TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-crypto / 18b78c74986c8d3fbb1e904fee835e21b9765534 / . / programs / ssl / ssl_server.c
blob: 0486517dd750a6985553001a4f6765638796ad21 [file] [log] [blame]
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1/*
2 * SSL server demonstration program
3 *
Manuel Pégourié-Gonnarda658a402015-01-23 09:45:19 +0000[diff] [blame]4 * Copyright (C) 2006-2013, ARM Limited, All Rights Reserved
Paul Bakkerb96f1542010-07-18 20:36:00 +0000[diff] [blame]5 *
Manuel Pégourié-Gonnard860b5162015-01-28 17:12:07 +0000[diff] [blame]6 * This file is part of mbed TLS (https://polarssl.org)
Paul Bakkerb96f1542010-07-18 20:36:00 +0000[diff] [blame]7 *
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
12 *
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
17 *
18 * You should have received a copy of the GNU General Public License along
19 * with this program; if not, write to the Free Software Foundation, Inc.,
20 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
21 */
22
Manuel Pégourié-Gonnardcef4ad22014-04-29 12:39:06 +0200[diff] [blame]23#if !defined(POLARSSL_CONFIG_FILE)
Manuel Pégourié-Gonnardabd6e022013-09-20 13:30:43 +0200[diff] [blame]24#include "polarssl/config.h"
Manuel Pégourié-Gonnardcef4ad22014-04-29 12:39:06 +0200[diff] [blame]25#else
26#include POLARSSL_CONFIG_FILE
27#endif
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]28
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame]29#if defined(POLARSSL_PLATFORM_C)
30#include "polarssl/platform.h"
31#else
Rich Evans18b78c72015-02-11 14:06:19 +0000[diff] [blame^]32#include <stdio.h>
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame]33#define polarssl_fprintf fprintf
Rich Evans18b78c72015-02-11 14:06:19 +0000[diff] [blame^]34#define polarssl_printf printf
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame]35#endif
36
Paul Bakkercce9d772011-11-18 14:26:47 +0000[diff] [blame]37#if defined(_WIN32)
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]38#include <windows.h>
39#endif
40
Rich Evans18b78c72015-02-11 14:06:19 +0000[diff] [blame^]41#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_CERTS_C) && \
42 defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_SSL_TLS_C) && \
43 defined(POLARSSL_SSL_SRV_C) && defined(POLARSSL_NET_C) && \
44 defined(POLARSSL_RSA_C) && defined(POLARSSL_CTR_DRBG_C) && \
45 defined(POLARSSL_X509_CRT_PARSE_C) && defined(POLARSSL_FS_IO)
Paul Bakker508ad5a2011-12-04 17:09:26 +0000[diff] [blame]46#include "polarssl/entropy.h"
47#include "polarssl/ctr_drbg.h"
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]48#include "polarssl/certs.h"
49#include "polarssl/x509.h"
50#include "polarssl/ssl.h"
51#include "polarssl/net.h"
Paul Bakkera3d195c2011-11-27 21:07:34 +0000[diff] [blame]52#include "polarssl/error.h"
Paul Bakkerc73079a2014-04-25 16:34:30 +0200[diff] [blame]53#include "polarssl/debug.h"
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]54
Rich Evans18b78c72015-02-11 14:06:19 +0000[diff] [blame^]55#include <stdio.h>
56#include <stdlib.h>
57#include <string.h>
58#endif
59
Paul Bakker0a597072012-09-25 21:55:46 +0000[diff] [blame]60#if defined(POLARSSL_SSL_CACHE_C)
61#include "polarssl/ssl_cache.h"
62#endif
63
Rich Evans18b78c72015-02-11 14:06:19 +0000[diff] [blame^]64#define HTTP_RESPONSE \
65 "HTTP/1.0 200 OK\r\nContent-Type: text/html\r\n\r\n" \
66 "<h2>mbed TLS Test Server</h2>\r\n" \
67 "<p>Successful connection using: %s</p>\r\n"
68
69#define DEBUG_LEVEL 0
70
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]71#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_CERTS_C) || \
Paul Bakker508ad5a2011-12-04 17:09:26 +0000[diff] [blame]72 !defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_SSL_TLS_C) || \
Paul Bakkered27a042013-04-18 22:46:23 +0200[diff] [blame]73 !defined(POLARSSL_SSL_SRV_C) || !defined(POLARSSL_NET_C) || \
