From 9dde24d89e3476c6e8e3beb52ce3d62760696d9b Mon Sep 17 00:00:00 2001 From: yota22721 Date: Wed, 14 Dec 2022 09:12:51 +0900 Subject: [PATCH 1/7] Add client-tls-http.c example --- tls/client-tls-http.c | 207 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 207 insertions(+) create mode 100644 tls/client-tls-http.c diff --git a/tls/client-tls-http.c b/tls/client-tls-http.c new file mode 100644 index 000000000..89da55a14 --- /dev/null +++ b/tls/client-tls-http.c @@ -0,0 +1,207 @@ +/* client-tls-http.c + * + * Copyright (C) 2006-2022 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +/* the usual suspects */ +#include +#include +#include +#include +#include + +/* socket includes */ +#include +#include +#include +#include +#include + +/* wolfSSL */ +#include +#include + +#define DEFAULT_PORT 443 + + +int main(int argc, char** argv) +{ + int sockfd; + struct sockaddr_in servAddr; + struct in_addr addr; + struct addrinfo hints,*res; + char buff[256]; + size_t len; + int ret; + + /* declare wolfSSL objects */ + WOLFSSL_CTX* ctx; + WOLFSSL* ssl; + + /* Check for proper calling convention */ + if (argc != 3) { + printf("usage: %s \n", argv[0]); + return 0; + } + + /* Initialize the addrinfo struct with zero */ + memset(&hints,0,sizeof(hints)); + + /* Fill in the addrinfo struct */ + hints.ai_family = AF_INET; /* using IPv4 */ + hints.ai_socktype = SOCK_STREAM; /* means TCP socket */ + char *service = "https"; /* using https */ + + /* Get a Domain IP address */ + if(getaddrinfo(argv[1],service,&hints,&res) != 0){ + fprintf(stderr, "ERROR: failed to get the server ip\n"); + ret = -1; + goto end; + } + + /* Assign server IP to in_addr struct */ + addr.s_addr = ((struct sockaddr_in *)(res->ai_addr))->sin_addr.s_addr; + + /* Free a list pointed by res */ + freeaddrinfo(res); + + /* Create a socket that uses an internet IPv4 address, + * Sets the socket to be stream based (TCP), + * 0 means choose the default protocol. */ + if ((sockfd = socket(AF_INET, SOCK_STREAM, 0)) == -1) { + fprintf(stderr, "ERROR: failed to create the socket\n"); + ret = -1; + goto end; + } + + /* Initialize the server address struct with zeros */ + memset(&servAddr, 0, sizeof(servAddr)); + + /* Fill in the server address */ + servAddr.sin_family = AF_INET; /* using IPv4 */ + servAddr.sin_port = htons(DEFAULT_PORT); /* on DEFAULT_PORT */ + + /* Get the server IPv4 address using adderinfo struct + * convert bytes to const char* via inet_ntoa() */ + if (inet_pton(AF_INET, inet_ntoa(addr), &servAddr.sin_addr) != 1) { + fprintf(stderr, "ERROR: invalid address\n"); + ret = -1; + goto end; + } + + /* Connect to the server */ + if ((ret = connect(sockfd, (struct sockaddr*) &servAddr, sizeof(servAddr))) + == -1) { + fprintf(stderr, "ERROR: failed to connect\n"); + goto end; + } + + + + /*---------------------------------*/ + /* Start of wolfSSL initialization and configuration */ + /*---------------------------------*/ + /* Initialize wolfSSL */ + if ((ret = wolfSSL_Init()) != WOLFSSL_SUCCESS) { + fprintf(stderr, "ERROR: Failed to initialize the library\n"); + goto socket_cleanup; + } + + /* Create and initialize WOLFSSL_CTX */ + if ((ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method())) == NULL) { + fprintf(stderr, "ERROR: failed to create WOLFSSL_CTX\n"); + ret = -1; + goto socket_cleanup; + } + + /* Load client certificates into WOLFSSL_CTX */ + if ((ret = wolfSSL_CTX_load_verify_locations(ctx, argv[2], NULL)) + != SSL_SUCCESS) { + fprintf(stderr, "ERROR: failed to load %s, please check the file.