TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 440cb2aac296d07afc9ec111977bf24d54dc4061 / . / programs / ssl / ssl_mail_client.c
blob: 69aefef7db6ce741f0e745f8fa891d434a3c3bbc [file] [log] [blame]
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]1/*
2 * SSL client for SMTP servers
3 *
Bence Szépkúti1e148272020-08-07 13:07:28 +0200[diff] [blame]4 * Copyright The Mbed TLS Contributors
Dave Rodgman16799db2023-11-02 19:47:20 +0000[diff] [blame]5 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]6 */
7
Nicholas Wilson61fa4362018-06-25 12:10:00 +0100[diff] [blame]8/* Enable definition of gethostname() even when compiling with -std=c99. Must
Bence Szépkútibb0cfeb2021-05-28 09:42:25 +0200[diff] [blame]9 * be set before mbedtls_config.h, which pulls in glibc's features.h indirectly.
Nicholas Wilson2682edf2017-12-05 12:08:15 +0000[diff] [blame]10 * Harmless on other platforms. */
Mateusz Starzyk5dd4f6e2021-05-19 19:35:35 +0200[diff] [blame]11
Nicholas Wilson2682edf2017-12-05 12:08:15 +0000[diff] [blame]12#define _POSIX_C_SOURCE 200112L
nia7eb0e622020-06-11 12:30:12 +0100[diff] [blame]13#define _XOPEN_SOURCE 600
Felix Conway998760a2025-03-24 11:37:33 +0000[diff] [blame]14#define MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS
15
Nicholas Wilson2682edf2017-12-05 12:08:15 +0000[diff] [blame]16
Bence Szépkútic662b362021-05-27 11:25:03 +0200[diff] [blame]17#include "mbedtls/build_info.h"
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]18
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]19#include "mbedtls/platform.h"
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame]20
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]21#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_ENTROPY_C) || \
22 !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_CLI_C) || \
23 !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_RSA_C) || \
24 !defined(MBEDTLS_CTR_DRBG_C) || !defined(MBEDTLS_X509_CRT_PARSE_C) || \
25 !defined(MBEDTLS_FS_IO)
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]26int main(void)
Manuel Pégourié-Gonnard4b3e5ef2015-03-27 11:24:27 +0100[diff] [blame]27{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]28 mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or "
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]29 "MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_CLI_C and/or "
30 "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or "
31 "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C "
32 "not defined.\n");
33 mbedtls_exit(0);
Manuel Pégourié-Gonnard4b3e5ef2015-03-27 11:24:27 +0100[diff] [blame]34}
35#else
36
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]37#include "mbedtls/base64.h"
38#include "mbedtls/error.h"
Andres AG788aa4a2016-09-14 14:32:09 +0100[diff] [blame]39#include "mbedtls/net_sockets.h"
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]40#include "mbedtls/ssl.h"
41#include "mbedtls/entropy.h"
42#include "mbedtls/ctr_drbg.h"
Mateusz Starzyk1aec6462021-02-08 15:34:42 +0100[diff] [blame]43#include "test/certs.h"
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]44#include "mbedtls/x509.h"
Rich Evans18b78c72015-02-11 14:06:19 +0000[diff] [blame]45
Rich Evans18b78c72015-02-11 14:06:19 +0000[diff] [blame]46#include <stdlib.h>
47#include <string.h>
Paul Bakkerfdda7852013-11-30 15:15:31 +0100[diff] [blame]48
49#if !defined(_MSC_VER) || defined(EFIX64) || defined(EFI32)
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]50#include <unistd.h>
Paul Bakkerfdda7852013-11-30 15:15:31 +0100[diff] [blame]51#else
52#include <io.h>
Paul Bakkerfdda7852013-11-30 15:15:31 +0100[diff] [blame]53#endif
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]54
Paul Bakker5a835222011-10-12 09:19:31 +0000[diff] [blame]55#if defined(_WIN32) || defined(_WIN32_WCE)
Paul Bakker5a835222011-10-12 09:19:31 +0000[diff] [blame]56#include <winsock2.h>
57#include <windows.h>
58
Paul Bakkerf0fc2a22013-12-30 15:42:43 +0100[diff] [blame]59#if defined(_MSC_VER)
Paul Bakker5a835222011-10-12 09:19:31 +0000[diff] [blame]60#if defined(_WIN32_WCE)
61#pragma comment( lib, "ws2.lib" )
62#else
63#pragma comment( lib, "ws2_32.lib" )
64#endif
Paul Bakkerf0fc2a22013-12-30 15:42:43 +0100[diff] [blame]65#endif /* _MSC_VER */
Paul Bakker5a835222011-10-12 09:19:31 +0000[diff] [blame]66#endif
67
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]68#define DFL_SERVER_NAME "localhost"
Manuel Pégourié-Gonnardc0d74942015-06-23 12:30:57 +0200[diff] [blame]69#define DFL_SERVER_PORT "465"
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]70#define DFL_USER_NAME "user"
71#define DFL_USER_PWD "password"
72#define DFL_MAIL_FROM ""
73#define DFL_MAIL_TO ""
74#define DFL_DEBUG_LEVEL 0
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]75#define DFL_CA_FILE ""
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]76#define DFL_CRT_FILE ""
77#define DFL_KEY_FILE ""
78#define DFL_FORCE_CIPHER 0
79#define DFL_MODE 0
80#define DFL_AUTHENTICATION 0
81
82#define MODE_SSL_TLS 0
83#define MODE_STARTTLS 0
84
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]85#if defined(MBEDTLS_BASE64_C)
Rich Evans85b05ec2015-02-12 11:37:29 +0000[diff] [blame]86#define USAGE_AUTH \
irwirf5ce5d52019-01-19 19:05:56 +0300[diff] [blame]87 " authentication=%%d default: 0 (disabled)\n" \
88 " user_name=%%s default: \"" DFL_USER_NAME "\"\n" \
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]89 " user_pwd=%%s default: \"" \
90 DFL_USER_PWD "\"\n"
Rich Evans85b05ec2015-02-12 11:37:29 +0000[diff] [blame]91#else
92#define USAGE_AUTH \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]93 " authentication options disabled. (Require MBEDTLS_BASE64_C)\n"
94#endif /* MBEDTLS_BASE64_C */
Rich Evans85b05ec2015-02-12 11:37:29 +0000[diff] [blame]95
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]96#if defined(MBEDTLS_FS_IO)
