TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-crypto / f90016aade7194a6661f419a7620bb16f29aa32e / . / programs / ssl / ssl_server.c
blob: 7c6a2558429fc07a72018497d00fd767430b11f3 [file] [log] [blame]
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1/*
2 * SSL server demonstration program
3 *
Manuel Pégourié-Gonnarda658a402015-01-23 09:45:19 +0000[diff] [blame]4 * Copyright (C) 2006-2013, ARM Limited, All Rights Reserved
Paul Bakkerb96f1542010-07-18 20:36:00 +0000[diff] [blame]5 *
Manuel Pégourié-Gonnard085ab042015-01-23 11:06:27 +0000[diff] [blame]6 * This file is part of mbed TLS (https://www.polarssl.org)
Paul Bakkerb96f1542010-07-18 20:36:00 +0000[diff] [blame]7 *
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
12 *
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
17 *
18 * You should have received a copy of the GNU General Public License along
19 * with this program; if not, write to the Free Software Foundation, Inc.,
20 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
21 */
22
Manuel Pégourié-Gonnardcef4ad22014-04-29 12:39:06 +0200[diff] [blame]23#if !defined(POLARSSL_CONFIG_FILE)
Manuel Pégourié-Gonnardabd6e022013-09-20 13:30:43 +0200[diff] [blame]24#include "polarssl/config.h"
Manuel Pégourié-Gonnardcef4ad22014-04-29 12:39:06 +0200[diff] [blame]25#else
26#include POLARSSL_CONFIG_FILE
27#endif
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]28
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame^]29#if defined(POLARSSL_PLATFORM_C)
30#include "polarssl/platform.h"
31#else
32#define polarssl_printf printf
33#define polarssl_fprintf fprintf
34#define polarssl_malloc malloc
35#define polarssl_free free
36#endif
37
Paul Bakkercce9d772011-11-18 14:26:47 +0000[diff] [blame]38#if defined(_WIN32)
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]39#include <windows.h>
40#endif
41
42#include <string.h>
43#include <stdlib.h>
44#include <stdio.h>
45
Paul Bakker508ad5a2011-12-04 17:09:26 +0000[diff] [blame]46#include "polarssl/entropy.h"
47#include "polarssl/ctr_drbg.h"
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]48#include "polarssl/certs.h"
49#include "polarssl/x509.h"
50#include "polarssl/ssl.h"
51#include "polarssl/net.h"
Paul Bakkera3d195c2011-11-27 21:07:34 +0000[diff] [blame]52#include "polarssl/error.h"
Paul Bakkerc73079a2014-04-25 16:34:30 +0200[diff] [blame]53#include "polarssl/debug.h"
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]54
Paul Bakker0a597072012-09-25 21:55:46 +0000[diff] [blame]55#if defined(POLARSSL_SSL_CACHE_C)
56#include "polarssl/ssl_cache.h"
57#endif
58
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]59#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_CERTS_C) || \
Paul Bakker508ad5a2011-12-04 17:09:26 +0000[diff] [blame]60 !defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_SSL_TLS_C) || \
Paul Bakkered27a042013-04-18 22:46:23 +0200[diff] [blame]61 !defined(POLARSSL_SSL_SRV_C) || !defined(POLARSSL_NET_C) || \
62 !defined(POLARSSL_RSA_C) || !defined(POLARSSL_CTR_DRBG_C) || \
Paul Bakker36713e82013-09-17 13:25:29 +0200[diff] [blame]63 !defined(POLARSSL_X509_CRT_PARSE_C)
Paul Bakkercce9d772011-11-18 14:26:47 +0000[diff] [blame]64int main( int argc, char *argv[] )
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]65{
Paul Bakkercce9d772011-11-18 14:26:47 +0000[diff] [blame]66 ((void) argc);
67 ((void) argv);
68
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame^]69 polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_CERTS_C and/or POLARSSL_ENTROPY_C "
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]70 "and/or POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_SRV_C and/or "