\n", + argv[2]); + goto ctx_cleanup; + } + + /* Create a WOLFSSL object */ + if ((ssl = wolfSSL_new(ctx)) == NULL) { + fprintf(stderr, "ERROR: failed to create WOLFSSL object\n"); + ret = -1; + goto ctx_cleanup; + } + + /* Attach wolfSSL to the socket */ + if ((ret = wolfSSL_set_fd(ssl, sockfd)) != WOLFSSL_SUCCESS) { + fprintf(stderr, "ERROR: Failed to set the file descriptor\n"); + goto cleanup; + } + + /* Connect to wolfSSL on the server side */ + if ((ret = wolfSSL_connect(ssl)) != SSL_SUCCESS) { + fprintf(stderr, "ERROR: failed to connect to wolfSSL\n"); + printf("%d\n",ret); + goto cleanup; + } + + /* Get a message for the server from stdin */ + printf("Message for server: "); + memset(buff, 0, sizeof(buff)); + if (fgets(buff, sizeof(buff), stdin) == NULL) { + fprintf(stderr, "ERROR: failed to get message for server\n"); + ret = -1; + goto cleanup; + } + len = strnlen(buff, sizeof(buff)); + + /* Send the message to the server */ + if ((ret = wolfSSL_write(ssl, buff, len)) != len) { + fprintf(stderr, "ERROR: failed to write entire message\n"); + fprintf(stderr, "%d bytes of %d bytes were sent", ret, (int) len); + goto cleanup; + } + + /* Read the server data into our buff array */ + memset(buff, 0, sizeof(buff)); + if ((ret = wolfSSL_read(ssl, buff, sizeof(buff)-1)) == -1) { + fprintf(stderr, "ERROR: failed to read\n"); + goto cleanup; + } + + /* Print to stdout any data the server sends */ + printf("Server: %s\n", buff); + + /* Bidirectional shutdown */ + while (wolfSSL_shutdown(ssl) == SSL_SHUTDOWN_NOT_DONE) { + printf("Shutdown not complete\n"); + } + + printf("Shutdown complete\n"); + + ret = 0; + + /* Cleanup and return */ +cleanup: + wolfSSL_free(ssl); /* Free the wolfSSL object */ +ctx_cleanup: + wolfSSL_CTX_free(ctx); /* Free the wolfSSL context object */ + wolfSSL_Cleanup(); /* Cleanup the wolfSSL environment */ +socket_cleanup: + close(sockfd); /* Close the connection to the server */ +end: + return ret; /* Return reporting a success */ +} \ No newline at end of file From 602575ed4712209395d5684b04d89e3055b6fa19 Mon Sep 17 00:00:00 2001 From: yota22721 Date: Wed, 14 Dec 2022 10:14:07 +0900 Subject: [PATCH 2/7] Add client-tls-http.c example --- tls/client-tls-http.c | 31 +++---------------------------- 1 file changed, 3 insertions(+), 28 deletions(-) diff --git a/tls/client-tls-http.c b/tls/client-tls-http.c index 89da55a14..29a73d7b9 100644 --- a/tls/client-tls-http.c +++ b/tls/client-tls-http.c @@ -23,7 +23,6 @@ #include #include #include -#include #include /* socket includes */ @@ -43,8 +42,6 @@ int main(int argc, char** argv) { int sockfd; - struct sockaddr_in servAddr; - struct in_addr addr; struct addrinfo hints,*res; char buff[256]; size_t len; @@ -74,12 +71,6 @@ int main(int argc, char** argv) ret = -1; goto end; } - - /* Assign server IP to in_addr struct */ - addr.s_addr = ((struct sockaddr_in *)(res->ai_addr))->sin_addr.s_addr; - - /* Free a list pointed by res */ - freeaddrinfo(res); /* Create a socket that uses an internet IPv4 address, * Sets the socket to be stream based (TCP), @@ -89,31 +80,15 @@ int main(int argc, char** argv) ret = -1; goto end; } - - /* Initialize the server address struct with zeros */ - memset(&servAddr, 