mars_nwe/mars-matrixssl
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

MatrixSSL 4.5.1

Browse Source
This commit is contained in:
Janne Johansson
2022-07-29 12:30:12 +03:00
parent b135459c88
commit 69b5f2c6c3
475 changed files with 7064 additions and 3948 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
apps/common/Makefile
View File

@@ -1,7 +1,7 @@
#
# Makefile for common apps code
#
# Copyright (c) 2013-2016 INSIDE Secure Corporation. All Rights Reserved.
# Copyright (c) 2013-2016 Rambus Inc. All Rights Reserved.
#
MATRIXSSL_ROOT:=../..

6
apps/common/client_common.c
View File

@@ -5,7 +5,7 @@
* MatrixSSL client common code.
*/
/*
* Copyright (c) 2013-2017 INSIDE Secure Corporation
* Copyright (c) 2013-2017 Rambus Inc.
* Copyright (c) PeerSec Networks, 2002-2011
* All Rights Reserved
*
@@ -18,8 +18,8 @@
*
* This General Public License does NOT permit incorporating this software
* into proprietary programs. If you are unable to comply with the GPL, a
* commercial license for this software may be purchased from INSIDE at
* http://www.insidesecure.com/
* commercial license for this software may be purchased from Rambus at
* http://www.rambus.com/
*
* This program is distributed in WITHOUT ANY WARRANTY; without even the
* implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

6
apps/common/client_common.h
View File

@@ -5,7 +5,7 @@
* MatrixSSL client common code.
*/
/*
* Copyright (c) 2013-2017 INSIDE Secure Corporation
* Copyright (c) 2013-2017 Rambus Inc.
* Copyright (c) PeerSec Networks, 2002-2011
* All Rights Reserved
*
@@ -18,8 +18,8 @@
*
* This General Public License does NOT permit incorporating this software
* into proprietary programs. If you are unable to comply with the GPL, a
* commercial license for this software may be purchased from INSIDE at
* http://www.insidesecure.com/
* commercial license for this software may be purchased from Rambus at
* http://www.rambus.com/
*
* This program is distributed in WITHOUT ANY WARRANTY; without even the
* implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

6
apps/common/clientconfig.c
View File

@@ -5,7 +5,7 @@
* MatrixSSL client configuration code.
*/
/*
* Copyright (c) 2013-2017 INSIDE Secure Corporation
* Copyright (c) 2013-2017 Rambus Inc.
* Copyright (c) PeerSec Networks, 2002-2011
* All Rights Reserved
*
@@ -18,8 +18,8 @@
*
* This General Public License does NOT permit incorporating this software
* into proprietary programs. If you are unable to comply with the GPL, a
* commercial license for this software may be purchased from INSIDE at
* http://www.insidesecure.com/
* commercial license for this software may be purchased from Rambus at
* http://www.rambus.com/
*
* This program is distributed in WITHOUT ANY WARRANTY; without even the
* implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

6
apps/common/load_keys.c
View File

@@ -5,7 +5,7 @@
* MatrixSSL key loading helpers.
*/
/*
* Copyright (c) 2013-2017 INSIDE Secure Corporation
* Copyright (c) 2013-2017 Rambus Inc.
* Copyright (c) PeerSec Networks, 2002-2011
* All Rights Reserved
*
@@ -18,8 +18,8 @@
*
* This General Public License does NOT permit incorporating this software
* into proprietary programs. If you are unable to comply with the GPL, a
* commercial license for this software may be purchased from INSIDE at
* http://www.insidesecure.com/
* commercial license for this software may be purchased from Rambus at
* http://www.rambus.com/
*
* This program is distributed in WITHOUT ANY WARRANTY; without even the
* implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

2
apps/dtls/Makefile
View File

@@ -3,7 +3,7 @@
# 'make' builds debug (Default).
# 'make gold' builds optimized.
#
# Copyright (c) 2013-2016 INSIDE Secure Corporation. All Rights Reserved.
# Copyright (c) 2013-2016 Rambus Inc. All Rights Reserved.
#
MATRIXSSL_ROOT:=../..

6
apps/dtls/dtlsClient.c
View File

@@ -5,7 +5,7 @@
* MatrixDTLS client example.
*/
/*
* Copyright (c) 2014-2017 INSIDE Secure Corporation
* Copyright (c) 2014-2017 Rambus Inc.
* Copyright (c) PeerSec Networks, 2002-2011
* All Rights Reserved
*
@@ -18,8 +18,8 @@
*
* This General Public License does NOT permit incorporating this software
* into proprietary programs. If you are unable to comply with the GPL, a
* commercial license for this software may be purchased from INSIDE at
* http://www.insidesecure.com/
* commercial license for this software may be purchased from Rambus at
* http://www.rambus.com/
*
* This program is distributed in WITHOUT ANY WARRANTY; without even the
* implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

