Blame - programs/test/ssl_test.c - mirror/mbed-tls

blob: 79bab943c07563801d10b0149e05e2c9d03e16c5 [file] [log] [blame]

Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	1	/*
				2	* SSL/TLS stress testing program
				3	*
Paul Bakker	68884e3	2013-01-07 18:20:04 +0100	[diff] [blame]	4	* Copyright (C) 2006-2013, Brainspark B.V.
Paul Bakker	b96f154	2010-07-18 20:36:00 +0000	[diff] [blame]	5	*
				6	* This file is part of PolarSSL (http://www.polarssl.org)
Paul Bakker	84f12b7	2010-07-18 10:13:04 +0000	[diff] [blame]	7	* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
Paul Bakker	b96f154	2010-07-18 20:36:00 +0000	[diff] [blame]	8	*
Paul Bakker	77b385e	2009-07-28 17:23:11 +0000	[diff] [blame]	9	* All rights reserved.
Paul Bakker	e0ccd0a	2009-01-04 16:27:10 +0000	[diff] [blame]	10	*
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	11	* This program is free software; you can redistribute it and/or modify
				12	* it under the terms of the GNU General Public License as published by
				13	* the Free Software Foundation; either version 2 of the License, or
				14	* (at your option) any later version.
				15	*
				16	* This program is distributed in the hope that it will be useful,
				17	* but WITHOUT ANY WARRANTY; without even the implied warranty of
				18	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
				19	* GNU General Public License for more details.
				20	*
				21	* You should have received a copy of the GNU General Public License along
				22	* with this program; if not, write to the Free Software Foundation, Inc.,
				23	* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
				24	*/
				25
Manuel Pégourié-Gonnard	abd6e02	2013-09-20 13:30:43 +0200	[diff] [blame]	26	#include "polarssl/config.h"
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	27
				28	#include <string.h>
				29	#include <stdlib.h>
				30	#include <stdio.h>
				31
Paul Bakker	40e4694	2009-01-03 21:51:57 +0000	[diff] [blame]	32	#include "polarssl/net.h"
				33	#include "polarssl/ssl.h"
Paul Bakker	508ad5a	2011-12-04 17:09:26 +0000	[diff] [blame]	34	#include "polarssl/entropy.h"
				35	#include "polarssl/ctr_drbg.h"
Paul Bakker	40e4694	2009-01-03 21:51:57 +0000	[diff] [blame]	36	#include "polarssl/certs.h"
Paul Bakker	44618dd	2013-07-04 10:34:10 +0200	[diff] [blame]	37	#if defined(POLARSSL_TIMING_C)
				38	#include "polarssl/timing.h"
				39	#endif
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	40
Paul Bakker	9a97c5d	2013-09-15 17:07:33 +0200	[diff] [blame]	41	#if !defined(POLARSSL_BIGNUM_C) \|\| !defined(POLARSSL_ENTROPY_C) \|\| \
				42	!defined(POLARSSL_SSL_TLS_C) \|\| !defined(POLARSSL_SSL_SRV_C) \|\| \
				43	!defined(POLARSSL_SSL_CLI_C) \|\| !defined(POLARSSL_NET_C) \|\| \
				44	!defined(POLARSSL_RSA_C) \|\| !defined(POLARSSL_CTR_DRBG_C) \|\| \
Paul Bakker	36713e8	2013-09-17 13:25:29 +0200	[diff] [blame]	45	!defined(POLARSSL_X509_CRT_PARSE_C)
Paul Bakker	9a97c5d	2013-09-15 17:07:33 +0200	[diff] [blame]	46	int main( int argc, char *argv[] )
