wolfSSL
diff --git a/‎dtls/Makefile‎
Lines changed: 5 additions & 1 deletion b/‎dtls/Makefile‎
Lines changed: 5 additions & 1 deletion
diff --git a/‎dtls/bin-msgs/CH1.bin‎
259 Bytes b/‎dtls/bin-msgs/CH1.bin‎
259 Bytes
diff --git a/‎dtls/bin-msgs/CH2.bin‎
332 Bytes b/‎dtls/bin-msgs/CH2.bin‎
332 Bytes
diff --git a/‎dtls/client-dtls13.c‎
Lines changed: 193 additions & 0 deletions b/‎dtls/client-dtls13.c‎
Lines changed: 193 additions & 0 deletions
diff --git a/‎dtls/dtls-common.h‎
Lines changed: 48 additions & 0 deletions b/‎dtls/dtls-common.h‎
Lines changed: 48 additions & 0 deletions
diff --git a/‎dtls/server-dtls.c‎
Lines changed: 20 additions & 19 deletions b/‎dtls/server-dtls.c‎
Lines changed: 20 additions & 19 deletions
@@ -7,7 +7,7 @@ LIBS     = -L$(LIB_PATH)/lib -lm
 # option variables
 DYN_LIB         = -lwolfssl
 STATIC_LIB      = $(LIB_PATH)/lib/libwolfssl.a
-DEBUG_FLAGS     = -g -DDEBUG
+DEBUG_FLAGS     = -g3 -DDEBUG -O0
 DEBUG_INC_PATHS = -MD
 OPTIMIZE        = -Os
 
@@ -34,6 +34,10 @@ debug: all
 %-shared: CFLAGS+=-pthread
 %-shared: LIBS+=-lpthread
 
+# try to build the libevent server. "|| true" ignores the error return.
+server-dtls13-event: server-dtls13-event.c
+	$(CC) -o $@ $< $(CFLAGS) $(LIBS) -levent || true
+
 # build template
 %: %.c
 	$(CC) -o $@ $< $(CFLAGS) $(LIBS)
 