6
apps/dtls/dtlsCommon.c
View File

@@ -3,7 +3,7 @@
* @version $Format:%h%d$
*/
/*
* Copyright (c) 2014-2017 INSIDE Secure Corporation
* Copyright (c) 2014-2017 Rambus Inc.
* Copyright (c) PeerSec Networks, 2002-2011
* All Rights Reserved
*
@@ -16,8 +16,8 @@
*
* This General Public License does NOT permit incorporating this software
* into proprietary programs. If you are unable to comply with the GPL, a
* commercial license for this software may be purchased from INSIDE at
* http://www.insidesecure.com/
* commercial license for this software may be purchased from Rambus at
* http://www.rambus.com/
*
* This program is distributed in WITHOUT ANY WARRANTY; without even the
* implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

6
apps/dtls/dtlsCommon.h
View File

@@ -3,7 +3,7 @@
* @version $Format:%h%d$
*/
/*
* Copyright (c) 2014-2017 INSIDE Secure Corporation
* Copyright (c) 2014-2017 Rambus Inc.
* Copyright (c) PeerSec Networks, 2002-2011
* All Rights Reserved
*
@@ -16,8 +16,8 @@
*
* This General Public License does NOT permit incorporating this software
* into proprietary programs. If you are unable to comply with the GPL, a
* commercial license for this software may be purchased from INSIDE at
* http://www.insidesecure.com/
* commercial license for this software may be purchased from Rambus at
* http://www.rambus.com/
*
* This program is distributed in WITHOUT ANY WARRANTY; without even the
* implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