0, sizeof(servAddr)); - - /* Fill in the server address */ - servAddr.sin_family = AF_INET; /* using IPv4 */ - servAddr.sin_port = htons(DEFAULT_PORT); /* on DEFAULT_PORT */ - - /* Get the server IPv4 address using adderinfo struct - * convert bytes to const char* via inet_ntoa() */ - if (inet_pton(AF_INET, inet_ntoa(addr), &servAddr.sin_addr) != 1) { - fprintf(stderr, "ERROR: invalid address\n"); - ret = -1; - goto end; - } + /* Free a list pointed by res */ + freeaddrinfo(res); /* Connect to the server */ - if ((ret = connect(sockfd, (struct sockaddr*) &servAddr, sizeof(servAddr))) - == -1) { + if ((ret = connect(sockfd, res->ai_addr, res->ai_addrlen)) == -1) { fprintf(stderr, "ERROR: failed to connect\n"); goto end; } - - /*---------------------------------*/ /* Start of wolfSSL initialization and configuration */ /*---------------------------------*/ From 746bf5ff166f355e030267f07a4500444cb90966 Mon Sep 17 00:00:00 2001 From: yota22721 Date: Wed, 14 Dec 2022 11:45:07 +0900 Subject: [PATCH 3/7] Add client-tls-http.c example --- tls/client-tls-http.c | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/tls/client-tls-http.c b/tls/client-tls-http.c index 29a73d7b9..a3e6562cf 100644 --- a/tls/client-tls-http.c +++ b/tls/client-tls-http.c @@ -38,6 +38,7 @@ #define DEFAULT_PORT 443 +static const char kHttpGetMsg[] = "GET /index.html HTTP/1.0\r\n\r\n"; int main(int argc, char** argv) { @@ -133,17 +134,18 @@ int main(int argc, char** argv) goto cleanup; } - /* Get a message for the server from stdin */ - printf("Message for server: "); + /* Initialize the buff */ memset(buff, 0, sizeof(buff)); - if (fgets(buff, sizeof(buff), stdin) == NULL) { - fprintf(stderr, "ERROR: failed to get message for server\n"); - ret = -1; - goto cleanup; - } + + /* Copy HTTP GET request to the buff*/ + memcpy(buff,kHttpGetMsg,sizeof(kHttpGetMsg)); + + /* Buff length */ len = strnlen(buff, sizeof(buff)); - /* Send the message to the server */ + /* Send HTTP GET request to the server */ + printf("Sending HTTP GET request ...\n"); + if ((ret = wolfSSL_write(ssl, buff, len)) != len) { fprintf(stderr, "ERROR: failed to write entire message\n"); fprintf(stderr, "%d bytes of %d bytes were sent", ret, (int) len); From 7da77fe5a1cc29a58e57fca338b1f66e0550033f Mon Sep 17 00:00:00 2001 From: yota22721 Date: Wed, 14 Dec 2022 12:05:35 +0900 Subject: [PATCH 4/7] Add client-tls-http.c example --- tls/client-tls-http.c | 15 ++++----------- 1 file changed, 4 insertions(+), 11 deletions(-) diff --git a/tls/client-tls-http.c b/tls/client-tls-http.c index a3e6562cf..c31879e0d 100644 --- a/tls/client-tls-http.c +++ b/tls/client-tls-http.c @@ -134,20 +134,13 @@ int main(int argc, char** argv) goto cleanup; } - /* Initialize the buff */ - memset(buff, 0, sizeof(buff)); - - /* Copy HTTP GET request to the buff*/ - memcpy(buff,kHttpGetMsg,sizeof(kHttpGetMsg)); - - /* Buff length */ - len = strnlen(buff, sizeof(buff)); + /* kHttpGetMsg length */ + len = strnlen(kHttpGetMsg, sizeof(kHttpGetMsg)); /* Send HTTP GET request to the server */ printf("Sending HTTP GET request ...\n"); - - if ((ret = wolfSSL_write(ssl, buff, len)) != len) { - fprintf(stderr, "ERROR: failed to write entire message\n"); + if ((ret = wolfSSL_write(ssl, kHttpGetMsg, len)) != len) { + fprintf(stderr, "ERROR: failed to send HTTP GET request.