				47	{
				48	((void) argc);
				49	((void) argv);
				50
				51	printf("POLARSSL_BIGNUM_C and/or POLARSSL_ENTROPY_C and/or "
				52	"POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_SRV_C and/or "
				53	"POLARSSL_SSL_CLI_C and/or POLARSSL_NET_C and/or "
				54	"POLARSSL_RSA_C and/or POLARSSL_CTR_DRBG_C and/or "
Paul Bakker	36713e8	2013-09-17 13:25:29 +0200	[diff] [blame]	55	"POLARSSL_X509_CRT_PARSE_C not defined.\n");
Paul Bakker	9a97c5d	2013-09-15 17:07:33 +0200	[diff] [blame]	56	return( 0 );
				57	}
				58	#else
				59
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	60	#define OPMODE_NONE 0
				61	#define OPMODE_CLIENT 1
				62	#define OPMODE_SERVER 2
				63
				64	#define IOMODE_BLOCK 0
				65	#define IOMODE_NONBLOCK 1
				66
				67	#define COMMAND_READ 1
				68	#define COMMAND_WRITE 2
				69	#define COMMAND_BOTH 3
				70
				71	#define DFL_OPMODE OPMODE_NONE
				72	#define DFL_IOMODE IOMODE_BLOCK
				73	#define DFL_SERVER_NAME "localhost"
				74	#define DFL_SERVER_PORT 4433
				75	#define DFL_COMMAND COMMAND_READ
				76	#define DFL_BUFFER_SIZE 1024
				77	#define DFL_MAX_BYTES 0
				78	#define DFL_DEBUG_LEVEL 0
				79	#define DFL_CONN_TIMEOUT 0
				80	#define DFL_MAX_CONNECTIONS 0
				81	#define DFL_SESSION_REUSE 1
				82	#define DFL_SESSION_LIFETIME 86400
				83	#define DFL_FORCE_CIPHER 0
				84
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	85	int server_fd = -1;
				86
				87	/*
				88	* global options
				89	*/
				90	struct options
				91	{
				92	int opmode; /* operation mode (client or server) */
				93	int iomode; /* I/O mode (blocking or non-blocking) */
Paul Bakker	ef3f8c7	2013-06-24 13:01:08 +0200	[diff] [blame]	94	const char server_name; / hostname of the server (client only) */
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	95	int server_port; /* port on which the ssl service runs */
				96	int command; /* what to do: read or write operation */
				97	int buffer_size; /* size of the send/receive buffer */
				98	int max_bytes; /* max. # of bytes before a reconnect */
				99	int debug_level; /* level of debugging */
Paul Bakker	44618dd	2013-07-04 10:34:10 +0200	[diff] [blame]	100	#if defined(POLARSSL_TIMING_C)
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	101	int conn_timeout; /* max. delay before a reconnect */
Paul Bakker	44618dd	2013-07-04 10:34:10 +0200	[diff] [blame]	102	#endif
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	103	int max_connections; /* max. number of reconnections */
				104	int session_reuse; /* flag to reuse the keying material */
				105	int session_lifetime; /* if reached, session data is expired */
Paul Bakker	e3166ce	2011-01-27 17:40:50 +0000	[diff] [blame]	106	int force_ciphersuite[2]; /* protocol/ciphersuite to use, or all */
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	107	};
				108
				109	/*
				110	* Although this PRNG has good statistical properties (eg. passes
				111	* DIEHARD), it is not cryptographically secure.