109
apps/dtls/dtlsServer.c
View File

@@ -6,7 +6,7 @@
* Supports multiple simultaneous clients and non-blocking sockets
*/
/*
* Copyright (c) 2014-2017 INSIDE Secure Corporation
* Copyright (c) 2014-2017 Rambus Inc.
* Copyright (c) PeerSec Networks, 2002-2011
* All Rights Reserved
*
@@ -19,8 +19,8 @@
*
* This General Public License does NOT permit incorporating this software
* into proprietary programs. If you are unable to comply with the GPL, a
* commercial license for this software may be purchased from INSIDE at
* http://www.insidesecure.com/
* commercial license for this software may be purchased from Rambus at
* http://www.rambus.com/
*
* This program is distributed in WITHOUT ANY WARRANTY; without even the
* implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
@@ -43,8 +43,11 @@
#include "dtlsCommon.h"
/* Currently this example uses _psTrace for tracing, so osdep.h is needed: */
#ifndef ENABLE_COMBINED_TLS_DTLS
#include "core/osdep.h"
#include "core/psUtil.h"
#endif
#include "osdep_sys_time.h"
#include "osdep_stdio.h"
@@ -89,7 +92,9 @@ static SOCKET newUdpSocket(char *ip, short port, int *err);
static int sigsetup(void);
static void sigsegv_handler(int);
static void sigintterm_handler(int);
static void usage(void);
#ifndef ENABLE_COMBINED_TLS_DTLS
static void dtls_usage(void);
#endif
static int32 process_cmd_options(int32 argc, char **argv);
# ifdef USE_DTLS_DEBUG_TRACE
@@ -327,12 +332,12 @@ static char ecCAFile[] = "testkeys/EC/ALL_EC_CAS_EXCEPT_P192_AND_P521.pem";
static int exitFlag;
static int dtls_exitFlag;
static uint32_t g_rsaKeySize;
static uint32_t g_eccKeySize;
static uint32_t g_ecdhKeySize;
static int g_port;
static uint32_t g_rsaKeySize_dtls;
static uint32_t g_eccKeySize_dtls;
static uint32_t g_ecdhKeySize_dtls;
static int g_dtls_port = 4433;
# ifdef USE_CERT_VALIDATOR
/******************************************************************************/
@@ -370,7 +375,8 @@ static int32 certValidator(ssl_t *ssl, psX509Cert_t *cert, int32 alert)
# define certValidator NULL
# endif /* USE_CERT_VALIDATOR */
static void usage(void)
#ifndef ENABLE_COMBINED_TLS_DTLS
static void dtls_usage(void)
{
Printf("\nusage: dltsServer { option }\n"
"\n"
@@ -387,6 +393,7 @@ static void usage(void)
"-p <value> - Port number to use\n"
);
}
#endif
/* Return 0 on good set of cmd options, return -1 if a bad cmd option is
encountered OR a request for help is seen (i.e. '-h' option). */
@@ -395,8 +402,8 @@ static int32 process_cmd_options(int32 argc, char **argv)
int32 optionChar;
/* Set some default options: */
g_rsaKeySize = 2048;
g_eccKeySize = g_ecdhKeySize = 256;
g_rsaKeySize_dtls = 2048;
g_eccKeySize_dtls = g_ecdhKeySize_dtls = 256;
opterr = 0;
while ((optionChar = getopt(argc, argv, "hr:e:d:l:p:")) != -1)
@@ -410,9 +417,9 @@ static int32 process_cmd_options(int32 argc, char **argv)
break;
case 'r':
g_rsaKeySize = atoi(optarg);
if ((g_rsaKeySize != 1024) && (g_rsaKeySize != 2048)
&& (g_rsaKeySize != 3072) && (g_rsaKeySize != 4096))
g_rsaKeySize_dtls = atoi(optarg);
if ((g_rsaKeySize_dtls != 1024) && (g_rsaKeySize_dtls != 2048)
&& (g_rsaKeySize_dtls != 3072) && (g_rsaKeySize_dtls != 4096))
{
Printf("invalid -r option\n");
return -1;
@@ -420,10 +427,10 @@ static int32 process_cmd_options(int32 argc, char **argv)
break;
case 'e':
g_eccKeySize = atoi(optarg);
if ((g_eccKeySize != 192) && (g_eccKeySize != 224)
&& (g_eccKeySize != 256) && (g_eccKeySize != 384)
&& (g_eccKeySize != 521))
g_eccKeySize_dtls = atoi(optarg);
if ((g_eccKeySize_dtls != 192) && (g_eccKeySize_dtls != 224)
&& (g_eccKeySize_dtls != 256) && (g_eccKeySize_dtls != 384)
&& (g_eccKeySize_dtls != 521))
{
Printf("invalid -e option\n");
return -1;
@@ -431,8 +438,8 @@ static int32 process_cmd_options(int32 argc, char **argv)
break;
case 'd':
g_ecdhKeySize = atoi(optarg);
if ((g_ecdhKeySize != 256) && (g_ecdhKeySize != 521))
g_ecdhKeySize_dtls = atoi(optarg);
if ((g_ecdhKeySize_dtls != 256) && (g_ecdhKeySize_dtls != 521))
{
Printf("invalid -d option\n");
return -1;
@@ -455,8 +462,8 @@ static int32 process_cmd_options(int32 argc, char **argv)
break;
# endif /* DTLS_PACKET_LOSS_TEST */
case 'p':
g_port = atoi(optarg);
if (g_port < 0)
g_dtls_port = atoi(optarg);
if (g_dtls_port < 0)
{
Printf("invalid -p option\n");
return -1;
@@ -482,9 +489,6 @@ int main(int argc, char **argv)
fd_set readfd;
unsigned char *sslBuf, *recvfromBuf, *CAstream;
# ifdef USE_DTLS_DEBUG_TRACE
unsigned char *addrstr;