Rich Evans85b05ec2015-02-12 11:37:29 +0000[diff] [blame]97#define USAGE_IO \
98 " ca_file=%%s default: \"\" (pre-loaded)\n" \
99 " crt_file=%%s default: \"\" (pre-loaded)\n" \
100 " key_file=%%s default: \"\" (pre-loaded)\n"
101#else
102#define USAGE_IO \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]103 " No file operations available (MBEDTLS_FS_IO not defined)\n"
104#endif /* MBEDTLS_FS_IO */
Rich Evans85b05ec2015-02-12 11:37:29 +0000[diff] [blame]105
106#define USAGE \
irwirf5ce5d52019-01-19 19:05:56 +0300[diff] [blame]107 "\n usage: ssl_mail_client param=<>...\n" \
108 "\n acceptable parameters:\n" \
109 " server_name=%%s default: " DFL_SERVER_NAME "\n" \
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]110 " server_port=%%d default: " \
111 DFL_SERVER_PORT "\n" \
112 " debug_level=%%d default: 0 (disabled)\n" \
113 " mode=%%d default: 0 (SSL/TLS) (1 for STARTTLS)\n" \
irwirf5ce5d52019-01-19 19:05:56 +0300[diff] [blame]114 USAGE_AUTH \
115 " mail_from=%%s default: \"\"\n" \
116 " mail_to=%%s default: \"\"\n" \
117 USAGE_IO \
118 " force_ciphersuite=<name> default: all enabled\n" \
Rich Evans85b05ec2015-02-12 11:37:29 +0000[diff] [blame]119 " acceptable ciphersuite names:\n"
120
Simon Butcher63cb97e2018-12-06 17:43:31 +0000[diff] [blame]121
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]122/*
123 * global options
124 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]125struct options {
Paul Bakkeref3f8c72013-06-24 13:01:08 +0200[diff] [blame]126 const char *server_name; /* hostname of the server (client only) */
Manuel Pégourié-Gonnardc0d74942015-06-23 12:30:57 +0200[diff] [blame]127 const char *server_port; /* port on which the ssl service runs */
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]128 int debug_level; /* level of debugging */
129 int authentication; /* if authentication is required */
130 int mode; /* SSL/TLS (0) or STARTTLS (1) */
Paul Bakkeref3f8c72013-06-24 13:01:08 +0200[diff] [blame]131 const char *user_name; /* username to use for authentication */
132 const char *user_pwd; /* password to use for authentication */
133 const char *mail_from; /* E-Mail address to use as sender */
134 const char *mail_to; /* E-Mail address to use as recipient */
135 const char *ca_file; /* the file with the CA certificate(s) */
136 const char *crt_file; /* the file with the client certificate */
137 const char *key_file; /* the file with the client key */
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]138 int force_ciphersuite[2]; /* protocol/ciphersuite to use, or all */
139} opt;
140
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]141static void my_debug(void *ctx, int level,
142 const char *file, int line,
143 const char *str)
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]144{
Manuel Pégourié-Gonnard61ee3512015-06-23 17:35:03 +0200[diff] [blame]145 ((void) level);
146
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]147 mbedtls_fprintf((FILE *) ctx, "%s:%04d: %s", file, line, str);
148 fflush((FILE *) ctx);
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]149}
150
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]151static int do_handshake(mbedtls_ssl_context *ssl)
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]152{
153 int ret;
Manuel Pégourié-Gonnarde6ef16f2015-05-11 19:54:43 +0200[diff] [blame]154 uint32_t flags;
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]155 unsigned char buf[1024];
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]156 memset(buf, 0, 1024);
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]157
158 /*
159 * 4. Handshake
160 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]161 mbedtls_printf(" . Performing the SSL/TLS handshake...");
162 fflush(stdout);
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]163
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]164 while ((ret = mbedtls_ssl_handshake(ssl)) != 0) {
165 if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]166#if defined(MBEDTLS_ERROR_C)
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]167 mbedtls_strerror(ret, (char *) buf, 1024);
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]168#endif
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]169 mbedtls_printf(" failed\n ! mbedtls_ssl_handshake returned %d: %s\n\n", ret, buf);
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]170 return -1;
171 }
172 }
173
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]174 mbedtls_printf(" ok\n [ Ciphersuite is %s ]\n",
175 mbedtls_ssl_get_ciphersuite(ssl));
176
177 /*
178 * 5. Verify the server certificate
179 */
180 mbedtls_printf(" . Verifying peer X.509 certificate...");
181
182 /* In real life, we probably want to bail out when ret != 0 */
183 if ((flags = mbedtls_ssl_get_verify_result(ssl)) != 0) {
184#if !defined(MBEDTLS_X509_REMOVE_INFO)
185 char vrfy_buf[512];
186#endif
187
188 mbedtls_printf(" failed\n");
189
190#if !defined(MBEDTLS_X509_REMOVE_INFO)
191 mbedtls_x509_crt_verify_info(vrfy_buf, sizeof(vrfy_buf), " ! ", flags);
192
193 mbedtls_printf("%s\n", vrfy_buf);
194#endif
195 } else {
196 mbedtls_printf(" ok\n");
197 }
198
199#if !defined(MBEDTLS_X509_REMOVE_INFO)
200 mbedtls_printf(" . Peer certificate information ...\n");
201 mbedtls_x509_crt_info((char *) buf, sizeof(buf) - 1, " ",
202 mbedtls_ssl_get_peer_cert(ssl));
203 mbedtls_printf("%s\n", buf);
204#endif
205
206 return 0;
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]207}
208
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]209static int write_ssl_data(mbedtls_ssl_context *ssl, unsigned char *buf, size_t len)
210{
211 int ret;
212
213 mbedtls_printf("\n%s", buf);
214 while (len && (ret = mbedtls_ssl_write(ssl, buf, len)) <= 0) {
215 if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
216 mbedtls_printf(" failed\n ! mbedtls_ssl_write returned %d\n\n", ret);