				112	*/
Paul Bakker	3c5ef71	2013-06-25 16:37:45 +0200	[diff] [blame]	113	static unsigned long int lcppm5( unsigned long int *state )
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	114	{
				115	unsigned long int u, v;
				116
				117	u = v = state[4] ^ 1;
				118	state[u & 3] ^= u;
				119	u ^= (v << 12) ^ (v >> 12);
				120	u ^= v * state[0]; v >>= 8;
				121	u ^= v * state[1]; v >>= 8;
				122	u ^= v * state[2]; v >>= 8;
				123	u ^= v * state[3];
				124	u &= 0xFFFFFFFF;
				125	state[4] = u;
				126
				127	return( u );
				128	}
				129
Paul Bakker	3c5ef71	2013-06-25 16:37:45 +0200	[diff] [blame]	130	static void my_debug( void ctx, int level, const char str )
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	131	{
				132	if( level < ((struct options *) ctx)->debug_level )
				133	fprintf( stderr, "%s", str );
				134	}
				135
				136	/*
				137	* perform a single SSL connection
				138	*/
				139	static int ssl_test( struct options *opt )
				140	{
				141	int ret, i;
Manuel Pégourié-Gonnard	68821da	2013-09-16 12:34:33 +0200	[diff] [blame]	142	int client_fd = -1;
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	143	int bytes_to_read;
				144	int bytes_to_write;
Paul Bakker	026c03b	2009-03-28 17:53:03 +0000	[diff] [blame]	145	int offset_to_read = 0;
				146	int offset_to_write = 0;
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	147
				148	long int nb_read;
				149	long int nb_written;
				150
				151	unsigned long read_state[5];
				152	unsigned long write_state[5];
				153
Paul Bakker	026c03b	2009-03-28 17:53:03 +0000	[diff] [blame]	154	unsigned char *read_buf = NULL;
				155	unsigned char *write_buf = NULL;
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	156
Paul Bakker	ef3f8c7	2013-06-24 13:01:08 +0200	[diff] [blame]	157	const char *pers = "ssl_test";
Paul Bakker	508ad5a	2011-12-04 17:09:26 +0000	[diff] [blame]	158
Paul Bakker	44618dd	2013-07-04 10:34:10 +0200	[diff] [blame]	159	#if defined(POLARSSL_TIMING_C)
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	160	struct hr_time t;
Paul Bakker	44618dd	2013-07-04 10:34:10 +0200	[diff] [blame]	161	#endif
Paul Bakker	508ad5a	2011-12-04 17:09:26 +0000	[diff] [blame]	162	entropy_context entropy;
				163	ctr_drbg_context ctr_drbg;
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	164	ssl_context ssl;
Paul Bakker	c559c7a	2013-09-18 14:13:26 +0200	[diff] [blame]	165	x509_crt srvcert;
Manuel Pégourié-Gonnard	ac75523	2013-08-19 14:10:16 +0200	[diff] [blame]	166	pk_context pkey;
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	167
				168	ret = 1;
				169
Paul Bakker	0c22610	2014-04-17 16:02:36 +0200	[diff] [blame]	170	memset( &ssl, 0, sizeof(ssl_context) );
Paul Bakker	508ad5a	2011-12-04 17:09:26 +0000	[diff] [blame]	171	entropy_init( &entropy );
Paul Bakker	0c22610	2014-04-17 16:02:36 +0200	[diff] [blame]	172	x509_crt_init( &srvcert );
				173	pk_init( &pkey );
				174
Paul Bakker	508ad5a	2011-12-04 17:09:26 +0000	[diff] [blame]	175	if( ( ret = ctr_drbg_init( &ctr_drbg, entropy_func, &entropy,
Paul Bakker	ef3f8c7	2013-06-24 13:01:08 +0200	[diff] [blame]	176	(const unsigned char *) pers,
				177	strlen( pers ) ) ) != 0 )
Paul Bakker	508ad5a	2011-12-04 17:09:26 +0000	[diff] [blame]	178	{
				179	printf( " ! ctr_drbg_init returned %d\n", ret );
				180	goto exit;
				181	}
				182