# endif
# if !defined(ID_PSK) && !defined(ID_DHE_PSK)
unsigned char *keyValue, *certValue;
int32 keyLen, certLen;
@@ -507,8 +511,10 @@ int main(int argc, char **argv)
if (0 != process_cmd_options(argc, argv))
{
usage();
#ifndef ENABLE_COMBINED_TLS_DTLS
dtls_usage();
return 0;
#endif
}
if (sigsetup() < 0)
{
@@ -564,7 +570,7 @@ int main(int argc, char **argv)
# endif
# ifdef EXAMPLE_RSA_KEYS
switch (g_rsaKeySize)
switch (g_rsaKeySize_dtls)
{
case 1024:
certValue = (unsigned char *) RSA1024;
@@ -591,7 +597,7 @@ int main(int argc, char **argv)
keyLen = sizeof(RSA4096KEY);
break;
default:
_psTraceInt("Invalid RSA key length (%d)\n", g_rsaKeySize);
_psTraceInt("Invalid RSA key length (%d)\n", g_rsaKeySize_dtls);
goto CLIENT_EXIT;
}
@@ -606,7 +612,7 @@ int main(int argc, char **argv)
# ifdef EXAMPLE_ECDH_RSA_KEYS
switch (g_ecdhKeySize)
switch (g_ecdhKeySize_dtls)
{
case 256:
certValue = (unsigned char *) ECDHRSA256;
@@ -621,7 +627,7 @@ int main(int argc, char **argv)
keyLen = sizeof(ECDHRSA521KEY);
break;
default:
_psTraceInt("Invalid ECDH_RSA key length (%d)\n", g_ecdhKeySize);
_psTraceInt("Invalid ECDH_RSA key length (%d)\n", g_ecdhKeySize_dtls);
goto CLIENT_EXIT;
}
@@ -635,7 +641,7 @@ int main(int argc, char **argv)
# endif
# ifdef EXAMPLE_EC_KEYS
switch (g_eccKeySize)
switch (g_eccKeySize_dtls)
{
case 192:
certValue = (unsigned char *) EC192;
@@ -668,7 +674,7 @@ int main(int argc, char **argv)
keyLen = sizeof(EC521KEY);
break;
default:
_psTraceInt("Invalid ECC key length (%d)\n", g_eccKeySize);
_psTraceInt("Invalid ECC key length (%d)\n", g_eccKeySize_dtls);
goto CLIENT_EXIT;
}
@@ -694,7 +700,7 @@ int main(int argc, char **argv)
*/
CAstreamLen = 0;
# ifdef USE_RSA
if (g_rsaKeySize == 3072)
if (g_rsaKeySize_dtls == 3072)
{
CAstreamLen += (int32) Strlen(rsaCA3072File) + 1;
}
@@ -714,7 +720,7 @@ int main(int argc, char **argv)
CAstreamLen = 0;
# ifdef USE_RSA
if (g_rsaKeySize == 3072)
if (g_rsaKeySize_dtls == 3072)
{
Memcpy(CAstream, rsaCA3072File, Strlen(rsaCA3072File));
CAstreamLen += Strlen(rsaCA3072File);
@@ -799,7 +805,19 @@ int main(int argc, char **argv)
}
# endif /* PSK */
recvfromBufLen = matrixDtlsGetPmtu();
for (int i = 0; i < 10; i++) {
recvfromBufLen = matrixDtlsGetPmtu();
if (recvfromBufLen) break;
Sleep(1);
}
_psTraceInt("RECVFROM buf len:%d\n", recvfromBufLen);
if (recvfromBufLen == 0) {
rc = PS_PLATFORM_FAIL;
_psTrace("Init error getting pmtu?!\n");
goto CLIENT_EXIT;
}
if ((recvfromBuf = psMalloc(MATRIX_NO_POOL, recvfromBufLen)) == NULL)
{
rc = PS_MEM_FAIL;
@@ -807,15 +825,15 @@ int main(int argc, char **argv)
goto CLIENT_EXIT;
}
if ((sock = newUdpSocket(NULL, g_port, &err)) == INVALID_SOCKET)
if ((sock = newUdpSocket(NULL, g_dtls_port, &err)) == INVALID_SOCKET)
{
_psTrace("Error creating UDP socket\n");
goto DTLS_EXIT;
}
_psTraceInt("DTLS server running on port %d\n", g_port);
_psTraceInt("DTLS server running on port %d\n", g_dtls_port);
/* Server loop */
for (exitFlag = 0; exitFlag == 0; )
for (dtls_exitFlag = 0; dtls_exitFlag == 0; )
{
timeout.tv_sec = 1;
timeout.tv_usec = 0;
@@ -831,12 +849,13 @@ int main(int argc, char **argv)
if (val > 0 && FD_ISSET(sock, &readfd))
{
_psTraceInt("Select woke %d\n", val);
/* recvfrom data must always go into generic buffer becuase we
don't yet know who it is from */
inaddrlen = sizeof(struct sockaddr_in);
if ((recvLen = (int32) recvfrom(sock, recvfromBuf, recvfromBufLen, 0,
(struct sockaddr *) &inaddr, &inaddrlen)) < 0)
recvLen = (int32) recvfrom(sock, recvfromBuf, recvfromBufLen, 0,
(struct sockaddr *) &inaddr, &inaddrlen);
if (recvLen < 0)
{
# ifdef WIN32
if (SOCKET_ERRNO != EWOULDBLOCK &&
@@ -854,7 +873,7 @@ int main(int argc, char **argv)
# ifdef USE_DTLS_DEBUG_TRACE
/* nice for debugging */
{
const char *addrstr;
unsigned char *addrstr;
addrstr = getaddrstring((struct sockaddr *) &inaddr, 1);
_psTraceInt("Read %d bytes ", recvLen);
_psTraceStr("from %s\n", (char *) addrstr);
@@ -1151,6 +1170,8 @@ static SOCKET newUdpSocket(char *ip, short port, int *err)
struct sockaddr_in addr = { 0 };
SOCKET fd;
_psTraceInt("New UDP Socket %d\n", port);
if ((fd = Socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP)) < 0)
{
_psTraceInt("Error creating socket %d\n", SOCKET_ERRNO);
@@ -1192,7 +1213,7 @@ static void sigsegv_handler(int arg)
/* catch ctrl-c or sigterm */
static void sigintterm_handler(int arg)
{
exitFlag = 1; /* Rudimentary exit flagging */
dtls_exitFlag = 1; /* Rudimentary exit flagging */
}
static int sigsetup(void)