74 !defined(POLARSSL_RSA_C) || !defined(POLARSSL_CTR_DRBG_C) || \
Rich Evans18b78c72015-02-11 14:06:19 +0000[diff] [blame^]75 !defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_FS_IO)
Paul Bakkercce9d772011-11-18 14:26:47 +0000[diff] [blame]76int main( int argc, char *argv[] )
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]77{
Paul Bakkercce9d772011-11-18 14:26:47 +0000[diff] [blame]78 ((void) argc);
79 ((void) argv);
80
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame]81 polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_CERTS_C and/or POLARSSL_ENTROPY_C "
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]82 "and/or POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_SRV_C and/or "
Paul Bakker508ad5a2011-12-04 17:09:26 +0000[diff] [blame]83 "POLARSSL_NET_C and/or POLARSSL_RSA_C and/or "
Paul Bakker36713e82013-09-17 13:25:29 +0200[diff] [blame]84 "POLARSSL_CTR_DRBG_C and/or POLARSSL_X509_CRT_PARSE_C "
85 "not defined.\n");
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]86 return( 0 );
87}
88#else
Paul Bakker9a97c5d2013-09-15 17:07:33 +0200[diff] [blame]89static void my_debug( void *ctx, int level, const char *str )
90{
Paul Bakkerc73079a2014-04-25 16:34:30 +0200[diff] [blame]91 ((void) level);
92
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame]93 polarssl_fprintf( (FILE *) ctx, "%s", str );
Paul Bakkerc73079a2014-04-25 16:34:30 +0200[diff] [blame]94 fflush( (FILE *) ctx );
Paul Bakker9a97c5d2013-09-15 17:07:33 +0200[diff] [blame]95}
96
Paul Bakkercce9d772011-11-18 14:26:47 +0000[diff] [blame]97int main( int argc, char *argv[] )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]98{
99 int ret, len;
100 int listen_fd;
Paul Bakker7eb013f2011-10-06 12:37:39 +0000[diff] [blame]101 int client_fd = -1;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]102 unsigned char buf[1024];
Paul Bakkeref3f8c72013-06-24 13:01:08 +0200[diff] [blame]103 const char *pers = "ssl_server";
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]104
Paul Bakker508ad5a2011-12-04 17:09:26 +0000[diff] [blame]105 entropy_context entropy;
106 ctr_drbg_context ctr_drbg;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]107 ssl_context ssl;
Paul Bakkerc559c7a2013-09-18 14:13:26 +0200[diff] [blame]108 x509_crt srvcert;
Manuel Pégourié-Gonnardac755232013-08-19 14:10:16 +0200[diff] [blame]109 pk_context pkey;
Paul Bakkerd4324102012-09-26 08:29:38 +0000[diff] [blame]110#if defined(POLARSSL_SSL_CACHE_C)
111 ssl_cache_context cache;
112#endif
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]113
Paul Bakkercce9d772011-11-18 14:26:47 +0000[diff] [blame]114 ((void) argc);
115 ((void) argv);
116
Paul Bakker0c226102014-04-17 16:02:36 +0200[diff] [blame]117 memset( &ssl, 0, sizeof(ssl_context) );
Paul Bakker0a597072012-09-25 21:55:46 +0000[diff] [blame]118#if defined(POLARSSL_SSL_CACHE_C)
Paul Bakker0a597072012-09-25 21:55:46 +0000[diff] [blame]119 ssl_cache_init( &cache );
120#endif
Paul Bakker0c226102014-04-17 16:02:36 +0200[diff] [blame]121 x509_crt_init( &srvcert );
122 pk_init( &pkey );
123 entropy_init( &entropy );
Paul Bakkerfab5c822012-02-06 16:45:10 +0000[diff] [blame]124
Paul Bakkerc73079a2014-04-25 16:34:30 +0200[diff] [blame]125#if defined(POLARSSL_DEBUG_C)
126 debug_set_threshold( DEBUG_LEVEL );
127#endif
128
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]129 /*
130 * 1. Load the certificates and private RSA key
131 */
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame]132 polarssl_printf( "\n . Loading the server cert. and key..." );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]133 fflush( stdout );
134
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]135 /*
136 * This demonstration program uses embedded test certificates.