Paul Bakker	44618dd	2013-07-04 10:34:10 +0200	[diff] [blame]	183	#if defined(POLARSSL_TIMING_C)
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	184	get_timer( &t, 1 );
Paul Bakker	44618dd	2013-07-04 10:34:10 +0200	[diff] [blame]	185	#endif
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	186
				187	memset( read_state, 0, sizeof( read_state ) );
				188	memset( write_state, 0, sizeof( write_state ) );
				189
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	190
				191	if( opt->opmode == OPMODE_CLIENT )
				192	{
				193	if( ( ret = net_connect( &client_fd, opt->server_name,
				194	opt->server_port ) ) != 0 )
				195	{
				196	printf( " ! net_connect returned %d\n\n", ret );
				197	return( ret );
				198	}
				199
				200	if( ( ret = ssl_init( &ssl ) ) != 0 )
				201	{
				202	printf( " ! ssl_init returned %d\n\n", ret );
Paul Bakker	0c22610	2014-04-17 16:02:36 +0200	[diff] [blame]	203	goto exit;
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	204	}
				205
				206	ssl_set_endpoint( &ssl, SSL_IS_CLIENT );
				207	}
				208
				209	if( opt->opmode == OPMODE_SERVER )
				210	{
Paul Bakker	5690efc	2011-05-26 13:16:06 +0000	[diff] [blame]	211	#if !defined(POLARSSL_CERTS_C)
				212	printf("POLARSSL_CERTS_C not defined.\n");
				213	goto exit;
				214	#else
Paul Bakker	ddf26b4	2013-09-18 13:46:23 +0200	[diff] [blame]	215	ret = x509_crt_parse( &srvcert, (const unsigned char *) test_srv_crt,
				216	strlen( test_srv_crt ) );
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	217	if( ret != 0 )
				218	{
Paul Bakker	ddf26b4	2013-09-18 13:46:23 +0200	[diff] [blame]	219	printf( " ! x509_crt_parse returned %d\n\n", ret );
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	220	goto exit;
				221	}
				222
Manuel Pégourié-Gonnard	641de71	2013-09-25 13:23:33 +0200	[diff] [blame]	223	ret = x509_crt_parse( &srvcert, (const unsigned char *) test_ca_list,
				224	strlen( test_ca_list ) );
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	225	if( ret != 0 )
				226	{
Paul Bakker	ddf26b4	2013-09-18 13:46:23 +0200	[diff] [blame]	227	printf( " ! x509_crt_parse returned %d\n\n", ret );
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	228	goto exit;
				229	}
				230
Paul Bakker	1a7550a	2013-09-15 13:01:22 +0200	[diff] [blame]	231	ret = pk_parse_key( &pkey, (const unsigned char *) test_srv_key,
				232	strlen( test_srv_key ), NULL, 0 );
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	233	if( ret != 0 )
				234	{
Paul Bakker	1a7550a	2013-09-15 13:01:22 +0200	[diff] [blame]	235	printf( " ! pk_parse_key returned %d\n\n", ret );
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	236	goto exit;
				237	}
Paul Bakker	5690efc	2011-05-26 13:16:06 +0000	[diff] [blame]	238	#endif
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	239
				240	if( server_fd < 0 )
				241	{
				242	if( ( ret = net_bind( &server_fd, NULL,
				243	opt->server_port ) ) != 0 )
				244	{
				245	printf( " ! net_bind returned %d\n\n", ret );
				246	return( ret );
				247	}
				248	}
				249
				250	if( ( ret = net_accept( server_fd, &client_fd, NULL ) ) != 0 )
				251	{
				252	printf( " ! net_accept returned %d\n\n", ret );
				253	return( ret );
				254	}
				255
				256	if( ( ret = ssl_init( &ssl ) ) != 0 )
				257	{
				258	printf( " ! ssl_init returned %d\n\n", ret );
				259	return( ret );
				260	}
				261
				262	ssl_set_endpoint( &ssl, SSL_IS_SERVER );
