TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / a3d195c41f91a88b9a953b49bfb1be32915a4255 / . / programs / ssl / ssl_client2.c
blob: 38251067a4f4168c6ebe44863fb5b0b7aa205907 [file] [log] [blame]
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1/*
2 * SSL client with certificate authentication
3 *
Paul Bakkercce9d772011-11-18 14:26:47 +0000[diff] [blame]4 * Copyright (C) 2006-2011, Brainspark B.V.
Paul Bakkerb96f1542010-07-18 20:36:00 +0000[diff] [blame]5 *
6 * This file is part of PolarSSL (http://www.polarssl.org)
Paul Bakker84f12b72010-07-18 10:13:04 +0000[diff] [blame]7 * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
Paul Bakkerb96f1542010-07-18 20:36:00 +0000[diff] [blame]8 *
Paul Bakker77b385e2009-07-28 17:23:11 +0000[diff] [blame]9 * All rights reserved.
Paul Bakkere0ccd0a2009-01-04 16:27:10 +0000[diff] [blame]10 *
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License as published by
13 * the Free Software Foundation; either version 2 of the License, or
14 * (at your option) any later version.
15 *
16 * This program is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 * GNU General Public License for more details.
20 *
21 * You should have received a copy of the GNU General Public License along
22 * with this program; if not, write to the Free Software Foundation, Inc.,
23 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
24 */
25
26#ifndef _CRT_SECURE_NO_DEPRECATE
27#define _CRT_SECURE_NO_DEPRECATE 1
28#endif
29
30#include <string.h>
Paul Bakker9caf2d22010-02-18 19:37:19 +0000[diff] [blame]31#include <stdlib.h>
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]32#include <stdio.h>
33
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]34#include "polarssl/config.h"
35
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]36#include "polarssl/net.h"
37#include "polarssl/ssl.h"
38#include "polarssl/havege.h"
39#include "polarssl/certs.h"
40#include "polarssl/x509.h"
Paul Bakkera3d195c2011-11-27 21:07:34 +0000[diff] [blame^]41#include "polarssl/error.h"
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]42
Paul Bakker9caf2d22010-02-18 19:37:19 +0000[diff] [blame]43#define DFL_SERVER_NAME "localhost"
44#define DFL_SERVER_PORT 4433
45#define DFL_REQUEST_PAGE "/"
46#define DFL_DEBUG_LEVEL 0
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]47#define DFL_CA_FILE ""
Paul Bakker67968392010-07-18 08:28:20 +0000[diff] [blame]48#define DFL_CRT_FILE ""
49#define DFL_KEY_FILE ""
Paul Bakker51936882011-02-20 16:05:58 +0000[diff] [blame]50#define DFL_FORCE_CIPHER 0
Paul Bakker0e6975b2009-02-10 22:19:10 +0000[diff] [blame]51
Paul Bakker9caf2d22010-02-18 19:37:19 +0000[diff] [blame]52#define GET_REQUEST "GET %s HTTP/1.0\r\n\r\n"
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]53
Paul Bakker9caf2d22010-02-18 19:37:19 +0000[diff] [blame]54/*
55 * global options
56 */
57struct options
58{
Paul Bakker67968392010-07-18 08:28:20 +0000[diff] [blame]59 char *server_name; /* hostname of the server (client only) */
60 int server_port; /* port on which the ssl service runs */
61 int debug_level; /* level of debugging */
62 char *request_page; /* page on server to request */
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]63 char *ca_file; /* the file with the CA certificate(s) */
Paul Bakker67968392010-07-18 08:28:20 +0000[diff] [blame]64 char *crt_file; /* the file with the client certificate */
65 char *key_file; /* the file with the client key */
Paul Bakker51936882011-02-20 16:05:58 +0000[diff] [blame]66 int force_ciphersuite[2]; /* protocol/ciphersuite to use, or all */
Paul Bakker9caf2d22010-02-18 19:37:19 +0000[diff] [blame]67} opt;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]68
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]69void my_debug( void *ctx, int level, const char *str )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]70{