\n"); fprintf(stderr, "%d bytes of %d bytes were sent", ret, (int) len); goto cleanup; } From 446f0a73ffe51cb30e46a7d16dba0abfdb83ebc2 Mon Sep 17 00:00:00 2001 From: yota22721 Date: Mon, 20 Mar 2023 15:45:19 +0900 Subject: [PATCH 5/7] Added client-tls-http.c --- tls/client-tls-http.c | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/tls/client-tls-http.c b/tls/client-tls-http.c index c31879e0d..b658faf17 100644 --- a/tls/client-tls-http.c +++ b/tls/client-tls-http.c @@ -1,6 +1,6 @@ /* client-tls-http.c * - * Copyright (C) 2006-2022 wolfSSL Inc. + * Copyright (C) 2006-2023 wolfSSL Inc. * * This file is part of wolfSSL. (formerly known as CyaSSL) * @@ -23,11 +23,11 @@ #include #include #include -#include +#include /* socket includes */ #include -#include +#include #include #include #include @@ -43,7 +43,7 @@ static const char kHttpGetMsg[] = "GET /index.html HTTP/1.0\r\n\r\n"; int main(int argc, char** argv) { int sockfd; - struct addrinfo hints,*res; + struct addrinfo hints, *res; char buff[256]; size_t len; int ret; @@ -59,7 +59,7 @@ int main(int argc, char** argv) } /* Initialize the addrinfo struct with zero */ - memset(&hints,0,sizeof(hints)); + memset(&hints, 0, sizeof(hints)); /* Fill in the addrinfo struct */ hints.ai_family = AF_INET; /* using IPv4 */ @@ -67,7 +67,7 @@ int main(int argc, char** argv) char *service = "https"; /* using https */ /* Get a Domain IP address */ - if(getaddrinfo(argv[1],service,&hints,&res) != 0){ + if(getaddrinfo(argv[1], service, &hints, &res) != 0){ fprintf(stderr, "ERROR: failed to get the server ip\n"); ret = -1; goto end; @@ -130,7 +130,6 @@ int main(int argc, char** argv) /* Connect to wolfSSL on the server side */ if ((ret = wolfSSL_connect(ssl)) != SSL_SUCCESS) { fprintf(stderr, "ERROR: failed to connect to wolfSSL\n"); - printf("%d\n",ret); goto cleanup; } @@ -147,7 +146,7 @@ int main(int argc, char** argv) /* Read the server data into our buff array */ memset(buff, 0, sizeof(buff)); - if ((ret = wolfSSL_read(ssl, buff, sizeof(buff)-1)) == -1) { + if ((ret = wolfSSL_read(ssl, buff, sizeof(buff) - 1)) == -1) { fprintf(stderr, "ERROR: failed to read\n"); goto cleanup; } From aa21fff429f686d8388b854ce5191e1789661784 Mon Sep 17 00:00:00 2001 From: yota Date: Sat, 4 Jan 2025 16:15:52 +0900 Subject: [PATCH 6/7] Fix detail --- tls/client-tls-http.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tls/client-tls-http.c b/tls/client-tls-http.c index b658faf17..c40d89fc0 100644 --- a/tls/client-tls-http.c +++ b/tls/client-tls-http.c @@ -1,6 +1,6 @@ /* client-tls-http.c * - * Copyright (C) 2006-2023 wolfSSL Inc. + * Copyright (C) 2006-2024 wolfSSL Inc. * * This file is part of wolfSSL. (formerly known as CyaSSL) * @@ -173,4 +173,4 @@ int main(int argc, char** argv) close(sockfd); /* Close the connection to the server */ end: return ret; /* Return reporting a success */ -} \ No newline at end of file +} From e79f7108b7fc4861fef61708fc996648b006352f Mon Sep 17 00:00:00 2001 From: yota Date: Sat, 4 Jan 2025 16:18:42 +0900 Subject: [PATCH 7/7] update copyright year --- tls/client-tls-http.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tls/client-tls-http.c b/tls/client-tls-http.c index c40d89fc0..f7f01c2a2 100644 --- a/tls/client-tls-http.c +++ b/tls/client-tls-http.c @@ -1,6 +1,6 @@ /* client-tls-http.c * - * Copyright (C) 2006-2024 wolfSSL Inc. + * Copyright (C) 2006-2025 wolfSSL Inc. * * This file is part of wolfSSL. (formerly known as CyaSSL) *