Paul Bakker	40ea7de	2009-05-03 10:18:48 +0000	[diff] [blame]	263	ssl_set_ca_chain( &ssl, srvcert.next, NULL, NULL );
Manuel Pégourié-Gonnard	ac75523	2013-08-19 14:10:16 +0200	[diff] [blame]	264	ssl_set_own_cert( &ssl, &srvcert, &pkey );
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	265	}
				266
				267	ssl_set_authmode( &ssl, SSL_VERIFY_NONE );
				268
Paul Bakker	508ad5a	2011-12-04 17:09:26 +0000	[diff] [blame]	269	ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg );
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	270	ssl_set_dbg( &ssl, my_debug, opt );
				271	ssl_set_bio( &ssl, net_recv, &client_fd,
				272	net_send, &client_fd );
				273
Paul Bakker	68884e3	2013-01-07 18:20:04 +0100	[diff] [blame]	274	if( opt->force_ciphersuite[0] != DFL_FORCE_CIPHER )
				275	ssl_set_ciphersuites( &ssl, opt->force_ciphersuite );
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	276
				277	if( opt->iomode == IOMODE_NONBLOCK )
Paul Bakker	cbe3d0d	2014-04-17 16:00:59 +0200	[diff] [blame]	278	{
				279	if( ( ret = net_set_nonblock( client_fd ) ) != 0 )
				280	{
				281	printf( " ! net_set_nonblock returned %d\n\n", ret );
				282	return( ret );
				283	}
				284	}
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	285
				286	read_buf = (unsigned char *) malloc( opt->buffer_size );
				287	write_buf = (unsigned char *) malloc( opt->buffer_size );
				288
				289	if( read_buf == NULL \|\| write_buf == NULL )
				290	{
				291	printf( " ! malloc(%d bytes) failed\n\n", opt->buffer_size );
				292	goto exit;
				293	}
				294
				295	nb_read = bytes_to_read = 0;
				296	nb_written = bytes_to_write = 0;
				297
				298	while( 1 )
				299	{
				300	if( opt->command & COMMAND_WRITE )
				301	{
				302	if( bytes_to_write == 0 )
				303	{
				304	while( bytes_to_write == 0 )
				305	bytes_to_write = rand() % opt->buffer_size;
				306
				307	for( i = 0; i < bytes_to_write; i++ )
				308	write_buf[i] = (unsigned char) lcppm5( write_state );
				309
				310	offset_to_write = 0;
				311	}
				312
				313	ret = ssl_write( &ssl, write_buf + offset_to_write,
				314	bytes_to_write );
				315
				316	if( ret >= 0 )
				317	{
				318	nb_written += ret;
				319	bytes_to_write -= ret;
				320	offset_to_write += ret;
				321	}
				322
Paul Bakker	40e4694	2009-01-03 21:51:57 +0000	[diff] [blame]	323	if( ret == POLARSSL_ERR_SSL_PEER_CLOSE_NOTIFY \|\|
				324	ret == POLARSSL_ERR_NET_CONN_RESET )
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	325	{
				326	ret = 0;
				327	goto exit;
				328	}
				329
Paul Bakker	831a755	2011-05-18 13:32:51 +0000	[diff] [blame]	330	if( ret < 0 && ret != POLARSSL_ERR_NET_WANT_READ &&
				331	ret != POLARSSL_ERR_NET_WANT_WRITE )
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	332	{
				333	printf( " ! ssl_write returned %d\n\n", ret );
				334	break;
				335	}
				336	}
				337
				338	if( opt->command & COMMAND_READ )
				339	{
Paul Bakker	396333e	2013-09-26 13:32:19 +0200	[diff] [blame]	340	while( bytes_to_read == 0 )
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	341	{
				342	bytes_to_read = rand() % opt->buffer_size;
				343	offset_to_read = 0;
				344	}
				345
				346	ret = ssl_read( &ssl, read_buf + offset_to_read,
				347	bytes_to_read );
				348
Paul Bakker	396333e	2013-09-26 13:32:19 +0200	[diff] [blame]	349	if( ret > 0 )
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	350	{