Paul Bakkerddf26b42013-09-18 13:46:23 +0200[diff] [blame]137 * Instead, you may want to use x509_crt_parse_file() to read the
138 * server and CA certificates, as well as pk_parse_keyfile().
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]139 */
Paul Bakkerddf26b42013-09-18 13:46:23 +0200[diff] [blame]140 ret = x509_crt_parse( &srvcert, (const unsigned char *) test_srv_crt,
141 strlen( test_srv_crt ) );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]142 if( ret != 0 )
143 {
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame]144 polarssl_printf( " failed\n ! x509_crt_parse returned %d\n\n", ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]145 goto exit;
146 }
147
Manuel Pégourié-Gonnard641de712013-09-25 13:23:33 +0200[diff] [blame]148 ret = x509_crt_parse( &srvcert, (const unsigned char *) test_ca_list,
149 strlen( test_ca_list ) );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]150 if( ret != 0 )
151 {
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame]152 polarssl_printf( " failed\n ! x509_crt_parse returned %d\n\n", ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]153 goto exit;
154 }
155
Paul Bakker1a7550a2013-09-15 13:01:22 +0200[diff] [blame]156 ret = pk_parse_key( &pkey, (const unsigned char *) test_srv_key,
157 strlen( test_srv_key ), NULL, 0 );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]158 if( ret != 0 )
159 {
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame]160 polarssl_printf( " failed\n ! pk_parse_key returned %d\n\n", ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]161 goto exit;
162 }
163
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame]164 polarssl_printf( " ok\n" );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]165
166 /*
167 * 2. Setup the listening TCP socket
168 */
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame]169 polarssl_printf( " . Bind on https://localhost:4433/ ..." );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]170 fflush( stdout );
171
172 if( ( ret = net_bind( &listen_fd, NULL, 4433 ) ) != 0 )
173 {
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame]174 polarssl_printf( " failed\n ! net_bind returned %d\n\n", ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]175 goto exit;
176 }
177
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame]178 polarssl_printf( " ok\n" );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]179
180 /*
Paul Bakker508ad5a2011-12-04 17:09:26 +0000[diff] [blame]181 * 3. Seed the RNG
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]182 */
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame]183 polarssl_printf( " . Seeding the random number generator..." );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]184 fflush( stdout );
185
Paul Bakker508ad5a2011-12-04 17:09:26 +0000[diff] [blame]186 if( ( ret = ctr_drbg_init( &ctr_drbg, entropy_func, &entropy,
Paul Bakkeref3f8c72013-06-24 13:01:08 +0200[diff] [blame]187 (const unsigned char *) pers,
188 strlen( pers ) ) ) != 0 )
Paul Bakker508ad5a2011-12-04 17:09:26 +0000[diff] [blame]189 {
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame]190 polarssl_printf( " failed\n ! ctr_drbg_init returned %d\n", ret );
Paul Bakker508ad5a2011-12-04 17:09:26 +0000[diff] [blame]191 goto exit;
192 }
193
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame]194 polarssl_printf( " ok\n" );
Paul Bakker508ad5a2011-12-04 17:09:26 +0000[diff] [blame]195
196 /*
197 * 4. Setup stuff
198 */
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame]199 polarssl_printf( " . Setting up the SSL data...." );
