TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-crypto / 508ad5ab6dcc75e100872e61b30200d2acc71afe / . / programs / ssl / ssl_server.c
blob: f43e8b4c5ceecf162b78d4f846d33a70dacd3023 [file] [log] [blame]
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1/*
2 * SSL server demonstration program
3 *
Paul Bakkercce9d772011-11-18 14:26:47 +0000[diff] [blame]4 * Copyright (C) 2006-2011, Brainspark B.V.
Paul Bakkerb96f1542010-07-18 20:36:00 +0000[diff] [blame]5 *
6 * This file is part of PolarSSL (http://www.polarssl.org)
Paul Bakker84f12b72010-07-18 10:13:04 +0000[diff] [blame]7 * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
Paul Bakkerb96f1542010-07-18 20:36:00 +0000[diff] [blame]8 *
Paul Bakker77b385e2009-07-28 17:23:11 +0000[diff] [blame]9 * All rights reserved.
Paul Bakkere0ccd0a2009-01-04 16:27:10 +0000[diff] [blame]10 *
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License as published by
13 * the Free Software Foundation; either version 2 of the License, or
14 * (at your option) any later version.
15 *
16 * This program is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 * GNU General Public License for more details.
20 *
21 * You should have received a copy of the GNU General Public License along
22 * with this program; if not, write to the Free Software Foundation, Inc.,
23 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
24 */
25
26#ifndef _CRT_SECURE_NO_DEPRECATE
27#define _CRT_SECURE_NO_DEPRECATE 1
28#endif
29
Paul Bakkercce9d772011-11-18 14:26:47 +0000[diff] [blame]30#if defined(_WIN32)
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]31#include <windows.h>
32#endif
33
34#include <string.h>
35#include <stdlib.h>
36#include <stdio.h>
37
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]38#include "polarssl/config.h"
39
Paul Bakker508ad5a2011-12-04 17:09:26 +0000[diff] [blame^]40#include "polarssl/entropy.h"
41#include "polarssl/ctr_drbg.h"
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]42#include "polarssl/certs.h"
43#include "polarssl/x509.h"
44#include "polarssl/ssl.h"
45#include "polarssl/net.h"
Paul Bakkera3d195c2011-11-27 21:07:34 +0000[diff] [blame]46#include "polarssl/error.h"
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]47
48#define HTTP_RESPONSE \
49 "HTTP/1.0 200 OK\r\nContent-Type: text/html\r\n\r\n" \
Paul Bakkereaca51d2010-08-16 12:00:14 +0000[diff] [blame]50 "<h2>PolarSSL Test Server</h2>\r\n" \
51 "<p>Successful connection using: %s</p>\r\n"
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]52
53/*
54 * Computing a "safe" DH-1024 prime can take a very
55 * long time, so a precomputed value is provided below.
56 * You may run dh_genprime to generate a new value.
57 */
58char *my_dhm_P =
59 "E4004C1F94182000103D883A448B3F80" \
60 "2CE4B44A83301270002C20D0321CFD00" \
61 "11CCEF784C26A400F43DFB901BCA7538" \
62 "F2C6B176001CF5A0FD16D2C48B1D0C1C" \
63 "F6AC8E1DA6BCC3B4E1F96B0564965300" \
64 "FFA1D0B601EB2800F489AA512C4B248C" \
65 "01F76949A60BB7F00A40B1EAB64BDD48" \
66 "E8A700D60B7F1200FA8E77B0A979DABF";
67
68char *my_dhm_G = "4";
69
70/*
71 * Sorted by order of preference
72 */
Paul Bakkere3166ce2011-01-27 17:40:50 +0000[diff] [blame]73int my_ciphersuites[] =
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]74{
75 SSL_EDH_RSA_AES_256_SHA,
Paul Bakkerb5ef0ba2009-01-11 20:25:36 +0000[diff] [blame]76 SSL_EDH_RSA_CAMELLIA_256_SHA,
Paul Bakker77a43582010-06-15 21:32:46 +0000[diff] [blame]77 SSL_EDH_RSA_AES_128_SHA,
78 SSL_EDH_RSA_CAMELLIA_128_SHA,
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]79 SSL_EDH_RSA_DES_168_SHA,
80 SSL_RSA_AES_256_SHA,
Paul Bakkerb5ef0ba2009-01-11 20:25:36 +0000[diff] [blame]81 SSL_RSA_CAMELLIA_256_SHA,
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]82 SSL_RSA_AES_128_SHA,
Paul Bakkerb5ef0ba2009-01-11 20:25:36 +0000[diff] [blame]83 SSL_RSA_CAMELLIA_128_SHA,
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]84 SSL_RSA_DES_168_SHA,
85 SSL_RSA_RC4_128_SHA,
86 SSL_RSA_RC4_128_MD5,
87 0
88};
89
90#define DEBUG_LEVEL 0
91
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]92void my_debug( void *ctx, int level, const char *str )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]93{
94 if( level < DEBUG_LEVEL )
95 {
96 fprintf( (FILE *) ctx, "%s", str );
97 fflush( (FILE *) ctx );
98 }
99}
100
101/*
102 * These session callbacks use a simple chained list
103 * to store and retrieve the session information.
