yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Check return value of ssl_set_xxx() in programs

Browse source
This commit is contained in:
Manuel Pégourié-Gonnard 2014-07-08 14:05:52 +02:00
parent 14beb08542
commit c5fd391e04
8 changed files with 108 additions and 24 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

51
programs/ssl/ssl_client2.c
View file

@ -855,17 +855,29 @@ int main( int argc, char *argv[] )
ssl_set_authmode( &ssl, opt.auth_mode ); ssl_set_authmode( &ssl, opt.auth_mode );
#if defined(POLARSSL_SSL_MAX_FRAGMENT_LENGTH) #if defined(POLARSSL_SSL_MAX_FRAGMENT_LENGTH)
ssl_set_max_frag_len( &ssl, opt.mfl_code ); if( ( ret = ssl_set_max_frag_len( &ssl, opt.mfl_code ) ) != 0 )
{
printf( " failed\n ! ssl_set_max_frag_len returned %d\n\n", ret );
goto exit;
}
#endif #endif
#if defined(POLARSSL_SSL_TRUNCATED_HMAC) #if defined(POLARSSL_SSL_TRUNCATED_HMAC)
if( opt.trunc_hmac != 0 ) if( opt.trunc_hmac != 0 )
ssl_set_truncated_hmac( &ssl, SSL_TRUNC_HMAC_ENABLED ); if( ( ret = ssl_set_truncated_hmac( &ssl, SSL_TRUNC_HMAC_ENABLED ) ) != 0 )
{
printf( " failed\n ! ssl_set_truncated_hmac returned %d\n\n", ret );
goto exit;
}
#endif #endif
#if defined(POLARSSL_SSL_ALPN) #if defined(POLARSSL_SSL_ALPN)
if( opt.alpn_string != NULL ) if( opt.alpn_string != NULL )
ssl_set_alpn_protocols( &ssl, alpn_list ); if( ( ret = ssl_set_alpn_protocols( &ssl, alpn_list ) ) != 0 )
{
printf( " failed\n ! ssl_set_alpn_protocols returned %d\n\n", ret );
goto exit;
}
#endif #endif
ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg ); ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg );
@ -877,7 +889,11 @@ int main( int argc, char *argv[] )
ssl_set_bio( &ssl, net_recv, &server_fd, net_send, &server_fd ); ssl_set_bio( &ssl, net_recv, &server_fd, net_send, &server_fd );
#if defined(POLARSSL_SSL_SESSION_TICKETS) #if defined(POLARSSL_SSL_SESSION_TICKETS)
ssl_set_session_tickets( &ssl, opt.tickets ); if( ( ret = ssl_set_session_tickets( &ssl, opt.tickets ) ) != 0 )
{
printf( " failed\n ! ssl_set_session_tickets returned %d\n\n", ret );
goto exit;
}
#endif #endif
if( opt.force_ciphersuite[0] != DFL_FORCE_CIPHER ) if( opt.force_ciphersuite[0] != DFL_FORCE_CIPHER )
@ -895,17 +911,30 @@ int main( int argc, char *argv[] )
if( strcmp( opt.crt_file, "none" ) != 0 && if( strcmp( opt.crt_file, "none" ) != 0 &&
strcmp( opt.key_file, "none" ) != 0 ) strcmp( opt.key_file, "none" ) != 0 )
{ {
ssl_set_own_cert( &ssl, &clicert, &pkey ); if( ( ret = ssl_set_own_cert( &ssl, &clicert, &pkey ) ) != 0 )
{
printf( " failed\n ! ssl_set_own_cert returned %d\n\n", ret );
goto exit;
}
} }
#endif #endif
#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED) #if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED)
ssl_set_psk( &ssl, psk, psk_len, (const unsigned char *) opt.psk_identity, if( ( ret = ssl_set_psk( &ssl, psk, psk_len,
strlen( opt.psk_identity ) ); (const unsigned char *) opt.psk_identity,
strlen( opt.psk_identity ) ) ) != 0 )
{
printf( " failed\n ! ssl_set_psk returned %d\n\n", ret );
goto exit;
}
#endif #endif
#if defined(POLARSSL_SSL_SERVER_NAME_INDICATION) #if defined(POLARSSL_SSL_SERVER_NAME_INDICATION)
ssl_set_hostname( &ssl, opt.server_name ); if( ( ret = ssl_set_hostname( &ssl, opt.server_name ) ) != 0 )
{
printf( " failed\n ! ssl_set_hostname returned %d\n\n", ret );
goto exit;
}
#endif #endif
if( opt.min_version != -1 ) if( opt.min_version != -1 )
@ -1130,7 +1159,11 @@ send_request:
goto exit; goto exit;
} }
ssl_set_session( &ssl, &saved_session ); if( ( ret = ssl_set_session( &ssl, &saved_session ) ) != 0 )
{
printf( " failed\n ! ssl_set_session returned %d\n\n", ret );
goto exit;
}
if( ( ret = net_connect( &server_fd, opt.server_name, if( ( ret = net_connect( &server_fd, opt.server_name,
opt.server_port ) ) != 0 ) opt.server_port ) ) != 0 )