				351	for( i = 0; i < ret; i++ )
				352	{
				353	if( read_buf[offset_to_read + i] !=
				354	(unsigned char) lcppm5( read_state ) )
				355	{
				356	ret = 1;
				357	printf( " ! plaintext mismatch\n\n" );
				358	goto exit;
				359	}
				360	}
				361
				362	nb_read += ret;
				363	bytes_to_read -= ret;
				364	offset_to_read += ret;
				365	}
				366
Paul Bakker	396333e	2013-09-26 13:32:19 +0200	[diff] [blame]	367	if( ret == 0 \|\|
				368	ret == POLARSSL_ERR_SSL_CONN_EOF \|\|
				369	ret == POLARSSL_ERR_SSL_PEER_CLOSE_NOTIFY \|\|
Paul Bakker	40e4694	2009-01-03 21:51:57 +0000	[diff] [blame]	370	ret == POLARSSL_ERR_NET_CONN_RESET )
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	371	{
				372	ret = 0;
				373	goto exit;
				374	}
				375
Paul Bakker	831a755	2011-05-18 13:32:51 +0000	[diff] [blame]	376	if( ret < 0 && ret != POLARSSL_ERR_NET_WANT_READ &&
				377	ret != POLARSSL_ERR_NET_WANT_WRITE )
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	378	{
				379	printf( " ! ssl_read returned %d\n\n", ret );
				380	break;
				381	}
				382	}
				383
				384	ret = 0;
				385
				386	if( opt->max_bytes != 0 &&
				387	( opt->max_bytes <= nb_read \|\|
				388	opt->max_bytes <= nb_written ) )
				389	break;
				390
Paul Bakker	44618dd	2013-07-04 10:34:10 +0200	[diff] [blame]	391	#if defined(POLARSSL_TIMING_C)
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	392	if( opt->conn_timeout != 0 &&
				393	opt->conn_timeout <= (int) get_timer( &t, 0 ) )
				394	break;
Paul Bakker	44618dd	2013-07-04 10:34:10 +0200	[diff] [blame]	395	#endif
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	396	}
				397
				398	exit:
				399
				400	fflush( stdout );
				401
				402	if( read_buf != NULL )
				403	free( read_buf );
				404
				405	if( write_buf != NULL )
				406	free( write_buf );
				407
				408	ssl_close_notify( &ssl );
Paul Bakker	36713e8	2013-09-17 13:25:29 +0200	[diff] [blame]	409	x509_crt_free( &srvcert );
Manuel Pégourié-Gonnard	ac75523	2013-08-19 14:10:16 +0200	[diff] [blame]	410	pk_free( &pkey );
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	411	ssl_free( &ssl );
Paul Bakker	1ffefac	2013-09-28 15:23:03 +0200	[diff] [blame]	412	entropy_free( &entropy );
Paul Bakker	0c22610	2014-04-17 16:02:36 +0200	[diff] [blame]	413
				414	if( client_fd != -1 )
				415	net_close( client_fd );
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	416
				417	return( ret );
				418	}
				419
Paul Bakker	44618dd	2013-07-04 10:34:10 +0200	[diff] [blame]	420	#if defined(POLARSSL_TIMING_C)
				421	#define USAGE_TIMING \
				422	" conn_timeout=%%d (ms) default: 0 (no timeout)\n"
				423	#else
				424	#define USAGE_TIMING ""
				425	#endif
				426
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	427	#define USAGE \
				428	"\n usage: ssl_test opmode=<> command=<>...\n" \
				429	"\n acceptable parameters:\n" \
				430	" opmode=client/server default: <none>\n" \
				431	" iomode=block/nonblock default: block\n" \
				432	" server_name=%%s default: localhost\n" \
				433	" server_port=%%d default: 4433\n" \
				434	" command=read/write/both default: read\n" \
				435	" buffer_size=%%d (bytes) default: 1024\n" \
				436	" max_bytes=%%d (bytes) default: 0 (no limit)\n" \
				437	" debug_level=%%d default: 0 (disabled)\n" \
Paul Bakker	44618dd	2013-07-04 10:34:10 +0200	[diff] [blame]	438	USAGE_TIMING \
