The Great Renaming A simple execution of tmp/invoke-rename.pl
diff --git a/programs/ssl/dtls_client.c b/programs/ssl/dtls_client.c index f9bf800..689c533 100644 --- a/programs/ssl/dtls_client.c +++ b/programs/ssl/dtls_client.c
@@ -20,36 +20,36 @@ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#if !defined(POLARSSL_CONFIG_FILE) +#if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_PLATFORM_C) +#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" #else #include <stdio.h> -#define polarssl_printf printf -#define polarssl_fprintf fprintf +#define mbedtls_printf printf +#define mbedtls_fprintf fprintf #endif -#if !defined(POLARSSL_SSL_CLI_C) || !defined(POLARSSL_SSL_PROTO_DTLS) || \ - !defined(POLARSSL_NET_C) || \ - !defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_CTR_DRBG_C) || \ - !defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_RSA_C) || \ - !defined(POLARSSL_CERTS_C) +#if !defined(MBEDTLS_SSL_CLI_C) || !defined(MBEDTLS_SSL_PROTO_DTLS) || \ + !defined(MBEDTLS_NET_C) || \ + !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C) || \ + !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_RSA_C) || \ + !defined(MBEDTLS_CERTS_C) int main( int argc, char *argv[] ) { ((void) argc); ((void) argv); - polarssl_printf( "POLARSSL_SSL_CLI_C and/or POLARSSL_SSL_PROTO_DTLS and/or " - "POLARSSL_NET_C and/or " - "POLARSSL_ENTROPY_C and/or POLARSSL_CTR_DRBG_C and/or " - "POLARSSL_X509_CRT_PARSE_C and/or POLARSSL_RSA_C and/or " - "POLARSSL_CERTS_C and/or POLARSSL_PEM_PARSE_C not defined.\n" ); + mbedtls_printf( "MBEDTLS_SSL_CLI_C and/or MBEDTLS_SSL_PROTO_DTLS and/or " + "MBEDTLS_NET_C and/or " + "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C and/or " + "MBEDTLS_X509_CRT_PARSE_C and/or MBEDTLS_RSA_C and/or " + "MBEDTLS_CERTS_C and/or MBEDTLS_PEM_PARSE_C not defined.\n" ); return( 0 ); } #else @@ -78,7 +78,7 @@ { ((void) level); - polarssl_fprintf( (FILE *) ctx, "%s", str ); + mbedtls_fprintf( (FILE *) ctx, "%s", str ); fflush( (FILE *) ctx ); } @@ -89,243 +89,243 @@ const char *pers = "dtls_client"; int retry_left = MAX_RETRY; - entropy_context entropy; - ctr_drbg_context ctr_drbg; - ssl_context ssl; - x509_crt cacert; + mbedtls_entropy_context entropy; + mbedtls_ctr_drbg_context ctr_drbg; + mbedtls_ssl_context ssl; + mbedtls_x509_crt cacert; ((void) argc); ((void) argv); -#if defined(POLARSSL_DEBUG_C) - debug_set_threshold( DEBUG_LEVEL ); +#if defined(MBEDTLS_DEBUG_C) + mbedtls_debug_set_threshold( DEBUG_LEVEL ); #endif /* * 0. Initialize the RNG and the session data */ - memset( &ssl, 0, sizeof( ssl_context ) ); - x509_crt_init( &cacert ); + memset( &ssl, 0, sizeof( mbedtls_ssl_context ) ); + mbedtls_x509_crt_init( &cacert ); - polarssl_printf( "\n . Seeding the random number generator..." ); + mbedtls_printf( "\n . Seeding the random number generator..." ); fflush( stdout ); - entropy_init( &entropy ); - if( ( ret = ctr_drbg_init( &ctr_drbg, entropy_func, &entropy, + mbedtls_entropy_init( &entropy ); + if( ( ret = mbedtls_ctr_drbg_init( &ctr_drbg, mbedtls_entropy_func, &entropy, (const unsigned char *) pers, strlen( pers ) ) ) != 0 ) { - polarssl_printf( " failed\n ! ctr_drbg_init returned %d\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_init returned %d\n", ret ); goto exit; } - polarssl_printf( " ok\n" ); + mbedtls_printf( " ok\n" ); /* * 0. Initialize certificates */ - polarssl_printf( " . Loading the CA root certificate ..." ); + mbedtls_printf( " . Loading the CA root certificate ..." ); fflush( stdout ); - ret = x509_crt_parse( &cacert, (const unsigned char *) test_cas_pem, - test_cas_pem_len ); + ret = mbedtls_x509_crt_parse( &cacert, (const unsigned char *) mbedtls_test_cas_pem, + mbedtls_test_cas_pem_len ); if( ret < 0 ) { - polarssl_printf( " failed\n ! x509_crt_parse returned -0x%x\n\n", -ret ); + mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", -ret ); goto exit; } - polarssl_printf( " ok (%d skipped)\n", ret ); + mbedtls_printf( " ok (%d skipped)\n", ret ); /* * 1. Start the connection */ - polarssl_printf( " . Connecting to udp/%s/%4d...", SERVER_NAME, + mbedtls_printf( " . Connecting to udp/%s/%4d...", SERVER_NAME, SERVER_PORT ); fflush( stdout ); - if( ( ret = net_connect( &server_fd, SERVER_ADDR, - SERVER_PORT, NET_PROTO_UDP ) ) != 0 ) + if( ( ret = mbedtls_net_connect( &server_fd, SERVER_ADDR, + SERVER_PORT, MBEDTLS_NET_PROTO_UDP ) ) != 0 ) { - polarssl_printf( " failed\n ! net_connect returned %d\n\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_net_connect returned %d\n\n", ret ); goto exit; } - polarssl_printf( " ok\n" ); + mbedtls_printf( " ok\n" ); /* * 2. Setup stuff */ - polarssl_printf( " . Setting up the DTLS structure..." ); + mbedtls_printf( " . Setting up the DTLS structure..." ); fflush( stdout ); - if( ( ret = ssl_init( &ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_init( &ssl ) ) != 0 ) { - polarssl_printf( " failed\n ! ssl_init returned %d\n\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_ssl_init returned %d\n\n", ret ); goto exit; } - polarssl_printf( " ok\n" ); + mbedtls_printf( " ok\n" ); - ssl_set_endpoint( &ssl, SSL_IS_CLIENT ); - ssl_set_transport( &ssl, SSL_TRANSPORT_DATAGRAM ); + mbedtls_ssl_set_endpoint( &ssl, MBEDTLS_SSL_IS_CLIENT ); + mbedtls_ssl_set_transport( &ssl, MBEDTLS_SSL_TRANSPORT_DATAGRAM ); /* OPTIONAL is usually a bad choice for security, but makes interop easier * in this simplified example, in which the ca chain is hardcoded. * Production code should set a proper ca chain and use REQUIRED. */ - ssl_set_authmode( &ssl, SSL_VERIFY_OPTIONAL ); - ssl_set_ca_chain( &ssl, &cacert, NULL, SERVER_NAME ); + mbedtls_ssl_set_authmode( &ssl, MBEDTLS_SSL_VERIFY_OPTIONAL ); + mbedtls_ssl_set_ca_chain( &ssl, &cacert, NULL, SERVER_NAME ); - ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg ); - ssl_set_dbg( &ssl, my_debug, stdout ); + mbedtls_ssl_set_rng( &ssl, mbedtls_ctr_drbg_random, &ctr_drbg ); + mbedtls_ssl_set_dbg( &ssl, my_debug, stdout ); - ssl_set_bio_timeout( &ssl, &server_fd, - net_send, net_recv, net_recv_timeout, + mbedtls_ssl_set_bio_timeout( &ssl, &server_fd, + mbedtls_net_send, mbedtls_net_recv, mbedtls_net_recv_timeout, READ_TIMEOUT_MS ); /* * 4. Handshake */ - polarssl_printf( " . Performing the SSL/TLS handshake..." ); + mbedtls_printf( " . Performing the SSL/TLS handshake..." ); fflush( stdout ); - do ret = ssl_handshake( &ssl ); - while( ret == POLARSSL_ERR_NET_WANT_READ || - ret == POLARSSL_ERR_NET_WANT_WRITE ); + do ret = mbedtls_ssl_handshake( &ssl ); + while( ret == MBEDTLS_ERR_NET_WANT_READ || + ret == MBEDTLS_ERR_NET_WANT_WRITE ); if( ret != 0 ) { - polarssl_printf( " failed\n ! ssl_handshake returned -0x%x\n\n", -ret ); + mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", -ret ); goto exit; } - polarssl_printf( " ok\n" ); + mbedtls_printf( " ok\n" ); /* * 5. Verify the server certificate */ - polarssl_printf( " . Verifying peer X.509 certificate..." ); + mbedtls_printf( " . Verifying peer X.509 certificate..." ); - /* In real life, we would have used SSL_VERIFY_REQUIRED so that the + /* In real life, we would have used MBEDTLS_SSL_VERIFY_REQUIRED so that the * handshake would not succeed if the peer's cert is bad. Even if we used - * SSL_VERIFY_OPTIONAL, we would bail out here if ret != 0 */ - if( ( ret = ssl_get_verify_result( &ssl ) ) != 0 ) + * MBEDTLS_SSL_VERIFY_OPTIONAL, we would bail out here if ret != 0 */ + if( ( ret = mbedtls_ssl_get_verify_result( &ssl ) ) != 0 ) { - polarssl_printf( " failed\n" ); + mbedtls_printf( " failed\n" ); - if( ( ret & BADCERT_EXPIRED ) != 0 ) - polarssl_printf( " ! server certificate has expired\n" ); + if( ( ret & MBEDTLS_BADCERT_EXPIRED ) != 0 ) + mbedtls_printf( " ! server certificate has expired\n" ); - if( ( ret & BADCERT_REVOKED ) != 0 ) - polarssl_printf( " ! server certificate has been revoked\n" ); + if( ( ret & MBEDTLS_X509_BADCERT_REVOKED ) != 0 ) + mbedtls_printf( " ! server certificate has been revoked\n" ); - if( ( ret & BADCERT_CN_MISMATCH ) != 0 ) - polarssl_printf( " ! CN mismatch (expected CN=%s)\n", SERVER_NAME ); + if( ( ret & MBEDTLS_X509_BADCERT_CN_MISMATCH ) != 0 ) + mbedtls_printf( " ! CN mismatch (expected CN=%s)\n", SERVER_NAME ); - if( ( ret & BADCERT_NOT_TRUSTED ) != 0 ) - polarssl_printf( " ! self-signed or not signed by a trusted CA\n" ); + if( ( ret & MBEDTLS_X509_BADCERT_NOT_TRUSTED ) != 0 ) + mbedtls_printf( " ! self-signed or not signed by a trusted CA\n" ); - polarssl_printf( "\n" ); + mbedtls_printf( "\n" ); } else - polarssl_printf( " ok\n" ); + mbedtls_printf( " ok\n" ); /* * 6. Write the echo request */ send_request: - polarssl_printf( " > Write to server:" ); + mbedtls_printf( " > Write to server:" ); fflush( stdout ); len = sizeof( MESSAGE ) - 1; - do ret = ssl_write( &ssl, (unsigned char *) MESSAGE, len ); - while( ret == POLARSSL_ERR_NET_WANT_READ || - ret == POLARSSL_ERR_NET_WANT_WRITE ); + do ret = mbedtls_ssl_write( &ssl, (unsigned char *) MESSAGE, len ); + while( ret == MBEDTLS_ERR_NET_WANT_READ || + ret == MBEDTLS_ERR_NET_WANT_WRITE ); if( ret < 0 ) { - polarssl_printf( " failed\n ! ssl_write returned %d\n\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret ); goto exit; } len = ret; - polarssl_printf( " %d bytes written\n\n%s\n\n", len, MESSAGE ); + mbedtls_printf( " %d bytes written\n\n%s\n\n", len, MESSAGE ); /* * 7. Read the echo response */ - polarssl_printf( " < Read from server:" ); + mbedtls_printf( " < Read from server:" ); fflush( stdout ); len = sizeof( buf ) - 1; memset( buf, 0, sizeof( buf ) ); - do ret = ssl_read( &ssl, buf, len ); - while( ret == POLARSSL_ERR_NET_WANT_READ || - ret == POLARSSL_ERR_NET_WANT_WRITE ); + do ret = mbedtls_ssl_read( &ssl, buf, len ); + while( ret == MBEDTLS_ERR_NET_WANT_READ || + ret == MBEDTLS_ERR_NET_WANT_WRITE ); if( ret <= 0 ) { switch( ret ) { - case POLARSSL_ERR_NET_TIMEOUT: - polarssl_printf( " timeout\n\n" ); + case MBEDTLS_ERR_NET_TIMEOUT: + mbedtls_printf( " timeout\n\n" ); if( retry_left-- > 0 ) goto send_request; goto exit; - case POLARSSL_ERR_SSL_PEER_CLOSE_NOTIFY: - polarssl_printf( " connection was closed gracefully\n" ); + case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY: + mbedtls_printf( " connection was closed gracefully\n" ); ret = 0; goto close_notify; default: - polarssl_printf( " ssl_read returned -0x%x\n\n", -ret ); + mbedtls_printf( " mbedtls_ssl_read returned -0x%x\n\n", -ret ); goto exit; } } len = ret; - polarssl_printf( " %d bytes read\n\n%s\n\n", len, buf ); + mbedtls_printf( " %d bytes read\n\n%s\n\n", len, buf ); /* * 8. Done, cleanly close the connection */ close_notify: - polarssl_printf( " . Closing the connection..." ); + mbedtls_printf( " . Closing the connection..." ); /* No error checking, the connection might be closed already */ - do ret = ssl_close_notify( &ssl ); - while( ret == POLARSSL_ERR_NET_WANT_WRITE ); + do ret = mbedtls_ssl_close_notify( &ssl ); + while( ret == MBEDTLS_ERR_NET_WANT_WRITE ); ret = 0; - polarssl_printf( " done\n" ); + mbedtls_printf( " done\n" ); /* * 9. Final clean-ups and exit */ exit: -#ifdef POLARSSL_ERROR_C +#ifdef MBEDTLS_ERROR_C if( ret != 0 ) { char error_buf[100]; - polarssl_strerror( ret, error_buf, 100 ); - polarssl_printf( "Last error was: %d - %s\n\n", ret, error_buf ); + mbedtls_strerror( ret, error_buf, 100 ); + mbedtls_printf( "Last error was: %d - %s\n\n", ret, error_buf ); } #endif if( server_fd != -1 ) - net_close( server_fd ); + mbedtls_net_close( server_fd ); - x509_crt_free( &cacert ); - ssl_free( &ssl ); - ctr_drbg_free( &ctr_drbg ); - entropy_free( &entropy ); + mbedtls_x509_crt_free( &cacert ); + mbedtls_ssl_free( &ssl ); + mbedtls_ctr_drbg_free( &ctr_drbg ); + mbedtls_entropy_free( &entropy ); #if defined(_WIN32) - polarssl_printf( " + Press Enter to exit this program.