@@ -0,0 +1,193 @@
+/*
+ * client-dtls13.c
+ *
+ * Copyright (C) 2006-2022 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ *
+ *=============================================================================
+ *
+ * Bare-bones example of a DTLS 1.3 client for instructional/learning purposes.
+ * This example uses blocking sockets for simplicity.
+ *
+ * To exit the sending loop enter "end" or Ctrl+D
+ *
+ * Define USE_DTLS12 to use DTLS 1.2 instead of DTLS 1.3
+ */
+
+#include <wolfssl/options.h>
+#include <unistd.h>
+#include <wolfssl/ssl.h>
+#include <netdb.h>
+#include <signal.h>
+#include <sys/socket.h>
+#include <arpa/inet.h>
+#include <netinet/in.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include "dtls-common.h"
+
+int main (int argc, char** argv)
+{
+    /* standard variables used in a dtls client*/
+    int             n = 0;
+    int             sockfd = INVALID_SOCKET;
+    int             err;
+    int             ret;
+    int             exitVal = 1;
+    struct          sockaddr_in servAddr;
+    WOLFSSL*        ssl = NULL;
+    WOLFSSL_CTX*    ctx = NULL;
+    char            sendLine[MAXLINE];
+    char            recvLine[MAXLINE - 1];
+
+    /* Program argument checking */
+    if (argc != 2) {
+        fprintf(stderr, "usage: %s <IP address>\n", argv[0]);
+        return exitVal;
+    }
+
+    /* Initialize wolfSSL before assigning ctx */
+    if (wolfSSL_Init() != WOLFSSL_SUCCESS) {
+        fprintf(stderr, "wolfSSL_CTX_new error.\n");
+        return exitVal;
+    }
+  
+    /* No-op when debugging is not compiled in */
+    wolfSSL_Debugging_ON();
+
+    if ( (ctx = wolfSSL_CTX_new(
+#ifndef USE_DTLS12
+            wolfDTLSv1_3_client_method()
+#else
+            wolfDTLSv1_2_client_method()
+#endif
+            )) == NULL) {
+        fprintf(stderr, "wolfSSL_CTX_new error.\n");
+        goto cleanup;
+    }
+
+    /* Load certificates into ctx variable */
+    if (wolfSSL_CTX_load_verify_locations(ctx, caCertLoc, 0)
+	    != SSL_SUCCESS) {
+        fprintf(stderr, "Error loading %s, please check the file.\n", caCertLoc);
+        goto cleanup;
+    }
+
+    /* Assign ssl variable */
+    ssl = wolfSSL_new(ctx);
+    if (ssl == NULL) {
+        fprintf(stderr, "unable to get ssl object\n");
+        goto cleanup;
+    }
+
+    /* servAddr setup */
+    memset(&servAddr, 0, sizeof(servAddr));
+    servAddr.sin_family = AF_INET;
+    servAddr.sin_port = htons(SERV_PORT);
+    if (inet_pton(AF_INET, argv[1], &servAddr.sin_addr) < 1) {
+        perror("inet_pton()");
+        goto cleanup;
+    }
+
+    if (wolfSSL_dtls_set_peer(ssl, &servAddr, sizeof(servAddr))
+            != WOLFSSL_SUCCESS) {
+        fprintf(stderr, "wolfSSL_dtls_set_peer failed\n");
+        goto cleanup;
+    }
+
+    if ( (sockfd = socket(AF_INET, SOCK_DGRAM, 0)) == -1) {
+       perror("socket()");
+       goto cleanup;
+    }
+
+    /* Set the file descriptor for ssl */
+    if (wolfSSL_set_fd(ssl, sockfd) != WOLFSSL_SUCCESS) {
+        fprintf(stderr, "cannot set socket file descriptor\n");
+        goto cleanup;
+    }
+
+    /* Perform SSL connection */
+    if (wolfSSL_connect(ssl) != SSL_SUCCESS) {
+        err = wolfSSL_get_error(ssl, 0);
+        fprintf(stderr, "err = %d, %s\n", err, wolfSSL_ERR_reason_error_string(err));
+        fprintf(stderr, "wolfSSL_connect failed\n");
+        goto cleanup;
+    }
+
+    showConnInfo(ssl);
+
+/*****************************************************************************/
+/*                  Code for sending datagram to server                      */
+    while (1) {
+        if (fgets(sendLine, MAXLINE, stdin) == NULL)
+            break;
+
+        if (strncmp(sendLine, "end", 3) == 0)
+            break;
+
+        /* Send sendLine to the server */
+        if (wolfSSL_write(ssl, sendLine, strlen(sendLine)) != strlen(sendLine)) {
+            err = wolfSSL_get_error(ssl, 0);
+            fprintf(stderr, "err = %d, %s\n", err, wolfSSL_ERR_reason_error_string(err));
+            fprintf(stderr, "wolfSSL_write failed\n");
+            goto cleanup;
+        }
+
+        /* n is the # of bytes received */
+        n = wolfSSL_read(ssl, recvLine, sizeof(recvLine)-1);
+
+        if (n > 0) {
+            /* Add a terminating character to the generic server message */
+            recvLine[n] = '\0';
+            printf("%s\n", recvLine);
+        }
+        else {
+            err = wolfSSL_get_error(ssl, 0);
+            fprintf(stderr, "err = %d, %s\n", err, wolfSSL_ERR_reason_error_string(err));
+            fprintf(stderr, "wolfSSL_read failed\n");
+            goto cleanup;
+        }
+    }
+/*                End code for sending datagram to server                    */
+/*****************************************************************************/
+
+    exitVal = 0;
+cleanup:
+    if (ssl != NULL) {
+        /* Attempt a full shutdown */
+        ret = wolfSSL_shutdown(ssl);
+        if (ret == WOLFSSL_SHUTDOWN_NOT_DONE)
+            ret = wolfSSL_shutdown(ssl);
+        if (ret != WOLFSSL_SUCCESS) {
+            err = wolfSSL_get_error(ssl, 0);
+            fprintf(stderr, "err = %d, %s\n", err, wolfSSL_ERR_reason_error_string(err));
+            fprintf(stderr, "wolfSSL_shutdown failed\n");
+        }
+        wolfSSL_free(ssl);
+    }
+    if (sockfd != INVALID_SOCKET)
+        close(sockfd);
+    if (ctx != NULL)
+        wolfSSL_CTX_free(ctx);
+    wolfSSL_Cleanup();
+
+    return exitVal;
+}
+
@@ -0,0 +1,48 @@
+/*
+ * dtls-common.h
+ *
+ * Copyright (C) 2006-2022 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ *
+ * -----------------------------------------------------------------------------
+ *
+ * Define USE_DTLS12 to use DTLS 1.2 instead of DTLS 1.3
+ *
+ */
+
+#ifndef DTLS_COMMON_H_
+#define DTLS_COMMON_H_
+
+#define INVALID_SOCKET -1
+#define MAXLINE   4096
+#define SERV_PORT 11111
+#define LOOP_LIMIT 5
+#define SFD_TIMEOUT 1
+
+/* Loc short for "location" */
+const char caCertLoc[] = "../certs/ca-cert.pem";
+const char servCertLoc[] = "../certs/server-cert.pem";
+const char servKeyLoc[] = "../certs/server-key.pem";
+
+static inline void showConnInfo(WOLFSSL* ssl) {
+    printf("New connection established using %s %s\n",
+            wolfSSL_get_version(ssl), wolfSSL_get_cipher(ssl));
+}
+
+
+#endif /* DTLS_COMMON_H_ */
@@ -175,25 +175,27 @@ int main(int argc, char** argv)
             printf("SSL_accept failed.\n");
             break;
         }
-        if ((recvLen = wolfSSL_read(ssl, buff, sizeof(buff)-1)) > 0) {
-            printf("heard %d bytes\n", recvLen);
+        while (1) {
+            if ((recvLen = wolfSSL_read(ssl, buff, sizeof(buff)-1)) > 0) {
+                printf("heard %d bytes\n", recvLen);
 
