Adapt programs to the new NET API
diff --git a/programs/pkey/dh_client.c b/programs/pkey/dh_client.c
index e9523ce..3ccfa6d 100644
--- a/programs/pkey/dh_client.c
+++ b/programs/pkey/dh_client.c
@@ -71,7 +71,7 @@
int ret;
size_t n, buflen;
- int server_fd = -1;
+ mbedtls_net_context server_fd;
unsigned char *p, *end;
unsigned char buf[2048];
@@ -84,7 +84,8 @@
mbedtls_dhm_context dhm;
mbedtls_aes_context aes;
- memset( &rsa, 0, sizeof( rsa ) );
+ mbedtls_net_init( &server_fd );
+ mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_SHA256 );
mbedtls_dhm_init( &dhm );
mbedtls_aes_init( &aes );
mbedtls_ctr_drbg_init( &ctr_drbg );
@@ -280,8 +281,7 @@
exit:
- if( server_fd != -1 )
- mbedtls_net_close( server_fd );
+ mbedtls_net_close( &server_fd );
mbedtls_aes_free( &aes );
mbedtls_rsa_free( &rsa );
diff --git a/programs/pkey/dh_server.c b/programs/pkey/dh_server.c
index 30abaa8..71fa737 100644
--- a/programs/pkey/dh_server.c
+++ b/programs/pkey/dh_server.c
@@ -71,8 +71,7 @@
int ret;
size_t n, buflen;
- int listen_fd = -1;
- int client_fd = -1;
+ mbedtls_net_context listen_fd, client_fd;
unsigned char buf[2048];
unsigned char hash[20];
@@ -85,7 +84,9 @@
mbedtls_dhm_context dhm;
mbedtls_aes_context aes;
- memset( &rsa, 0, sizeof( rsa ) );
+ mbedtls_net_init( &listen_fd );
+ mbedtls_net_init( &client_fd );
+ mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_SHA256 );
mbedtls_dhm_init( &dhm );
mbedtls_aes_init( &aes );
mbedtls_ctr_drbg_init( &ctr_drbg );
@@ -173,7 +174,7 @@
goto exit;
}
- if( ( ret = mbedtls_net_accept( listen_fd, &client_fd,
+ if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd,
NULL, 0, NULL ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_net_accept returned %d\n\n", ret );
@@ -282,8 +283,8 @@
exit:
- if( client_fd != -1 )
- mbedtls_net_close( client_fd );
+ mbedtls_net_close( &client_fd );
+ mbedtls_net_close( &listen_fd );
mbedtls_aes_free( &aes );
mbedtls_rsa_free( &rsa );
diff --git a/programs/ssl/dtls_client.c b/programs/ssl/dtls_client.c
index 0fedbc7..b3cfb31 100644
--- a/programs/ssl/dtls_client.c
+++ b/programs/ssl/dtls_client.c
@@ -83,7 +83,8 @@
int main( int argc, char *argv[] )
{
- int ret, len, server_fd = -1;
+ int ret, len;
+ mbedtls_net_context server_fd;
uint32_t flags;
unsigned char buf[1024];
const char *pers = "dtls_client";
@@ -106,6 +107,7 @@
/*
* 0. Initialize the RNG and the session data
*/
+ mbedtls_net_init( &server_fd );
mbedtls_ssl_init( &ssl );
mbedtls_ssl_config_init( &conf );
mbedtls_x509_crt_init( &cacert );
@@ -324,8 +326,7 @@
}
#endif
- if( server_fd != -1 )
- mbedtls_net_close( server_fd );
+ mbedtls_net_close( &server_fd );
mbedtls_x509_crt_free( &cacert );
mbedtls_ssl_free( &ssl );
diff --git a/programs/ssl/dtls_server.c b/programs/ssl/dtls_server.c
index ef7ce94..e1da0f7 100644
--- a/programs/ssl/dtls_server.c
+++ b/programs/ssl/dtls_server.c
@@ -92,8 +92,7 @@
int main( void )
{
int ret, len;
- int listen_fd;
- int client_fd = -1;
+ mbedtls_net_context listen_fd, client_fd;
unsigned char buf[1024];
const char *pers = "dtls_server";
unsigned char client_ip[16] = { 0 };
@@ -111,6 +110,8 @@
mbedtls_ssl_cache_context cache;
#endif
+ mbedtls_net_init( &listen_fd );