\n" ); + mbedtls_printf( " + Press Enter to exit this program.\n" ); fflush( stdout ); getchar(); #endif @@ -335,7 +335,7 @@ return( ret ); } -#endif /* POLARSSL_SSL_CLI_C && POLARSSL_SSL_PROTO_DTLS && POLARSSL_NET_C && - POLARSSL_ENTROPY_C && POLARSSL_CTR_DRBG_C && - POLARSSL_X509_CRT_PARSE_C && POLARSSL_RSA_C && POLARSSL_CERTS_C && - POLARSSL_PEM_PARSE_C */ +#endif /* MBEDTLS_SSL_CLI_C && MBEDTLS_SSL_PROTO_DTLS && MBEDTLS_NET_C && + MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C && + MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_RSA_C && MBEDTLS_CERTS_C && + MBEDTLS_PEM_PARSE_C */
diff --git a/programs/ssl/dtls_server.c b/programs/ssl/dtls_server.c index 97d8e28..689a0a7 100644 --- a/programs/ssl/dtls_server.c +++ b/programs/ssl/dtls_server.c
@@ -20,33 +20,33 @@ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#if !defined(POLARSSL_CONFIG_FILE) +#if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_PLATFORM_C) +#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" #else -#define polarssl_printf printf -#define polarssl_fprintf fprintf +#define mbedtls_printf printf +#define mbedtls_fprintf fprintf #endif -#if !defined(POLARSSL_SSL_SRV_C) || !defined(POLARSSL_SSL_PROTO_DTLS) || \ - !defined(POLARSSL_SSL_COOKIE_C) || !defined(POLARSSL_NET_C) || \ - !defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_CTR_DRBG_C) || \ - !defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_RSA_C) || \ - !defined(POLARSSL_CERTS_C) || !defined(POLARSSL_PEM_PARSE_C) +#if !defined(MBEDTLS_SSL_SRV_C) || !defined(MBEDTLS_SSL_PROTO_DTLS) || \ + !defined(MBEDTLS_SSL_COOKIE_C) || !defined(MBEDTLS_NET_C) || \ + !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C) || \ + !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_RSA_C) || \ + !defined(MBEDTLS_CERTS_C) || !defined(MBEDTLS_PEM_PARSE_C) #include <stdio.h> int main( void ) { - printf( "POLARSSL_SSL_SRV_C and/or POLARSSL_SSL_PROTO_DTLS and/or " - "POLARSSL_SSL_COOKIE_C and/or POLARSSL_NET_C and/or " - "POLARSSL_ENTROPY_C and/or POLARSSL_CTR_DRBG_C and/or " - "POLARSSL_X509_CRT_PARSE_C and/or POLARSSL_RSA_C and/or " - "POLARSSL_CERTS_C and/or POLARSSL_PEM_PARSE_C not defined.\n" ); + printf( "MBEDTLS_SSL_SRV_C and/or MBEDTLS_SSL_PROTO_DTLS and/or " + "MBEDTLS_SSL_COOKIE_C and/or MBEDTLS_NET_C and/or " + "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C and/or " + "MBEDTLS_X509_CRT_PARSE_C and/or MBEDTLS_RSA_C and/or " + "MBEDTLS_CERTS_C and/or MBEDTLS_PEM_PARSE_C not defined.\n" ); return( 0 ); } #else @@ -69,7 +69,7 @@ #include "mbedtls/error.h" #include "mbedtls/debug.h" -#if defined(POLARSSL_SSL_CACHE_C) +#if defined(MBEDTLS_SSL_CACHE_C) #include "mbedtls/ssl_cache.h" #endif @@ -80,7 +80,7 @@ { ((void) level); - polarssl_fprintf( (FILE *) ctx, "%s", str ); + mbedtls_fprintf( (FILE *) ctx, "%s", str ); fflush( (FILE *) ctx ); } @@ -92,28 +92,28 @@ unsigned char buf[1024]; const char *pers = "dtls_server"; unsigned char client_ip[16] = { 0 }; - ssl_cookie_ctx cookie_ctx; + mbedtls_ssl_cookie_ctx cookie_ctx; - entropy_context entropy; - ctr_drbg_context ctr_drbg; - ssl_context ssl; - x509_crt srvcert; - pk_context pkey; -#if defined(POLARSSL_SSL_CACHE_C) - ssl_cache_context cache; + mbedtls_entropy_context entropy; + mbedtls_ctr_drbg_context ctr_drbg; + mbedtls_ssl_context ssl; + mbedtls_x509_crt srvcert; + mbedtls_pk_context pkey; +#if defined(MBEDTLS_SSL_CACHE_C) + mbedtls_ssl_cache_context cache; #endif - memset( &ssl, 0, sizeof(ssl_context) ); - ssl_cookie_init( &cookie_ctx ); -#if defined(POLARSSL_SSL_CACHE_C) - ssl_cache_init( &cache ); + memset( &ssl, 0, sizeof(mbedtls_ssl_context) ); + mbedtls_ssl_cookie_init( &cookie_ctx ); +#if defined(MBEDTLS_SSL_CACHE_C) + mbedtls_ssl_cache_init( &cache ); #endif - x509_crt_init( &srvcert ); - pk_init( &pkey ); - entropy_init( &entropy ); + mbedtls_x509_crt_init( &srvcert ); + mbedtls_pk_init( &pkey ); + mbedtls_entropy_init( &entropy ); -#if defined(POLARSSL_DEBUG_C) - debug_set_threshold( DEBUG_LEVEL ); +#if defined(MBEDTLS_DEBUG_C) + mbedtls_debug_set_threshold( DEBUG_LEVEL ); #endif /* @@ -124,30 +124,30 @@ /* * This demonstration program uses embedded test certificates. - * Instead, you may want to use x509_crt_parse_file() to read the - * server and CA certificates, as well as pk_parse_keyfile(). + * Instead, you may want to use mbedtls_x509_crt_parse_file() to read the + * server and CA certificates, as well as mbedtls_pk_parse_keyfile(). */ - ret = x509_crt_parse( &srvcert, (const unsigned char *) test_srv_crt, - test_srv_crt_len ); + ret = mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_srv_crt, + mbedtls_test_srv_crt_len ); if( ret != 0 ) { - printf( " failed\n ! x509_crt_parse returned %d\n\n", ret ); + printf( " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret ); goto exit; } - ret = x509_crt_parse( &srvcert, (const unsigned char *) test_cas_pem, - test_cas_pem_len ); + ret = mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_cas_pem, + mbedtls_test_cas_pem_len ); if( ret != 0 ) { - printf( " failed\n ! x509_crt_parse returned %d\n\n", ret ); + printf( " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret ); goto exit; } - ret = pk_parse_key( &pkey, (const unsigned char *) test_srv_key, - test_srv_key_len, NULL, 0 ); + ret = mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key, + mbedtls_test_srv_key_len, NULL, 0 ); if( ret != 0 ) { - printf( " failed\n ! pk_parse_key returned %d\n\n", ret ); + printf( " failed\n ! mbedtls_pk_parse_key returned %d\n\n", ret ); goto exit; } @@ -159,9 +159,9 @@ printf( " . Bind on udp/*/4433 ..." ); fflush( stdout ); - if( ( ret = net_bind( &listen_fd, NULL, 4433, NET_PROTO_UDP ) ) != 0 ) + if( ( ret = mbedtls_net_bind( &listen_fd, NULL, 4433, MBEDTLS_NET_PROTO_UDP ) ) != 0 ) { - printf( " failed\n ! net_bind returned %d\n\n", ret ); + printf( " failed\n ! mbedtls_net_bind returned %d\n\n", ret ); goto exit; } @@ -173,11 +173,11 @@ printf( " . Seeding the random number generator..." ); fflush( stdout ); - if( ( ret = ctr_drbg_init( &ctr_drbg, entropy_func, &entropy, + if( ( ret = mbedtls_ctr_drbg_init( &ctr_drbg, mbedtls_entropy_func, &entropy, (const unsigned char *) pers, strlen( pers ) ) ) != 0 ) { - printf( " failed\n ! ctr_drbg_init returned %d\n", ret ); + printf( " failed\n ! mbedtls_ctr_drbg_init returned %d\n", ret ); goto exit; } @@ -189,57 +189,57 @@ printf( " . Setting up the DTLS data..." ); fflush( stdout ); - if( ( ret = ssl_init( &ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_init( &ssl ) ) != 0 ) { - printf( " failed\n ! ssl_init returned %d\n\n", ret ); + printf( " failed\n ! mbedtls_ssl_init returned %d\n\n", ret ); goto exit; } - ssl_set_endpoint( &ssl, SSL_IS_SERVER ); - ssl_set_transport( &ssl, SSL_TRANSPORT_DATAGRAM ); - ssl_set_authmode( &ssl, SSL_VERIFY_NONE ); + mbedtls_ssl_set_endpoint( &ssl, MBEDTLS_SSL_IS_SERVER ); + mbedtls_ssl_set_transport( &ssl, MBEDTLS_SSL_TRANSPORT_DATAGRAM ); + mbedtls_ssl_set_authmode( &ssl, MBEDTLS_SSL_VERIFY_NONE ); - ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg ); - ssl_set_dbg( &ssl, my_debug, stdout ); + mbedtls_ssl_set_rng( &ssl, mbedtls_ctr_drbg_random, &ctr_drbg ); + mbedtls_ssl_set_dbg( &ssl, my_debug, stdout ); -#if defined(POLARSSL_SSL_CACHE_C) - ssl_set_session_cache( &ssl, ssl_cache_get, &cache, - ssl_cache_set, &cache ); +#if defined(MBEDTLS_SSL_CACHE_C) + mbedtls_ssl_set_session_cache( &ssl, mbedtls_ssl_cache_get, &cache, + mbedtls_ssl_cache_set, &cache ); #endif - ssl_set_ca_chain( &ssl, srvcert.next, NULL, NULL ); - if( ( ret = ssl_set_own_cert( &ssl, &srvcert, &pkey ) ) != 0 ) + mbedtls_ssl_set_ca_chain( &ssl, srvcert.next, NULL, NULL ); + if( ( ret = mbedtls_ssl_set_own_cert( &ssl, &srvcert, &pkey ) ) != 0 ) { - printf( " failed\n ! ssl_set_own_cert returned %d\n\n", ret ); + printf( " failed\n ! mbedtls_ssl_set_own_cert returned %d\n\n", ret ); goto exit; } - if( ( ret = ssl_cookie_setup( &cookie_ctx, - ctr_drbg_random, &ctr_drbg ) ) != 0 ) + if( ( ret = mbedtls_ssl_cookie_setup( &cookie_ctx, + mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) { - printf( " failed\n ! ssl_cookie_setup returned %d\n\n", ret ); + printf( " failed\n ! mbedtls_ssl_cookie_setup returned %d\n\n", ret ); goto exit; } - ssl_set_dtls_cookies( &ssl, ssl_cookie_write, ssl_cookie_check, + mbedtls_ssl_set_dtls_cookies( &ssl, mbedtls_ssl_cookie_write, mbedtls_ssl_cookie_check, &cookie_ctx ); printf( " ok\n" ); reset: -#ifdef POLARSSL_ERROR_C +#ifdef MBEDTLS_ERROR_C if( ret != 0 ) { char error_buf[100]; - polarssl_strerror( ret, error_buf, 100 ); + mbedtls_strerror( ret, error_buf, 100 ); printf("Last error was: %d - %s\n\n", ret, error_buf ); } #endif if( client_fd != -1 ) - net_close( client_fd ); + mbedtls_net_close( client_fd ); - ssl_session_reset( &ssl ); + mbedtls_ssl_session_reset( &ssl ); /* * 3. Wait until a client connects @@ -249,21 +249,21 @@ printf( " . Waiting for a remote connection ..." ); fflush( stdout ); - if( ( ret = net_accept( listen_fd, &client_fd, client_ip ) ) != 0 ) + if( ( ret = mbedtls_net_accept( listen_fd, &client_fd, client_ip ) ) != 0 ) { - printf( " failed\n ! net_accept returned %d\n\n", ret ); + printf( " failed\n ! mbedtls_net_accept returned %d\n\n", ret ); goto exit; } /* With UDP, bind_fd is hijacked by client_fd, so bind a new one */ - if( ( ret = net_bind( &listen_fd, NULL, 4433, NET_PROTO_UDP ) ) != 0 ) + if( ( ret = mbedtls_net_bind( &listen_fd, NULL, 4433, MBEDTLS_NET_PROTO_UDP ) ) != 