Paul Bakker508ad5a2011-12-04 17:09:26 +0000[diff] [blame]200 fflush( stdout );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]201
202 if( ( ret = ssl_init( &ssl ) ) != 0 )
203 {
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame]204 polarssl_printf( " failed\n ! ssl_init returned %d\n\n", ret );
Paul Bakker7eb013f2011-10-06 12:37:39 +0000[diff] [blame]205 goto exit;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]206 }
207
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]208 ssl_set_endpoint( &ssl, SSL_IS_SERVER );
209 ssl_set_authmode( &ssl, SSL_VERIFY_NONE );
210
Manuel Pégourié-Gonnard448ea502015-01-12 11:40:14 +0100[diff] [blame]211 /* SSLv3 is deprecated, set minimum to TLS 1.0 */
212 ssl_set_min_version( &ssl, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1 );
Manuel Pégourié-Gonnardfa065812015-01-12 14:05:33 +0100[diff] [blame]213 /* RC4 is deprecated, disable it */
214 ssl_set_arc4_support( &ssl, SSL_ARC4_DISABLED );
Manuel Pégourié-Gonnard448ea502015-01-12 11:40:14 +0100[diff] [blame]215
Paul Bakker508ad5a2011-12-04 17:09:26 +0000[diff] [blame]216 ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]217 ssl_set_dbg( &ssl, my_debug, stdout );
Paul Bakker7eb013f2011-10-06 12:37:39 +0000[diff] [blame]218
Paul Bakker0a597072012-09-25 21:55:46 +0000[diff] [blame]219#if defined(POLARSSL_SSL_CACHE_C)
220 ssl_set_session_cache( &ssl, ssl_cache_get, &cache,
221 ssl_cache_set, &cache );
222#endif
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]223
Paul Bakker40ea7de2009-05-03 10:18:48 +0000[diff] [blame]224 ssl_set_ca_chain( &ssl, srvcert.next, NULL, NULL );
Manuel Pégourié-Gonnardc5fd3912014-07-08 14:05:52 +0200[diff] [blame]225 if( ( ret = ssl_set_own_cert( &ssl, &srvcert, &pkey ) ) != 0 )
226 {
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame]227 polarssl_printf( " failed\n ! ssl_set_own_cert returned %d\n\n", ret );
Manuel Pégourié-Gonnardc5fd3912014-07-08 14:05:52 +0200[diff] [blame]228 goto exit;
229 }
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]230
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame]231 polarssl_printf( " ok\n" );
Paul Bakker7eb013f2011-10-06 12:37:39 +0000[diff] [blame]232
233reset:
Paul Bakkera3d195c2011-11-27 21:07:34 +0000[diff] [blame]234#ifdef POLARSSL_ERROR_C
235 if( ret != 0 )
236 {
237 char error_buf[100];
Paul Bakker03a8a792013-06-30 12:18:08 +0200[diff] [blame]238 polarssl_strerror( ret, error_buf, 100 );
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame]239 polarssl_printf("Last error was: %d - %s\n\n", ret, error_buf );
Paul Bakkera3d195c2011-11-27 21:07:34 +0000[diff] [blame]240 }
241#endif
242
Paul Bakker7eb013f2011-10-06 12:37:39 +0000[diff] [blame]243 if( client_fd != -1 )
244 net_close( client_fd );
245
246 ssl_session_reset( &ssl );
247
248 /*
249 * 3. Wait until a client connects
250 */
Paul Bakker7eb013f2011-10-06 12:37:39 +0000[diff] [blame]251 client_fd = -1;
252
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame]253 polarssl_printf( " . Waiting for a remote connection ..." );
Paul Bakker7eb013f2011-10-06 12:37:39 +0000[diff] [blame]254 fflush( stdout );
255
256 if( ( ret = net_accept( listen_fd, &client_fd, NULL ) ) != 0 )
257 {
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame]258 polarssl_printf( " failed\n ! net_accept returned %d\n\n", ret );
Paul Bakker7eb013f2011-10-06 12:37:39 +0000[diff] [blame]259 goto exit;
260 }
261
262 ssl_set_bio( &ssl, net_recv, &client_fd,
263 net_send, &client_fd );
264
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame]265 polarssl_printf( " ok\n" );