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	439	" max_connections=%%d default: 0 (no limit)\n" \
				440	" session_reuse=on/off default: on (enabled)\n" \
				441	" session_lifetime=%%d (s) default: 86400\n" \
Paul Bakker	e3166ce	2011-01-27 17:40:50 +0000	[diff] [blame]	442	" force_ciphersuite=<name> default: all enabled\n" \
				443	" acceptable ciphersuite names:\n"
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	444
				445	int main( int argc, char *argv[] )
				446	{
Paul Bakker	c97f9f6	2013-11-30 15:13:02 +0100	[diff] [blame]	447	int i;
Paul Bakker	e3166ce	2011-01-27 17:40:50 +0000	[diff] [blame]	448	const int *list;
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	449	int ret = 1;
				450	int nb_conn;
				451	char p, q;
				452	struct options opt;
				453
				454	if( argc == 1 )
				455	{
				456	usage:
				457	printf( USAGE );
Paul Bakker	44618dd	2013-07-04 10:34:10 +0200	[diff] [blame]	458
Paul Bakker	e3166ce	2011-01-27 17:40:50 +0000	[diff] [blame]	459	list = ssl_list_ciphersuites();
				460	while( *list )
				461	{
				462	printf(" %s\n", ssl_get_ciphersuite_name( *list ) );
				463	list++;
				464	}
				465	printf("\n");
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	466	goto exit;
				467	}
				468
				469	opt.opmode = DFL_OPMODE;
				470	opt.iomode = DFL_IOMODE;
				471	opt.server_name = DFL_SERVER_NAME;
				472	opt.server_port = DFL_SERVER_PORT;
				473	opt.command = DFL_COMMAND;
				474	opt.buffer_size = DFL_BUFFER_SIZE;
				475	opt.max_bytes = DFL_MAX_BYTES;
				476	opt.debug_level = DFL_DEBUG_LEVEL;
Paul Bakker	44618dd	2013-07-04 10:34:10 +0200	[diff] [blame]	477	#if defined(POLARSSL_TIMING_C)
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	478	opt.conn_timeout = DFL_CONN_TIMEOUT;
Paul Bakker	44618dd	2013-07-04 10:34:10 +0200	[diff] [blame]	479	#endif
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	480	opt.max_connections = DFL_MAX_CONNECTIONS;
				481	opt.session_reuse = DFL_SESSION_REUSE;
				482	opt.session_lifetime = DFL_SESSION_LIFETIME;
Paul Bakker	e3166ce	2011-01-27 17:40:50 +0000	[diff] [blame]	483	opt.force_ciphersuite[0] = DFL_FORCE_CIPHER;
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	484
				485	for( i = 1; i < argc; i++ )
				486	{
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	487	p = argv[i];
				488	if( ( q = strchr( p, '=' ) ) == NULL )
				489	continue;
				490	*q++ = '\0';
				491
				492	if( strcmp( p, "opmode" ) == 0 )
				493	{
				494	if( strcmp( q, "client" ) == 0 )
				495	opt.opmode = OPMODE_CLIENT;
				496	else
				497	if( strcmp( q, "server" ) == 0 )
				498	opt.opmode = OPMODE_SERVER;
				499	else goto usage;
				500	}
				501
				502	if( strcmp( p, "iomode" ) == 0 )
				503	{
				504	if( strcmp( q, "block" ) == 0 )
				505	opt.iomode = IOMODE_BLOCK;
				506	else
				507	if( strcmp( q, "nonblock" ) == 0 )
				508	opt.iomode = IOMODE_NONBLOCK;
				509	else goto usage;
				510	}
				511
				512	if( strcmp( p, "server_name" ) == 0 )
				513	opt.server_name = q;
				514
				515	if( strcmp( p, "server_port" ) == 0 )
				516	{
				517	opt.server_port = atoi( q );
				518	if( opt.server_port < 1 \|\| opt.server_port > 65535 )
				519	goto usage;
				520	}
				521
				522	if( strcmp( p, "command" ) == 0 )
				523	{
				524	if( strcmp( q, "read" ) == 0 )
				525	opt.command = COMMAND_READ;
				526	else
				527	if( strcmp( q, "write" ) == 0 )