0 ) { - printf( " failed\n ! net_bind returned -0x%x\n\n", -ret ); + printf( " failed\n ! mbedtls_net_bind returned -0x%x\n\n", -ret ); goto exit; } /* For HelloVerifyRequest cookies */ - if( ( ret = ssl_set_client_transport_id( &ssl, client_ip, + if( ( ret = mbedtls_ssl_set_client_transport_id( &ssl, client_ip, sizeof( client_ip ) ) ) != 0 ) { printf( " failed\n ! " @@ -271,8 +271,8 @@ goto exit; } - ssl_set_bio_timeout( &ssl, &client_fd, - net_send, net_recv, net_recv_timeout, + mbedtls_ssl_set_bio_timeout( &ssl, &client_fd, + mbedtls_net_send, mbedtls_net_recv, mbedtls_net_recv_timeout, READ_TIMEOUT_MS ); printf( " ok\n" ); @@ -283,11 +283,11 @@ printf( " . Performing the DTLS handshake..." ); fflush( stdout ); - do ret = ssl_handshake( &ssl ); - while( ret == POLARSSL_ERR_NET_WANT_READ || - ret == POLARSSL_ERR_NET_WANT_WRITE ); + do ret = mbedtls_ssl_handshake( &ssl ); + while( ret == MBEDTLS_ERR_NET_WANT_READ || + ret == MBEDTLS_ERR_NET_WANT_WRITE ); - if( ret == POLARSSL_ERR_SSL_HELLO_VERIFY_REQUIRED ) + if( ret == MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED ) { printf( " hello verification requested\n" ); ret = 0; @@ -295,7 +295,7 @@ } else if( ret != 0 ) { - printf( " failed\n ! ssl_handshake returned -0x%x\n\n", -ret ); + printf( " failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", -ret ); goto reset; } @@ -310,25 +310,25 @@ len = sizeof( buf ) - 1; memset( buf, 0, sizeof( buf ) ); - do ret = ssl_read( &ssl, buf, len ); - while( ret == POLARSSL_ERR_NET_WANT_READ || - ret == POLARSSL_ERR_NET_WANT_WRITE ); + do ret = mbedtls_ssl_read( &ssl, buf, len ); + while( ret == MBEDTLS_ERR_NET_WANT_READ || + ret == MBEDTLS_ERR_NET_WANT_WRITE ); if( ret <= 0 ) { switch( ret ) { - case POLARSSL_ERR_NET_TIMEOUT: + case MBEDTLS_ERR_NET_TIMEOUT: printf( " timeout\n\n" ); goto reset; - case POLARSSL_ERR_SSL_PEER_CLOSE_NOTIFY: + case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY: printf( " connection was closed gracefully\n" ); ret = 0; goto close_notify; default: - printf( " ssl_read returned -0x%x\n\n", -ret ); + printf( " mbedtls_ssl_read returned -0x%x\n\n", -ret ); goto reset; } } @@ -342,13 +342,13 @@ printf( " > Write to client:" ); fflush( stdout ); - do ret = ssl_write( &ssl, buf, len ); - while( ret == POLARSSL_ERR_NET_WANT_READ || - ret == POLARSSL_ERR_NET_WANT_WRITE ); + do ret = mbedtls_ssl_write( &ssl, buf, len ); + while( ret == MBEDTLS_ERR_NET_WANT_READ || + ret == MBEDTLS_ERR_NET_WANT_WRITE ); if( ret < 0 ) { - printf( " failed\n ! ssl_write returned %d\n\n", ret ); + printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret ); goto exit; } @@ -362,8 +362,8 @@ printf( " . Closing the connection..." ); /* No error checking, the connection might be closed already */ - do ret = ssl_close_notify( &ssl ); - while( ret == POLARSSL_ERR_NET_WANT_WRITE ); + do ret = mbedtls_ssl_close_notify( &ssl ); + while( ret == MBEDTLS_ERR_NET_WANT_WRITE ); ret = 0; printf( " done\n" ); @@ -375,27 +375,27 @@ */ exit: -#ifdef POLARSSL_ERROR_C +#ifdef MBEDTLS_ERROR_C if( ret != 0 ) { char error_buf[100]; - polarssl_strerror( ret, error_buf, 100 ); + mbedtls_strerror( ret, error_buf, 100 ); printf( "Last error was: %d - %s\n\n", ret, error_buf ); } #endif if( client_fd != -1 ) - net_close( client_fd ); + mbedtls_net_close( client_fd ); - x509_crt_free( &srvcert ); - pk_free( &pkey ); - ssl_free( &ssl ); - ssl_cookie_free( &cookie_ctx ); -#if defined(POLARSSL_SSL_CACHE_C) - ssl_cache_free( &cache ); + mbedtls_x509_crt_free( &srvcert ); + mbedtls_pk_free( &pkey ); + mbedtls_ssl_free( &ssl ); + mbedtls_ssl_cookie_free( &cookie_ctx ); +#if defined(MBEDTLS_SSL_CACHE_C) + mbedtls_ssl_cache_free( &cache ); #endif - ctr_drbg_free( &ctr_drbg ); - entropy_free( &entropy ); + mbedtls_ctr_drbg_free( &ctr_drbg ); + mbedtls_entropy_free( &entropy ); #if defined(_WIN32) printf( " Press Enter to exit this program.\n" ); @@ -408,7 +408,7 @@ return( ret ); } -#endif /* POLARSSL_SSL_SRV_C && POLARSSL_SSL_PROTO_DTLS && - POLARSSL_SSL_COOKIE_C && POLARSSL_NET_C && POLARSSL_ENTROPY_C && - POLARSSL_CTR_DRBG_C && POLARSSL_X509_CRT_PARSE_C && POLARSSL_RSA_C - && POLARSSL_CERTS_C && POLARSSL_PEM_PARSE_C */ +#endif /* MBEDTLS_SSL_SRV_C && MBEDTLS_SSL_PROTO_DTLS && + MBEDTLS_SSL_COOKIE_C && MBEDTLS_NET_C && MBEDTLS_ENTROPY_C && + MBEDTLS_CTR_DRBG_C && MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_RSA_C + && MBEDTLS_CERTS_C && MBEDTLS_PEM_PARSE_C */
diff --git a/programs/ssl/mini_client.c b/programs/ssl/mini_client.c index b83ccd9..903177c 100644 --- a/programs/ssl/mini_client.c +++ b/programs/ssl/mini_client.c
@@ -21,10 +21,10 @@ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#if !defined(POLARSSL_CONFIG_FILE) +#if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif /* @@ -37,19 +37,19 @@ #define UNIX #endif -#if !defined(POLARSSL_CTR_DRBG_C) || !defined(POLARSSL_ENTROPY_C) || \ - !defined(POLARSSL_NET_C) || !defined(POLARSSL_SSL_CLI_C) || \ +#if !defined(MBEDTLS_CTR_DRBG_C) || !defined(MBEDTLS_ENTROPY_C) || \ + !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_SSL_CLI_C) || \ !defined(UNIX) -#if defined(POLARSSL_PLATFORM_C) +#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" #else #include <stdio.h> -#define polarssl_printf printf +#define mbedtls_printf printf #endif int main( void ) { - polarssl_printf( "POLARSSL_CTR_DRBG_C and/or POLARSSL_ENTROPY_C and/or " - "POLARSSL_NET_C and/or POLARSSL_SSL_CLI_C and/or UNIX " + mbedtls_printf( "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_ENTROPY_C and/or " + "MBEDTLS_NET_C and/or MBEDTLS_SSL_CLI_C and/or UNIX " "not defined.\n"); return( 0 ); } @@ -79,7 +79,7 @@ const char *pers = "mini_client"; -#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED) +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) const unsigned char psk[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f @@ -87,7 +87,7 @@ const char psk_id[] = "Client_identity"; #endif -#if defined(POLARSSL_X509_CRT_PARSE_C) +#if defined(MBEDTLS_X509_CRT_PARSE_C) /* This is tests/data_files/test-ca2.crt, a CA using EC secp384r1 */ const unsigned char ca_cert[] = { 0x30, 0x82, 0x02, 0x52, 0x30, 0x82, 0x01, 0xd7, 0xa0, 0x03, 0x02, 0x01, @@ -141,7 +141,7 @@ 0xb8, 0x28, 0xe7, 0xf2, 0x9c, 0x14, 0x3a, 0x40, 0x01, 0x5c, 0xaf, 0x0c, 0xb2, 0xcf, 0x74, 0x7f, 0x30, 0x9f, 0x08, 0x43, 0xad, 0x20, }; -#endif /* POLARSSL_X509_CRT_PARSE_C */ +#endif /* MBEDTLS_X509_CRT_PARSE_C */ enum exit_codes { @@ -160,54 +160,54 @@ int ret = exit_ok; int server_fd = -1; struct sockaddr_in addr; -#if defined(POLARSSL_X509_CRT_PARSE_C) - x509_crt ca; +#if defined(MBEDTLS_X509_CRT_PARSE_C) + mbedtls_x509_crt ca; #endif - entropy_context entropy; - ctr_drbg_context ctr_drbg; - ssl_context ssl; + mbedtls_entropy_context entropy; + mbedtls_ctr_drbg_context ctr_drbg; + mbedtls_ssl_context ssl; /* * 0. Initialize and setup stuff */ - memset( &ssl, 0, sizeof( ssl_context ) ); -#if defined(POLARSSL_X509_CRT_PARSE_C) - x509_crt_init( &ca ); + memset( &ssl, 0, sizeof( mbedtls_ssl_context ) ); +#if defined(MBEDTLS_X509_CRT_PARSE_C) + mbedtls_x509_crt_init( &ca ); #endif - entropy_init( &entropy ); - if( ctr_drbg_init( &ctr_drbg, entropy_func, &entropy, + mbedtls_entropy_init( &entropy ); + if( mbedtls_ctr_drbg_init( &ctr_drbg, mbedtls_entropy_func, &entropy, (const unsigned char *) pers, strlen( pers ) ) != 0 ) { ret = ssl_init_failed; goto exit; } - if( ssl_init( &ssl ) != 0 ) + if( mbedtls_ssl_init( &ssl ) != 0 ) { ret = ssl_init_failed; goto exit; } - ssl_set_endpoint( &ssl, SSL_IS_CLIENT ); + mbedtls_ssl_set_endpoint( &ssl, MBEDTLS_SSL_IS_CLIENT ); - ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg ); + mbedtls_ssl_set_rng( &ssl, mbedtls_ctr_drbg_random, &ctr_drbg ); -#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED) - ssl_set_psk( &ssl, psk, sizeof( psk ), +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) + mbedtls_ssl_set_psk( &ssl, psk, sizeof( psk ), (const unsigned char *) psk_id, sizeof( psk_id ) - 1 ); #endif -#if defined(POLARSSL_X509_CRT_PARSE_C) - if( x509_crt_parse_der( &ca, ca_cert, sizeof( ca_cert ) ) != 0 ) +#if defined(MBEDTLS_X509_CRT_PARSE_C) + if( mbedtls_x509_crt_parse_der( &ca, ca_cert, sizeof( ca_cert ) ) != 0 ) { ret = x509_crt_parse_failed; goto exit; } - ssl_set_ca_chain( &ssl, &ca, NULL, HOSTNAME ); - ssl_set_authmode( &ssl, SSL_VERIFY_REQUIRED ); + mbedtls_ssl_set_ca_chain( &ssl, &ca, NULL, HOSTNAME ); + mbedtls_ssl_set_authmode( &ssl, MBEDTLS_SSL_VERIFY_REQUIRED ); #endif /* @@ -234,9 +234,9 @@ goto exit; } - ssl_set_bio_timeout( &ssl, &server_fd, net_send, net_recv, NULL, 0 ); + mbedtls_ssl_set_bio_timeout( &ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL, 0 ); - if( ssl_handshake( &ssl ) != 0 ) + if( mbedtls_ssl_handshake( &ssl ) != 0 ) { ret = ssl_handshake_failed; goto exit; @@ -245,24 +245,24 @@ /* * 2. Write the GET request and close the connection */ - if( ssl_write( &ssl, (const unsigned char *) GET_REQUEST, + if( mbedtls_ssl_write( &ssl, (const unsigned char *) GET_REQUEST, sizeof( GET_REQUEST ) - 1 ) <= 0 ) { ret = ssl_write_failed; goto exit; } - ssl_close_notify( &ssl ); + mbedtls_ssl_close_notify( &ssl ); exit: if( server_fd != -1 ) - net_close( server_fd ); + mbedtls_net_close( server_fd ); - ssl_free( &ssl ); - ctr_drbg_free( &ctr_drbg ); - entropy_free( &entropy ); -#if defined(POLARSSL_X509_CRT_PARSE_C) - x509_crt_free( &ca ); + mbedtls_ssl_free( &ssl ); + mbedtls_ctr_drbg_free( &ctr_drbg ); + mbedtls_entropy_free( &entropy ); +#if defined(MBEDTLS_X509_CRT_PARSE_C) + mbedtls_x509_crt_free( &ca ); #endif return( ret );
diff --git a/programs/ssl/ssl_client1.c b/programs/ssl/ssl_client1.c index 45a6902..430060b 100644 --- a/programs/ssl/ssl_client1.c +++ b/programs/ssl/ssl_client1.c