Paul Bakker7eb013f2011-10-06 12:37:39 +0000[diff] [blame]266
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]267 /*
268 * 5. Handshake
269 */
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame]270 polarssl_printf( " . Performing the SSL/TLS handshake..." );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]271 fflush( stdout );
272
273 while( ( ret = ssl_handshake( &ssl ) ) != 0 )
274 {
Paul Bakker831a7552011-05-18 13:32:51 +0000[diff] [blame]275 if( ret != POLARSSL_ERR_NET_WANT_READ && ret != POLARSSL_ERR_NET_WANT_WRITE )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]276 {
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame]277 polarssl_printf( " failed\n ! ssl_handshake returned %d\n\n", ret );
Paul Bakker7eb013f2011-10-06 12:37:39 +0000[diff] [blame]278 goto reset;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]279 }
280 }
281
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame]282 polarssl_printf( " ok\n" );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]283
284 /*
285 * 6. Read the HTTP Request
286 */
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame]287 polarssl_printf( " < Read from client:" );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]288 fflush( stdout );
289
290 do
291 {
292 len = sizeof( buf ) - 1;
293 memset( buf, 0, sizeof( buf ) );
294 ret = ssl_read( &ssl, buf, len );
295
Paul Bakker831a7552011-05-18 13:32:51 +0000[diff] [blame]296 if( ret == POLARSSL_ERR_NET_WANT_READ || ret == POLARSSL_ERR_NET_WANT_WRITE )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]297 continue;
298
299 if( ret <= 0 )
300 {
301 switch( ret )
302 {
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]303 case POLARSSL_ERR_SSL_PEER_CLOSE_NOTIFY:
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame]304 polarssl_printf( " connection was closed gracefully\n" );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]305 break;
306
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]307 case POLARSSL_ERR_NET_CONN_RESET:
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame]308 polarssl_printf( " connection was reset by peer\n" );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]309 break;
310
311 default:
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame]312 polarssl_printf( " ssl_read returned -0x%x\n", -ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]313 break;
314 }
315
316 break;
317 }
318
319 len = ret;
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame]320 polarssl_printf( " %d bytes read\n\n%s", len, (char *) buf );
Paul Bakker48916f92012-09-16 19:57:18 +0000[diff] [blame]321
322 if( ret > 0 )
323 break;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]324 }
Paul Bakker48916f92012-09-16 19:57:18 +0000[diff] [blame]325 while( 1 );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]326
327 /*
328 * 7. Write the 200 Response
329 */
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame]330 polarssl_printf( " > Write to client:" );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]331 fflush( stdout );
332
333 len = sprintf( (char *) buf, HTTP_RESPONSE,
Paul Bakkere3166ce2011-01-27 17:40:50 +0000[diff] [blame]334 ssl_get_ciphersuite( &ssl ) );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]335
336 while( ( ret = ssl_write( &ssl, buf, len ) ) <= 0 )
337 {
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]338 if( ret == POLARSSL_ERR_NET_CONN_RESET )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]339 {
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame]340 polarssl_printf( " failed\n ! peer closed the connection\n\n" );