11
apps/ssl/Makefile
View File

@@ -3,7 +3,7 @@
# 'make' builds debug (Default).
# 'make gold' builds optimized.
#
# Copyright (c) 2013-2019 INSIDE Secure Corporation. All Rights Reserved.
# Copyright (c) 2013-2019 Rambus Inc. All Rights Reserved.
#
MATRIXSSL_ROOT:=../..
@@ -16,6 +16,9 @@ CLIENT_EXE:=client$(E)
NET_EXE:=matrixnet$(E)
EXE=$(SERVER_EXE) $(CLIENT_EXE)
TLSDTLS_SERVER_SRC:=tlsDtlsServer.c http.c
TLSDTLS_SERVER_EXE:=tlsDtlsServer$(E)
SIMPLE_CLIENT_SRC:=simpleClient.c
SIMPLE_CLIENT_EXE:=simpleClient$(E)
SIMPLE_SERVER_SRC:=simpleServer.c
@@ -34,6 +37,8 @@ SRC+=$(IA_CLIENT_SRC)
EXE+=$(IA_CLIENT_EXE)
SRC+=$(IA_SERVER_SRC)
EXE+=$(IA_SERVER_EXE)
SRC+=$(TLSDTLS_SERVER_SRC)
EXE+=$(TLSDTLS_SERVER_EXE)
#The Mac OS X Xcode project has a target name of 'server' or 'client'
ifneq (,$(TARGET_NAME))
@@ -71,6 +76,7 @@ STATIC_CLIENT:=\
# Allow selecting the client auth identity (ID_RSA, ID_ECDH_ECDSA,
# etc.) via an environment variable.
CIPHER_OPTION?=ID_RSA
ifneq '$(CIPHER_OPTION)' ''
CFLAGS+=-D$(CIPHER_OPTION)
endif
@@ -101,6 +107,9 @@ $(IA_SERVER_EXE): $(IA_SERVER_SRC:.c=.o) $(STATIC)
$(NET_EXE): $(NET_SRC:.c=.o) $(STATIC)
$(CC) -o $@ $^ $(LDFLAGS) $(CFLAGS)
$(TLSDTLS_SERVER_EXE): $(TLSDTLS_SERVER_SRC:.c=.o) $(STATIC)
$(CC) -o $@ $^ $(LDFLAGS) $(CFLAGS)
clean:
rm -f $(EXE) $(OBJS) TLS_*.tmp SSL_*.tmp

6
apps/ssl/app.h
View File

@@ -5,7 +5,7 @@
* Header for MatrixSSL example sockets client and server applications.
*/
/*
* Copyright (c) 2013-2017 INSIDE Secure Corporation
* Copyright (c) 2013-2017 Rambus Inc.
* Copyright (c) PeerSec Networks, 2002-2011
* All Rights Reserved
*
@@ -18,8 +18,8 @@
*
* This General Public License does NOT permit incorporating this software
* into proprietary programs. If you are unable to comply with the GPL, a
* commercial license for this software may be purchased from INSIDE at
* http://www.insidesecure.com/
* commercial license for this software may be purchased from Rambus at
* http://www.rambus.com/
*
* This program is distributed in WITHOUT ANY WARRANTY; without even the
* implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

32
apps/ssl/client.c
View File

@@ -5,7 +5,7 @@
* Simple MatrixSSL blocking client example.
*/
/*
* Copyright (c) 2013-2017 INSIDE Secure Corporation
* Copyright (c) 2013-2017 Rambus Inc.
* Copyright (c) PeerSec Networks, 2002-2011
* All Rights Reserved
*
@@ -18,8 +18,8 @@
*
* This General Public License does NOT permit incorporating this software
* into proprietary programs. If you are unable to comply with the GPL, a
* commercial license for this software may be purchased from INSIDE at
* http://www.insidesecure.com/
* commercial license for this software may be purchased from Rambus at
* http://www.rambus.com/
*
* This program is distributed in WITHOUT ANY WARRANTY; without even the
* implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
@@ -45,7 +45,7 @@
# define NEED_PS_TIME_CONCRETE
#endif
#ifndef USE_MULTITHREADING
#if !defined(NO_MULTITHREADING) && !defined(USE_MULTITHREADING)
# define USE_MULTITHREADING
#endif
@@ -1885,6 +1885,12 @@ static int32 certCb(ssl_t *ssl, psX509Cert_t *cert, int32 alert)
psTrace("Maximum cert chain verify depth exceeded\n");
return SSL_ALERT_UNKNOWN_CA;
}
/* Check if this is the last validated certificate. */
if (next->pathEnd == PS_TRUE)
{
break;
}
}
}
/* Example to allow anonymous connections based on a define */
@@ -1963,6 +1969,12 @@ static int32 certCb(ssl_t *ssl, psX509Cert_t *cert, int32 alert)
alert = SSL_ALERT_BAD_CERTIFICATE;
break;
}
/* Check if this is the last validated certificate. */
if (next->pathEnd == PS_TRUE)
{
break;
}
}
/*
@@ -2013,6 +2025,12 @@ static int32 certCb(ssl_t *ssl, psX509Cert_t *cert, int32 alert)
psTrace("Cert extendedKeyUsage extension doesn't allow TLS\n");
}
}
/* Check if this is the last validated certificate. */
if (next->pathEnd == PS_TRUE)
{
break;
}
}
if (alert == SSL_ALERT_BAD_CERTIFICATE)
@@ -2147,6 +2165,12 @@ RETRY_CRL_TEST_ONCE:
default:
break;
}
/* Check if this is the last validated certificate. */
if (next->pathEnd == PS_TRUE)
{
break;
}
}
} /* End CRL local code block */
# endif