+ mbedtls_net_init( &client_fd );
mbedtls_ssl_init( &ssl );
mbedtls_ssl_config_init( &conf );
mbedtls_ssl_cookie_init( &cookie_ctx );
@@ -255,20 +256,17 @@
}
#endif
- if( client_fd != -1 )
- mbedtls_net_close( client_fd );
+ mbedtls_net_close( &client_fd );
mbedtls_ssl_session_reset( &ssl );
/*
* 3. Wait until a client connects
*/
- client_fd = -1;
-
printf( " . Waiting for a remote connection ..." );
fflush( stdout );
- if( ( ret = mbedtls_net_accept( listen_fd, &client_fd,
+ if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd,
client_ip, sizeof( client_ip ), &cliip_len ) ) != 0 )
{
printf( " failed\n ! mbedtls_net_accept returned %d\n\n", ret );
@@ -403,8 +401,8 @@
}
#endif
- if( client_fd != -1 )
- mbedtls_net_close( client_fd );
+ mbedtls_net_close( &client_fd );
+ mbedtls_net_close( &listen_fd );
mbedtls_x509_crt_free( &srvcert );
mbedtls_pk_free( &pkey );
diff --git a/programs/ssl/mini_client.c b/programs/ssl/mini_client.c
index 2d1dcb9..95b0f92 100644
--- a/programs/ssl/mini_client.c
+++ b/programs/ssl/mini_client.c
@@ -32,6 +32,10 @@
* NET module, in order to avoid the overhead of getaddrinfo() which tends to
* dominate memory usage in small configurations. For the sake of simplicity,
* only a Unix version is implemented.
+ *
+ * Warning: we are breaking some of the abtractions from the NET layer here.
+ * This is not a good example for general use. This programs has the specific
+ * goal of minimizing use of the libc functions on full-blown OSes.
*/
#if defined(unix) || defined(__unix__) || defined(__unix)
#define UNIX
@@ -160,7 +164,7 @@
int main( void )
{
int ret = exit_ok;
- int server_fd = -1;
+ mbedtls_net_context server_fd;
struct sockaddr_in addr;
#if defined(MBEDTLS_X509_CRT_PARSE_C)
mbedtls_x509_crt ca;
@@ -175,6 +179,7 @@
/*
* 0. Initialize and setup stuff
*/
+ mbedtls_net_init( &server_fd );
mbedtls_ssl_init( &ssl );
mbedtls_ssl_config_init( &conf );
#if defined(MBEDTLS_X509_CRT_PARSE_C)
@@ -241,13 +246,13 @@
addr.sin_addr.s_addr = *((char *) &ret) == ret ? ADDR_LE : ADDR_BE;
ret = 0;
- if( ( server_fd = socket( AF_INET, SOCK_STREAM, 0 ) ) < 0 )
+ if( ( server_fd.fd = socket( AF_INET, SOCK_STREAM, 0 ) ) < 0 )
{
ret = socket_failed;
goto exit;
}
- if( connect( server_fd,
+ if( connect( server_fd.fd,
(const struct sockaddr *) &addr, sizeof( addr ) ) < 0 )
{
ret = connect_failed;
@@ -275,8 +280,7 @@
mbedtls_ssl_close_notify( &ssl );
exit:
- if( server_fd != -1 )
- mbedtls_net_close( server_fd );
+ mbedtls_net_close( &server_fd );
mbedtls_ssl_free( &ssl );
mbedtls_ssl_config_free( &conf );
diff --git a/programs/ssl/ssl_client1.c b/programs/ssl/ssl_client1.c
index c23c653..61ead50 100644
--- a/programs/ssl/ssl_client1.c
+++ b/programs/ssl/ssl_client1.c
@@ -78,7 +78,8 @@
int main( void )
{
- int ret, len, server_fd = -1;
+ int ret, len;
+ mbedtls_net_context server_fd;
uint32_t flags;
unsigned char buf[1024];
const char *pers = "ssl_client1";
@@ -96,6 +97,7 @@
/*
* 0. Initialize the RNG and the session data
*/
+ mbedtls_net_init( &server_fd );
mbedtls_ssl_init( &ssl );
mbedtls_ssl_config_init( &conf );
mbedtls_x509_crt_init( &cacert );
@@ -288,8 +290,7 @@
}
#endif
- if( server_fd != -1 )
- mbedtls_net_close( server_fd );
+ mbedtls_net_close( &server_fd );
