf( " failed\n ! mbedtls_ssl_renegotiate returned %d\n\n", ret );
2182 goto reset;
2183 }
2184 }
2185
2186 mbedtls_printf( " ok\n" );
2187 }
2188 #endif /* MBEDTLS_SSL_RENEGOTIATION */
2189
2190 /*
2191 * 7. Write the 200 Response
2192 */
2193 mbedtls_printf( " > Write to client:" );
2194 fflush( stdout );
2195
2196 len = sprintf( (char *) buf, HTTP_RESPONSE,
2197 mbedtls_ssl_get_ciphersuite( &ssl ) );
2198
2199 if( opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM )
2200 {
2201 for( written = 0, frags = 0; written < len; written += ret, frags++ )
2202 {
2203 while( ( ret = mbedtls_ssl_write( &ssl, buf + written, len - written ) )
2204 <= 0 )
2205 {
2206 if( ret == MBEDTLS_ERR_NET_CONN_RESET )
2207 {
2208 mbedtls_printf( " failed\n ! peer closed the connection\n\n" );
2209 goto reset;
2210 }
2211
2212 if( ret != MBEDTLS_ERR_SSL_WANT_READ &&
2213 ret != MBEDTLS_ERR_SSL_WANT_WRITE )
2214 {
2215 mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret );
2216 goto reset;
2217 }
2218 }
2219 }
2220 }
2221 else /* Not stream, so datagram */
2222 {
2223 do ret = mbedtls_ssl_write( &ssl, buf, len );
2224 while( ret == MBEDTLS_ERR_SSL_WANT_READ ||
2225 ret == MBEDTLS_ERR_SSL_WANT_WRITE );
2226
2227 if( ret < 0 )
2228 {
2229 mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret );
2230 goto reset;
2231 }
2232
2233 frags = 1;
2234 written = ret;
2235 }
2236
2237 buf[written] = '\0';
2238 mbedtls_printf( " %d bytes written in %d fragments\n\n%s\n", written, frags, (char *) buf );
2239 ret = 0;
2240
2241 /*
2242 * 7b. Continue doing data exchanges?
2243 */
2244 if( --exchanges_left > 0 )
2245 goto data_exchange;
2246
2247 /*
2248 * 8. Done, cleanly close the connection
2249 */
2250 close_notify:
2251 mbedtls_printf( " . Closing the connection..." );
2252
2253 /* No error checking, the connection might be closed already */
2254 do ret = mbedtls_ssl_close_notify( &ssl );
2255 while( ret == MBEDTLS_ERR_SSL_WANT_WRITE );
2256 ret = 0;
2257
2258 mbedtls_printf( " done\n" );
2259
2260 goto reset;
2261
2262 /*
2263 * Cleanup and exit
2264 */
2265 exit:
2266 #ifdef MBEDTLS_ERROR_C
2267 if( ret != 0 )
2268 {
2269 char error_buf[100];
2270 mbedtls_strerror( ret, error_buf, 100 );
2271 mbedtls_printf("Last error was: -0x%X - %s\n\n", -ret, error_buf );
2272 }
2273 #endif
2274
2275 mbedtls_printf( " . Cleaning up..." );
2276 fflush( stdout );
2277
2278 mbedtls_net_free( &client_fd );
2279 mbedtls_net_free( &listen_fd );
2280
2281 #if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO)
2282 mbedtls_dhm_free( &dhm );
2283 #endif
2284 #if defined(MBEDTLS_X509_CRT_PARSE_C)
2285 mbedtls_x509_crt_free( &cacert );
2286 mbedtls_x509_crt_free( &srvcert );
2287 mbedtls_pk_free( &pkey );
2288 mbedtls_x509_crt_free( &srvcert2 );
2289 mbedtls_pk_free( &pkey2 );
2290 #endif
2291 #if defined(SNI_OPTION)
2292 sni_free( sni_info );
2293 #endif
2294 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
2295 psk_free( psk_info );
2296 #endif
2297 #if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO)
2298 mbedtls_dhm_free( &dhm );
2299 #endif
2300
2301 mbedtls_ssl_free( &ssl );
2302 mbedtls_ssl_config_free( &conf );
2303 mbedtls_ctr_drbg_free( &ctr_drbg );
2304 mbedtls_entropy_free( &entropy );
2305
2306 #if defined(MBEDTLS_SSL_CACHE_C)
2307 mbedtls_ssl_cache_free( &cache );
2308 #endif
2309 #if defined(MBEDTLS_SSL_SESSION_TICKETS)
2310 mbedtls_ssl_ticket_free( &ticket_ctx );
2311 #endif
2312 #if defined(MBEDTLS_SSL_COOKIE_C)
2313 mbedtls_ssl_cookie_free( &cookie_ctx );
2314 #endif
2315
2316 #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
2317 #if defined(MBEDTLS_MEMORY_DEBUG)
2318 mbedtls_memory_buffer_alloc_status();
2319 #endif
2320 mbedtls_memory_buffer_alloc_free();
2321 #endif
2322
2323 mbedtls_printf( " done.\n" );
2324
2325 #if defined(_WIN32)
2326 mbedtls_printf( " + Press Enter to exit this program.\n" );
2327 fflush( stdout ); getchar();
2328 #endif
2329
2330 // Shell can not handle large exit numbers -> 1 for errors
2331 if( ret < 0 )
2332 ret = 1;
2333
2334 return( ret );
2335 }
2336 #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C &&
2337 MBEDTLS_SSL_SRV_C && MBEDTLS_NET_C && MBEDTLS_RSA_C &&
2338 MBEDTLS_CTR_DRBG_C */
2339