217 return -1;
218 }
219 }
220
221 return 0;
222}
223
224static int write_ssl_and_get_response(mbedtls_ssl_context *ssl, unsigned char *buf, size_t len)
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]225{
226 int ret;
227 unsigned char data[128];
228 char code[4];
229 size_t i, idx = 0;
230
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]231 mbedtls_printf("\n%s", buf);
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]232 while (len && (ret = mbedtls_ssl_write(ssl, buf, len)) <= 0) {
233 if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
234 mbedtls_printf(" failed\n ! mbedtls_ssl_write returned %d\n\n", ret);
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]235 return -1;
236 }
237 }
238
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]239 do {
240 len = sizeof(data) - 1;
241 memset(data, 0, sizeof(data));
242 ret = mbedtls_ssl_read(ssl, data, len);
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]243
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]244 if (ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE) {
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]245 continue;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]246 }
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]247
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]248 if (ret == MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY) {
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]249 return -1;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]250 }
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]251
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]252 if (ret <= 0) {
253 mbedtls_printf("failed\n ! mbedtls_ssl_read returned %d\n\n", ret);
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]254 return -1;
255 }
256
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]257 mbedtls_printf("\n%s", data);
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]258 len = ret;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]259 for (i = 0; i < len; i++) {
260 if (data[i] != '\n') {
261 if (idx < 4) {
262 code[idx++] = data[i];
263 }
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]264 continue;
265 }
266
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]267 if (idx == 4 && code[0] >= '0' && code[0] <= '9' && code[3] == ' ') {
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]268 code[3] = '\0';
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]269 return atoi(code);
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]270 }
Paul Bakker3c5ef712013-06-25 16:37:45 +0200[diff] [blame]271
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]272 idx = 0;
273 }
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]274 } while (1);
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]275}
276
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]277static int write_and_get_response(mbedtls_net_context *sock_fd, unsigned char *buf, size_t len)
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]278{
279 int ret;
280 unsigned char data[128];
281 char code[4];
282 size_t i, idx = 0;
283
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]284 mbedtls_printf("\n%s", buf);
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]285 if (len && (ret = mbedtls_net_send(sock_fd, buf, len)) <= 0) {
286 mbedtls_printf(" failed\n ! mbedtls_net_send returned %d\n\n", ret);
287 return -1;
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]288 }
289
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]290 do {
291 len = sizeof(data) - 1;
292 memset(data, 0, sizeof(data));
293 ret = mbedtls_net_recv(sock_fd, data, len);
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]294
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]295 if (ret <= 0) {
296 mbedtls_printf("failed\n ! mbedtls_net_recv returned %d\n\n", ret);
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]297 return -1;
298 }
299
Paul Bakkerdf71dd12014-04-17 16:03:48 +0200[diff] [blame]300 data[len] = '\0';
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]301 mbedtls_printf("\n%s", data);
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]302 len = ret;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]303 for (i = 0; i < len; i++) {
304 if (data[i] != '\n') {
305 if (idx < 4) {
306 code[idx++] = data[i];
307 }
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]308 continue;
309 }
310
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]311 if (idx == 4 && code[0] >= '0' && code[0] <= '9' && code[3] == ' ') {
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]312 code[3] = '\0';
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]313 return atoi(code);
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]314 }
Manuel Pégourié-Gonnard6c5abfa2015-02-13 14:12:07 +0000[diff] [blame]315
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]316 idx = 0;
317 }
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]318 } while (1);
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]319}
320
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]321int main(int argc, char *argv[])
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]322{
Andres Amaya Garcia67a42ac2018-04-29 21:04:29 +0100[diff] [blame]323 int ret = 1, len;
324 int exit_code = MBEDTLS_EXIT_FAILURE;
Manuel Pégourié-Gonnard5db64322015-06-30 15:40:39 +0200[diff] [blame]325 mbedtls_net_context server_fd;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]326#if defined(MBEDTLS_BASE64_C)
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]327 unsigned char base[1024];
Mohammad Azim Khan9ebdcff2018-08-06 11:48:06 +0100[diff] [blame]328 /* buf is used as the destination buffer for printing base with the format:
329 * "%s\r\n". Hence, the size of buf should be at least the size of base
330 * plus 2 bytes for the \r and \n characters.