@@ -20,31 +20,31 @@ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#if !defined(POLARSSL_CONFIG_FILE) +#if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_PLATFORM_C) +#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" #else #include <stdio.h> -#define polarssl_fprintf fprintf -#define polarssl_printf printf +#define mbedtls_fprintf fprintf +#define mbedtls_printf printf #endif -#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_ENTROPY_C) || \ - !defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_CLI_C) || \ - !defined(POLARSSL_NET_C) || !defined(POLARSSL_RSA_C) || \ - !defined(POLARSSL_CERTS_C) || !defined(POLARSSL_PEM_PARSE_C) || \ - !defined(POLARSSL_CTR_DRBG_C) || !defined(POLARSSL_X509_CRT_PARSE_C) +#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_ENTROPY_C) || \ + !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_CLI_C) || \ + !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_RSA_C) || \ + !defined(MBEDTLS_CERTS_C) || !defined(MBEDTLS_PEM_PARSE_C) || \ + !defined(MBEDTLS_CTR_DRBG_C) || !defined(MBEDTLS_X509_CRT_PARSE_C) int main( void ) { - polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_ENTROPY_C and/or " - "POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_CLI_C and/or " - "POLARSSL_NET_C and/or POLARSSL_RSA_C and/or " - "POLARSSL_CTR_DRBG_C and/or POLARSSL_X509_CRT_PARSE_C " + mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or " + "MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_CLI_C and/or " + "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " + "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C " "not defined.\n"); return( 0 ); } @@ -70,7 +70,7 @@ { ((void) level); - polarssl_fprintf( (FILE *) ctx, "%s", str ); + mbedtls_fprintf( (FILE *) ctx, "%s", str ); fflush( (FILE *) ctx ); } @@ -80,221 +80,221 @@ unsigned char buf[1024]; const char *pers = "ssl_client1"; - entropy_context entropy; - ctr_drbg_context ctr_drbg; - ssl_context ssl; - x509_crt cacert; + mbedtls_entropy_context entropy; + mbedtls_ctr_drbg_context ctr_drbg; + mbedtls_ssl_context ssl; + mbedtls_x509_crt cacert; -#if defined(POLARSSL_DEBUG_C) - debug_set_threshold( DEBUG_LEVEL ); +#if defined(MBEDTLS_DEBUG_C) + mbedtls_debug_set_threshold( DEBUG_LEVEL ); #endif /* * 0. Initialize the RNG and the session data */ - memset( &ssl, 0, sizeof( ssl_context ) ); - x509_crt_init( &cacert ); + memset( &ssl, 0, sizeof( mbedtls_ssl_context ) ); + mbedtls_x509_crt_init( &cacert ); - polarssl_printf( "\n . Seeding the random number generator..." ); + mbedtls_printf( "\n . Seeding the random number generator..." ); fflush( stdout ); - entropy_init( &entropy ); - if( ( ret = ctr_drbg_init( &ctr_drbg, entropy_func, &entropy, + mbedtls_entropy_init( &entropy ); + if( ( ret = mbedtls_ctr_drbg_init( &ctr_drbg, mbedtls_entropy_func, &entropy, (const unsigned char *) pers, strlen( pers ) ) ) != 0 ) { - polarssl_printf( " failed\n ! ctr_drbg_init returned %d\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_init returned %d\n", ret ); goto exit; } - polarssl_printf( " ok\n" ); + mbedtls_printf( " ok\n" ); /* * 0. Initialize certificates */ - polarssl_printf( " . Loading the CA root certificate ..." ); + mbedtls_printf( " . Loading the CA root certificate ..." ); fflush( stdout ); - ret = x509_crt_parse( &cacert, (const unsigned char *) test_cas_pem, - test_cas_pem_len ); + ret = mbedtls_x509_crt_parse( &cacert, (const unsigned char *) mbedtls_test_cas_pem, + mbedtls_test_cas_pem_len ); if( ret < 0 ) { - polarssl_printf( " failed\n ! x509_crt_parse returned -0x%x\n\n", -ret ); + mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", -ret ); goto exit; } - polarssl_printf( " ok (%d skipped)\n", ret ); + mbedtls_printf( " ok (%d skipped)\n", ret ); /* * 1. Start the connection */ - polarssl_printf( " . Connecting to tcp/%s/%4d...", SERVER_NAME, + mbedtls_printf( " . Connecting to tcp/%s/%4d...", SERVER_NAME, SERVER_PORT ); fflush( stdout ); - if( ( ret = net_connect( &server_fd, SERVER_NAME, - SERVER_PORT, NET_PROTO_TCP ) ) != 0 ) + if( ( ret = mbedtls_net_connect( &server_fd, SERVER_NAME, + SERVER_PORT, MBEDTLS_NET_PROTO_TCP ) ) != 0 ) { - polarssl_printf( " failed\n ! net_connect returned %d\n\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_net_connect returned %d\n\n", ret ); goto exit; } - polarssl_printf( " ok\n" ); + mbedtls_printf( " ok\n" ); /* * 2. Setup stuff */ - polarssl_printf( " . Setting up the SSL/TLS structure..." ); + mbedtls_printf( " . Setting up the SSL/TLS structure..." ); fflush( stdout ); - if( ( ret = ssl_init( &ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_init( &ssl ) ) != 0 ) { - polarssl_printf( " failed\n ! ssl_init returned %d\n\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_ssl_init returned %d\n\n", ret ); goto exit; } - polarssl_printf( " ok\n" ); + mbedtls_printf( " ok\n" ); - ssl_set_endpoint( &ssl, SSL_IS_CLIENT ); + mbedtls_ssl_set_endpoint( &ssl, MBEDTLS_SSL_IS_CLIENT ); /* OPTIONAL is not optimal for security, * but makes interop easier in this simplified example */ - ssl_set_authmode( &ssl, SSL_VERIFY_OPTIONAL ); - ssl_set_ca_chain( &ssl, &cacert, NULL, "mbed TLS Server 1" ); + mbedtls_ssl_set_authmode( &ssl, MBEDTLS_SSL_VERIFY_OPTIONAL ); + mbedtls_ssl_set_ca_chain( &ssl, &cacert, NULL, "mbed TLS Server 1" ); - ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg ); - ssl_set_dbg( &ssl, my_debug, stdout ); - ssl_set_bio_timeout( &ssl, &server_fd, net_send, net_recv, NULL, 0 ); + mbedtls_ssl_set_rng( &ssl, mbedtls_ctr_drbg_random, &ctr_drbg ); + mbedtls_ssl_set_dbg( &ssl, my_debug, stdout ); + mbedtls_ssl_set_bio_timeout( &ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL, 0 ); /* * 4. Handshake */ - polarssl_printf( " . Performing the SSL/TLS handshake..." ); + mbedtls_printf( " . Performing the SSL/TLS handshake..." ); fflush( stdout ); - while( ( ret = ssl_handshake( &ssl ) ) != 0 ) + while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 ) { - if( ret != POLARSSL_ERR_NET_WANT_READ && ret != POLARSSL_ERR_NET_WANT_WRITE ) + if( ret != MBEDTLS_ERR_NET_WANT_READ && ret != MBEDTLS_ERR_NET_WANT_WRITE ) { - polarssl_printf( " failed\n ! ssl_handshake returned -0x%x\n\n", -ret ); + mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", -ret ); goto exit; } } - polarssl_printf( " ok\n" ); + mbedtls_printf( " ok\n" ); /* * 5. Verify the server certificate */ - polarssl_printf( " . Verifying peer X.509 certificate..." ); + mbedtls_printf( " . Verifying peer X.509 certificate..." ); /* In real life, we may want to bail out when ret != 0 */ - if( ( ret = ssl_get_verify_result( &ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_get_verify_result( &ssl ) ) != 0 ) { - polarssl_printf( " failed\n" ); + mbedtls_printf( " failed\n" ); - if( ( ret & BADCERT_EXPIRED ) != 0 ) - polarssl_printf( " ! server certificate has expired\n" ); + if( ( ret & MBEDTLS_BADCERT_EXPIRED ) != 0 ) + mbedtls_printf( " ! server certificate has expired\n" ); - if( ( ret & BADCERT_REVOKED ) != 0 ) - polarssl_printf( " ! server certificate has been revoked\n" ); + if( ( ret & MBEDTLS_X509_BADCERT_REVOKED ) != 0 ) + mbedtls_printf( " ! server certificate has been revoked\n" ); - if( ( ret & BADCERT_CN_MISMATCH ) != 0 ) - polarssl_printf( " ! CN mismatch (expected CN=%s)\n", "PolarSSL Server 1" ); + if( ( ret & MBEDTLS_X509_BADCERT_CN_MISMATCH ) != 0 ) + mbedtls_printf( " ! CN mismatch (expected CN=%s)\n", "PolarSSL Server 1" ); - if( ( ret & BADCERT_NOT_TRUSTED ) != 0 ) - polarssl_printf( " ! self-signed or not signed by a trusted CA\n" ); + if( ( ret & MBEDTLS_X509_BADCERT_NOT_TRUSTED ) != 0 ) + mbedtls_printf( " ! self-signed or not signed by a trusted CA\n" ); - polarssl_printf( "\n" ); + mbedtls_printf( "\n" ); } else - polarssl_printf( " ok\n" ); + mbedtls_printf( " ok\n" ); /* * 3. Write the GET request */ - polarssl_printf( " > Write to server:" ); + mbedtls_printf( " > Write to server:" ); fflush( stdout ); len = sprintf( (char *) buf, GET_REQUEST ); - while( ( ret = ssl_write( &ssl, buf, len ) ) <= 0 ) + while( ( ret = mbedtls_ssl_write( &ssl, buf, len ) ) <= 0 ) { - if( ret != POLARSSL_ERR_NET_WANT_READ && ret != POLARSSL_ERR_NET_WANT_WRITE ) + if( ret != MBEDTLS_ERR_NET_WANT_READ && ret != MBEDTLS_ERR_NET_WANT_WRITE ) { - polarssl_printf( " failed\n ! ssl_write returned %d\n\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret ); goto exit; } } len = ret; - polarssl_printf( " %d bytes written\n\n%s", len, (char *) buf ); + mbedtls_printf( " %d bytes written\n\n%s", len, (char *) buf ); /* * 7. Read the HTTP response */ - polarssl_printf( " < Read from server:" ); + mbedtls_printf( " < Read from server:" ); fflush( stdout ); do { len = sizeof( buf ) - 1; memset( buf, 0, sizeof( buf ) ); - ret = ssl_read( &ssl, buf, len ); + ret = mbedtls_ssl_read( &ssl, buf, len ); - if( ret == POLARSSL_ERR_NET_WANT_READ || ret == POLARSSL_ERR_NET_WANT_WRITE ) + if( ret == MBEDTLS_ERR_NET_WANT_READ || ret == MBEDTLS_ERR_NET_WANT_WRITE ) continue; - if( ret == POLARSSL_ERR_SSL_PEER_CLOSE_NOTIFY ) + if( ret == MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY ) break; if( ret < 0 ) { - polarssl_printf( "failed\n ! ssl_read returned %d\n\n", ret ); + mbedtls_printf( "failed\n ! mbedtls_ssl_read returned %d\n\n", ret ); break; } if( ret == 0 ) { - polarssl_printf( "\n\nEOF\n\n" ); + mbedtls_printf( "\n\nEOF\n\n" ); break; } len = ret; - polarssl_printf( " %d bytes read\n\n%s", len, (char *) buf ); + mbedtls_printf( " %d bytes read\n\n%s", len, (char *) buf ); } while( 1 ); - ssl_close_notify( &ssl ); + mbedtls_ssl_close_notify( &ssl ); exit: -#ifdef POLARSSL_ERROR_C +#ifdef MBEDTLS_ERROR_C if( ret != 0 ) { char error_buf[100]; - polarssl_strerror( ret, error_buf, 100 ); - polarssl_printf("Last error was: %d - %s\n\n", ret, error_buf ); + mbedtls_strerror( ret, error_buf, 100 ); + mbedtls_printf("Last error was: %d - %s\n\n", ret, error_buf ); } #endif if( server_fd != -1 ) - net_close( server_fd ); + mbedtls_net_close( server_fd ); - x509_crt_free( &cacert ); - ssl_free( &ssl ); - ctr_drbg_free( &ctr_drbg ); - entropy_free( &entropy ); + mbedtls_x509_crt_free( &cacert ); + mbedtls_ssl_free( &ssl ); + mbedtls_ctr_drbg_free( &ctr_drbg ); + mbedtls_entropy_free( &entropy ); memset( &ssl, 0, sizeof( ssl ) ); #if defined(_WIN32) - polarssl_printf( " + Press Enter to exit this program.\n" ); + mbedtls_printf( " + Press Enter to exit this program.\n" ); fflush( stdout ); getchar(); #endif return( ret ); } -#endif /* POLARSSL_BIGNUM_C && POLARSSL_ENTROPY_C && POLARSSL_SSL_TLS_C && - POLARSSL_SSL_CLI_C && POLARSSL_NET_C && POLARSSL_RSA_C && - POLARSSL_CERTS_C && POLARSSL_PEM_PARSE_C && POLARSSL_CTR_DRBG_C && - POLARSSL_X509_CRT_PARSE_C */ +#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C && + MBEDTLS_SSL_CLI_C && MBEDTLS_NET_C && MBEDTLS_RSA_C && + MBEDTLS_CERTS_C && MBEDTLS_PEM_PARSE_C && MBEDTLS_CTR_DRBG_C && + MBEDTLS_X509_CRT_PARSE_C */
diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 67d2955..892ca17 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c