6
programs/ssl/ssl_fork_server.c
View file

@ -270,7 +270,11 @@ int main( int argc, char *argv[] )
net_send, &client_fd ); net_send, &client_fd );
ssl_set_ca_chain( &ssl, srvcert.next, NULL, NULL ); ssl_set_ca_chain( &ssl, srvcert.next, NULL, NULL );
ssl_set_own_cert( &ssl, &srvcert, &pkey ); if( ( ret = ssl_set_own_cert( &ssl, &srvcert, &pkey ) ) != 0 )
{
printf( " failed\n ! ssl_set_own_cert returned %d\n\n", ret );
goto exit;
}
/* /*
* 5. Handshake * 5. Handshake

12
programs/ssl/ssl_mail_client.c
View file

@ -609,10 +609,18 @@ int main( int argc, char *argv[] )
ssl_set_ciphersuites( &ssl, opt.force_ciphersuite ); ssl_set_ciphersuites( &ssl, opt.force_ciphersuite );
ssl_set_ca_chain( &ssl, &cacert, NULL, opt.server_name ); ssl_set_ca_chain( &ssl, &cacert, NULL, opt.server_name );
ssl_set_own_cert( &ssl, &clicert, &pkey ); if( ( ret = ssl_set_own_cert( &ssl, &clicert, &pkey ) ) != 0 )
{
printf( " failed\n ! ssl_set_own_cert returned %d\n\n", ret );
goto exit;
}
#if defined(POLARSSL_SSL_SERVER_NAME_INDICATION) #if defined(POLARSSL_SSL_SERVER_NAME_INDICATION)
ssl_set_hostname( &ssl, opt.server_name ); if( ( ret = ssl_set_hostname( &ssl, opt.server_name ) ) != 0 )
{
printf( " failed\n ! ssl_set_hostname returned %d\n\n", ret );
goto exit;
}
#endif #endif
if( opt.mode == MODE_SSL_TLS ) if( opt.mode == MODE_SSL_TLS )

6
programs/ssl/ssl_pthread_server.c
View file

@ -173,7 +173,11 @@ static void *handle_ssl_connection( void *data )
#endif #endif
ssl_set_ca_chain( &ssl, thread_info->ca_chain, NULL, NULL ); ssl_set_ca_chain( &ssl, thread_info->ca_chain, NULL, NULL );
ssl_set_own_cert( &ssl, thread_info->server_cert, thread_info->server_key ); if( ( ret = ssl_set_own_cert( &ssl, thread_info->server_cert, thread_info->server_key ) ) != 0 )
{
printf( " failed\n ! ssl_set_own_cert returned %d\n\n", ret );
goto exit;
}
printf( " [ #%d ] ok\n", thread_id ); printf( " [ #%d ] ok\n", thread_id );

6
programs/ssl/ssl_server.c
View file

@ -207,7 +207,11 @@ int main( int argc, char *argv[] )
#endif #endif
ssl_set_ca_chain( &ssl, srvcert.next, NULL, NULL ); ssl_set_ca_chain( &ssl, srvcert.next, NULL, NULL );
ssl_set_own_cert( &ssl, &srvcert, &pkey ); if( ( ret = ssl_set_own_cert( &ssl, &srvcert, &pkey ) ) != 0 )
{
printf( " failed\n ! ssl_set_own_cert returned %d\n\n", ret );
goto exit;
}
printf( " ok\n" ); printf( " ok\n" );