mbedtls_x509_crt_free( &cacert );
mbedtls_ssl_free( &ssl );
diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index f8188d6..27bd8bf 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -386,7 +386,8 @@
int main( int argc, char *argv[] )
{
- int ret = 0, len, tail_len, server_fd, i, written, frags, retry_left;
+ int ret = 0, len, tail_len, i, written, frags, retry_left;
+ mbedtls_net_context server_fd;
unsigned char buf[MBEDTLS_SSL_MAX_CONTENT_LEN + 1];
#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
unsigned char psk[MBEDTLS_PSK_MAX_LEN];
@@ -417,7 +418,7 @@
/*
* Make sure memory references are valid.
*/
- server_fd = 0;
+ mbedtls_net_init( &server_fd );
mbedtls_ssl_init( &ssl );
mbedtls_ssl_config_init( &conf );
memset( &saved_session, 0, sizeof( mbedtls_ssl_session ) );
@@ -1038,9 +1039,9 @@
}
if( opt.nbio > 0 )
- ret = mbedtls_net_set_nonblock( server_fd );
+ ret = mbedtls_net_set_nonblock( &server_fd );
else
- ret = mbedtls_net_set_block( server_fd );
+ ret = mbedtls_net_set_block( &server_fd );
if( ret != 0 )
{
mbedtls_printf( " failed\n ! net_set_(non)block() returned -0x%x\n\n", -ret );
@@ -1502,7 +1503,7 @@
{
--opt.reconnect;
- mbedtls_net_close( server_fd );
+ mbedtls_net_close( &server_fd );
#if defined(MBEDTLS_TIMING_C)
if( opt.reco_delay > 0 )
@@ -1533,9 +1534,9 @@
}
if( opt.nbio > 0 )
- ret = mbedtls_net_set_nonblock( server_fd );
+ ret = mbedtls_net_set_nonblock( &server_fd );
else
- ret = mbedtls_net_set_block( server_fd );
+ ret = mbedtls_net_set_block( &server_fd );
if( ret != 0 )
{
mbedtls_printf( " failed\n ! net_set_(non)block() returned -0x%x\n\n",
@@ -1571,8 +1572,7 @@
}
#endif
- if( server_fd )
- mbedtls_net_close( server_fd );
+ mbedtls_net_close( &server_fd );
#if defined(MBEDTLS_X509_CRT_PARSE_C)
mbedtls_x509_crt_free( &clicert );
diff --git a/programs/ssl/ssl_fork_server.c b/programs/ssl/ssl_fork_server.c
index 0984be1..9aab975 100644
--- a/programs/ssl/ssl_fork_server.c
+++ b/programs/ssl/ssl_fork_server.c
@@ -96,8 +96,7 @@
int main( void )
{
int ret, len, cnt = 0, pid;
- int listen_fd;
- int client_fd = -1;
+ mbedtls_net_context listen_fd, client_fd;
unsigned char buf[1024];
const char *pers = "ssl_fork_server";
@@ -108,6 +107,8 @@
mbedtls_x509_crt srvcert;
mbedtls_pk_context pkey;
+ mbedtls_net_init( &listen_fd );
+ mbedtls_net_init( &client_fd );
mbedtls_ssl_init( &ssl );
mbedtls_ssl_config_init( &conf );
mbedtls_entropy_init( &entropy );
@@ -216,13 +217,13 @@
/*
* 3. Wait until a client connects
*/
- client_fd = -1;
- memset( &ssl, 0, sizeof( ssl ) );
+ mbedtls_net_init( &client_fd );
+ mbedtls_ssl_init( &ssl );
mbedtls_printf( " . Waiting for a remote connection ..." );
fflush( stdout );
- if( ( ret = mbedtls_net_accept( listen_fd, &client_fd,
+ if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd,
NULL, 0, NULL ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_net_accept returned %d\n\n", ret );
@@ -258,11 +259,11 @@
goto exit;
}
- close( client_fd );
+ mbedtls_net_close( &client_fd );
continue;
}
- close( listen_fd );
+ mbedtls_net_close( &listen_fd );
/*
* 4. Setup stuff
@@ -384,9 +385,8 @@
}
exit:
-
- if( client_fd != -1 )
- mbedtls_net_close( client_fd );