Paul Bakker9caf2d22010-02-18 19:37:19 +0000[diff] [blame]71 if( level < opt.debug_level )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]72 {
73 fprintf( (FILE *) ctx, "%s", str );
74 fflush( (FILE *) ctx );
75 }
76}
77
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]78#if defined(POLARSSL_FS_IO)
79#define USAGE_IO \
80 " ca_file=%%s default: \"\" (pre-loaded)\n" \
81 " crt_file=%%s default: \"\" (pre-loaded)\n" \
82 " key_file=%%s default: \"\" (pre-loaded)\n"
83#else
84#define USAGE_IO \
85 " No file operations available (POLARSSL_FS_IO not defined)\n"
86#endif /* POLARSSL_FS_IO */
87
Paul Bakker9caf2d22010-02-18 19:37:19 +0000[diff] [blame]88#define USAGE \
Paul Bakker67968392010-07-18 08:28:20 +0000[diff] [blame]89 "\n usage: ssl_client2 param=<>...\n" \
90 "\n acceptable parameters:\n" \
91 " server_name=%%s default: localhost\n" \
92 " server_port=%%d default: 4433\n" \
93 " debug_level=%%d default: 0 (disabled)\n" \
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]94 USAGE_IO \
Paul Bakker67968392010-07-18 08:28:20 +0000[diff] [blame]95 " request_page=%%s default: \".\"\n" \
Paul Bakker51936882011-02-20 16:05:58 +0000[diff] [blame]96 " force_ciphersuite=<name> default: all enabled\n"\
97 " acceptable ciphersuite names:\n"
Paul Bakker9caf2d22010-02-18 19:37:19 +0000[diff] [blame]98
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]99#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_HAVEGE_C) || \
100 !defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_CLI_C) || \
101 !defined(POLARSSL_NET_C) || !defined(POLARSSL_RSA_C)
Paul Bakkercce9d772011-11-18 14:26:47 +0000[diff] [blame]102int main( int argc, char *argv[] )
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]103{
Paul Bakkercce9d772011-11-18 14:26:47 +0000[diff] [blame]104 ((void) argc);
105 ((void) argv);
106
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]107 printf("POLARSSL_BIGNUM_C and/or POLARSSL_HAVEGE_C and/or "
108 "POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_CLI_C and/or "
109 "POLARSSL_NET_C and/or POLARSSL_RSA_C not defined.\n");
110 return( 0 );
111}
112#else
Paul Bakker9caf2d22010-02-18 19:37:19 +0000[diff] [blame]113int main( int argc, char *argv[] )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]114{
Paul Bakkerf80d4532010-03-16 21:16:04 +0000[diff] [blame]115 int ret = 0, len, server_fd;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]116 unsigned char buf[1024];
117 havege_state hs;
118 ssl_context ssl;
119 ssl_session ssn;
120 x509_cert cacert;
121 x509_cert clicert;
122 rsa_context rsa;
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]123 int i;
124 size_t j, n;
Paul Bakker9caf2d22010-02-18 19:37:19 +0000[diff] [blame]125 char *p, *q;
Paul Bakker51936882011-02-20 16:05:58 +0000[diff] [blame]126 const int *list;
Paul Bakker9caf2d22010-02-18 19:37:19 +0000[diff] [blame]127
Paul Bakker1a207ec2011-02-06 13:22:40 +0000[diff] [blame]128 /*
129 * Make sure memory references are valid.
130 */
131 server_fd = 0;
132 memset( &ssn, 0, sizeof( ssl_session ) );
133 memset( &ssl, 0, sizeof( ssl_context ) );
134 memset( &cacert, 0, sizeof( x509_cert ) );
135 memset( &clicert, 0, sizeof( x509_cert ) );
136 memset( &rsa, 0, sizeof( rsa_context ) );
137
Paul Bakker9caf2d22010-02-18 19:37:19 +0000[diff] [blame]138 if( argc == 0 )
139 {
140 usage:
141 printf( USAGE );
Paul Bakker51936882011-02-20 16:05:58 +0000[diff] [blame]142
143 list = ssl_list_ciphersuites();
144 while( *list )
145 {
146 printf(" %s\n", ssl_get_ciphersuite_name( *list ) );
147 list++;
148 }
149 printf("\n");
Paul Bakker9caf2d22010-02-18 19:37:19 +0000[diff] [blame]150 goto exit;
151 }
152
153 opt.server_name = DFL_SERVER_NAME;
154 opt.server_port = DFL_SERVER_PORT;
155 opt.debug_level = DFL_DEBUG_LEVEL;