Paul Bakker508ad5a2011-12-04 17:09:26 +0000[diff] [blame]71 "POLARSSL_NET_C and/or POLARSSL_RSA_C and/or "
Paul Bakker36713e82013-09-17 13:25:29 +0200[diff] [blame]72 "POLARSSL_CTR_DRBG_C and/or POLARSSL_X509_CRT_PARSE_C "
73 "not defined.\n");
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]74 return( 0 );
75}
76#else
Paul Bakker9a97c5d2013-09-15 17:07:33 +0200[diff] [blame]77
78#define HTTP_RESPONSE \
79 "HTTP/1.0 200 OK\r\nContent-Type: text/html\r\n\r\n" \
Manuel Pégourié-Gonnard91699212015-01-22 16:26:39 +0000[diff] [blame]80 "<h2>mbed TLS Test Server</h2>\r\n" \
Paul Bakker9a97c5d2013-09-15 17:07:33 +0200[diff] [blame]81 "<p>Successful connection using: %s</p>\r\n"
82
83#define DEBUG_LEVEL 0
84
85static void my_debug( void *ctx, int level, const char *str )
86{
Paul Bakkerc73079a2014-04-25 16:34:30 +0200[diff] [blame]87 ((void) level);
88
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame^]89 polarssl_fprintf( (FILE *) ctx, "%s", str );
Paul Bakkerc73079a2014-04-25 16:34:30 +0200[diff] [blame]90 fflush( (FILE *) ctx );
Paul Bakker9a97c5d2013-09-15 17:07:33 +0200[diff] [blame]91}
92
Paul Bakkercce9d772011-11-18 14:26:47 +0000[diff] [blame]93int main( int argc, char *argv[] )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]94{
95 int ret, len;
96 int listen_fd;
Paul Bakker7eb013f2011-10-06 12:37:39 +0000[diff] [blame]97 int client_fd = -1;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]98 unsigned char buf[1024];
Paul Bakkeref3f8c72013-06-24 13:01:08 +0200[diff] [blame]99 const char *pers = "ssl_server";
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]100
Paul Bakker508ad5a2011-12-04 17:09:26 +0000[diff] [blame]101 entropy_context entropy;
102 ctr_drbg_context ctr_drbg;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]103 ssl_context ssl;
Paul Bakkerc559c7a2013-09-18 14:13:26 +0200[diff] [blame]104 x509_crt srvcert;
Manuel Pégourié-Gonnardac755232013-08-19 14:10:16 +0200[diff] [blame]105 pk_context pkey;
Paul Bakkerd4324102012-09-26 08:29:38 +0000[diff] [blame]106#if defined(POLARSSL_SSL_CACHE_C)
107 ssl_cache_context cache;
108#endif
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]109
Paul Bakkercce9d772011-11-18 14:26:47 +0000[diff] [blame]110 ((void) argc);
111 ((void) argv);
112
Paul Bakker0c226102014-04-17 16:02:36 +0200[diff] [blame]113 memset( &ssl, 0, sizeof(ssl_context) );
Paul Bakker0a597072012-09-25 21:55:46 +0000[diff] [blame]114#if defined(POLARSSL_SSL_CACHE_C)
Paul Bakker0a597072012-09-25 21:55:46 +0000[diff] [blame]115 ssl_cache_init( &cache );
116#endif
Paul Bakker0c226102014-04-17 16:02:36 +0200[diff] [blame]117 x509_crt_init( &srvcert );
118 pk_init( &pkey );
119 entropy_init( &entropy );
Paul Bakkerfab5c822012-02-06 16:45:10 +0000[diff] [blame]120
Paul Bakkerc73079a2014-04-25 16:34:30 +0200[diff] [blame]121#if defined(POLARSSL_DEBUG_C)
122 debug_set_threshold( DEBUG_LEVEL );
123#endif
124
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]125 /*
126 * 1. Load the certificates and private RSA key
127 */
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame^]128 polarssl_printf( "\n . Loading the server cert. and key..." );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]129 fflush( stdout );
130
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]131 /*
132 * This demonstration program uses embedded test certificates.
Paul Bakkerddf26b42013-09-18 13:46:23 +0200[diff] [blame]133 * Instead, you may want to use x509_crt_parse_file() to read the
134 * server and CA certificates, as well as pk_parse_keyfile().