+ mbedtls_net_close( &client_fd );
+ mbedtls_net_close( &listen_fd );
mbedtls_x509_crt_free( &srvcert );
mbedtls_pk_free( &pkey );
diff --git a/programs/ssl/ssl_mail_client.c b/programs/ssl/ssl_mail_client.c
index 9932594..4ea5d4c 100644
--- a/programs/ssl/ssl_mail_client.c
+++ b/programs/ssl/ssl_mail_client.c
@@ -66,8 +66,6 @@
#include <unistd.h>
#else
#include <io.h>
-#define read _read
-#define write _write
#endif
#if defined(_WIN32) || defined(_WIN32_WCE)
@@ -294,7 +292,7 @@
while( 1 );
}
-static int write_and_get_response( int sock_fd, unsigned char *buf, size_t len )
+static int write_and_get_response( mbedtls_net_context *sock_fd, unsigned char *buf, size_t len )
{
int ret;
unsigned char data[128];
@@ -302,7 +300,7 @@
size_t i, idx = 0;
mbedtls_printf("\n%s", buf);
- if( len && ( ret = write( sock_fd, buf, len ) ) <= 0 )
+ if( len && ( ret = mbedtls_net_send( sock_fd, buf, len ) ) <= 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret );
return -1;
@@ -312,7 +310,7 @@
{
len = sizeof( data ) - 1;
memset( data, 0, sizeof( data ) );
- ret = read( sock_fd, data, len );
+ ret = mbedtls_net_recv( sock_fd, data, len );
if( ret <= 0 )
{
@@ -346,7 +344,8 @@
int main( int argc, char *argv[] )
{
- int ret = 0, len, server_fd;
+ int ret = 0, len;
+ mbedtls_net_context server_fd;
unsigned char buf[1024];
#if defined(MBEDTLS_BASE64_C)
unsigned char base[1024];
@@ -369,7 +368,7 @@
/*
* Make sure memory references are valid in case we exit early.
*/
- server_fd = 0;
+ mbedtls_net_init( &server_fd );
mbedtls_ssl_init( &ssl );
mbedtls_ssl_config_init( &conf );
memset( &buf, 0, sizeof( buf ) );
@@ -658,7 +657,7 @@
mbedtls_printf( " > Get header from server:" );
fflush( stdout );
- ret = write_and_get_response( server_fd, buf, 0 );
+ ret = write_and_get_response( &server_fd, buf, 0 );
if( ret < 200 || ret > 299 )
{
mbedtls_printf( " failed\n ! server responded with %d\n\n", ret );
@@ -672,7 +671,7 @@
gethostname( hostname, 32 );
len = sprintf( (char *) buf, "EHLO %s\r\n", hostname );
- ret = write_and_get_response( server_fd, buf, len );
+ ret = write_and_get_response( &server_fd, buf, len );
if( ret < 200 || ret > 299 )
{
mbedtls_printf( " failed\n ! server responded with %d\n\n", ret );
@@ -686,7 +685,7 @@
gethostname( hostname, 32 );
len = sprintf( (char *) buf, "STARTTLS\r\n" );
- ret = write_and_get_response( server_fd, buf, len );
+ ret = write_and_get_response( &server_fd, buf, len );
if( ret < 200 || ret > 299 )
{
mbedtls_printf( " failed\n ! server responded with %d\n\n", ret );
@@ -820,8 +819,7 @@
exit:
- if( server_fd )
- mbedtls_net_close( server_fd );
+ mbedtls_net_close( &server_fd );
mbedtls_x509_crt_free( &clicert );
mbedtls_x509_crt_free( &cacert );
mbedtls_pk_free( &pkey );
diff --git a/programs/ssl/ssl_pthread_server.c b/programs/ssl/ssl_pthread_server.c
index 7a4c2b2..4bd3671 100644
--- a/programs/ssl/ssl_pthread_server.c
+++ b/programs/ssl/ssl_pthread_server.c
@@ -106,7 +106,7 @@
}
typedef struct {
- int client_fd;
+ mbedtls_net_context client_fd;
int thread_complete;
const mbedtls_ssl_config *config;
} thread_info_t;
@@ -124,7 +124,7 @@
{
int ret, len;
thread_info_t *thread_info = (thread_info_t *) data;
- int client_fd = thread_info->client_fd;