-            buff[recvLen] = 0;
-            printf("I heard this: \"%s\"\n", buff);
-        }
-        else if (recvLen < 0) {
-            int readErr = wolfSSL_get_error(ssl, 0);
-            if(readErr != SSL_ERROR_WANT_READ) {
-                printf("SSL_read failed.\n");
-                break;
+                buff[recvLen] = 0;
+                printf("I heard this: \"%s\"\n", buff);
+            }
+            else if (recvLen < 0) {
+                int readErr = wolfSSL_get_error(ssl, 0);
+                if(readErr != SSL_ERROR_WANT_READ) {
+                    printf("SSL_read failed.\n");
+                    goto error;
+                }
+            }
+            if (wolfSSL_write(ssl, ack, sizeof(ack)) < 0) {
+                printf("wolfSSL_write fail.\n");
+                goto error;
+            }
+            else {
+                printf("Sending reply.\n");
             }
-        }
-        if (wolfSSL_write(ssl, ack, sizeof(ack)) < 0) {
-            printf("wolfSSL_write fail.\n");
-            break;
-        }
-        else {
-            printf("Sending reply.\n");
         }
 
         printf("reply sent \"%s\"\n", ack);
@@ -207,8 +209,7 @@ int main(int argc, char** argv)
         printf("Client left cont to idle state\n");
     }
 
-    /* With the "continue" keywords, it is possible for the loop to exit *
-     * without changing the value of cont                                */
+error:
     if (cleanup == 1) {
         wolfSSL_set_fd(ssl, 0);
         wolfSSL_shutdown(ssl);