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]135 */
Paul Bakkerddf26b42013-09-18 13:46:23 +0200[diff] [blame]136 ret = x509_crt_parse( &srvcert, (const unsigned char *) test_srv_crt,
137 strlen( test_srv_crt ) );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]138 if( ret != 0 )
139 {
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame^]140 polarssl_printf( " failed\n ! x509_crt_parse returned %d\n\n", ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]141 goto exit;
142 }
143
Manuel Pégourié-Gonnard641de712013-09-25 13:23:33 +0200[diff] [blame]144 ret = x509_crt_parse( &srvcert, (const unsigned char *) test_ca_list,
145 strlen( test_ca_list ) );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]146 if( ret != 0 )
147 {
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame^]148 polarssl_printf( " failed\n ! x509_crt_parse returned %d\n\n", ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]149 goto exit;
150 }
151
Paul Bakker1a7550a2013-09-15 13:01:22 +0200[diff] [blame]152 ret = pk_parse_key( &pkey, (const unsigned char *) test_srv_key,
153 strlen( test_srv_key ), NULL, 0 );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]154 if( ret != 0 )
155 {
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame^]156 polarssl_printf( " failed\n ! pk_parse_key returned %d\n\n", ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]157 goto exit;
158 }
159
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame^]160 polarssl_printf( " ok\n" );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]161
162 /*
163 * 2. Setup the listening TCP socket
164 */
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame^]165 polarssl_printf( " . Bind on https://localhost:4433/ ..." );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]166 fflush( stdout );
167
168 if( ( ret = net_bind( &listen_fd, NULL, 4433 ) ) != 0 )
169 {
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame^]170 polarssl_printf( " failed\n ! net_bind returned %d\n\n", ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]171 goto exit;
172 }
173
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame^]174 polarssl_printf( " ok\n" );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]175
176 /*
Paul Bakker508ad5a2011-12-04 17:09:26 +0000[diff] [blame]177 * 3. Seed the RNG
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]178 */
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame^]179 polarssl_printf( " . Seeding the random number generator..." );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]180 fflush( stdout );
181
Paul Bakker508ad5a2011-12-04 17:09:26 +0000[diff] [blame]182 if( ( ret = ctr_drbg_init( &ctr_drbg, entropy_func, &entropy,
Paul Bakkeref3f8c72013-06-24 13:01:08 +0200[diff] [blame]183 (const unsigned char *) pers,
184 strlen( pers ) ) ) != 0 )
Paul Bakker508ad5a2011-12-04 17:09:26 +0000[diff] [blame]185 {
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame^]186 polarssl_printf( " failed\n ! ctr_drbg_init returned %d\n", ret );
Paul Bakker508ad5a2011-12-04 17:09:26 +0000[diff] [blame]187 goto exit;
188 }
189
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame^]190 polarssl_printf( " ok\n" );
Paul Bakker508ad5a2011-12-04 17:09:26 +0000[diff] [blame]191
192 /*
193 * 4. Setup stuff
194 */
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame^]195 polarssl_printf( " . Setting up the SSL data...." );
Paul Bakker508ad5a2011-12-04 17:09:26 +0000[diff] [blame]196 fflush( stdout );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]197
198 if( ( ret = ssl_init( &ssl ) ) != 0 )
199 {
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame^]200 polarssl_printf( " failed\n ! ssl_init returned %d\n\n", ret );
Paul Bakker7eb013f2011-10-06 12:37:39 +0000[diff] [blame]201 goto exit;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]202 }
203
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]204 ssl_set_endpoint( &ssl, SSL_IS_SERVER );
205 ssl_set_authmode( &ssl, SSL_VERIFY_NONE );
206
Manuel Pégourié-Gonnard448ea502015-01-12 11:40:14 +0100[diff] [blame]207 /* SSLv3 is deprecated, set minimum to TLS 1.0 */
208 ssl_set_min_version( &ssl, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1 );
Manuel Pégourié-Gonnardfa065812015-01-12 14:05:33 +0100[diff] [blame]209 /* RC4 is deprecated, disable it */
210 ssl_set_arc4_support( &ssl, SSL_ARC4_DISABLED );
Manuel Pégourié-Gonnard448ea502015-01-12 11:40:14 +0100[diff] [blame]211
Paul Bakker508ad5a2011-12-04 17:09:26 +0000[diff] [blame]212 ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]213 ssl_set_dbg( &ssl, my_debug, stdout );
Paul Bakker7eb013f2011-10-06 12:37:39 +0000[diff] [blame]214
Paul Bakker0a597072012-09-25 21:55:46 +0000[diff] [blame]215#if defined(POLARSSL_SSL_CACHE_C)