+ mbedtls_net_context *client_fd = &thread_info->client_fd;
long int thread_id = (long int) pthread_self();
unsigned char buf[1024];
mbedtls_ssl_context ssl;
@@ -132,7 +132,7 @@
/* Make sure memory references are valid */
mbedtls_ssl_init( &ssl );
- mbedtls_printf( " [ #%ld ] Client FD %d\n", thread_id, client_fd );
+ mbedtls_printf( " [ #%ld ] Setting up SSL/TLS data\n", thread_id );
/*
* 4. Get the SSL context ready
@@ -144,7 +144,7 @@
goto thread_exit;
}
- mbedtls_ssl_set_bio( &ssl, &client_fd, mbedtls_net_send, mbedtls_net_recv, NULL );
+ mbedtls_ssl_set_bio( &ssl, client_fd, mbedtls_net_send, mbedtls_net_recv, NULL );
/*
* 5. Handshake
@@ -273,7 +273,7 @@
return( NULL );
}
-static int thread_create( int client_fd )
+static int thread_create( mbedtls_net_context *client_fd )
{
int ret, i;
@@ -302,9 +302,10 @@
*/
memcpy( &threads[i].data, &base_info, sizeof(base_info) );
threads[i].active = 1;
- threads[i].data.client_fd = client_fd;
+ memcpy( &threads[i].data.client_fd, client_fd, sizeof( mbedtls_net_context ) );
- if( ( ret = pthread_create( &threads[i].thread, NULL, handle_ssl_connection, &threads[i].data ) ) != 0 )
+ if( ( ret = pthread_create( &threads[i].thread, NULL, handle_ssl_connection,
+ &threads[i].data ) ) != 0 )
{
return( ret );
}
@@ -315,8 +316,7 @@
int main( void )
{
int ret;
- int listen_fd;
- int client_fd = -1;
+ mbedtls_net_context listen_fd, client_fd;
const char pers[] = "ssl_pthread_server";
mbedtls_entropy_context entropy;
@@ -346,6 +346,8 @@
mbedtls_ssl_config_init( &conf );
mbedtls_ctr_drbg_init( &ctr_drbg );
memset( threads, 0, sizeof(threads) );
+ mbedtls_net_init( &listen_fd );
+ mbedtls_net_init( &client_fd );
mbedtls_mutex_init( &debug_mutex );
@@ -474,11 +476,9 @@
/*
* 3. Wait until a client connects
*/
- client_fd = -1;
-
mbedtls_printf( " [ main ] Waiting for a remote connection\n" );
- if( ( ret = mbedtls_net_accept( listen_fd, &client_fd,
+ if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd,
NULL, 0, NULL ) ) != 0 )
{
mbedtls_printf( " [ main ] failed: mbedtls_net_accept returned -0x%04x\n", ret );
@@ -488,10 +488,10 @@
mbedtls_printf( " [ main ] ok\n" );
mbedtls_printf( " [ main ] Creating a new thread\n" );
- if( ( ret = thread_create( client_fd ) ) != 0 )
+ if( ( ret = thread_create( &client_fd ) ) != 0 )
{
mbedtls_printf( " [ main ] failed: thread_create returned %d\n", ret );
- mbedtls_net_close( client_fd );
+ mbedtls_net_close( &client_fd );
goto reset;
}
@@ -508,6 +508,8 @@
mbedtls_entropy_free( &entropy );
mbedtls_ssl_config_free( &conf );
+ mbedtls_net_free( &listen_fd );
+
mbedtls_mutex_free( &debug_mutex );
#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
diff --git a/programs/ssl/ssl_server.c b/programs/ssl/ssl_server.c
index c009733..786ae5c 100644
--- a/programs/ssl/ssl_server.c
+++ b/programs/ssl/ssl_server.c
@@ -91,8 +91,7 @@
int main( void )
{
int ret, len;
- int listen_fd;
- int client_fd = -1;
+ mbedtls_net_context listen_fd, client_fd;
unsigned char buf[1024];
const char *pers = "ssl_server";
@@ -106,6 +105,8 @@
mbedtls_ssl_cache_context cache;
#endif
+ mbedtls_net_init( &listen_fd );
+ mbedtls_net_init( &client_fd );
mbedtls_ssl_init( &ssl );
mbedtls_ssl_config_init( &conf );