104 */
105ssl_session *s_list_1st = NULL;
106ssl_session *cur, *prv;
107
108static int my_get_session( ssl_context *ssl )
109{
110 time_t t = time( NULL );
111
112 if( ssl->resume == 0 )
113 return( 1 );
114
115 cur = s_list_1st;
116 prv = NULL;
117
118 while( cur != NULL )
119 {
120 prv = cur;
121 cur = cur->next;
122
Paul Bakkercce9d772011-11-18 14:26:47 +0000[diff] [blame]123 if( ssl->timeout != 0 && (int) ( t - prv->start ) > ssl->timeout )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]124 continue;
125
Paul Bakkere3166ce2011-01-27 17:40:50 +0000[diff] [blame]126 if( ssl->session->ciphersuite != prv->ciphersuite ||
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]127 ssl->session->length != prv->length )
128 continue;
129
130 if( memcmp( ssl->session->id, prv->id, prv->length ) != 0 )
131 continue;
132
133 memcpy( ssl->session->master, prv->master, 48 );
134 return( 0 );
135 }
136
137 return( 1 );
138}
139
140static int my_set_session( ssl_context *ssl )
141{
142 time_t t = time( NULL );
143
144 cur = s_list_1st;
145 prv = NULL;
146
147 while( cur != NULL )
148 {
Paul Bakkercce9d772011-11-18 14:26:47 +0000[diff] [blame]149 if( ssl->timeout != 0 && (int) ( t - cur->start ) > ssl->timeout )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]150 break; /* expired, reuse this slot */
151
152 if( memcmp( ssl->session->id, cur->id, cur->length ) == 0 )
153 break; /* client reconnected */
154
155 prv = cur;
156 cur = cur->next;
157 }
158
159 if( cur == NULL )
160 {
161 cur = (ssl_session *) malloc( sizeof( ssl_session ) );
162 if( cur == NULL )
163 return( 1 );
164
165 if( prv == NULL )
166 s_list_1st = cur;
167 else prv->next = cur;
168 }
169
170 memcpy( cur, ssl->session, sizeof( ssl_session ) );
171
172 return( 0 );
173}
174
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]175#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_CERTS_C) || \
Paul Bakker508ad5a2011-12-04 17:09:26 +0000[diff] [blame^]176 !defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_SSL_TLS_C) || \
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]177 !defined(POLARSSL_SSL_SRV_C) || !defined(POLARSSL_NET_C) || \
Paul Bakker508ad5a2011-12-04 17:09:26 +0000[diff] [blame^]178 !defined(POLARSSL_RSA_C) || !defined(POLARSSL_CTR_DRBG_C)
Paul Bakkercce9d772011-11-18 14:26:47 +0000[diff] [blame]179int main( int argc, char *argv[] )
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]180{
Paul Bakkercce9d772011-11-18 14:26:47 +0000[diff] [blame]181 ((void) argc);
182 ((void) argv);
183
Paul Bakker508ad5a2011-12-04 17:09:26 +0000[diff] [blame^]184 printf("POLARSSL_BIGNUM_C and/or POLARSSL_CERTS_C and/or POLARSSL_ENTROPY_C "
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]185 "and/or POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_SRV_C and/or "
Paul Bakker508ad5a2011-12-04 17:09:26 +0000[diff] [blame^]186 "POLARSSL_NET_C and/or POLARSSL_RSA_C and/or "
187 "POLARSSL_CTR_DRBG_C not defined.\n");
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]188 return( 0 );
189}
190#else
Paul Bakkercce9d772011-11-18 14:26:47 +0000[diff] [blame]191int main( int argc, char *argv[] )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]192{
193 int ret, len;
194 int listen_fd;
Paul Bakker7eb013f2011-10-06 12:37:39 +0000[diff] [blame]195 int client_fd = -1;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]196 unsigned char buf[1024];
Paul Bakker508ad5a2011-12-04 17:09:26 +0000[diff] [blame^]197 char *pers = "ssl_server";
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]198
Paul Bakker508ad5a2011-12-04 17:09:26 +0000[diff] [blame^]199 entropy_context entropy;
200 ctr_drbg_context ctr_drbg;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]201 ssl_context ssl;
202 ssl_session ssn;
203 x509_cert srvcert;
204 rsa_context rsa;
205
Paul Bakkercce9d772011-11-18 14:26:47 +0000[diff] [blame]206 ((void) argc);
207 ((void) argv);
208
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]209 /*
210 * 1. Load the certificates and private RSA key
211 */
212 printf( "\n . Loading the server cert. and key..." );
213 fflush( stdout );
214
215 memset( &srvcert, 0, sizeof( x509_cert ) );
216
217 /*
218 * This demonstration program uses embedded test certificates.