6
apps/ssl/http.c
View File

@@ -5,7 +5,7 @@
* Simple INCOMPLETE HTTP parser for example applications.
*/
/*
* Copyright (c) 2013-2017 INSIDE Secure Corporation
* Copyright (c) 2013-2017 Rambus Inc.
* Copyright (c) PeerSec Networks, 2002-2011
* All Rights Reserved
*
@@ -18,8 +18,8 @@
*
* This General Public License does NOT permit incorporating this software
* into proprietary programs. If you are unable to comply with the GPL, a
* commercial license for this software may be purchased from INSIDE at
* http://www.insidesecure.com/
* commercial license for this software may be purchased from Rambus at
* http://www.rambus.com/
*
* This program is distributed in WITHOUT ANY WARRANTY; without even the
* implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

6
apps/ssl/interactiveClient.c
View File

@@ -5,7 +5,7 @@
* Interactive client-side test tool.
*/
/*
* Copyright (c) 2013-2019 INSIDE Secure Corporation
* Copyright (c) 2013-2019 Rambus Inc.
* Copyright (c) PeerSec Networks, 2002-2011
* All Rights Reserved
*
@@ -18,8 +18,8 @@
*
* This General Public License does NOT permit incorporating this software
* into proprietary programs. If you are unable to comply with the GPL, a
* commercial license for this software may be purchased from INSIDE at
* http://www.insidesecure.com/
* commercial license for this software may be purchased from Rambus at
* http://www.rambus.com/
*
* This program is distributed in WITHOUT ANY WARRANTY; without even the
* implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

12
apps/ssl/interactiveCommon.c
View File

@@ -5,7 +5,7 @@
* Common parts of interactiveClient.c and interactiveServer.c
*/
/*
* Copyright (c) 2013-2018 INSIDE Secure Corporation
* Copyright (c) 2013-2018 Rambus Inc.
* Copyright (c) PeerSec Networks, 2002-2011
* All Rights Reserved
*
@@ -18,8 +18,8 @@
*
* This General Public License does NOT permit incorporating this software
* into proprietary programs. If you are unable to comply with the GPL, a
* commercial license for this software may be purchased from INSIDE at
* http://www.insidesecure.com/
* commercial license for this software may be purchased from Rambus at
* http://www.rambus.com/
*
* This program is distributed in WITHOUT ANY WARRANTY; without even the
* implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
@@ -689,7 +689,8 @@ psRes_t getUserCiphersuites(psCipher16_t *ciphersuites,
"(5) TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256\n" \
"(6) TLS_RSA_WITH_AES_128_GCM_SHA256\n" \
"(7) All TLS 1.3 suites (prefer SHA256)\n" \
"(8) All TLS 1.3 suites (prefer SHA384)\n";
"(8) All TLS 1.3 suites (prefer SHA384)\n" \
"(9) TLS_RSA_WITH_NULL_SHA256\n";
int rc;
char c;
int got_it = 0;
@@ -735,6 +736,9 @@ psRes_t getUserCiphersuites(psCipher16_t *ciphersuites,
ciphersuites[i++] = TLS_AES_128_GCM_SHA256;
ciphersuites[i++] = TLS_CHACHA20_POLY1305_SHA256;
break;
case '9':
ciphersuites[i++] = TLS_RSA_WITH_NULL_SHA256;
break;
case 'q':
return PS_FAILURE;
default:

6
apps/ssl/interactiveCommon.h
View File

@@ -5,7 +5,7 @@
* Common parts of interactiveClient.c and interactiveServer.c
*/
/*
* Copyright (c) 2013-2018 INSIDE Secure Corporation
* Copyright (c) 2013-2018 Rambus Inc.
* Copyright (c) PeerSec Networks, 2002-2011
* All Rights Reserved
*
@@ -18,8 +18,8 @@
*
* This General Public License does NOT permit incorporating this software
* into proprietary programs. If you are unable to comply with the GPL, a
* commercial license for this software may be purchased from INSIDE at
* http://www.insidesecure.com/
* commercial license for this software may be purchased from Rambus at
* http://www.rambus.com/
*
* This program is distributed in WITHOUT ANY WARRANTY; without even the
* implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