331 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]332 unsigned char buf[sizeof(base) + 2];
Mohammad Azim Khan9ebdcff2018-08-06 11:48:06 +0100[diff] [blame]333#else
334 unsigned char buf[1024];
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]335#endif
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]336 char hostname[32];
Paul Bakkeref3f8c72013-06-24 13:01:08 +0200[diff] [blame]337 const char *pers = "ssl_mail_client";
Paul Bakker508ad5a2011-12-04 17:09:26 +0000[diff] [blame]338
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]339 mbedtls_entropy_context entropy;
340 mbedtls_ctr_drbg_context ctr_drbg;
341 mbedtls_ssl_context ssl;
Manuel Pégourié-Gonnarddef0bbe2015-05-04 14:56:36 +0200[diff] [blame]342 mbedtls_ssl_config conf;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]343 mbedtls_x509_crt cacert;
344 mbedtls_x509_crt clicert;
345 mbedtls_pk_context pkey;
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]346 int i;
Paul Bakker819370c2012-09-28 07:04:41 +0000[diff] [blame]347 size_t n;
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]348 char *p, *q;
349 const int *list;
350
351 /*
Manuel Pégourié-Gonnard3bd2aae2013-09-20 13:10:13 +0200[diff] [blame]352 * Make sure memory references are valid in case we exit early.
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]353 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]354 mbedtls_net_init(&server_fd);
355 mbedtls_ssl_init(&ssl);
356 mbedtls_ssl_config_init(&conf);
357 memset(&buf, 0, sizeof(buf));
358 mbedtls_x509_crt_init(&cacert);
359 mbedtls_x509_crt_init(&clicert);
360 mbedtls_pk_init(&pkey);
361 mbedtls_ctr_drbg_init(&ctr_drbg);
Przemek Stekiela0a1c1e2023-04-17 11:10:05 +0200[diff] [blame]362 mbedtls_entropy_init(&entropy);
363
Przemek Stekiela0a1c1e2023-04-17 11:10:05 +0200[diff] [blame]364 psa_status_t status = psa_crypto_init();
365 if (status != PSA_SUCCESS) {
366 mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n",
367 (int) status);
368 goto exit;
369 }
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]370
Aditya Deshpande644a5c02023-01-30 15:58:50 +0000[diff] [blame]371 if (argc < 2) {
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]372usage:
373 mbedtls_printf(USAGE);
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]374
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]375 list = mbedtls_ssl_list_ciphersuites();
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]376 while (*list) {
377 mbedtls_printf(" %s\n", mbedtls_ssl_get_ciphersuite_name(*list));
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]378 list++;
379 }
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]380 mbedtls_printf("\n");
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]381 goto exit;
382 }
383
384 opt.server_name = DFL_SERVER_NAME;
385 opt.server_port = DFL_SERVER_PORT;
386 opt.debug_level = DFL_DEBUG_LEVEL;
387 opt.authentication = DFL_AUTHENTICATION;
388 opt.mode = DFL_MODE;
389 opt.user_name = DFL_USER_NAME;
390 opt.user_pwd = DFL_USER_PWD;
391 opt.mail_from = DFL_MAIL_FROM;
392 opt.mail_to = DFL_MAIL_TO;
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]393 opt.ca_file = DFL_CA_FILE;
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]394 opt.crt_file = DFL_CRT_FILE;
395 opt.key_file = DFL_KEY_FILE;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]396 opt.force_ciphersuite[0] = DFL_FORCE_CIPHER;
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]397
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]398 for (i = 1; i < argc; i++) {
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]399 p = argv[i];
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]400 if ((q = strchr(p, '=')) == NULL) {
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]401 goto usage;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]402 }
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]403 *q++ = '\0';
404
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]405 if (strcmp(p, "server_name") == 0) {
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]406 opt.server_name = q;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]407 } else if (strcmp(p, "server_port") == 0) {
Manuel Pégourié-Gonnardc0d74942015-06-23 12:30:57 +0200[diff] [blame]408 opt.server_port = q;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]409 } else if (strcmp(p, "debug_level") == 0) {
410 opt.debug_level = atoi(q);
411 if (opt.debug_level < 0 || opt.debug_level > 65535) {
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]412 goto usage;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]413 }
414 } else if (strcmp(p, "authentication") == 0) {
415 opt.authentication = atoi(q);
416 if (opt.authentication < 0 || opt.authentication > 1) {
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]417 goto usage;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]418 }
419 } else if (strcmp(p, "mode") == 0) {
420 opt.mode = atoi(q);
421 if (opt.mode < 0 || opt.mode > 1) {
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]422 goto usage;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]423 }
424 } else if (strcmp(p, "user_name") == 0) {
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]425 opt.user_name = q;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]426 } else if (strcmp(p, "user_pwd") == 0) {
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]427 opt.user_pwd = q;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]428 } else if (strcmp(p, "mail_from") == 0) {