219 * Instead, you may want to use x509parse_crtfile() to read the
220 * server and CA certificates, as well as x509parse_keyfile().
221 */
222 ret = x509parse_crt( &srvcert, (unsigned char *) test_srv_crt,
Paul Bakker6c0ceb32011-12-04 12:24:18 +0000[diff] [blame]223 strlen( test_srv_crt ), X509_NON_PERMISSIVE );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]224 if( ret != 0 )
225 {
226 printf( " failed\n ! x509parse_crt returned %d\n\n", ret );
227 goto exit;
228 }
229
230 ret = x509parse_crt( &srvcert, (unsigned char *) test_ca_crt,
Paul Bakker6c0ceb32011-12-04 12:24:18 +0000[diff] [blame]231 strlen( test_ca_crt ), X509_NON_PERMISSIVE );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]232 if( ret != 0 )
233 {
234 printf( " failed\n ! x509parse_crt returned %d\n\n", ret );
235 goto exit;
236 }
237
Paul Bakker91b41592011-05-05 12:01:31 +0000[diff] [blame]238 rsa_init( &rsa, RSA_PKCS_V15, 0 );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]239 ret = x509parse_key( &rsa, (unsigned char *) test_srv_key,
240 strlen( test_srv_key ), NULL, 0 );
241 if( ret != 0 )
242 {
243 printf( " failed\n ! x509parse_key returned %d\n\n", ret );
244 goto exit;
245 }
246
247 printf( " ok\n" );
248
249 /*
250 * 2. Setup the listening TCP socket
251 */
252 printf( " . Bind on https://localhost:4433/ ..." );
253 fflush( stdout );
254
255 if( ( ret = net_bind( &listen_fd, NULL, 4433 ) ) != 0 )
256 {
257 printf( " failed\n ! net_bind returned %d\n\n", ret );
258 goto exit;
259 }
260
261 printf( " ok\n" );
262
263 /*
Paul Bakker508ad5a2011-12-04 17:09:26 +0000[diff] [blame^]264 * 3. Seed the RNG
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]265 */
Paul Bakker508ad5a2011-12-04 17:09:26 +0000[diff] [blame^]266 printf( " . Seeding the random number generator..." );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]267 fflush( stdout );
268
Paul Bakker508ad5a2011-12-04 17:09:26 +0000[diff] [blame^]269 entropy_init( &entropy );
270 if( ( ret = ctr_drbg_init( &ctr_drbg, entropy_func, &entropy,
271 (unsigned char *) pers, strlen( pers ) ) ) != 0 )
272 {
273 printf( " failed\n ! ctr_drbg_init returned %d\n", ret );
274 goto exit;
275 }
276
277 printf( " ok\n" );
278
279 /*
280 * 4. Setup stuff
281 */
282 printf( " . Setting up the SSL data...." );
283 fflush( stdout );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]284
285 if( ( ret = ssl_init( &ssl ) ) != 0 )
286 {
287 printf( " failed\n ! ssl_init returned %d\n\n", ret );
Paul Bakker7eb013f2011-10-06 12:37:39 +0000[diff] [blame]288 goto exit;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]289 }
290
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]291 ssl_set_endpoint( &ssl, SSL_IS_SERVER );
292 ssl_set_authmode( &ssl, SSL_VERIFY_NONE );
293
Paul Bakker508ad5a2011-12-04 17:09:26 +0000[diff] [blame^]294 ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]295 ssl_set_dbg( &ssl, my_debug, stdout );
Paul Bakker7eb013f2011-10-06 12:37:39 +0000[diff] [blame]296
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]297 ssl_set_scb( &ssl, my_get_session,
298 my_set_session );
299
Paul Bakkere3166ce2011-01-27 17:40:50 +0000[diff] [blame]300 ssl_set_ciphersuites( &ssl, my_ciphersuites );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]301 ssl_set_session( &ssl, 1, 0, &ssn );