@@ -20,25 +20,25 @@ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#if !defined(POLARSSL_CONFIG_FILE) +#if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_PLATFORM_C) +#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" #else #include <stdio.h> -#define polarssl_printf printf -#define polarssl_fprintf fprintf -#define polarssl_printf printf -#define polarssl_snprintf snprintf +#define mbedtls_printf printf +#define mbedtls_fprintf fprintf +#define mbedtls_printf printf +#define mbedtls_snprintf snprintf #endif -#if defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_FS_IO) && \ - defined(POLARSSL_SSL_TLS_C) && defined(POLARSSL_SSL_CLI_C) && \ - defined(POLARSSL_NET_C) && defined(POLARSSL_CTR_DRBG_C) +#if defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_FS_IO) && \ + defined(MBEDTLS_SSL_TLS_C) && defined(MBEDTLS_SSL_CLI_C) && \ + defined(MBEDTLS_NET_C) && defined(MBEDTLS_CTR_DRBG_C) #include "mbedtls/net.h" #include "mbedtls/ssl.h" #include "mbedtls/entropy.h" @@ -53,7 +53,7 @@ #include <string.h> #endif -#if defined(POLARSSL_TIMING_C) +#if defined(MBEDTLS_TIMING_C) #include "mbedtls/timing.h" #endif @@ -79,7 +79,7 @@ #define DFL_PSK "" #define DFL_PSK_IDENTITY "Client_identity" #define DFL_FORCE_CIPHER 0 -#define DFL_RENEGOTIATION SSL_RENEGOTIATION_DISABLED +#define DFL_RENEGOTIATION MBEDTLS_SSL_RENEGOTIATION_DISABLED #define DFL_ALLOW_LEGACY -2 #define DFL_RENEGOTIATE 0 #define DFL_EXCHANGES 1 @@ -87,14 +87,14 @@ #define DFL_MAX_VERSION -1 #define DFL_ARC4 -1 #define DFL_AUTH_MODE -1 -#define DFL_MFL_CODE SSL_MAX_FRAG_LEN_NONE +#define DFL_MFL_CODE MBEDTLS_SSL_MAX_FRAG_LEN_NONE #define DFL_TRUNC_HMAC -1 #define DFL_RECSPLIT -1 #define DFL_RECONNECT 0 #define DFL_RECO_DELAY 0 -#define DFL_TICKETS SSL_SESSION_TICKETS_ENABLED +#define DFL_TICKETS MBEDTLS_SSL_SESSION_TICKETS_ENABLED #define DFL_ALPN_STRING NULL -#define DFL_TRANSPORT SSL_TRANSPORT_STREAM +#define DFL_TRANSPORT MBEDTLS_SSL_TRANSPORT_STREAM #define DFL_HS_TO_MIN 0 #define DFL_HS_TO_MAX 0 #define DFL_FALLBACK -1 @@ -104,8 +104,8 @@ #define GET_REQUEST "GET %s HTTP/1.0\r\nExtra-header: " #define GET_REQUEST_END "\r\n\r\n" -#if defined(POLARSSL_X509_CRT_PARSE_C) -#if defined(POLARSSL_FS_IO) +#if defined(MBEDTLS_X509_CRT_PARSE_C) +#if defined(MBEDTLS_FS_IO) #define USAGE_IO \ " ca_file=%%s The single file containing the top-level CA(s) you fully trust\n" \ " default: \"\" (pre-loaded)\n" \ @@ -116,65 +116,65 @@ " key_file=%%s default: \"\" (pre-loaded)\n" #else #define USAGE_IO \ - " No file operations available (POLARSSL_FS_IO not defined)\n" -#endif /* POLARSSL_FS_IO */ + " No file operations available (MBEDTLS_FS_IO not defined)\n" +#endif /* MBEDTLS_FS_IO */ #else #define USAGE_IO "" -#endif /* POLARSSL_X509_CRT_PARSE_C */ +#endif /* MBEDTLS_X509_CRT_PARSE_C */ -#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED) +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) #define USAGE_PSK \ " psk=%%s default: \"\" (in hex, without 0x)\n" \ " psk_identity=%%s default: \"Client_identity\"\n" #else #define USAGE_PSK "" -#endif /* POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED */ +#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ -#if defined(POLARSSL_SSL_SESSION_TICKETS) +#if defined(MBEDTLS_SSL_SESSION_TICKETS) #define USAGE_TICKETS \ " tickets=%%d default: 1 (enabled)\n" #else #define USAGE_TICKETS "" -#endif /* POLARSSL_SSL_SESSION_TICKETS */ +#endif /* MBEDTLS_SSL_SESSION_TICKETS */ -#if defined(POLARSSL_SSL_TRUNCATED_HMAC) +#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) #define USAGE_TRUNC_HMAC \ " trunc_hmac=%%d default: library default\n" #else #define USAGE_TRUNC_HMAC "" -#endif /* POLARSSL_SSL_TRUNCATED_HMAC */ +#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ -#if defined(POLARSSL_SSL_MAX_FRAGMENT_LENGTH) +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) #define USAGE_MAX_FRAG_LEN \ " max_frag_len=%%d default: 16384 (tls default)\n" \ " options: 512, 1024, 2048, 4096\n" #else #define USAGE_MAX_FRAG_LEN "" -#endif /* POLARSSL_SSL_MAX_FRAGMENT_LENGTH */ +#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ -#if defined(POLARSSL_SSL_CBC_RECORD_SPLITTING) +#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) #define USAGE_RECSPLIT \ " recplit=%%d default: (library default)\n" #else #define USAGE_RECSPLIT #endif -#if defined(POLARSSL_TIMING_C) +#if defined(MBEDTLS_TIMING_C) #define USAGE_TIME \ " reco_delay=%%d default: 0 seconds\n" #else #define USAGE_TIME "" -#endif /* POLARSSL_TIMING_C */ +#endif /* MBEDTLS_TIMING_C */ -#if defined(POLARSSL_SSL_ALPN) +#if defined(MBEDTLS_SSL_ALPN) #define USAGE_ALPN \ " alpn=%%s default: \"\" (disabled)\n" \ " example: spdy/1,http/1.1\n" #else #define USAGE_ALPN "" -#endif /* POLARSSL_SSL_ALPN */ +#endif /* MBEDTLS_SSL_ALPN */ -#if defined(POLARSSL_SSL_PROTO_DTLS) +#if defined(MBEDTLS_SSL_PROTO_DTLS) #define USAGE_DTLS \ " dtls=%%d default: 0 (TLS)\n" \ " hs_timeout=%%d-%%d default: (library default: 1000-60000)\n" \ @@ -183,28 +183,28 @@ #define USAGE_DTLS "" #endif -#if defined(POLARSSL_SSL_FALLBACK_SCSV) +#if defined(MBEDTLS_SSL_FALLBACK_SCSV) #define USAGE_FALLBACK \ " fallback=0/1 default: (library default: off)\n" #else #define USAGE_FALLBACK "" #endif -#if defined(POLARSSL_SSL_EXTENDED_MASTER_SECRET) +#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) #define USAGE_EMS \ " extended_ms=0/1 default: (library default: on)\n" #else #define USAGE_EMS "" #endif -#if defined(POLARSSL_SSL_ENCRYPT_THEN_MAC) +#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) #define USAGE_ETM \ " etm=0/1 default: (library default: on)\n" #else #define USAGE_ETM "" #endif -#if defined(POLARSSL_SSL_RENEGOTIATION) +#if defined(MBEDTLS_SSL_RENEGOTIATION) #define USAGE_RENEGO \ " renegotiation=%%d default: 0 (disabled)\n" \ " renegotiate=%%d default: 0 (disabled)\n" @@ -258,14 +258,14 @@ " force_ciphersuite=<name> default: all enabled\n"\ " acceptable ciphersuite names:\n" -#if !defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_FS_IO) || \ - !defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_CLI_C) || \ - !defined(POLARSSL_NET_C) || !defined(POLARSSL_CTR_DRBG_C) +#if !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_FS_IO) || \ + !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_CLI_C) || \ + !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_CTR_DRBG_C) int main( void ) { - polarssl_printf("POLARSSL_ENTROPY_C and/or " - "POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_CLI_C and/or " - "POLARSSL_NET_C and/or POLARSSL_CTR_DRBG_C not defined.\n"); + mbedtls_printf("MBEDTLS_ENTROPY_C and/or " + "MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_CLI_C and/or " + "MBEDTLS_NET_C and/or MBEDTLS_CTR_DRBG_C not defined.\n"); return( 0 ); } #else @@ -279,7 +279,7 @@ int server_port; /* port on which the ssl service runs */ int debug_level; /* level of debugging */ int nbio; /* should I/O be blocking? */ - uint32_t read_timeout; /* timeout on ssl_read() in milliseconds */ + uint32_t read_timeout; /* timeout on mbedtls_ssl_read() in milliseconds */ int max_resend; /* DTLS times to resend on read timeout */ const char *request_page; /* page on server to request */ int request_size; /* pad request with header to requested size */ @@ -318,7 +318,7 @@ { ((void) level); - polarssl_fprintf( (FILE *) ctx, "%s", str ); + mbedtls_fprintf( (FILE *) ctx, "%s", str ); fflush( (FILE *) ctx ); } @@ -334,11 +334,11 @@ if( first_try ) { first_try = 0; - return( POLARSSL_ERR_NET_WANT_READ ); + return( MBEDTLS_ERR_NET_WANT_READ ); } - ret = net_recv( ctx, buf, len ); - if( ret != POLARSSL_ERR_NET_WANT_READ ) + ret = mbedtls_net_recv( ctx, buf, len ); + if( ret != MBEDTLS_ERR_NET_WANT_READ ) first_try = 1; /* Next call will be a new operation */ return( ret ); } @@ -351,77 +351,77 @@ if( first_try ) { first_try = 0; - return( POLARSSL_ERR_NET_WANT_WRITE ); + return( MBEDTLS_ERR_NET_WANT_WRITE ); } - ret = net_send( ctx, buf, len ); - if( ret != POLARSSL_ERR_NET_WANT_WRITE ) + ret = mbedtls_net_send( ctx, buf, len ); + if( ret != MBEDTLS_ERR_NET_WANT_WRITE ) first_try = 1; /* Next call will be a new operation */ return( ret ); } -#if defined(POLARSSL_X509_CRT_PARSE_C) +#if defined(MBEDTLS_X509_CRT_PARSE_C) /* * Enabled if debug_level > 1 in code below */ -static int my_verify( void *data, x509_crt *crt, int depth, int *flags ) +static int my_verify( void *data, mbedtls_x509_crt *crt, int depth, int *flags ) { char buf[1024]; ((void) data); - polarssl_printf( "\nVerify requested for (Depth %d):\n", depth ); - x509_crt_info( buf, sizeof( buf ) - 1, "", crt ); - polarssl_printf( "%s", buf ); + mbedtls_printf( "\nVerify requested for (Depth %d):\n", depth ); + mbedtls_x509_crt_info( buf, sizeof( buf ) - 1, "", crt ); + mbedtls_printf( "%s", buf ); - if( ( (*flags) & BADCERT_EXPIRED ) != 0 ) - polarssl_printf( " ! server certificate has expired\n" ); + if( ( (*flags) & MBEDTLS_BADCERT_EXPIRED ) != 0 ) + mbedtls_printf( " ! server certificate has expired\n" ); - if( ( (*flags) & BADCERT_REVOKED ) != 0 ) - polarssl_printf( " ! server certificate has been revoked\n" ); + if( ( (*flags) & MBEDTLS_X509_BADCERT_REVOKED ) != 0 ) + mbedtls_printf( " ! server certificate has been revoked\n" ); - if( ( (*flags) & BADCERT_CN_MISMATCH ) != 0 ) - polarssl_printf( " ! CN mismatch\n" ); + if( ( (*flags) & MBEDTLS_X509_BADCERT_CN_MISMATCH ) != 0 ) + mbedtls_printf( " ! CN mismatch\n" ); - if( ( (*flags) & BADCERT_NOT_TRUSTED ) != 0 ) - polarssl_printf( " ! self-signed or not signed by a trusted CA\n" ); + if( ( (*flags) & MBEDTLS_X509_BADCERT_NOT_TRUSTED ) != 0 ) + mbedtls_printf( " ! self-signed or not signed by a trusted CA\n" ); - if( ( (*flags) & BADCRL_NOT_TRUSTED ) != 0 ) - polarssl_printf( " ! CRL not trusted\n" ); + if( ( (*flags) & MBEDTLS_X509_BADCRL_NOT_TRUSTED ) != 0 ) + mbedtls_printf( " ! CRL not trusted\n" ); - if( ( (*flags) & BADCRL_EXPIRED ) != 0 ) - polarssl_printf( " ! CRL expired\n" ); + if( ( (*flags) & MBEDTLS_X509_BADCRL_EXPIRED ) != 0 ) + mbedtls_printf( " ! CRL expired\n" ); - if( ( (*flags) & BADCERT_OTHER ) != 0 ) - polarssl_printf( " ! other (unknown) flag\n" ); + if( ( (*flags) & MBEDTLS_BADCERT_OTHER ) != 0 ) + mbedtls_printf( " ! other (unknown) flag\n" ); if ( ( *flags ) == 0 ) - polarssl_printf( " This certificate has no flags\n" ); + mbedtls_printf( " This certificate has no flags\n" ); return( 0 ); } -#endif /* POLARSSL_X509_CRT_PARSE_C */ +#endif /* MBEDTLS_X509_CRT_PARSE_C */ int main( int argc, char *argv[] ) { int ret = 0, len, tail_len, server_fd, i, written, frags, retry_left; - unsigned char buf[SSL_MAX_CONTENT_LEN + 1]; -#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED) - unsigned char psk[POLARSSL_PSK_MAX_LEN]; + unsigned char buf[MBEDTLS_SSL_MAX_CONTENT_LEN + 1]; +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) + unsigned char psk[MBEDTLS_PSK_MAX_LEN]; size_t psk_len = 0; #endif -#if defined(POLARSSL_SSL_ALPN) +#if defined(MBEDTLS_SSL_ALPN) const char *alpn_list[10]; #endif const char *pers = "ssl_client2"; - entropy_context entropy; - ctr_drbg_context ctr_drbg; - ssl_context ssl; - ssl_session saved_session; -#if defined(POLARSSL_X509_CRT_PARSE_C) - x509_crt cacert; - x509_crt clicert; - pk_context pkey; + mbedtls_entropy_context entropy; + mbedtls_ctr_drbg_context ctr_drbg; + mbedtls_ssl_context ssl; + mbedtls_ssl_session saved_session; +#if defined(MBEDTLS_X509_CRT_PARSE_C) + mbedtls_x509_crt cacert; + mbedtls_x509_crt clicert; + mbedtls_pk_context pkey; #endif char *p, *q; const int *list; @@ -430,14 +430,14 @@ * Make sure memory references are valid. */ server_fd = 0; - memset( &ssl, 0, sizeof( ssl_context ) ); - memset( &saved_session, 0, sizeof( ssl_session ) ); -#if defined(POLARSSL_X509_CRT_PARSE_C) - x509_crt_init( &cacert ); - x509_crt_init( &clicert ); - pk_init( &pkey ); + memset( &ssl, 0, sizeof( mbedtls_ssl_context ) ); + memset( &saved_session, 0, sizeof( mbedtls_ssl_session ) ); +#if defined(MBEDTLS_X509_CRT_PARSE_C) + mbedtls_x509_crt_init( &cacert ); + mbedtls_x509_crt_init( &clicert ); + mbedtls_pk_init( &pkey ); #endif -#if defined(POLARSSL_SSL_ALPN) +#if defined(MBEDTLS_SSL_ALPN) memset( (void * ) alpn_list, 0, sizeof( alpn_list ) ); #endif @@ -447,19 +447,19 @@ if( ret == 0 ) ret = 1; - polarssl_printf( USAGE ); + mbedtls_printf( USAGE ); - list = ssl_list_ciphersuites(); + list = mbedtls_ssl_list_ciphersuites(); while( *list ) { - polarssl_printf(" %-42s", ssl_get_ciphersuite_name( *list ) ); + mbedtls_printf(" %-42s", mbedtls_ssl_get_ciphersuite_name( *list ) ); list++; if( !