Paul Bakker7eb013f2011-10-06 12:37:39 +0000[diff] [blame]341 goto reset;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]342 }
343
Paul Bakker831a7552011-05-18 13:32:51 +0000[diff] [blame]344 if( ret != POLARSSL_ERR_NET_WANT_READ && ret != POLARSSL_ERR_NET_WANT_WRITE )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]345 {
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame]346 polarssl_printf( " failed\n ! ssl_write returned %d\n\n", ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]347 goto exit;
348 }
349 }
350
351 len = ret;
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame]352 polarssl_printf( " %d bytes written\n\n%s\n", len, (char *) buf );
Manuel Pégourié-Gonnard6b0d2682014-03-25 11:24:43 +0100[diff] [blame]353
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame]354 polarssl_printf( " . Closing the connection..." );
Manuel Pégourié-Gonnard6b0d2682014-03-25 11:24:43 +0100[diff] [blame]355
356 while( ( ret = ssl_close_notify( &ssl ) ) < 0 )
357 {
358 if( ret != POLARSSL_ERR_NET_WANT_READ &&
359 ret != POLARSSL_ERR_NET_WANT_WRITE )
360 {
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame]361 polarssl_printf( " failed\n ! ssl_close_notify returned %d\n\n", ret );
Manuel Pégourié-Gonnard6b0d2682014-03-25 11:24:43 +0100[diff] [blame]362 goto reset;
363 }
364 }
365
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame]366 polarssl_printf( " ok\n" );
Manuel Pégourié-Gonnard6b0d2682014-03-25 11:24:43 +0100[diff] [blame]367
Paul Bakkera3d195c2011-11-27 21:07:34 +0000[diff] [blame]368 ret = 0;
Paul Bakker7eb013f2011-10-06 12:37:39 +0000[diff] [blame]369 goto reset;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]370
371exit:
372
Paul Bakkera3d195c2011-11-27 21:07:34 +0000[diff] [blame]373#ifdef POLARSSL_ERROR_C
374 if( ret != 0 )
375 {
376 char error_buf[100];
Paul Bakker03a8a792013-06-30 12:18:08 +0200[diff] [blame]377 polarssl_strerror( ret, error_buf, 100 );
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame]378 polarssl_printf("Last error was: %d - %s\n\n", ret, error_buf );
Paul Bakkera3d195c2011-11-27 21:07:34 +0000[diff] [blame]379 }
380#endif
381
Paul Bakker0c226102014-04-17 16:02:36 +0200[diff] [blame]382 if( client_fd != -1 )
383 net_close( client_fd );
384
Paul Bakker36713e82013-09-17 13:25:29 +0200[diff] [blame]385 x509_crt_free( &srvcert );
Manuel Pégourié-Gonnardac755232013-08-19 14:10:16 +0200[diff] [blame]386 pk_free( &pkey );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]387 ssl_free( &ssl );
Paul Bakker0a597072012-09-25 21:55:46 +0000[diff] [blame]388#if defined(POLARSSL_SSL_CACHE_C)
389 ssl_cache_free( &cache );
390#endif
Paul Bakkera317a982014-06-18 16:44:11 +0200[diff] [blame]391 ctr_drbg_free( &ctr_drbg );
Paul Bakker1ffefac2013-09-28 15:23:03 +0200[diff] [blame]392 entropy_free( &entropy );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]393
Paul Bakkercce9d772011-11-18 14:26:47 +0000[diff] [blame]394#if defined(_WIN32)
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame]395 polarssl_printf( " Press Enter to exit this program.\n" );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]396 fflush( stdout ); getchar();
397#endif
398
399 return( ret );
400}
Paul Bakker508ad5a2011-12-04 17:09:26 +0000[diff] [blame]401#endif /* POLARSSL_BIGNUM_C && POLARSSL_CERTS_C && POLARSSL_ENTROPY_C &&
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]402 POLARSSL_SSL_TLS_C && POLARSSL_SSL_SRV_C && POLARSSL_NET_C &&
Paul Bakker508ad5a2011-12-04 17:09:26 +0000[diff] [blame]403 POLARSSL_RSA_C && POLARSSL_CTR_DRBG_C */