216 ssl_set_session_cache( &ssl, ssl_cache_get, &cache,
217 ssl_cache_set, &cache );
218#endif
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]219
Paul Bakker40ea7de2009-05-03 10:18:48 +0000[diff] [blame]220 ssl_set_ca_chain( &ssl, srvcert.next, NULL, NULL );
Manuel Pégourié-Gonnardc5fd3912014-07-08 14:05:52 +0200[diff] [blame]221 if( ( ret = ssl_set_own_cert( &ssl, &srvcert, &pkey ) ) != 0 )
222 {
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame^]223 polarssl_printf( " failed\n ! ssl_set_own_cert returned %d\n\n", ret );
Manuel Pégourié-Gonnardc5fd3912014-07-08 14:05:52 +0200[diff] [blame]224 goto exit;
225 }
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]226
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame^]227 polarssl_printf( " ok\n" );
Paul Bakker7eb013f2011-10-06 12:37:39 +0000[diff] [blame]228
229reset:
Paul Bakkera3d195c2011-11-27 21:07:34 +0000[diff] [blame]230#ifdef POLARSSL_ERROR_C
231 if( ret != 0 )
232 {
233 char error_buf[100];
Paul Bakker03a8a792013-06-30 12:18:08 +0200[diff] [blame]234 polarssl_strerror( ret, error_buf, 100 );
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame^]235 polarssl_printf("Last error was: %d - %s\n\n", ret, error_buf );
Paul Bakkera3d195c2011-11-27 21:07:34 +0000[diff] [blame]236 }
237#endif
238
Paul Bakker7eb013f2011-10-06 12:37:39 +0000[diff] [blame]239 if( client_fd != -1 )
240 net_close( client_fd );
241
242 ssl_session_reset( &ssl );
243
244 /*
245 * 3. Wait until a client connects
246 */
Paul Bakker7eb013f2011-10-06 12:37:39 +0000[diff] [blame]247 client_fd = -1;
248
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame^]249 polarssl_printf( " . Waiting for a remote connection ..." );
Paul Bakker7eb013f2011-10-06 12:37:39 +0000[diff] [blame]250 fflush( stdout );
251
252 if( ( ret = net_accept( listen_fd, &client_fd, NULL ) ) != 0 )
253 {
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame^]254 polarssl_printf( " failed\n ! net_accept returned %d\n\n", ret );
Paul Bakker7eb013f2011-10-06 12:37:39 +0000[diff] [blame]255 goto exit;
256 }
257
258 ssl_set_bio( &ssl, net_recv, &client_fd,
259 net_send, &client_fd );
260
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame^]261 polarssl_printf( " ok\n" );
Paul Bakker7eb013f2011-10-06 12:37:39 +0000[diff] [blame]262
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]263 /*
264 * 5. Handshake
265 */
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame^]266 polarssl_printf( " . Performing the SSL/TLS handshake..." );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]267 fflush( stdout );
268
269 while( ( ret = ssl_handshake( &ssl ) ) != 0 )
270 {
Paul Bakker831a7552011-05-18 13:32:51 +0000[diff] [blame]271 if( ret != POLARSSL_ERR_NET_WANT_READ && ret != POLARSSL_ERR_NET_WANT_WRITE )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]272 {
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame^]273 polarssl_printf( " failed\n ! ssl_handshake returned %d\n\n", ret );
Paul Bakker7eb013f2011-10-06 12:37:39 +0000[diff] [blame]274 goto reset;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]275 }
276 }
277
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame^]278 polarssl_printf( " ok\n" );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]279
280 /*
281 * 6. Read the HTTP Request
282 */
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame^]283 polarssl_printf( " < Read from client:" );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]284 fflush( stdout );
285
286 do
287 {
288 len = sizeof( buf ) - 1;
289 memset( buf, 0, sizeof( buf ) );
290 ret = ssl_read( &ssl, buf, len );
291
Paul Bakker831a7552011-05-18 13:32:51 +0000[diff] [blame]292 if( ret == POLARSSL_ERR_NET_WANT_READ || ret == POLARSSL_ERR_NET_WANT_WRITE )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]293 continue;
294
295 if( ret <= 0 )
296 {
297 switch( ret )
298 {
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]299 case POLARSSL_ERR_SSL_PEER_CLOSE_NOTIFY:
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame^]300 polarssl_printf( " connection was closed gracefully\n" );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]301 break;
302
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]303 case POLARSSL_ERR_NET_CONN_RESET:
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame^]304 polarssl_printf( " connection was reset by peer\n" );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]305 break;
306
307 default:
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame^]308 polarssl_printf( " ssl_read returned -0x%x\n", -ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]309 break;
310 }
311
312 break;
313 }
314
315 len = ret;