*list ) break; - polarssl_printf(" %s\n", ssl_get_ciphersuite_name( *list ) ); + mbedtls_printf(" %s\n", mbedtls_ssl_get_ciphersuite_name( *list ) ); list++; } - polarssl_printf("\n"); + mbedtls_printf("\n"); goto exit; } @@ -522,9 +522,9 @@ { int t = atoi( q ); if( t == 0 ) - opt.transport = SSL_TRANSPORT_STREAM; + opt.transport = MBEDTLS_SSL_TRANSPORT_STREAM; else if( t == 1 ) - opt.transport = SSL_TRANSPORT_DATAGRAM; + opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM; else goto usage; } @@ -553,7 +553,7 @@ else if( strcmp( p, "request_size" ) == 0 ) { opt.request_size = atoi( q ); - if( opt.request_size < 0 || opt.request_size > SSL_MAX_CONTENT_LEN ) + if( opt.request_size < 0 || opt.request_size > MBEDTLS_SSL_MAX_CONTENT_LEN ) goto usage; } else if( strcmp( p, "ca_file" ) == 0 ) @@ -570,7 +570,7 @@ opt.psk_identity = q; else if( strcmp( p, "force_ciphersuite" ) == 0 ) { - opt.force_ciphersuite[0] = ssl_get_ciphersuite_id( q ); + opt.force_ciphersuite[0] = mbedtls_ssl_get_ciphersuite_id( q ); if( opt.force_ciphersuite[0] == 0 ) { @@ -581,16 +581,16 @@ } else if( strcmp( p, "renegotiation" ) == 0 ) { - opt.renegotiation = (atoi( q )) ? SSL_RENEGOTIATION_ENABLED : - SSL_RENEGOTIATION_DISABLED; + opt.renegotiation = (atoi( q )) ? MBEDTLS_SSL_RENEGOTIATION_ENABLED : + MBEDTLS_SSL_RENEGOTIATION_DISABLED; } else if( strcmp( p, "allow_legacy" ) == 0 ) { switch( atoi( q ) ) { - case -1: opt.allow_legacy = SSL_LEGACY_BREAK_HANDSHAKE; break; - case 0: opt.allow_legacy = SSL_LEGACY_NO_RENEGOTIATION; break; - case 1: opt.allow_legacy = SSL_LEGACY_ALLOW_RENEGOTIATION; break; + case -1: opt.allow_legacy = MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE; break; + case 0: opt.allow_legacy = MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION; break; + case 1: opt.allow_legacy = MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION; break; default: goto usage; } } @@ -632,8 +632,8 @@ { switch( atoi( q ) ) { - case 0: opt.fallback = SSL_IS_NOT_FALLBACK; break; - case 1: opt.fallback = SSL_IS_FALLBACK; break; + case 0: opt.fallback = MBEDTLS_SSL_IS_NOT_FALLBACK; break; + case 1: opt.fallback = MBEDTLS_SSL_IS_FALLBACK; break; default: goto usage; } } @@ -641,8 +641,8 @@ { switch( atoi( q ) ) { - case 0: opt.extended_ms = SSL_EXTENDED_MS_DISABLED; break; - case 1: opt.extended_ms = SSL_EXTENDED_MS_ENABLED; break; + case 0: opt.extended_ms = MBEDTLS_SSL_EXTENDED_MS_DISABLED; break; + case 1: opt.extended_ms = MBEDTLS_SSL_EXTENDED_MS_ENABLED; break; default: goto usage; } } @@ -650,38 +650,38 @@ { switch( atoi( q ) ) { - case 0: opt.etm = SSL_ETM_DISABLED; break; - case 1: opt.etm = SSL_ETM_ENABLED; break; + case 0: opt.etm = MBEDTLS_SSL_ETM_DISABLED; break; + case 1: opt.etm = MBEDTLS_SSL_ETM_ENABLED; break; default: goto usage; } } else if( strcmp( p, "min_version" ) == 0 ) { if( strcmp( q, "ssl3" ) == 0 ) - opt.min_version = SSL_MINOR_VERSION_0; + opt.min_version = MBEDTLS_SSL_MINOR_VERSION_0; else if( strcmp( q, "tls1" ) == 0 ) - opt.min_version = SSL_MINOR_VERSION_1; + opt.min_version = MBEDTLS_SSL_MINOR_VERSION_1; else if( strcmp( q, "tls1_1" ) == 0 || strcmp( q, "dtls1" ) == 0 ) - opt.min_version = SSL_MINOR_VERSION_2; + opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2; else if( strcmp( q, "tls1_2" ) == 0 || strcmp( q, "dtls1_2" ) == 0 ) - opt.min_version = SSL_MINOR_VERSION_3; + opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3; else goto usage; } else if( strcmp( p, "max_version" ) == 0 ) { if( strcmp( q, "ssl3" ) == 0 ) - opt.max_version = SSL_MINOR_VERSION_0; + opt.max_version = MBEDTLS_SSL_MINOR_VERSION_0; else if( strcmp( q, "tls1" ) == 0 ) - opt.max_version = SSL_MINOR_VERSION_1; + opt.max_version = MBEDTLS_SSL_MINOR_VERSION_1; else if( strcmp( q, "tls1_1" ) == 0 || strcmp( q, "dtls1" ) == 0 ) - opt.max_version = SSL_MINOR_VERSION_2; + opt.max_version = MBEDTLS_SSL_MINOR_VERSION_2; else if( strcmp( q, "tls1_2" ) == 0 || strcmp( q, "dtls1_2" ) == 0 ) - opt.max_version = SSL_MINOR_VERSION_3; + opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3; else goto usage; } @@ -689,8 +689,8 @@ { switch( atoi( q ) ) { - case 0: opt.arc4 = SSL_ARC4_DISABLED; break; - case 1: opt.arc4 = SSL_ARC4_ENABLED; break; + case 0: opt.arc4 = MBEDTLS_SSL_ARC4_DISABLED; break; + case 1: opt.arc4 = MBEDTLS_SSL_ARC4_ENABLED; break; default: goto usage; } } @@ -698,35 +698,35 @@ { if( strcmp( q, "ssl3" ) == 0 ) { - opt.min_version = SSL_MINOR_VERSION_0; - opt.max_version = SSL_MINOR_VERSION_0; + opt.min_version = MBEDTLS_SSL_MINOR_VERSION_0; + opt.max_version = MBEDTLS_SSL_MINOR_VERSION_0; } else if( strcmp( q, "tls1" ) == 0 ) { - opt.min_version = SSL_MINOR_VERSION_1; - opt.max_version = SSL_MINOR_VERSION_1; + opt.min_version = MBEDTLS_SSL_MINOR_VERSION_1; + opt.max_version = MBEDTLS_SSL_MINOR_VERSION_1; } else if( strcmp( q, "tls1_1" ) == 0 ) { - opt.min_version = SSL_MINOR_VERSION_2; - opt.max_version = SSL_MINOR_VERSION_2; + opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2; + opt.max_version = MBEDTLS_SSL_MINOR_VERSION_2; } else if( strcmp( q, "tls1_2" ) == 0 ) { - opt.min_version = SSL_MINOR_VERSION_3; - opt.max_version = SSL_MINOR_VERSION_3; + opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3; + opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3; } else if( strcmp( q, "dtls1" ) == 0 ) { - opt.min_version = SSL_MINOR_VERSION_2; - opt.max_version = SSL_MINOR_VERSION_2; - opt.transport = SSL_TRANSPORT_DATAGRAM; + opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2; + opt.max_version = MBEDTLS_SSL_MINOR_VERSION_2; + opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM; } else if( strcmp( q, "dtls1_2" ) == 0 ) { - opt.min_version = SSL_MINOR_VERSION_3; - opt.max_version = SSL_MINOR_VERSION_3; - opt.transport = SSL_TRANSPORT_DATAGRAM; + opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3; + opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3; + opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM; } else goto usage; @@ -734,24 +734,24 @@ else if( strcmp( p, "auth_mode" ) == 0 ) { if( strcmp( q, "none" ) == 0 ) - opt.auth_mode = SSL_VERIFY_NONE; + opt.auth_mode = MBEDTLS_SSL_VERIFY_NONE; else if( strcmp( q, "optional" ) == 0 ) - opt.auth_mode = SSL_VERIFY_OPTIONAL; + opt.auth_mode = MBEDTLS_SSL_VERIFY_OPTIONAL; else if( strcmp( q, "required" ) == 0 ) - opt.auth_mode = SSL_VERIFY_REQUIRED; + opt.auth_mode = MBEDTLS_SSL_VERIFY_REQUIRED; else goto usage; } else if( strcmp( p, "max_frag_len" ) == 0 ) { if( strcmp( q, "512" ) == 0 ) - opt.mfl_code = SSL_MAX_FRAG_LEN_512; + opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_512; else if( strcmp( q, "1024" ) == 0 ) - opt.mfl_code = SSL_MAX_FRAG_LEN_1024; + opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_1024; else if( strcmp( q, "2048" ) == 0 ) - opt.mfl_code = SSL_MAX_FRAG_LEN_2048; + opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_2048; else if( strcmp( q, "4096" ) == 0 ) - opt.mfl_code = SSL_MAX_FRAG_LEN_4096; + opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_4096; else goto usage; } @@ -759,8 +759,8 @@ { switch( atoi( q ) ) { - case 0: opt.trunc_hmac = SSL_TRUNC_HMAC_DISABLED; break; - case 1: opt.trunc_hmac = SSL_TRUNC_HMAC_ENABLED; break; + case 0: opt.trunc_hmac = MBEDTLS_SSL_TRUNC_HMAC_DISABLED; break; + case 1: opt.trunc_hmac = MBEDTLS_SSL_TRUNC_HMAC_ENABLED; break; default: goto usage; } } @@ -784,26 +784,26 @@ goto usage; } -#if defined(POLARSSL_DEBUG_C) - debug_set_threshold( opt.debug_level ); +#if defined(MBEDTLS_DEBUG_C) + mbedtls_debug_set_threshold( opt.debug_level ); #endif if( opt.force_ciphersuite[0] > 0 ) { - const ssl_ciphersuite_t *ciphersuite_info; - ciphersuite_info = ssl_ciphersuite_from_id( opt.force_ciphersuite[0] ); + const mbedtls_ssl_ciphersuite_t *ciphersuite_info; + ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( opt.force_ciphersuite[0] ); if( opt.max_version != -1 && ciphersuite_info->min_minor_ver > opt.max_version ) { - polarssl_printf("forced ciphersuite not allowed with this protocol version\n"); + mbedtls_printf("forced ciphersuite not allowed with this protocol version\n"); ret = 2; goto usage; } if( opt.min_version != -1 && ciphersuite_info->max_minor_ver < opt.min_version ) { - polarssl_printf("forced ciphersuite not allowed with this protocol version\n"); + mbedtls_printf("forced ciphersuite not allowed with this protocol version\n"); ret = 2; goto usage; } @@ -819,26 +819,26 @@ { opt.min_version = ciphersuite_info->min_minor_ver; /* DTLS starts with TLS 1.1 */ - if( opt.transport == SSL_TRANSPORT_DATAGRAM && - opt.min_version < SSL_MINOR_VERSION_2 ) - opt.min_version = SSL_MINOR_VERSION_2; + if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + opt.min_version < MBEDTLS_SSL_MINOR_VERSION_2 ) + opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2; } /* Enable RC4 if needed and not explicitly disabled */ - if( ciphersuite_info->cipher == POLARSSL_CIPHER_ARC4_128 ) + if( ciphersuite_info->cipher == MBEDTLS_CIPHER_ARC4_128 ) { - if( opt.arc4 == SSL_ARC4_DISABLED ) + if( opt.arc4 == MBEDTLS_SSL_ARC4_DISABLED ) { - polarssl_printf("forced RC4 ciphersuite with RC4 