156 opt.request_page = DFL_REQUEST_PAGE;
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]157 opt.ca_file = DFL_CA_FILE;
Paul Bakker67968392010-07-18 08:28:20 +0000[diff] [blame]158 opt.crt_file = DFL_CRT_FILE;
159 opt.key_file = DFL_KEY_FILE;
Paul Bakker51936882011-02-20 16:05:58 +0000[diff] [blame]160 opt.force_ciphersuite[0]= DFL_FORCE_CIPHER;
Paul Bakker9caf2d22010-02-18 19:37:19 +0000[diff] [blame]161
162 for( i = 1; i < argc; i++ )
163 {
164 n = strlen( argv[i] );
Paul Bakker9caf2d22010-02-18 19:37:19 +0000[diff] [blame]165
166 for( j = 0; j < n; j++ )
167 {
168 if( argv[i][j] >= 'A' && argv[i][j] <= 'Z' )
169 argv[i][j] |= 0x20;
170 }
171
172 p = argv[i];
173 if( ( q = strchr( p, '=' ) ) == NULL )
174 goto usage;
175 *q++ = '\0';
176
177 if( strcmp( p, "server_name" ) == 0 )
178 opt.server_name = q;
179 else if( strcmp( p, "server_port" ) == 0 )
180 {
181 opt.server_port = atoi( q );
182 if( opt.server_port < 1 || opt.server_port > 65535 )
183 goto usage;
184 }
185 else if( strcmp( p, "debug_level" ) == 0 )
186 {
187 opt.debug_level = atoi( q );
188 if( opt.debug_level < 0 || opt.debug_level > 65535 )
189 goto usage;
190 }
191 else if( strcmp( p, "request_page" ) == 0 )
192 opt.request_page = q;
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]193 else if( strcmp( p, "ca_file" ) == 0 )
194 opt.ca_file = q;
Paul Bakker67968392010-07-18 08:28:20 +0000[diff] [blame]195 else if( strcmp( p, "crt_file" ) == 0 )
196 opt.crt_file = q;
197 else if( strcmp( p, "key_file" ) == 0 )
198 opt.key_file = q;
Paul Bakker51936882011-02-20 16:05:58 +0000[diff] [blame]199 else if( strcmp( p, "force_ciphersuite" ) == 0 )
200 {
201 opt.force_ciphersuite[0] = -1;
202
203 opt.force_ciphersuite[0] = ssl_get_ciphersuite_id( q );
204
205 if( opt.force_ciphersuite[0] <= 0 )
206 goto usage;
207
208 opt.force_ciphersuite[1] = 0;
209 }
Paul Bakker9caf2d22010-02-18 19:37:19 +0000[diff] [blame]210 else
211 goto usage;
212 }
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]213
214 /*
215 * 0. Initialize the RNG and the session data
216 */
217 havege_init( &hs );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]218
219 /*
220 * 1.1. Load the trusted CA
221 */
222 printf( "\n . Loading the CA root certificate ..." );
223 fflush( stdout );
224
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]225#if defined(POLARSSL_FS_IO)
226 if( strlen( opt.ca_file ) )
227 ret = x509parse_crtfile( &cacert, opt.ca_file );
228 else
229#endif
230#if defined(POLARSSL_CERTS_C)
231 ret = x509parse_crt( &cacert, (unsigned char *) test_ca_crt,
232 strlen( test_ca_crt ) );
233#else
234 {
235 ret = 1;
236 printf("POLARSSL_CERTS_C not defined.");
237 }
238#endif
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]239 if( ret != 0 )
240 {
241 printf( " failed\n ! x509parse_crt returned %d\n\n", ret );
242 goto exit;
243 }
244
245 printf( " ok\n" );
246
247 /*
248 * 1.2. Load own certificate and private key
249 *
250 * (can be skipped if client authentication is not required)
251 */
252 printf( " . Loading the client cert. and key..." );
253 fflush( stdout );
254
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]255#if defined(POLARSSL_FS_IO)
Paul Bakker67968392010-07-18 08:28:20 +0000[diff] [blame]256 if( strlen( opt.crt_file ) )
257 ret = x509parse_crtfile( &clicert, opt.crt_file );
258 else
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]259#endif
260#if defined(POLARSSL_CERTS_C)
Paul Bakker67968392010-07-18 08:28:20 +0000[diff] [blame]261 ret = x509parse_crt( &clicert, (unsigned char *) test_cli_crt,
262 strlen( test_cli_crt ) );
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]263#else
264 {
265 ret = 1;
266 printf("POLARSSL_CERTS_C not defined.");
267 }
268#endif
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]269 if( ret != 0 )
270 {
271 printf( " failed\n ! x509parse_crt returned %d\n\n", ret );