#if defined(MBEDTLS_SSL_CACHE_C)
@@ -236,20 +237,17 @@
}
#endif
- if( client_fd != -1 )
- mbedtls_net_close( client_fd );
+ mbedtls_net_close( &client_fd );
mbedtls_ssl_session_reset( &ssl );
/*
* 3. Wait until a client connects
*/
- client_fd = -1;
-
mbedtls_printf( " . Waiting for a remote connection ..." );
fflush( stdout );
- if( ( ret = mbedtls_net_accept( listen_fd, &client_fd,
+ if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd,
NULL, 0, NULL ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_net_accept returned %d\n\n", ret );
@@ -375,8 +373,8 @@
}
#endif
- if( client_fd != -1 )
- mbedtls_net_close( client_fd );
+ mbedtls_net_close( &client_fd );
+ mbedtls_net_close( &listen_fd );
mbedtls_x509_crt_free( &srvcert );
mbedtls_pk_free( &pkey );
diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index c66a4e9..3b2c802 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -746,7 +746,7 @@
}
#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
-static int listen_fd, client_fd = -1;
+static mbedtls_net_context listen_fd, client_fd;
/* Interruption handler to ensure clean exit (for valgrind testing) */
#if !defined(_WIN32)
@@ -755,8 +755,8 @@
{
((void) sig);
received_sigterm = 1;
- mbedtls_net_close( listen_fd ); /* causes mbedtls_net_accept() to abort */
- mbedtls_net_close( client_fd ); /* causes net_read() to abort */
+ mbedtls_net_close( &listen_fd ); /* causes mbedtls_net_accept() to abort */
+ mbedtls_net_close( &client_fd ); /* causes net_read() to abort */
}
#endif
@@ -826,7 +826,8 @@
/*
* Make sure memory references are valid in case we exit early.
*/
- listen_fd = 0;
+ mbedtls_net_init( &client_fd );
+ mbedtls_net_init( &listen_fd );
mbedtls_ssl_init( &ssl );
mbedtls_ssl_config_init( &conf );
mbedtls_ctr_drbg_init( &ctr_drbg );
@@ -1842,20 +1843,17 @@
}
#endif
- if( client_fd != -1 )
- mbedtls_net_close( client_fd );
+ mbedtls_net_close( &client_fd );
mbedtls_ssl_session_reset( &ssl );
/*
* 3. Wait until a client connects
*/
- client_fd = -1;
-
mbedtls_printf( " . Waiting for a remote connection ..." );
fflush( stdout );
- if( ( ret = mbedtls_net_accept( listen_fd, &client_fd,
+ if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd,
client_ip, sizeof( client_ip ), &cliip_len ) ) != 0 )
{
#if !defined(_WIN32)
@@ -1872,9 +1870,9 @@
}
if( opt.nbio > 0 )
- ret = mbedtls_net_set_nonblock( client_fd );
+ ret = mbedtls_net_set_nonblock( &client_fd );
else
- ret = mbedtls_net_set_block( client_fd );
+ ret = mbedtls_net_set_block( &client_fd );
if( ret != 0 )
{
mbedtls_printf( " failed\n ! net_set_(non)block() returned -0x%x\n\n", -ret );
@@ -2254,8 +2252,8 @@
mbedtls_printf( " . Cleaning up..." );
fflush( stdout );
- if( client_fd != -1 )
- mbedtls_net_close( client_fd );
+ mbedtls_net_close( &client_fd );
+ mbedtls_net_close( &listen_fd );
#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO)
mbedtls_dhm_free( &dhm );
diff --git a/programs/test/udp_proxy.c b/programs/test/udp_proxy.c
index f91d42f..9962445 100644
--- a/programs/test/udp_proxy.c
+++ b/programs/test/udp_proxy.c
@@ -20,6 +20,12 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+/*
+ * Warning: this is an internal utility program we use for tests.