6
apps/ssl/interactiveServer.c
View File

@@ -5,7 +5,7 @@
* Interactive client-side test tool.
*/
/*
* Copyright (c) 2013-2019 INSIDE Secure Corporation
* Copyright (c) 2013-2019 Rambus Inc.
* Copyright (c) PeerSec Networks, 2002-2011
* All Rights Reserved
*
@@ -18,8 +18,8 @@
*
* This General Public License does NOT permit incorporating this software
* into proprietary programs. If you are unable to comply with the GPL, a
* commercial license for this software may be purchased from INSIDE at
* http://www.insidesecure.com/
* commercial license for this software may be purchased from Rambus at
* http://www.rambus.com/
*
* This program is distributed in WITHOUT ANY WARRANTY; without even the
* implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

6
apps/ssl/net.c
View File

@@ -4,7 +4,7 @@
*/
/*****************************************************************************
* Copyright (c) 2017 INSIDE Secure Oy. All Rights Reserved.
* Copyright (c) 2017 Rambus Inc. All Rights Reserved.
*
* The latest version of this code is available at http://www.matrixssl.org
*
@@ -15,8 +15,8 @@
*
* This General Public License does NOT permit incorporating this software
* into proprietary programs. If you are unable to comply with the GPL, a
* commercial license for this software may be purchased from INSIDE at
* http://www.insidesecure.com/
* commercial license for this software may be purchased from Rambus at
* http://www.rambus.com/
*
* This program is distributed in WITHOUT ANY WARRANTY; without even the
* implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

2
apps/ssl/net.sh
View File

@@ -4,7 +4,7 @@ if [ -e apps/ssl ];then cd apps/ssl;fi
set -x
./matrixnet --help
./matrixnet --get http://www.insidesecure.com/ || echo Failed expectedly.
./matrixnet --get http://www.rambus.com/ || echo Failed expectedly.
(./matrixnet --get http://essjira.insidesecure.com | fold -w 80 | head -10)
(./matrixnet --get http://localhost/ | fold -w 80 | head -10)

13
apps/ssl/server.c
View File

@@ -6,7 +6,7 @@
* Uses a single, hardcoded RSA identity. No client authentication.
*/
/*
* Copyright (c) 2013-2017 INSIDE Secure Corporation
* Copyright (c) 2013-2017 Rambus Inc.
* Copyright (c) PeerSec Networks, 2002-2011
* All Rights Reserved
*
@@ -19,8 +19,8 @@
*
* This General Public License does NOT permit incorporating this software
* into proprietary programs. If you are unable to comply with the GPL, a
* commercial license for this software may be purchased from INSIDE at
* http://www.insidesecure.com/
* commercial license for this software may be purchased from Rambus at
* http://www.rambus.com/
*
* This program is distributed in WITHOUT ANY WARRANTY; without even the
* implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
@@ -48,6 +48,7 @@
#include "app.h"
#include "matrixssl/matrixsslApi.h"
#include "osdep.h"
#include "core/psUtil.h"
#include "osdep_sys_socket.h"
#include "osdep_sys_types.h"
@@ -370,6 +371,7 @@ out:
return rc;
}
/******************************************************************************/
/*
Non-blocking socket event handler
@@ -1223,6 +1225,7 @@ static int32 process_cmd_options(int32 argc, char **argv)
g_disabledCiphers = 0;
opterr = 0;
optind = 1;
while ((optionChar = getopt(argc,
argv,
"c:d:g:a:Bb:AD:hKk:n:oOp:P:v:V:x:r:S:C:W:E:")) != -1)
@@ -1386,6 +1389,7 @@ static int32 process_cmd_options(int32 argc, char **argv)
case 'v':
/* Single version. */
version = matrixSslVersionFromMinorDigit(atoi(optarg));
if (!matrixSslTlsVersionRangeSupported(version,
version))
{
@@ -1870,7 +1874,7 @@ static SOCKET lsocketListen(short port, int32 *err)
static int setSocketOptions(SOCKET fd)
{
int rc;
# ifdef POSIX
if (fcntl(fd, F_SETFD, FD_CLOEXEC) < 0)
{
@@ -1968,4 +1972,5 @@ int main(int argc, char **argv)
return 1;
}
#endif /* MATRIX_USE_FILE_SYSTEM */

6
apps/ssl/simpleClient.c
View File

@@ -9,7 +9,7 @@
* - Only 1 simultaneous connection.
*/
/*
* Copyright (c) 2013-2019 INSIDE Secure Corporation
* Copyright (c) 2013-2019 Rambus Inc.
* Copyright (c) PeerSec Networks, 2002-2011
* All Rights Reserved
*
@@ -22,8 +22,8 @@
*
* This General Public License does NOT permit incorporating this software
* into proprietary programs. If you are unable to comply with the GPL, a
* commercial license for this software may be purchased from INSIDE at
* http://www.insidesecure.com/
* commercial license for this software may be purchased from Rambus at
* http://www.rambus.com/
*
* This program is distributed in WITHOUT ANY WARRANTY; without even the
* implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