272 goto exit;
273 }
274
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]275#if defined(POLARSSL_FS_IO)
Paul Bakker67968392010-07-18 08:28:20 +0000[diff] [blame]276 if( strlen( opt.key_file ) )
277 ret = x509parse_keyfile( &rsa, opt.key_file, "" );
278 else
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]279#endif
280#if defined(POLARSSL_CERTS_C)
Paul Bakker67968392010-07-18 08:28:20 +0000[diff] [blame]281 ret = x509parse_key( &rsa, (unsigned char *) test_cli_key,
282 strlen( test_cli_key ), NULL, 0 );
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]283#else
284 {
285 ret = 1;
286 printf("POLARSSL_CERTS_C not defined.");
287 }
288#endif
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]289 if( ret != 0 )
290 {
291 printf( " failed\n ! x509parse_key returned %d\n\n", ret );
292 goto exit;
293 }
294
295 printf( " ok\n" );
296
297 /*
298 * 2. Start the connection
299 */
Paul Bakker9caf2d22010-02-18 19:37:19 +0000[diff] [blame]300 printf( " . Connecting to tcp/%s/%-4d...", opt.server_name,
301 opt.server_port );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]302 fflush( stdout );
303
Paul Bakker9caf2d22010-02-18 19:37:19 +0000[diff] [blame]304 if( ( ret = net_connect( &server_fd, opt.server_name,
305 opt.server_port ) ) != 0 )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]306 {
307 printf( " failed\n ! net_connect returned %d\n\n", ret );
308 goto exit;
309 }
310
311 printf( " ok\n" );
312
313 /*
314 * 3. Setup stuff
315 */
316 printf( " . Setting up the SSL/TLS structure..." );
317 fflush( stdout );
318
319 havege_init( &hs );
320
321 if( ( ret = ssl_init( &ssl ) ) != 0 )
322 {
323 printf( " failed\n ! ssl_init returned %d\n\n", ret );
324 goto exit;
325 }
326
327 printf( " ok\n" );
328
329 ssl_set_endpoint( &ssl, SSL_IS_CLIENT );
330 ssl_set_authmode( &ssl, SSL_VERIFY_OPTIONAL );
331
Paul Bakkera3d195c2011-11-27 21:07:34 +0000[diff] [blame^]332 ssl_set_rng( &ssl, havege_random, &hs );
Paul Bakker9caf2d22010-02-18 19:37:19 +0000[diff] [blame]333 ssl_set_dbg( &ssl, my_debug, stdout );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]334 ssl_set_bio( &ssl, net_recv, &server_fd,
335 net_send, &server_fd );
336
Paul Bakker51936882011-02-20 16:05:58 +0000[diff] [blame]337 if( opt.force_ciphersuite[0] == DFL_FORCE_CIPHER )
338 ssl_set_ciphersuites( &ssl, ssl_default_ciphersuites );
339 else
340 ssl_set_ciphersuites( &ssl, opt.force_ciphersuite );
341
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]342 ssl_set_session( &ssl, 1, 600, &ssn );
343
Paul Bakker9caf2d22010-02-18 19:37:19 +0000[diff] [blame]344 ssl_set_ca_chain( &ssl, &cacert, NULL, opt.server_name );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]345 ssl_set_own_cert( &ssl, &clicert, &rsa );
346
Paul Bakker9caf2d22010-02-18 19:37:19 +0000[diff] [blame]347 ssl_set_hostname( &ssl, opt.server_name );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]348
349 /*
350 * 4. Handshake
351 */
352 printf( " . Performing the SSL/TLS handshake..." );
353 fflush( stdout );
354
355 while( ( ret = ssl_handshake( &ssl ) ) != 0 )
356 {
Paul Bakker831a7552011-05-18 13:32:51 +0000[diff] [blame]357 if( ret != POLARSSL_ERR_NET_WANT_READ && ret != POLARSSL_ERR_NET_WANT_WRITE )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]358 {
359 printf( " failed\n ! ssl_handshake returned %d\n\n", ret );
360 goto exit;
361 }
362 }
363
Paul Bakkere3166ce2011-01-27 17:40:50 +0000[diff] [blame]364 printf( " ok\n [ Ciphersuite is %s ]\n",
365 ssl_get_ciphersuite( &ssl ) );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]366
367 /*
368 * 5. Verify the server certificate
369 */
370 printf( " . Verifying peer X.509 certificate..." );
371
372 if( ( ret = ssl_get_verify_result( &ssl ) ) != 0 )
373 {
374 printf( " failed\n" );
375
376 if( ( ret & BADCERT_EXPIRED ) != 0 )