+ * It does break some abstractions from the NET layer, and is thus NOT an
+ * example of good general usage.
+ */
+
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
@@ -284,7 +290,7 @@
typedef struct
{
- int dst;
+ mbedtls_net_context *dst;
const char *way;
const char *type;
unsigned len;
@@ -306,7 +312,7 @@
int send_packet( const packet *p, const char *why )
{
int ret;
- int dst = p->dst;
+ mbedtls_net_context *dst = p->dst;
/* insert corrupted ApplicationData record? */
if( opt.bad_ad &&
@@ -317,7 +323,7 @@
++buf[p->len - 1];
print_packet( p, "corrupted" );
- if( ( ret = mbedtls_net_send( &dst, buf, p->len ) ) <= 0 )
+ if( ( ret = mbedtls_net_send( dst, buf, p->len ) ) <= 0 )
{
mbedtls_printf( " ! mbedtls_net_send returned %d\n", ret );
return( ret );
@@ -325,7 +331,7 @@
}
print_packet( p, why );
- if( ( ret = mbedtls_net_send( &dst, p->buf, p->len ) ) <= 0 )
+ if( ( ret = mbedtls_net_send( dst, p->buf, p->len ) ) <= 0 )
{
mbedtls_printf( " ! mbedtls_net_send returned %d\n", ret );
return( ret );
@@ -338,7 +344,7 @@
{
print_packet( p, "duplicated" );
- if( ( ret = mbedtls_net_send( &dst, p->buf, p->len ) ) <= 0 )
+ if( ( ret = mbedtls_net_send( dst, p->buf, p->len ) ) <= 0 )
{
mbedtls_printf( " ! mbedtls_net_send returned %d\n", ret );
return( ret );
@@ -392,14 +398,16 @@
}
}
-int handle_message( const char *way, int dst, int src )
+int handle_message( const char *way,
+ mbedtls_net_context *dst,
+ mbedtls_net_context *src )
{
int ret;
packet cur;
size_t id;
/* receive packet */
- if( ( ret = mbedtls_net_recv( &src, cur.buf, sizeof( cur.buf ) ) ) <= 0 )
+ if( ( ret = mbedtls_net_recv( src, cur.buf, sizeof( cur.buf ) ) ) <= 0 )
{
mbedtls_printf( " ! mbedtls_net_recv returned %d\n", ret );
return( ret );
@@ -432,7 +440,7 @@
strcmp( cur.type, "ApplicationData" ) != 0 &&
! ( opt.protect_hvr &&
strcmp( cur.type, "HelloVerifyRequest" ) == 0 ) &&
- prev.dst == 0 &&
+ prev.dst == NULL &&
cur.len != (size_t) opt.protect_len &&
dropped[id] < DROP_MAX &&
rand() % opt.delay == 0 ) )
@@ -446,7 +454,7 @@
return( ret );
/* send previously delayed message if any */
- if( prev.dst != 0 )
+ if( prev.dst != NULL )
{
ret = send_packet( &prev, "delayed" );
memset( &prev, 0, sizeof( packet ) );
@@ -462,13 +470,15 @@
{
int ret;
- int listen_fd = -1;
- int client_fd = -1;
- int server_fd = -1;
+ mbedtls_net_context listen_fd, client_fd, server_fd;
int nb_fds;
fd_set read_fds;
+ mbedtls_net_init( &listen_fd );
+ mbedtls_net_init( &client_fd );
+ mbedtls_net_init( &server_fd );
+
get_options( argc, argv );
/*
@@ -526,7 +536,7 @@
mbedtls_printf( " . Waiting for a remote connection ..." );