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]429 opt.mail_from = q;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]430 } else if (strcmp(p, "mail_to") == 0) {
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]431 opt.mail_to = q;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]432 } else if (strcmp(p, "ca_file") == 0) {
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]433 opt.ca_file = q;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]434 } else if (strcmp(p, "crt_file") == 0) {
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]435 opt.crt_file = q;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]436 } else if (strcmp(p, "key_file") == 0) {
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]437 opt.key_file = q;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]438 } else if (strcmp(p, "force_ciphersuite") == 0) {
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]439 opt.force_ciphersuite[0] = -1;
440
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]441 opt.force_ciphersuite[0] = mbedtls_ssl_get_ciphersuite_id(q);
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]442
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]443 if (opt.force_ciphersuite[0] <= 0) {
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]444 goto usage;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]445 }
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]446
447 opt.force_ciphersuite[1] = 0;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]448 } else {
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]449 goto usage;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]450 }
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]451 }
452
453 /*
454 * 0. Initialize the RNG and the session data
455 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]456 mbedtls_printf("\n . Seeding the random number generator...");
457 fflush(stdout);
Paul Bakker508ad5a2011-12-04 17:09:26 +0000[diff] [blame]458
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]459 if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy,
460 (const unsigned char *) pers,
461 strlen(pers))) != 0) {
462 mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret);
Paul Bakker508ad5a2011-12-04 17:09:26 +0000[diff] [blame]463 goto exit;
464 }
465
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]466 mbedtls_printf(" ok\n");
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]467
468 /*
469 * 1.1. Load the trusted CA
470 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]471 mbedtls_printf(" . Loading the CA root certificate ...");
472 fflush(stdout);
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]473
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]474#if defined(MBEDTLS_FS_IO)
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]475 if (strlen(opt.ca_file)) {
476 ret = mbedtls_x509_crt_parse_file(&cacert, opt.ca_file);
477 } else
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]478#endif
Mateusz Starzyk1aec6462021-02-08 15:34:42 +0100[diff] [blame]479#if defined(MBEDTLS_PEM_PARSE_C)
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]480 ret = mbedtls_x509_crt_parse(&cacert, (const unsigned char *) mbedtls_test_cas_pem,
481 mbedtls_test_cas_pem_len);
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]482#else
483 {
Mateusz Starzyk1aec6462021-02-08 15:34:42 +0100[diff] [blame]484 mbedtls_printf("MBEDTLS_PEM_PARSE_C not defined.");
Andres Amaya Garcia67a42ac2018-04-29 21:04:29 +0100[diff] [blame]485 goto exit;
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]486 }
487#endif
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]488 if (ret < 0) {
489 mbedtls_printf(" failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret);
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]490 goto exit;
491 }
492
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]493 mbedtls_printf(" ok (%d skipped)\n", ret);
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]494
495 /*
496 * 1.2. Load own certificate and private key
497 *
498 * (can be skipped if client authentication is not required)
499 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]500 mbedtls_printf(" . Loading the client cert. and key...");
501 fflush(stdout);
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]502
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]503#if defined(MBEDTLS_FS_IO)
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]504 if (strlen(opt.crt_file)) {
505 ret = mbedtls_x509_crt_parse_file(&clicert, opt.crt_file);
506 } else
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]507#endif
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]508 ret = mbedtls_x509_crt_parse(&clicert, (const unsigned char *) mbedtls_test_cli_crt,
509 mbedtls_test_cli_crt_len);
510 if (ret != 0) {
511 mbedtls_printf(" failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret);
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]512 goto exit;
513 }
514
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]515#if defined(MBEDTLS_FS_IO)
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]516 if (strlen(opt.key_file)) {
Ben Taylor440cb2a2025-03-05 09:40:08 +0000[diff] [blame^]517 ret = mbedtls_pk_parse_keyfile(&pkey, opt.key_file, "");
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]518 } else
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]519#endif