302
303 memset( &ssn, 0, sizeof( ssl_session ) );
304
Paul Bakker40ea7de2009-05-03 10:18:48 +0000[diff] [blame]305 ssl_set_ca_chain( &ssl, srvcert.next, NULL, NULL );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]306 ssl_set_own_cert( &ssl, &srvcert, &rsa );
307 ssl_set_dh_param( &ssl, my_dhm_P, my_dhm_G );
308
Paul Bakker7eb013f2011-10-06 12:37:39 +0000[diff] [blame]309 printf( " ok\n" );
310
311reset:
Paul Bakkera3d195c2011-11-27 21:07:34 +0000[diff] [blame]312#ifdef POLARSSL_ERROR_C
313 if( ret != 0 )
314 {
315 char error_buf[100];
316 error_strerror( ret, error_buf, 100 );
317 printf("Last error was: %d - %s\n\n", ret, error_buf );
318 }
319#endif
320
Paul Bakker7eb013f2011-10-06 12:37:39 +0000[diff] [blame]321 if( client_fd != -1 )
322 net_close( client_fd );
323
324 ssl_session_reset( &ssl );
325
326 /*
327 * 3. Wait until a client connects
328 */
Paul Bakkercce9d772011-11-18 14:26:47 +0000[diff] [blame]329#if defined(_WIN32_WCE)
330 {
331 SHELLEXECUTEINFO sei;
332
333 ZeroMemory( &sei, sizeof( SHELLEXECUTEINFO ) );
334
335 sei.cbSize = sizeof( SHELLEXECUTEINFO );
336 sei.fMask = 0;
337 sei.hwnd = 0;
338 sei.lpVerb = _T( "open" );
339 sei.lpFile = _T( "https://localhost:4433/" );
340 sei.lpParameters = NULL;
341 sei.lpDirectory = NULL;
342 sei.nShow = SW_SHOWNORMAL;
343
344 ShellExecuteEx( &sei );
345 }
346#elif defined(_WIN32)
Paul Bakker7eb013f2011-10-06 12:37:39 +0000[diff] [blame]347 ShellExecute( NULL, "open", "https://localhost:4433/",
348 NULL, NULL, SW_SHOWNORMAL );
349#endif
350
351 client_fd = -1;
352
353 printf( " . Waiting for a remote connection ..." );
354 fflush( stdout );
355
356 if( ( ret = net_accept( listen_fd, &client_fd, NULL ) ) != 0 )
357 {
358 printf( " failed\n ! net_accept returned %d\n\n", ret );
359 goto exit;
360 }
361
362 ssl_set_bio( &ssl, net_recv, &client_fd,
363 net_send, &client_fd );
364
365 printf( " ok\n" );
366
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]367 /*
368 * 5. Handshake
369 */
370 printf( " . Performing the SSL/TLS handshake..." );
371 fflush( stdout );
372
373 while( ( ret = ssl_handshake( &ssl ) ) != 0 )
374 {
Paul Bakker831a7552011-05-18 13:32:51 +0000[diff] [blame]375 if( ret != POLARSSL_ERR_NET_WANT_READ && ret != POLARSSL_ERR_NET_WANT_WRITE )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]376 {
377 printf( " failed\n ! ssl_handshake returned %d\n\n", ret );
Paul Bakker7eb013f2011-10-06 12:37:39 +0000[diff] [blame]378 goto reset;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]379 }
380 }
381
382 printf( " ok\n" );
383
384 /*
385 * 6. Read the HTTP Request
386 */
387 printf( " < Read from client:" );
388 fflush( stdout );
389
390 do
391 {
392 len = sizeof( buf ) - 1;
393 memset( buf, 0, sizeof( buf ) );
394 ret = ssl_read( &ssl, buf, len );
395
Paul Bakker831a7552011-05-18 13:32:51 +0000[diff] [blame]396 if( ret == POLARSSL_ERR_NET_WANT_READ || ret == POLARSSL_ERR_NET_WANT_WRITE )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]397 continue;
398
399 if( ret <= 0 )
400 {
401 switch( ret )
402 {
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]403 case POLARSSL_ERR_SSL_PEER_CLOSE_NOTIFY:
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]404 printf( " connection was closed gracefully\n" );
405 break;
406
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]407 case POLARSSL_ERR_NET_CONN_RESET:
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]408 printf( " connection was reset by peer\n" );
409 break;
410
411 default:
412 printf( " ssl_read returned %d\n", ret );
413 break;
414 }
415
416 break;
417 }
418
419 len = ret;
420 printf( " %d bytes read\n\n%s", len, (char *) buf );
421 }
422 while( 0 );
423
424 /*
425 * 7. Write the 200 Response
426 */
427 printf( " > Write to client:" );
428 fflush( stdout );
429
430 len = sprintf( (char *) buf, HTTP_RESPONSE,
Paul Bakkere3166ce2011-01-27 17:40:50 +0000[diff] [blame]431 ssl_get_ciphersuite( &ssl ) );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]432
433 while( ( ret = ssl_write( &ssl, buf, len ) ) <= 0 )
434 {
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]435 if( ret == POLARSSL_ERR_NET_CONN_RESET )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]436 {
437 printf( " failed\n ! peer closed the connection\n\n" );
Paul Bakker7eb013f2011-10-06 12:37:39 +0000[diff] [blame]438 goto reset;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]439 }
440
Paul Bakker831a7552011-05-18 13:32:51 +0000[diff] [blame]441 if( ret != POLARSSL_ERR_NET_WANT_READ && ret != POLARSSL_ERR_NET_WANT_WRITE )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]442 {
443 printf( " failed\n ! ssl_write returned %d\n\n", ret );
444 goto exit;
445 }
446 }
447
448 len = ret;
449 printf( " %d bytes written\n\n%s\n", len, (char *) buf );
Paul Bakkera3d195c2011-11-27 21:07:34 +0000[diff] [blame]450
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]451 ssl_close_notify( &ssl );
Paul Bakkera3d195c2011-11-27 21:07:34 +0000[diff] [blame]452 ret = 0;
Paul Bakker7eb013f2011-10-06 12:37:39 +0000[diff] [blame]453 goto reset;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]454
455exit:
456
Paul Bakkera3d195c2011-11-27 21:07:34 +0000[diff] [blame]457#ifdef POLARSSL_ERROR_C
458 if( ret != 0 )
459 {
460 char error_buf[100];
461 error_strerror( ret, error_buf, 100 );
462 printf("Last error was: %d - %s\n\n", ret, error_buf );
463 }
464#endif
465
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]466 net_close( client_fd );
467 x509_free( &srvcert );
468 rsa_free( &rsa );
469 ssl_free( &ssl );
470
471 cur = s_list_1st;
472 while( cur != NULL )
473 {
474 prv = cur;
475 cur = cur->next;
476 memset( prv, 0, sizeof( ssl_session ) );
477 free( prv );
478 }
479
480 memset( &ssl, 0, sizeof( ssl_context ) );
481
Paul Bakkercce9d772011-11-18 14:26:47 +0000[diff] [blame]482#if defined(_WIN32)
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]483 printf( " Press Enter to exit this program.\n" );
484 fflush( stdout ); getchar();
485#endif
486
487 return( ret );
488}
Paul Bakker508ad5a2011-12-04 17:09:26 +0000[diff] [blame^]489#endif /* POLARSSL_BIGNUM_C && POLARSSL_CERTS_C && POLARSSL_ENTROPY_C &&
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]490 POLARSSL_SSL_TLS_C && POLARSSL_SSL_SRV_C && POLARSSL_NET_C &&
Paul Bakker508ad5a2011-12-04 17:09:26 +0000[diff] [blame^]491 POLARSSL_RSA_C && POLARSSL_CTR_DRBG_C */