				528	opt.command = COMMAND_WRITE;
				529	else
				530	if( strcmp( q, "both" ) == 0 )
				531	{
				532	opt.iomode = IOMODE_NONBLOCK;
				533	opt.command = COMMAND_BOTH;
				534	}
				535	else goto usage;
				536	}
				537
				538	if( strcmp( p, "buffer_size" ) == 0 )
				539	{
				540	opt.buffer_size = atoi( q );
				541	if( opt.buffer_size < 1 \|\| opt.buffer_size > 1048576 )
				542	goto usage;
				543	}
				544
				545	if( strcmp( p, "max_bytes" ) == 0 )
				546	opt.max_bytes = atoi( q );
				547
				548	if( strcmp( p, "debug_level" ) == 0 )
				549	opt.debug_level = atoi( q );
Paul Bakker	44618dd	2013-07-04 10:34:10 +0200	[diff] [blame]	550	#if defined(POLARSSL_TIMING_C)
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	551	if( strcmp( p, "conn_timeout" ) == 0 )
				552	opt.conn_timeout = atoi( q );
Paul Bakker	44618dd	2013-07-04 10:34:10 +0200	[diff] [blame]	553	#endif
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	554	if( strcmp( p, "max_connections" ) == 0 )
				555	opt.max_connections = atoi( q );
				556
				557	if( strcmp( p, "session_reuse" ) == 0 )
				558	{
				559	if( strcmp( q, "on" ) == 0 )
				560	opt.session_reuse = 1;
				561	else
				562	if( strcmp( q, "off" ) == 0 )
				563	opt.session_reuse = 0;
				564	else
				565	goto usage;
				566	}
				567
				568	if( strcmp( p, "session_lifetime" ) == 0 )
				569	opt.session_lifetime = atoi( q );
				570
Paul Bakker	e3166ce	2011-01-27 17:40:50 +0000	[diff] [blame]	571	if( strcmp( p, "force_ciphersuite" ) == 0 )
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	572	{
Paul Bakker	e3166ce	2011-01-27 17:40:50 +0000	[diff] [blame]	573	opt.force_ciphersuite[0] = -1;
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	574
Paul Bakker	e3166ce	2011-01-27 17:40:50 +0000	[diff] [blame]	575	opt.force_ciphersuite[0] = ssl_get_ciphersuite_id( q );
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	576
Paul Bakker	e3166ce	2011-01-27 17:40:50 +0000	[diff] [blame]	577	if( opt.force_ciphersuite[0] <= 0 )
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	578	goto usage;
				579
Paul Bakker	e3166ce	2011-01-27 17:40:50 +0000	[diff] [blame]	580	opt.force_ciphersuite[1] = 0;
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	581	}
				582	}
				583
				584	switch( opt.opmode )
				585	{
				586	case OPMODE_CLIENT:
				587	break;
				588
				589	case OPMODE_SERVER:
				590	break;
				591
				592	default:
				593	goto usage;
				594	}
				595
				596	nb_conn = 0;
				597
				598	do {
				599	nb_conn++;
				600	ret = ssl_test( &opt );
				601	if( opt.max_connections != 0 &&
				602	opt.max_connections <= nb_conn )
				603	break;
				604	}
				605	while( ret == 0 );
				606
				607	exit:
				608
Paul Bakker	cce9d77	2011-11-18 14:26:47 +0000	[diff] [blame]	609	#if defined(_WIN32)
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	610	printf( " Press Enter to exit this program.\n" );
				611	fflush( stdout ); getchar();
				612	#endif
				613
				614	return( ret );
				615	}
Paul Bakker	508ad5a	2011-12-04 17:09:26 +0000	[diff] [blame]	616	#endif /* POLARSSL_BIGNUM_C && POLARSSL_ENTROPY_C && POLARSSL_SSL_TLS_C &&
Paul Bakker	5690efc	2011-05-26 13:16:06 +0000	[diff] [blame]	617	POLARSSL_SSL_SRV_C && POLARSSL_SSL_CLI_C && POLARSSL_NET_C &&
Paul Bakker	508ad5a	2011-12-04 17:09:26 +0000	[diff] [blame]	618	POLARSSL_RSA_C && POLARSSL_CTR_DRBG_C */