33
programs/ssl/ssl_server2.c
View file

@ -426,8 +426,7 @@ int sni_callback( void *p_info, ssl_context *ssl,
if( name_len == strlen( cur->name ) && if( name_len == strlen( cur->name ) &&
memcmp( name, cur->name, name_len ) == 0 ) memcmp( name, cur->name, name_len ) == 0 )
{ {
ssl_set_own_cert( ssl, cur->cert, cur->key ); return( ssl_set_own_cert( ssl, cur->cert, cur->key ) );
return( 0 );
} }
cur = cur->next; cur = cur->next;
@ -1219,12 +1218,20 @@ int main( int argc, char *argv[] )
ssl_set_authmode( &ssl, opt.auth_mode ); ssl_set_authmode( &ssl, opt.auth_mode );
#if defined(POLARSSL_SSL_MAX_FRAGMENT_LENGTH) #if defined(POLARSSL_SSL_MAX_FRAGMENT_LENGTH)
ssl_set_max_frag_len( &ssl, opt.mfl_code ); if( ( ret = ssl_set_max_frag_len( &ssl, opt.mfl_code ) ) != 0 )
{
printf( " failed\n ! ssl_set_max_frag_len returned %d\n\n", ret );
goto exit;
};
#endif #endif
#if defined(POLARSSL_SSL_ALPN) #if defined(POLARSSL_SSL_ALPN)
if( opt.alpn_string != NULL ) if( opt.alpn_string != NULL )
ssl_set_alpn_protocols( &ssl, alpn_list ); if( ( ret = ssl_set_alpn_protocols( &ssl, alpn_list ) ) != 0 )
{
printf( " failed\n ! ssl_set_alpn_protocols returned %d\n\n", ret );
goto exit;
}
#endif #endif
ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg ); ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg );
@ -1242,7 +1249,11 @@ int main( int argc, char *argv[] )
#endif #endif
#if defined(POLARSSL_SSL_SESSION_TICKETS) #if defined(POLARSSL_SSL_SESSION_TICKETS)
ssl_set_session_tickets( &ssl, opt.tickets ); if( ( ret = ssl_set_session_tickets( &ssl, opt.tickets ) ) != 0 )
{
printf( " failed\n ! ssl_set_session_tickets returned %d\n\n", ret );
goto exit;
}
if( opt.ticket_timeout != -1 ) if( opt.ticket_timeout != -1 )
ssl_set_session_ticket_lifetime( &ssl, opt.ticket_timeout ); ssl_set_session_ticket_lifetime( &ssl, opt.ticket_timeout );
@ -1279,9 +1290,17 @@ int main( int argc, char *argv[] )
ssl_set_ca_chain( &ssl, &cacert, NULL, NULL ); ssl_set_ca_chain( &ssl, &cacert, NULL, NULL );
} }
if( key_cert_init ) if( key_cert_init )
ssl_set_own_cert( &ssl, &srvcert, &pkey ); if( ( ret = ssl_set_own_cert( &ssl, &srvcert, &pkey ) ) != 0 )
{
printf( " failed\n ! ssl_set_own_cert returned %d\n\n", ret );
goto exit;
}
if( key_cert_init2 ) if( key_cert_init2 )
ssl_set_own_cert( &ssl, &srvcert2, &pkey2 ); if( ( ret = ssl_set_own_cert( &ssl, &srvcert2, &pkey2 ) ) != 0 )
{
printf( " failed\n ! ssl_set_own_cert returned %d\n\n", ret );
goto exit;
}
#endif #endif
#if defined(POLARSSL_SNI) #if defined(POLARSSL_SNI)

6
programs/test/ssl_test.c
View file

@ -265,7 +265,11 @@ static int ssl_test( struct options *opt )
ssl_set_endpoint( &ssl, SSL_IS_SERVER ); ssl_set_endpoint( &ssl, SSL_IS_SERVER );
ssl_set_ca_chain( &ssl, srvcert.next, NULL, NULL ); ssl_set_ca_chain( &ssl, srvcert.next, NULL, NULL );
ssl_set_own_cert( &ssl, &srvcert, &pkey ); if( ( ret = ssl_set_own_cert( &ssl, &srvcert, &pkey ) ) != 0 )
{
printf( " failed\n ! ssl_set_own_cert returned %d\n\n", ret );
goto exit;
}
} }
ssl_set_authmode( &ssl, SSL_VERIFY_NONE ); ssl_set_authmode( &ssl, SSL_VERIFY_NONE );

12
programs/x509/cert_app.c
View file

@ -432,10 +432,18 @@ int main( int argc, char *argv[] )
ssl_set_bio( &ssl, net_recv, &server_fd, ssl_set_bio( &ssl, net_recv, &server_fd,
net_send, &server_fd ); net_send, &server_fd );
ssl_set_own_cert( &ssl, &clicert, &pkey ); if( ( ret = ssl_set_own_cert( &ssl, &clicert, &pkey ) ) != 0 )
{
printf( " failed\n ! ssl_set_own_cert returned %d\n\n", ret );
goto exit;
}
#if defined(POLARSSL_SSL_SERVER_NAME_INDICATION) #if defined(POLARSSL_SSL_SERVER_NAME_INDICATION)
ssl_set_hostname( &ssl, opt.server_name ); if( ( ret = ssl_set_hostname( &ssl, opt.server_name ) ) != 0 )
{
printf( " failed\n ! ssl_set_hostname returned %d\n\n", ret );
goto exit;
}
#endif #endif
/* /*