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame^]316 polarssl_printf( " %d bytes read\n\n%s", len, (char *) buf );
Paul Bakker48916f92012-09-16 19:57:18 +0000[diff] [blame]317
318 if( ret > 0 )
319 break;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]320 }
Paul Bakker48916f92012-09-16 19:57:18 +0000[diff] [blame]321 while( 1 );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]322
323 /*
324 * 7. Write the 200 Response
325 */
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame^]326 polarssl_printf( " > Write to client:" );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]327 fflush( stdout );
328
329 len = sprintf( (char *) buf, HTTP_RESPONSE,
Paul Bakkere3166ce2011-01-27 17:40:50 +0000[diff] [blame]330 ssl_get_ciphersuite( &ssl ) );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]331
332 while( ( ret = ssl_write( &ssl, buf, len ) ) <= 0 )
333 {
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]334 if( ret == POLARSSL_ERR_NET_CONN_RESET )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]335 {
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame^]336 polarssl_printf( " failed\n ! peer closed the connection\n\n" );
Paul Bakker7eb013f2011-10-06 12:37:39 +0000[diff] [blame]337 goto reset;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]338 }
339
Paul Bakker831a7552011-05-18 13:32:51 +0000[diff] [blame]340 if( ret != POLARSSL_ERR_NET_WANT_READ && ret != POLARSSL_ERR_NET_WANT_WRITE )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]341 {
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame^]342 polarssl_printf( " failed\n ! ssl_write returned %d\n\n", ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]343 goto exit;
344 }
345 }
346
347 len = ret;
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame^]348 polarssl_printf( " %d bytes written\n\n%s\n", len, (char *) buf );
Manuel Pégourié-Gonnard6b0d2682014-03-25 11:24:43 +0100[diff] [blame]349
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame^]350 polarssl_printf( " . Closing the connection..." );
Manuel Pégourié-Gonnard6b0d2682014-03-25 11:24:43 +0100[diff] [blame]351
352 while( ( ret = ssl_close_notify( &ssl ) ) < 0 )
353 {
354 if( ret != POLARSSL_ERR_NET_WANT_READ &&
355 ret != POLARSSL_ERR_NET_WANT_WRITE )
356 {
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame^]357 polarssl_printf( " failed\n ! ssl_close_notify returned %d\n\n", ret );
Manuel Pégourié-Gonnard6b0d2682014-03-25 11:24:43 +0100[diff] [blame]358 goto reset;
359 }
360 }
361
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame^]362 polarssl_printf( " ok\n" );
Manuel Pégourié-Gonnard6b0d2682014-03-25 11:24:43 +0100[diff] [blame]363
Paul Bakkera3d195c2011-11-27 21:07:34 +0000[diff] [blame]364 ret = 0;
Paul Bakker7eb013f2011-10-06 12:37:39 +0000[diff] [blame]365 goto reset;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]366
367exit:
368
Paul Bakkera3d195c2011-11-27 21:07:34 +0000[diff] [blame]369#ifdef POLARSSL_ERROR_C
370 if( ret != 0 )
371 {
372 char error_buf[100];
Paul Bakker03a8a792013-06-30 12:18:08 +0200[diff] [blame]373 polarssl_strerror( ret, error_buf, 100 );
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame^]374 polarssl_printf("Last error was: %d - %s\n\n", ret, error_buf );
Paul Bakkera3d195c2011-11-27 21:07:34 +0000[diff] [blame]375 }
376#endif
377
Paul Bakker0c226102014-04-17 16:02:36 +0200[diff] [blame]378 if( client_fd != -1 )
379 net_close( client_fd );
380
Paul Bakker36713e82013-09-17 13:25:29 +0200[diff] [blame]381 x509_crt_free( &srvcert );
Manuel Pégourié-Gonnardac755232013-08-19 14:10:16 +0200[diff] [blame]382 pk_free( &pkey );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]383 ssl_free( &ssl );
Paul Bakker0a597072012-09-25 21:55:46 +0000[diff] [blame]384#if defined(POLARSSL_SSL_CACHE_C)
385 ssl_cache_free( &cache );
386#endif
Paul Bakkera317a982014-06-18 16:44:11 +0200[diff] [blame]387 ctr_drbg_free( &ctr_drbg );
Paul Bakker1ffefac2013-09-28 15:23:03 +0200[diff] [blame]388 entropy_free( &entropy );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]389
Paul Bakkercce9d772011-11-18 14:26:47 +0000[diff] [blame]390#if defined(_WIN32)
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame^]391 polarssl_printf( " Press Enter to exit this program.\n" );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]392 fflush( stdout ); getchar();
393#endif
394
395 return( ret );
396}
Paul Bakker508ad5a2011-12-04 17:09:26 +0000[diff] [blame]397#endif /* POLARSSL_BIGNUM_C && POLARSSL_CERTS_C && POLARSSL_ENTROPY_C &&
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]398 POLARSSL_SSL_TLS_C && POLARSSL_SSL_SRV_C && POLARSSL_NET_C &&
Paul Bakker508ad5a2011-12-04 17:09:26 +0000[diff] [blame]399 POLARSSL_RSA_C && POLARSSL_CTR_DRBG_C */