Mateusz Starzyk1aec6462021-02-08 15:34:42 +0100[diff] [blame]520#if defined(MBEDTLS_PEM_PARSE_C)
Manuel Pégourié-Gonnard84dea012021-06-15 11:29:26 +0200[diff] [blame]521 {
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]522 ret = mbedtls_pk_parse_key(&pkey,
523 (const unsigned char *) mbedtls_test_cli_key,
524 mbedtls_test_cli_key_len,
525 NULL,
Ben Taylor440cb2a2025-03-05 09:40:08 +0000[diff] [blame^]526 0);
Manuel Pégourié-Gonnard84dea012021-06-15 11:29:26 +0200[diff] [blame]527 }
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]528#else
529 {
Mateusz Starzyk1aec6462021-02-08 15:34:42 +0100[diff] [blame]530 mbedtls_printf("MBEDTLS_PEM_PARSE_C not defined.");
Andres Amaya Garcia67a42ac2018-04-29 21:04:29 +0100[diff] [blame]531 goto exit;
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]532 }
533#endif
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]534 if (ret != 0) {
535 mbedtls_printf(" failed\n ! mbedtls_pk_parse_key returned %d\n\n", ret);
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]536 goto exit;
537 }
538
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]539 mbedtls_printf(" ok\n");
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]540
541 /*
542 * 2. Start the connection
543 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]544 mbedtls_printf(" . Connecting to tcp/%s/%s...", opt.server_name,
545 opt.server_port);
546 fflush(stdout);
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]547
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]548 if ((ret = mbedtls_net_connect(&server_fd, opt.server_name,
549 opt.server_port, MBEDTLS_NET_PROTO_TCP)) != 0) {
550 mbedtls_printf(" failed\n ! mbedtls_net_connect returned %d\n\n", ret);
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]551 goto exit;
552 }
553
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]554 mbedtls_printf(" ok\n");
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]555
556 /*
557 * 3. Setup stuff
558 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]559 mbedtls_printf(" . Setting up the SSL/TLS structure...");
560 fflush(stdout);
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]561
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]562 if ((ret = mbedtls_ssl_config_defaults(&conf,
563 MBEDTLS_SSL_IS_CLIENT,
564 MBEDTLS_SSL_TRANSPORT_STREAM,
565 MBEDTLS_SSL_PRESET_DEFAULT)) != 0) {
566 mbedtls_printf(" failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret);
Manuel Pégourié-Gonnarddef0bbe2015-05-04 14:56:36 +0200[diff] [blame]567 goto exit;
568 }
569
Manuel Pégourié-Gonnardfcf2fc22014-03-11 11:10:27 +0100[diff] [blame]570 /* OPTIONAL is not optimal for security,
571 * but makes interop easier in this simplified example */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]572 mbedtls_ssl_conf_authmode(&conf, MBEDTLS_SSL_VERIFY_OPTIONAL);
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]573
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]574 mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &ctr_drbg);
575 mbedtls_ssl_conf_dbg(&conf, my_debug, stdout);
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]576
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]577 if (opt.force_ciphersuite[0] != DFL_FORCE_CIPHER) {
578 mbedtls_ssl_conf_ciphersuites(&conf, opt.force_ciphersuite);
579 }
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]580
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]581 mbedtls_ssl_conf_ca_chain(&conf, &cacert, NULL);
582 if ((ret = mbedtls_ssl_conf_own_cert(&conf, &clicert, &pkey)) != 0) {
583 mbedtls_printf(" failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret);
Manuel Pégourié-Gonnardc5fd3912014-07-08 14:05:52 +0200[diff] [blame]584 goto exit;
585 }
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]586
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]587 if ((ret = mbedtls_ssl_setup(&ssl, &conf)) != 0) {
588 mbedtls_printf(" failed\n ! mbedtls_ssl_setup returned %d\n\n", ret);
Manuel Pégourié-Gonnard06939ce2015-05-11 11:25:46 +0200[diff] [blame]589 goto exit;
590 }
591
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]592 if ((ret = mbedtls_ssl_set_hostname(&ssl, opt.server_name)) != 0) {
593 mbedtls_printf(" failed\n ! mbedtls_ssl_set_hostname returned %d\n\n", ret);
Manuel Pégourié-Gonnardc5fd3912014-07-08 14:05:52 +0200[diff] [blame]594 goto exit;
595 }
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]596
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]597 mbedtls_ssl_set_bio(&ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL);
Manuel Pégourié-Gonnard06939ce2015-05-11 11:25:46 +0200[diff] [blame]598
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]599 mbedtls_printf(" ok\n");
Manuel Pégourié-Gonnard06939ce2015-05-11 11:25:46 +0200[diff] [blame]600
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]601 if (opt.mode == MODE_SSL_TLS) {
602 if (do_handshake(&ssl) != 0) {
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]603 goto exit;
604 }
605
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]606 mbedtls_printf(" > Get header from server:");
607 fflush(stdout);
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]608
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]609 ret = write_ssl_and_get_response(&ssl, buf, 0);
610 if (ret < 200 || ret > 299) {
611 mbedtls_printf(" failed\n ! server responded with %d\n\n", ret);
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]612 goto exit;
613 }
614