6
apps/ssl/simpleServer.c
View File

@@ -9,7 +9,7 @@
* - Only 1 simultaneous connection.
*/
/*
* Copyright (c) 2013-2018 INSIDE Secure Corporation
* Copyright (c) 2013-2018 Rambus Inc.
* Copyright (c) PeerSec Networks, 2002-2011
* All Rights Reserved
*
@@ -22,8 +22,8 @@
*
* This General Public License does NOT permit incorporating this software
* into proprietary programs. If you are unable to comply with the GPL, a
* commercial license for this software may be purchased from INSIDE at
* http://www.insidesecure.com/
* commercial license for this software may be purchased from Rambus at
* http://www.rambus.com/
*
* This program is distributed in WITHOUT ANY WARRANTY; without even the
* implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

6
apps/ssl/simpleServerRecvFile.c
View File

@@ -8,7 +8,7 @@
* - Only 1 simultaneous connection.
*/
/*
* Copyright (c) 2013-2018 INSIDE Secure Corporation
* Copyright (c) 2013-2018 Rambus Inc.
* Copyright (c) PeerSec Networks, 2002-2011
* All Rights Reserved
*
@@ -21,8 +21,8 @@
*
* This General Public License does NOT permit incorporating this software
* into proprietary programs. If you are unable to comply with the GPL, a
* commercial license for this software may be purchased from INSIDE at
* http://www.insidesecure.com/
* commercial license for this software may be purchased from Rambus at
* http://www.rambus.com/
*
* This program is distributed in WITHOUT ANY WARRANTY; without even the
* implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

129
apps/ssl/tlsDtlsServer.c Normal file
View File

@@ -0,0 +1,129 @@
/**
* @file server.c
* @version $Format:%h%d$
*
* Simple non-blocking MatrixSSL server example for multiple connections.
* Uses a single, hardcoded RSA identity. No client authentication.
*/
/*
* Copyright (c) 2013-2017 Rambus Inc.
* Copyright (c) PeerSec Networks, 2002-2011
* All Rights Reserved
*
* The latest version of this code is available at http://www.matrixssl.org
*
* This software is open source; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This General Public License does NOT permit incorporating this software
* into proprietary programs. If you are unable to comply with the GPL, a
* commercial license for this software may be purchased from Rambus at
* http://www.rambus.com/
*
* This program is distributed in WITHOUT ANY WARRANTY; without even the
* implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
* See the GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
* http://www.gnu.org/copyleft/gpl.html
*/
/******************************************************************************/
#define ENABLE_COMBINED_TLS_DTLS
#define main tls_main
#include "server.c"
#undef main
#ifdef USE_MULTITHREADING
# define sigsegv_handler dtls_sigsegv_handler
# define sigintterm_handler dtls_sigintterm_handler
# define setSocketOptions dtls_setSocketOptions
# define process_cmd_options dtls_process_cmd_options
# define usage dtls_usage
# define main dtls_main
# include "../dtls/dtlsCommon.c"
# include "../dtls/dtlsServer.c"
# undef main
static pthread_t tls_server_thread = 0;
static pthread_t dtls_server_thread = 0;
char **argv_server;
int argc_server = 0;
static void closedown_exit(const char *msg, int rc)
{
if (msg)
{
Fprintf(stderr, "%s\n", msg);
}
exit(rc);
}
void *tls_server_main_pthread(void *null_arg)
{
int rc;
psAssert(null_arg == NULL);
Printf("Launching TLS server\n");
rc = tls_main(argc_server, argv_server);
return (void *) (uintptr_t) rc;
}
void *dtls_server_main_pthread(void *null_arg)
{
int rc;
psAssert(null_arg == NULL);
Printf("Launching DTLS server\n");
rc = dtls_main(argc_server, argv_server);
return (void *) (uintptr_t) rc;
}
int main(int argc, char **argv)
{
int rc;
void *rcv;
argc_server = argc;
argv_server = argv;
// for (int i = 0; i < argc_server ; i++) {
// argv_server[i] = argv[i + 1];
// }
rc = Pthread_create(&tls_server_thread, NULL, &tls_server_main_pthread, NULL);
if (rc != 0)
{
closedown_exit("unable to launch TLS server", EXIT_FAILURE);
}
rc = Pthread_create(&dtls_server_thread, NULL, &dtls_server_main_pthread, NULL);
if (rc != 0)
{
closedown_exit("unable to launch DTLS server", EXIT_FAILURE);
}
Pthread_join(dtls_server_thread, &rcv);
Printf("Shutting down server\n");
pthread_kill(tls_server_thread, SIGINT);
Pthread_join(tls_server_thread, &rcv);
return 0;
}
#else
int main(int argc, char **argv)
{
Printf("You need to #define USE_MULTITHREADING for this test\n");
return 1;
}
#endif