fflush( stdout );
- if( ( ret = mbedtls_net_accept( listen_fd, &client_fd,
+ if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd,
NULL, 0, NULL ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_net_accept returned %d\n\n", ret );
@@ -555,19 +565,19 @@
clear_pending();
memset( dropped, 0, sizeof( dropped ) );
- nb_fds = client_fd;
- if( nb_fds < server_fd )
- nb_fds = server_fd;
- if( nb_fds < listen_fd )
- nb_fds = listen_fd;
+ nb_fds = client_fd.fd;
+ if( nb_fds < server_fd.fd )
+ nb_fds = server_fd.fd;
+ if( nb_fds < listen_fd.fd )
+ nb_fds = listen_fd.fd;
++nb_fds;
while( 1 )
{
FD_ZERO( &read_fds );
- FD_SET( server_fd, &read_fds );
- FD_SET( client_fd, &read_fds );
- FD_SET( listen_fd, &read_fds );
+ FD_SET( server_fd.fd, &read_fds );
+ FD_SET( client_fd.fd, &read_fds );
+ FD_SET( listen_fd.fd, &read_fds );
if( ( ret = select( nb_fds, &read_fds, NULL, NULL, NULL ) ) <= 0 )
{
@@ -575,20 +585,20 @@
goto exit;
}
- if( FD_ISSET( listen_fd, &read_fds ) )
+ if( FD_ISSET( listen_fd.fd, &read_fds ) )
goto accept;
- if( FD_ISSET( client_fd, &read_fds ) )
+ if( FD_ISSET( client_fd.fd, &read_fds ) )
{
if( ( ret = handle_message( "S <- C",
- server_fd, client_fd ) ) != 0 )
+ &server_fd, &client_fd ) ) != 0 )
goto accept;
}
- if( FD_ISSET( server_fd, &read_fds ) )
+ if( FD_ISSET( server_fd.fd, &read_fds ) )
{
if( ( ret = handle_message( "S -> C",
- client_fd, server_fd ) ) != 0 )
+ &client_fd, &server_fd ) ) != 0 )
goto accept;
}
}
@@ -605,11 +615,9 @@
}
#endif
- if( client_fd != -1 )
- mbedtls_net_close( client_fd );
-
- if( listen_fd != -1 )
- mbedtls_net_close( listen_fd );
+ mbedtls_net_close( &client_fd );
+ mbedtls_net_close( &server_fd );
+ mbedtls_net_close( &listen_fd );
#if defined(_WIN32)
mbedtls_printf( " Press Enter to exit this program.\n" );
diff --git a/programs/x509/cert_app.c b/programs/x509/cert_app.c
index dd39805..dd5c508 100644
--- a/programs/x509/cert_app.c
+++ b/programs/x509/cert_app.c
@@ -142,7 +142,8 @@
int main( int argc, char *argv[] )
{
- int ret = 0, server_fd;
+ int ret = 0;
+ mbedtls_net_context server_fd;
unsigned char buf[1024];
mbedtls_entropy_context entropy;
mbedtls_ctr_drbg_context ctr_drbg;
@@ -161,7 +162,7 @@
/*
* Set to sane values
*/
- server_fd = 0;
+ mbedtls_net_init( &server_fd );
mbedtls_ctr_drbg_init( &ctr_drbg );
mbedtls_ssl_init( &ssl );
mbedtls_ssl_config_init( &conf );
@@ -474,8 +475,7 @@
exit:
- if( server_fd )
- mbedtls_net_close( server_fd );
+ mbedtls_net_close( &server_fd );
mbedtls_x509_crt_free( &cacert );
mbedtls_x509_crt_free( &clicert );
#if defined(MBEDTLS_X509_CRL_PARSE_C)