377 printf( " ! server certificate has expired\n" );
378
379 if( ( ret & BADCERT_REVOKED ) != 0 )
380 printf( " ! server certificate has been revoked\n" );
381
382 if( ( ret & BADCERT_CN_MISMATCH ) != 0 )
Paul Bakker9caf2d22010-02-18 19:37:19 +0000[diff] [blame]383 printf( " ! CN mismatch (expected CN=%s)\n", opt.server_name );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]384
385 if( ( ret & BADCERT_NOT_TRUSTED ) != 0 )
386 printf( " ! self-signed or not signed by a trusted CA\n" );
387
388 printf( "\n" );
389 }
390 else
391 printf( " ok\n" );
392
393 printf( " . Peer certificate information ...\n" );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]394 x509parse_cert_info( (char *) buf, sizeof( buf ) - 1, " ", ssl.peer_cert );
395 printf( "%s\n", buf );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]396
397 /*
398 * 6. Write the GET request
399 */
400 printf( " > Write to server:" );
401 fflush( stdout );
402
Paul Bakker9caf2d22010-02-18 19:37:19 +0000[diff] [blame]403 len = sprintf( (char *) buf, GET_REQUEST, opt.request_page );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]404
405 while( ( ret = ssl_write( &ssl, buf, len ) ) <= 0 )
406 {
Paul Bakker831a7552011-05-18 13:32:51 +0000[diff] [blame]407 if( ret != POLARSSL_ERR_NET_WANT_READ && ret != POLARSSL_ERR_NET_WANT_WRITE )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]408 {
409 printf( " failed\n ! ssl_write returned %d\n\n", ret );
410 goto exit;
411 }
412 }
413
414 len = ret;
415 printf( " %d bytes written\n\n%s", len, (char *) buf );
416
417 /*
418 * 7. Read the HTTP response
419 */
420 printf( " < Read from server:" );
421 fflush( stdout );
422
423 do
424 {
425 len = sizeof( buf ) - 1;
426 memset( buf, 0, sizeof( buf ) );
427 ret = ssl_read( &ssl, buf, len );
428
Paul Bakker831a7552011-05-18 13:32:51 +0000[diff] [blame]429 if( ret == POLARSSL_ERR_NET_WANT_READ || ret == POLARSSL_ERR_NET_WANT_WRITE )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]430 continue;
431
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]432 if( ret == POLARSSL_ERR_SSL_PEER_CLOSE_NOTIFY )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]433 break;
434
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]435 if( ret < 0 )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]436 {
437 printf( "failed\n ! ssl_read returned %d\n\n", ret );
438 break;
439 }
440
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]441 if( ret == 0 )
442 {
443 printf("\n\nEOF\n\n");
444 break;
445 }
446
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]447 len = ret;
448 printf( " %d bytes read\n\n%s", len, (char *) buf );
449 }
Paul Bakkerf3571312011-05-20 12:32:35 +0000[diff] [blame]450 while( 1 );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]451
452 ssl_close_notify( &ssl );
453
454exit:
455
Paul Bakkera3d195c2011-11-27 21:07:34 +0000[diff] [blame^]456#ifdef POLARSSL_ERROR_C
457 if( ret != 0 )
458 {
459 char error_buf[100];
460 error_strerror( ret, error_buf, 100 );
461 printf("Last error was: %d - %s\n\n", ret, error_buf );
462 }
463#endif
464
Paul Bakker1a207ec2011-02-06 13:22:40 +0000[diff] [blame]465 if( server_fd )
466 net_close( server_fd );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]467 x509_free( &clicert );
468 x509_free( &cacert );
469 rsa_free( &rsa );
470 ssl_free( &ssl );
471
472 memset( &ssl, 0, sizeof( ssl ) );
473
Paul Bakkercce9d772011-11-18 14:26:47 +0000[diff] [blame]474#if defined(_WIN32)
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]475 printf( " + Press Enter to exit this program.\n" );
476 fflush( stdout ); getchar();
477#endif
478
479 return( ret );
480}
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]481#endif /* POLARSSL_BIGNUM_C && POLARSSL_HAVEGE_C && POLARSSL_SSL_TLS_C &&
482 POLARSSL_SSL_CLI_C && POLARSSL_NET_C && POLARSSL_RSA_C */