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]615 mbedtls_printf(" ok\n");
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]616
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]617 mbedtls_printf(" > Write EHLO to server:");
618 fflush(stdout);
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]619
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]620 gethostname(hostname, 32);
621 len = sprintf((char *) buf, "EHLO %s\r\n", hostname);
622 ret = write_ssl_and_get_response(&ssl, buf, len);
623 if (ret < 200 || ret > 299) {
624 mbedtls_printf(" failed\n ! server responded with %d\n\n", ret);
625 goto exit;
626 }
627 } else {
628 mbedtls_printf(" > Get header from server:");
629 fflush(stdout);
630
631 ret = write_and_get_response(&server_fd, buf, 0);
632 if (ret < 200 || ret > 299) {
633 mbedtls_printf(" failed\n ! server responded with %d\n\n", ret);
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]634 goto exit;
635 }
636
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]637 mbedtls_printf(" ok\n");
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]638
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]639 mbedtls_printf(" > Write EHLO to server:");
640 fflush(stdout);
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]641
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]642 gethostname(hostname, 32);
643 len = sprintf((char *) buf, "EHLO %s\r\n", hostname);
644 ret = write_and_get_response(&server_fd, buf, len);
645 if (ret < 200 || ret > 299) {
646 mbedtls_printf(" failed\n ! server responded with %d\n\n", ret);
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]647 goto exit;
648 }
649
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]650 mbedtls_printf(" ok\n");
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]651
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]652 mbedtls_printf(" > Write STARTTLS to server:");
653 fflush(stdout);
654
655 gethostname(hostname, 32);
656 len = sprintf((char *) buf, "STARTTLS\r\n");
657 ret = write_and_get_response(&server_fd, buf, len);
658 if (ret < 200 || ret > 299) {
659 mbedtls_printf(" failed\n ! server responded with %d\n\n", ret);
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]660 goto exit;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]661 }
662
663 mbedtls_printf(" ok\n");
664
665 if (do_handshake(&ssl) != 0) {
666 goto exit;
667 }
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]668 }
669
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]670#if defined(MBEDTLS_BASE64_C)
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]671 if (opt.authentication) {
672 mbedtls_printf(" > Write AUTH LOGIN to server:");
673 fflush(stdout);
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]674
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]675 len = sprintf((char *) buf, "AUTH LOGIN\r\n");
676 ret = write_ssl_and_get_response(&ssl, buf, len);
677 if (ret < 200 || ret > 399) {
678 mbedtls_printf(" failed\n ! server responded with %d\n\n", ret);
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]679 goto exit;
680 }
681
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]682 mbedtls_printf(" ok\n");
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]683
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]684 mbedtls_printf(" > Write username to server: %s", opt.user_name);
685 fflush(stdout);
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]686
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]687 ret = mbedtls_base64_encode(base, sizeof(base), &n, (const unsigned char *) opt.user_name,
688 strlen(opt.user_name));
Alfred Klomp7c034242014-07-14 22:11:13 +0200[diff] [blame]689
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]690 if (ret != 0) {
691 mbedtls_printf(" failed\n ! mbedtls_base64_encode returned %d\n\n", ret);
Alfred Klomp7c034242014-07-14 22:11:13 +0200[diff] [blame]692 goto exit;
693 }
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]694 len = sprintf((char *) buf, "%s\r\n", base);
695 ret = write_ssl_and_get_response(&ssl, buf, len);
696 if (ret < 300 || ret > 399) {
697 mbedtls_printf(" failed\n ! server responded with %d\n\n", ret);
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]698 goto exit;
699 }
700
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]701 mbedtls_printf(" ok\n");
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]702
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]703 mbedtls_printf(" > Write password to server: %s", opt.user_pwd);
704 fflush(stdout);
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]705
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]706 ret = mbedtls_base64_encode(base, sizeof(base), &n, (const unsigned char *) opt.user_pwd,
707 strlen(opt.user_pwd));
Alfred Klomp7c034242014-07-14 22:11:13 +0200[diff] [blame]708
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]709 if (ret != 0) {
710 mbedtls_printf(" failed\n ! mbedtls_base64_encode returned %d\n\n", ret);
Alfred Klomp7c034242014-07-14 22:11:13 +0200[diff] [blame]711 goto exit;
712 }
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]713 len = sprintf((char *) buf, "%s\r\n", base);
714 ret = write_ssl_and_get_response(&ssl, buf, len);
715 if (ret < 200 || ret > 399) {
716 mbedtls_printf(" failed\n ! server responded with %d\n\n", ret);
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]717 goto exit;
718 }
719
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]720 mbedtls_printf(" ok\n");
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]721 }
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]722#endif
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]723
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]724 mbedtls_printf(" > Write MAIL FROM to server:");
725 fflush(stdout);
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]726
Mingjie Shen0fc20cd2024-03-12 16:00:28 -0400[diff] [blame]727 len = mbedtls_snprintf((char *) buf, sizeof(buf), "MAIL FROM:<%s>\r\n", opt.mail_from);
Mingjie Shend97b96f2024-03-18 14:30:06 -0400[diff] [blame]728 if (len < 0 || (size_t) len >= sizeof(buf)) {
Mingjie Shen8e35d962024-03-12 16:23:41 -0400[diff] [blame]729 mbedtls_printf(" failed\n ! mbedtls_snprintf encountered error or truncated output\n\n");
730 goto exit;
731 }
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]732 ret = write_ssl_and_get_response(&ssl, buf, len);
733 if (ret < 200 || ret > 299) {
734 mbedtls_printf(" failed\n ! server responded with %d\n\n", ret);
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]735 goto exit;
736 }
737
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]738 mbedtls_printf(" ok\n");
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]739
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]740 mbedtls_printf(" > Write RCPT TO to server:");
741 fflush(stdout);
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]742
Mingjie Shen0fc20cd2024-03-12 16:00:28 -0400[diff] [blame]743 len = mbedtls_snprintf((char *) buf, sizeof(buf), "RCPT TO:<%s>\r\n", opt.mail_to);
Mingjie Shend97b96f2024-03-18 14:30:06 -0400[diff] [blame]744 if (len < 0 || (size_t) len >= sizeof(buf)) {
Mingjie Shen8e35d962024-03-12 16:23:41 -0400[diff] [blame]745 mbedtls_printf(" failed\n ! mbedtls_snprintf encountered error or truncated output\n\n");
746 goto exit;
747 }
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]748 ret = write_ssl_and_get_response(&ssl, buf, len);
749 if (ret < 200 || ret > 299) {
750 mbedtls_printf(" failed\n ! server responded with %d\n\n", ret);
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]751 goto exit;
752 }
753
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]754 mbedtls_printf(" ok\n");
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]755
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]756 mbedtls_printf(" > Write DATA to server:");
757 fflush(stdout);
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]758
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]759 len = sprintf((char *) buf, "DATA\r\n");
760 ret = write_ssl_and_get_response(&ssl, buf, len);
761 if (ret < 300 || ret > 399) {
762 mbedtls_printf(" failed\n ! server responded with %d\n\n", ret);
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]763 goto exit;
764 }
765
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]766 mbedtls_printf(" ok\n");
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]767
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]768 mbedtls_printf(" > Write content to server:");
769 fflush(stdout);
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]770
Mingjie Shen0fc20cd2024-03-12 16:00:28 -0400[diff] [blame]771 len = mbedtls_snprintf((char *) buf, sizeof(buf),
Mingjie Shend97b96f2024-03-18 14:30:06 -0400[diff] [blame]772 "From: %s\r\nSubject: Mbed TLS Test mail\r\n\r\n"
773 "This is a simple test mail from the "
774 "Mbed TLS mail client example.\r\n"
775 "\r\n"
776 "Enjoy!", opt.mail_from);
777 if (len < 0 || (size_t) len >= sizeof(buf)) {
Mingjie Shen8e35d962024-03-12 16:23:41 -0400[diff] [blame]778 mbedtls_printf(" failed\n ! mbedtls_snprintf encountered error or truncated output\n\n");
779 goto exit;
780 }
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]781 ret = write_ssl_data(&ssl, buf, len);
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]782
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]783 len = sprintf((char *) buf, "\r\n.\r\n");
784 ret = write_ssl_and_get_response(&ssl, buf, len);
785 if (ret < 200 || ret > 299) {
786 mbedtls_printf(" failed\n ! server responded with %d\n\n", ret);
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]787 goto exit;
788 }
789
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]790 mbedtls_printf(" ok\n");
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]791
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]792 mbedtls_ssl_close_notify(&ssl);
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]793
Andres Amaya Garcia67a42ac2018-04-29 21:04:29 +0100[diff] [blame]794 exit_code = MBEDTLS_EXIT_SUCCESS;
795
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]796exit:
797
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]798 mbedtls_net_free(&server_fd);
799 mbedtls_x509_crt_free(&clicert);
800 mbedtls_x509_crt_free(&cacert);
801 mbedtls_pk_free(&pkey);
802 mbedtls_ssl_free(&ssl);
803 mbedtls_ssl_config_free(&conf);
804 mbedtls_ctr_drbg_free(&ctr_drbg);
805 mbedtls_entropy_free(&entropy);
Przemek Stekiela8c560a2023-04-19 10:15:26 +0200[diff] [blame]806 mbedtls_psa_crypto_free();
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]807
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]808 mbedtls_exit(exit_code);
Paul Bakker1496d382011-05-23 12:07:29 +0000[diff] [blame]809}
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]810#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C &&
811 MBEDTLS_SSL_CLI_C && MBEDTLS_NET_C && MBEDTLS_RSA_C **
812 MBEDTLS_CTR_DRBG_C */