disabled\n"); + mbedtls_printf("forced RC4 ciphersuite with RC4 disabled\n"); ret = 2; goto usage; } - opt.arc4 = SSL_ARC4_ENABLED; + opt.arc4 = MBEDTLS_SSL_ARC4_ENABLED; } } -#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED) +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) /* * Unhexify the pre-shared key if any is given */ @@ -849,7 +849,7 @@ if( strlen( opt.psk ) % 2 != 0 ) { - polarssl_printf("pre-shared key not valid hex\n"); + mbedtls_printf("pre-shared key not valid hex\n"); goto exit; } @@ -866,7 +866,7 @@ c -= 'A' - 10; else { - polarssl_printf("pre-shared key not valid hex\n"); + mbedtls_printf("pre-shared key not valid hex\n"); goto exit; } psk[ j / 2 ] = c << 4; @@ -880,15 +880,15 @@ c -= 'A' - 10; else { - polarssl_printf("pre-shared key not valid hex\n"); + mbedtls_printf("pre-shared key not valid hex\n"); goto exit; } psk[ j / 2 ] |= c; } } -#endif /* POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED */ +#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ -#if defined(POLARSSL_SSL_ALPN) +#if defined(MBEDTLS_SSL_ALPN) if( opt.alpn_string != NULL ) { p = (char *) opt.alpn_string; @@ -906,124 +906,124 @@ *p++ = '\0'; } } -#endif /* POLARSSL_SSL_ALPN */ +#endif /* MBEDTLS_SSL_ALPN */ /* * 0. Initialize the RNG and the session data */ - polarssl_printf( "\n . Seeding the random number generator..." ); + mbedtls_printf( "\n . Seeding the random number generator..." ); fflush( stdout ); - entropy_init( &entropy ); - if( ( ret = ctr_drbg_init( &ctr_drbg, entropy_func, &entropy, + mbedtls_entropy_init( &entropy ); + if( ( ret = mbedtls_ctr_drbg_init( &ctr_drbg, mbedtls_entropy_func, &entropy, (const unsigned char *) pers, strlen( pers ) ) ) != 0 ) { - polarssl_printf( " failed\n ! ctr_drbg_init returned -0x%x\n", -ret ); + mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_init returned -0x%x\n", -ret ); goto exit; } - polarssl_printf( " ok\n" ); + mbedtls_printf( " ok\n" ); -#if defined(POLARSSL_X509_CRT_PARSE_C) +#if defined(MBEDTLS_X509_CRT_PARSE_C) /* * 1.1. Load the trusted CA */ - polarssl_printf( " . Loading the CA root certificate ..." ); + mbedtls_printf( " . Loading the CA root certificate ..." ); fflush( stdout ); -#if defined(POLARSSL_FS_IO) +#if defined(MBEDTLS_FS_IO) if( strlen( opt.ca_path ) ) if( strcmp( opt.ca_path, "none" ) == 0 ) ret = 0; else - ret = x509_crt_parse_path( &cacert, opt.ca_path ); + ret = mbedtls_x509_crt_parse_path( &cacert, opt.ca_path ); else if( strlen( opt.ca_file ) ) if( strcmp( opt.ca_file, "none" ) == 0 ) ret = 0; else - ret = x509_crt_parse_file( &cacert, opt.ca_file ); + ret = mbedtls_x509_crt_parse_file( &cacert, opt.ca_file ); else #endif -#if defined(POLARSSL_CERTS_C) - for( i = 0; test_cas[i] != NULL; i++ ) +#if defined(MBEDTLS_CERTS_C) + for( i = 0; mbedtls_test_cas[i] != NULL; i++ ) { - ret = x509_crt_parse( &cacert, - (const unsigned char *) test_cas[i], - test_cas_len[i] ); + ret = mbedtls_x509_crt_parse( &cacert, + (const unsigned char *) mbedtls_test_cas[i], + mbedtls_test_cas_len[i] ); if( ret != 0 ) break; } #else { ret = 1; - polarssl_printf("POLARSSL_CERTS_C not defined."); + mbedtls_printf("MBEDTLS_CERTS_C not defined."); } #endif if( ret < 0 ) { - polarssl_printf( " failed\n ! x509_crt_parse returned -0x%x\n\n", -ret ); + mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", -ret ); goto exit; } - polarssl_printf( " ok (%d skipped)\n", ret ); + mbedtls_printf( " ok (%d skipped)\n", ret ); /* * 1.2. Load own certificate and private key * * (can be skipped if client authentication is not required) */ - polarssl_printf( " . Loading the client cert. and key..." ); + mbedtls_printf( " . Loading the client cert. and key..." ); fflush( stdout ); -#if defined(POLARSSL_FS_IO) +#if defined(MBEDTLS_FS_IO) if( strlen( opt.crt_file ) ) if( strcmp( opt.crt_file, "none" ) == 0 ) ret = 0; else - ret = x509_crt_parse_file( &clicert, opt.crt_file ); + ret = mbedtls_x509_crt_parse_file( &clicert, opt.crt_file ); else #endif -#if defined(POLARSSL_CERTS_C) - ret = x509_crt_parse( &clicert, (const unsigned char *) test_cli_crt, - test_cli_crt_len ); +#if defined(MBEDTLS_CERTS_C) + ret = mbedtls_x509_crt_parse( &clicert, (const unsigned char *) mbedtls_test_cli_crt, + mbedtls_test_cli_crt_len ); #else { ret = 1; - polarssl_printf("POLARSSL_CERTS_C not defined."); + mbedtls_printf("MBEDTLS_CERTS_C not defined."); } #endif if( ret != 0 ) { - polarssl_printf( " failed\n ! x509_crt_parse returned -0x%x\n\n", -ret ); + mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", -ret ); goto exit; } -#if defined(POLARSSL_FS_IO) +#if defined(MBEDTLS_FS_IO) if( strlen( opt.key_file ) ) if( strcmp( opt.key_file, "none" ) == 0 ) ret = 0; else - ret = pk_parse_keyfile( &pkey, opt.key_file, "" ); + ret = mbedtls_pk_parse_keyfile( &pkey, opt.key_file, "" ); else #endif -#if defined(POLARSSL_CERTS_C) - ret = pk_parse_key( &pkey, (const unsigned char *) test_cli_key, - test_cli_key_len, NULL, 0 ); +#if defined(MBEDTLS_CERTS_C) + ret = mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_cli_key, + mbedtls_test_cli_key_len, NULL, 0 ); #else { ret = 1; - polarssl_printf("POLARSSL_CERTS_C not defined."); + mbedtls_printf("MBEDTLS_CERTS_C not defined."); } #endif if( ret != 0 ) { - polarssl_printf( " failed\n ! pk_parse_key returned -0x%x\n\n", -ret ); + mbedtls_printf( " failed\n ! mbedtls_pk_parse_key returned -0x%x\n\n", -ret ); goto exit; } - polarssl_printf( " ok\n" ); -#endif /* POLARSSL_X509_CRT_PARSE_C */ + mbedtls_printf( " ok\n" ); +#endif /* MBEDTLS_X509_CRT_PARSE_C */ /* * 2. Start the connection @@ -1031,321 +1031,321 @@ if( opt.server_addr == NULL) opt.server_addr = opt.server_name; - polarssl_printf( " . Connecting to %s/%s/%-4d...", - opt.transport == SSL_TRANSPORT_STREAM ? "tcp" : "udp", + mbedtls_printf( " . Connecting to %s/%s/%-4d...", + opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? "tcp" : "udp", opt.server_addr, opt.server_port ); fflush( stdout ); - if( ( ret = net_connect( &server_fd, opt.server_addr, opt.server_port, - opt.transport == SSL_TRANSPORT_STREAM ? - NET_PROTO_TCP : NET_PROTO_UDP ) ) != 0 ) + if( ( ret = mbedtls_net_connect( &server_fd, opt.server_addr, opt.server_port, + opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? + MBEDTLS_NET_PROTO_TCP : MBEDTLS_NET_PROTO_UDP ) ) != 0 ) { - polarssl_printf( " failed\n ! net_connect returned -0x%x\n\n", -ret ); + mbedtls_printf( " failed\n ! mbedtls_net_connect returned -0x%x\n\n", -ret ); goto exit; } if( opt.nbio > 0 ) - ret = net_set_nonblock( server_fd ); + ret = mbedtls_net_set_nonblock( server_fd ); else - ret = net_set_block( server_fd ); + ret = mbedtls_net_set_block( server_fd ); if( ret != 0 ) { - polarssl_printf( " failed\n ! net_set_(non)block() returned -0x%x\n\n", -ret ); + mbedtls_printf( " failed\n ! net_set_(non)block() returned -0x%x\n\n", -ret ); goto exit; } - polarssl_printf( " ok\n" ); + mbedtls_printf( " ok\n" ); /* * 3. Setup stuff */ - polarssl_printf( " . Setting up the SSL/TLS structure..." ); + mbedtls_printf( " . Setting up the SSL/TLS structure..." ); fflush( stdout ); - if( ( ret = ssl_init( &ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_init( &ssl ) ) != 0 ) { - polarssl_printf( " failed\n ! ssl_init returned -0x%x\n\n", -ret ); + mbedtls_printf( " failed\n ! mbedtls_ssl_init returned -0x%x\n\n", -ret ); goto exit; } -#if defined(POLARSSL_X509_CRT_PARSE_C) +#if defined(MBEDTLS_X509_CRT_PARSE_C) if( opt.debug_level > 0 ) - ssl_set_verify( &ssl, my_verify, NULL ); + mbedtls_ssl_set_verify( &ssl, my_verify, NULL ); #endif - ssl_set_endpoint( &ssl, SSL_IS_CLIENT ); + mbedtls_ssl_set_endpoint( &ssl, MBEDTLS_SSL_IS_CLIENT ); if( opt.auth_mode != DFL_AUTH_MODE ) - ssl_set_authmode( &ssl, opt.auth_mode ); + mbedtls_ssl_set_authmode( &ssl, opt.auth_mode ); -#if defined(POLARSSL_SSL_PROTO_DTLS) - if( ( ret = ssl_set_transport( &ssl, opt.transport ) ) != 0 ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ( ret = mbedtls_ssl_set_transport( &ssl, opt.transport ) ) != 0 ) { - polarssl_printf( " failed\n ! selected transport is not available\n" ); + mbedtls_printf( " failed\n ! selected transport is not available\n" ); goto exit; } if( opt.hs_to_min != DFL_HS_TO_MIN || opt.hs_to_max != DFL_HS_TO_MAX ) - ssl_set_handshake_timeout( &ssl, opt.hs_to_min, opt.hs_to_max ); -#endif /* POLARSSL_SSL_PROTO_DTLS */ + mbedtls_ssl_set_handshake_timeout( &ssl, opt.hs_to_min, opt.hs_to_max ); +#endif /* MBEDTLS_SSL_PROTO_DTLS */ -#if defined(POLARSSL_SSL_MAX_FRAGMENT_LENGTH) - if( ( ret = ssl_set_max_frag_len( &ssl, opt.mfl_code ) ) != 0 ) +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) + if( ( ret = mbedtls_ssl_set_max_frag_len( &ssl, opt.mfl_code ) ) != 0 ) { - polarssl_printf( " failed\n ! ssl_set_max_frag_len returned %d\n\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_ssl_set_max_frag_len returned %d\n\n", ret ); goto exit; } #endif -#if defined(POLARSSL_SSL_TRUNCATED_HMAC) +#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) if( opt.trunc_hmac != DFL_TRUNC_HMAC ) - ssl_set_truncated_hmac( &ssl, opt.trunc_hmac ); + mbedtls_ssl_set_truncated_hmac( &ssl, opt.trunc_hmac ); #endif -#if defined(POLARSSL_SSL_EXTENDED_MASTER_SECRET) +#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) if( opt.extended_ms != DFL_EXTENDED_MS ) - ssl_set_extended_master_secret( &ssl, opt.extended_ms ); + mbedtls_ssl_set_extended_master_secret( &ssl, opt.extended_ms ); #endif -#if defined(POLARSSL_SSL_ENCRYPT_THEN_MAC) +#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) if( opt.etm != DFL_ETM ) - ssl_set_encrypt_then_mac( &ssl, opt.etm ); + mbedtls_ssl_set_encrypt_then_mac( &ssl, opt.etm ); #endif -#if defined(POLARSSL_SSL_CBC_RECORD_SPLITTING) +#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) if( opt.recsplit != DFL_RECSPLIT ) - ssl_set_cbc_record_splitting( &ssl, opt.recsplit - ? SSL_CBC_RECORD_SPLITTING_ENABLED - : SSL_CBC_RECORD_SPLITTING_DISABLED ); + mbedtls_ssl_set_cbc_record_splitting( &ssl, opt.recsplit + ? MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED + : MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED ); #endif -#if defined(POLARSSL_SSL_ALPN) +#if defined(MBEDTLS_SSL_ALPN) if( opt.alpn_string != NULL ) - if( ( ret = ssl_set_alpn_protocols( &ssl, alpn_list ) ) != 0 ) + if( ( ret = mbedtls_ssl_set_alpn_protocols( &ssl, alpn_list ) ) != 0 ) { - polarssl_printf( " failed\n ! ssl_set_alpn_protocols returned %d\n\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_ssl_set_alpn_protocols returned %d\n\n", ret ); goto exit; } #endif - ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg ); - ssl_set_dbg( &ssl, my_debug, stdout ); + mbedtls_ssl_set_rng( &ssl, mbedtls_ctr_drbg_random, &ctr_drbg ); + mbedtls_ssl_set_dbg( &ssl, my_debug, stdout ); if( opt.nbio == 2 ) - ssl_set_bio_timeout( &ssl, &server_fd, my_send, my_recv, NULL, + mbedtls_ssl_set_bio_timeout( &ssl, &server_fd, my_send, my_recv, NULL, opt.read_timeout ); else - ssl_set_bio_timeout( &ssl, &server_fd, net_send, net_recv, -#if defined(POLARSSL_HAVE_TIME) - opt.nbio == 0 ? net_recv_timeout : NULL, + mbedtls_ssl_set_bio_timeout( &ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, +#if defined(MBEDTLS_HAVE_TIME) + opt.nbio == 0 ? mbedtls_net_recv_timeout : NULL, #else NULL, #endif opt.read_timeout ); -#if defined(POLARSSL_SSL_SESSION_TICKETS) - if( ( ret = ssl_set_session_tickets( &ssl, opt.tickets ) ) != 0 ) +#if defined(MBEDTLS_SSL_SESSION_TICKETS) + if( ( ret = mbedtls_ssl_set_session_tickets( &ssl, opt.tickets ) ) != 0 ) { - polarssl_printf( " failed\n ! ssl_set_session_tickets returned %d\n\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_ssl_set_session_tickets returned %d\n\n", ret ); goto exit; } #endif if( opt.force_ciphersuite[0] != DFL_FORCE_CIPHER ) - ssl_set_ciphersuites( &ssl, opt.force_ciphersuite ); + mbedtls_ssl_set_ciphersuites( &ssl, opt.force_ciphersuite ); if( opt.arc4 != DFL_ARC4 ) - ssl_set_arc4_support( &ssl, opt.arc4 ); + mbedtls_ssl_set_arc4_support( &ssl, opt.arc4 ); if( opt.allow_legacy != DFL_ALLOW_LEGACY ) - ssl_legacy_renegotiation( &ssl, opt.allow_legacy ); -#if defined(POLARSSL_SSL_RENEGOTIATION) - ssl_set_renegotiation( &ssl, opt.renegotiation ); + mbedtls_ssl_legacy_renegotiation( &ssl, opt.allow_legacy ); +#if defined(MBEDTLS_SSL_RENEGOTIATION) + mbedtls_ssl_set_renegotiation( &ssl, opt.renegotiation ); #endif -#if defined(POLARSSL_X509_CRT_PARSE_C) +#if defined(MBEDTLS_X509_CRT_PARSE_C) if( strcmp( opt.ca_path, "none" ) != 0 && strcmp( opt.ca_file, "none" ) != 0 ) { - ssl_set_ca_chain( &ssl, &cacert, NULL, opt.server_name ); + mbedtls_ssl_set_ca_chain( &ssl, &cacert, NULL, opt.server_name ); } if( strcmp( opt.crt_file, "none" ) != 0 && strcmp( opt.key_file, "none" ) != 0 ) { - if( ( ret = ssl_set_own_cert( &ssl, &clicert, &pkey ) ) != 0 ) + if( ( ret = mbedtls_ssl_set_own_cert( &ssl, &clicert, &pkey ) ) != 0 ) { - polarssl_printf( " failed\n ! ssl_set_own_cert returned %d\n\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_ssl_set_own_cert returned %d\n\n", ret ); goto exit; } } #endif -#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED) - if( ( ret = ssl_set_psk( &ssl, psk, psk_len, +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) + if( ( ret = mbedtls_ssl_set_psk( &ssl, psk, psk_len, (const unsigned char *) opt.psk_identity, strlen( opt.psk_identity ) ) ) != 0 ) { - polarssl_printf( " failed\n ! ssl_set_psk returned %d\n\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_ssl_set_psk returned %d\n\n", ret ); goto exit; } #endif -#if defined(POLARSSL_SSL_SERVER_NAME_INDICATION) - if( ( ret = ssl_set_hostname( &ssl, opt.server_name ) ) != 0 ) +#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) + if( ( ret = mbedtls_ssl_set_hostname( &ssl, opt.server_name ) ) != 0 ) { - polarssl_printf( " failed\n ! ssl_set_hostname returned %d\n\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_ssl_set_hostname returned %d\n\n", ret ); goto exit; } #endif if( opt.min_version != DFL_MIN_VERSION ) { - ret = ssl_set_min_version( &ssl, SSL_MAJOR_VERSION_3, opt.min_version ); + ret = mbedtls_ssl_set_min_version( &ssl, MBEDTLS_SSL_MAJOR_VERSION_3, opt.min_version ); if( ret != 0 ) { - polarssl_printf( " failed\n ! selected min_version is not available\n" ); + mbedtls_printf( " failed\n ! selected min_version is not available\n" ); goto exit; } } if( opt.max_version != DFL_MAX_VERSION ) { - ret = ssl_set_max_version( &ssl, SSL_MAJOR_VERSION_3, opt.max_version ); + ret = mbedtls_ssl_set_max_version( &ssl, MBEDTLS_SSL_MAJOR_VERSION_3, opt.max_version ); if( ret != 0 ) { - polarssl_printf( " failed\n ! selected max_version is not available\n" ); + mbedtls_printf( " failed\n ! selected max_version is not available\n" ); goto exit; } } -#if defined(POLARSSL_SSL_FALLBACK_SCSV) +#if defined(MBEDTLS_SSL_FALLBACK_SCSV) if( opt.fallback != DFL_FALLBACK ) - ssl_set_fallback( &ssl, opt.fallback ); + mbedtls_ssl_set_fallback( &ssl, opt.fallback ); #endif - polarssl_printf( " ok\n" ); + mbedtls_printf( " ok\n" ); /* * 4. Handshake */ - polarssl_printf( " . Performing the SSL/TLS handshake..." ); + mbedtls_printf( " . Performing the SSL/TLS handshake..." ); fflush( stdout ); - while( ( ret = ssl_handshake( &ssl ) ) != 0 ) + while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 ) { - if( ret != POLARSSL_ERR_NET_WANT_READ && ret != POLARSSL_ERR_NET_WANT_WRITE ) + if( ret != MBEDTLS_ERR_NET_WANT_READ && ret != MBEDTLS_ERR_NET_WANT_WRITE ) { - polarssl_printf( " failed\n ! ssl_handshake returned -0x%x\n", -ret ); - if( ret == POLARSSL_ERR_X509_CERT_VERIFY_FAILED ) - polarssl_printf( + mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned -0x%x\n", -ret ); + if( ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED ) + mbedtls_printf( " Unable to verify the server's certificate. " "Either it is invalid,\n" " or you didn't set ca_file or ca_path " "to an appropriate value.\n" " Alternatively, you may want to use " "auth_mode=optional for testing purposes.\n" ); - polarssl_printf( "\n" ); + mbedtls_printf( "\n" ); goto exit; } } - polarssl_printf( " ok\n [ Protocol is %s ]\n [ Ciphersuite is %s ]\n", - ssl_get_version( &ssl ), ssl_get_ciphersuite( &ssl ) ); + mbedtls_printf( " ok\n [ Protocol is %s ]\n [ Ciphersuite is %s ]\n", + mbedtls_ssl_get_version( &ssl ), mbedtls_ssl_get_ciphersuite( &ssl ) ); - if( ( ret = ssl_get_record_expansion( &ssl ) ) >= 0 ) - polarssl_printf( " [ Record expansion is %d ]\n", ret ); + if( ( ret = mbedtls_ssl_get_record_expansion( &ssl ) ) >= 0 ) + mbedtls_printf( " [ Record expansion is %d ]\n", ret ); else - polarssl_printf( " [ Record expansion is unknown (compression) ]\n" ); + mbedtls_printf( " [ Record expansion is unknown (compression) ]\n" ); -#if defined(POLARSSL_SSL_ALPN) +#if defined(MBEDTLS_SSL_ALPN) if( opt.alpn_string != NULL ) { - const char *alp = ssl_get_alpn_protocol( &ssl ); - polarssl_printf( " [ Application Layer Protocol is %s ]\n", + const char *alp = mbedtls_ssl_get_alpn_protocol( &ssl ); + mbedtls_printf( " [ Application Layer Protocol is %s ]\n", alp ? alp : "(none)" ); } #endif if( opt.reconnect != 0 ) { - polarssl_printf(" . Saving session for reuse..." ); + mbedtls_printf(" . Saving session for reuse..." ); fflush( stdout ); - if( ( ret = ssl_get_session( &ssl, &saved_session ) ) != 0 ) + if( ( ret = mbedtls_ssl_get_session( &ssl, &saved_session ) ) != 0 ) { - polarssl_printf( " failed\n ! ssl_get_session returned -0x%x\n\n", -ret ); + mbedtls_printf( " failed\n ! mbedtls_ssl_get_session returned -0x%x\n\n", -ret ); goto exit; } - polarssl_printf( " ok\n" ); + mbedtls_printf( " ok\n" ); } -#if defined(POLARSSL_X509_CRT_PARSE_C) +#if defined(MBEDTLS_X509_CRT_PARSE_C) /* * 5. Verify the server certificate */ - polarssl_printf( " . Verifying peer X.509 certificate..." ); + mbedtls_printf( " . Verifying peer X.509 certificate..." ); - if( ( ret = ssl_get_verify_result( &ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_get_verify_result( &ssl ) ) != 0 ) { - polarssl_printf( " failed\n" ); + mbedtls_printf( " failed\n" ); - if( ( ret & BADCERT_EXPIRED ) != 0 ) - polarssl_printf( " ! server certificate has expired\n" ); + if( ( ret & MBEDTLS_BADCERT_EXPIRED ) != 0 ) + mbedtls_printf( " ! server certificate has expired\n" ); - if( ( ret & BADCERT_REVOKED ) != 0 ) - polarssl_printf( " ! server certificate has been revoked\n" ); + if( ( ret & MBEDTLS_X509_BADCERT_REVOKED ) != 0 ) + mbedtls_printf( " ! server certificate has been revoked\n" ); - if( ( ret & BADCERT_CN_MISMATCH ) != 0 ) - polarssl_printf( " ! CN mismatch (expected CN=%s)\n", opt.server_name ); + if( ( ret & MBEDTLS_X509_BADCERT_CN_MISMATCH ) != 0 ) + mbedtls_printf( " ! CN mismatch (expected CN=%s)\n", opt.server_name ); - if( ( ret & BADCERT_NOT_TRUSTED ) != 0 ) - polarssl_printf( " ! self-signed or not signed by a trusted CA\n" ); + if( ( ret & MBEDTLS_X509_BADCERT_NOT_TRUSTED ) != 0 ) + mbedtls_printf( " ! self-signed or not signed by a trusted CA\n" ); - polarssl_printf( "\n" ); + mbedtls_printf( "\n" ); } else - polarssl_printf( " ok\n" ); + mbedtls_printf( " ok\n" ); - if( ssl_get_peer_cert( &ssl ) != NULL ) + if( mbedtls_ssl_get_peer_cert( &ssl ) != NULL ) { - polarssl_printf( " . Peer certificate information ...\n" ); - x509_crt_info( (char *) buf, sizeof( buf ) - 1, " ", - ssl_get_peer_cert( &ssl ) ); - polarssl_printf( "%s\n", buf ); + mbedtls_printf( " . Peer certificate information ...\n" ); + mbedtls_x509_crt_info( (char *) buf, sizeof( buf ) - 1, " ", + mbedtls_ssl_get_peer_cert( &ssl ) ); + mbedtls_printf( "%s\n", buf ); } -#endif /* POLARSSL_X509_CRT_PARSE_C */ +#endif /* MBEDTLS_X509_CRT_PARSE_C */ -#if defined(POLARSSL_SSL_RENEGOTIATION) +#if defined(MBEDTLS_SSL_RENEGOTIATION) if( opt.renegotiate ) { /* * Perform renegotiation (this must be done when the server is waiting * for input from our side). */ - polarssl_printf( " . Performing renegotiation..." ); + mbedtls_printf( " . Performing renegotiation..." ); fflush( stdout ); - while( ( ret = ssl_renegotiate( &ssl ) ) != 0 ) + while( ( ret = mbedtls_ssl_renegotiate( &ssl ) ) != 0 ) { - if( ret != POLARSSL_ERR_NET_WANT_READ && - ret != POLARSSL_ERR_NET_WANT_WRITE ) + if( ret != MBEDTLS_ERR_NET_WANT_READ && + ret != MBEDTLS_ERR_NET_WANT_WRITE ) { - polarssl_printf( " failed\n ! ssl_renegotiate returned %d\n\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_ssl_renegotiate returned %d\n\n", ret ); goto exit; } } - polarssl_printf( " ok\n" ); + mbedtls_printf( " ok\n" ); } -#endif /* POLARSSL_SSL_RENEGOTIATION */ +#endif /* MBEDTLS_SSL_RENEGOTIATION */ /* * 6. Write the GET request */ retry_left = opt.max_resend; send_request: - polarssl_printf( " > Write to server:" ); + mbedtls_printf( " > Write to server:" ); fflush( stdout ); - len = polarssl_snprintf( (char *) buf, sizeof(buf) - 1, GET_REQUEST, + len = mbedtls_snprintf( (char *) buf, sizeof(buf) - 1, GET_REQUEST, opt.request_page ); tail_len = strlen( GET_REQUEST_END ); @@ -1371,17 +1371,17 @@ if( len >= 1 ) buf[len - 1] = '\n'; } - if( opt.transport == SSL_TRANSPORT_STREAM ) + if( opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ) { for( written = 0, frags = 0; written < len; written += ret, frags++ ) { - while( ( ret = ssl_write( &ssl, buf + written, len - written ) ) + while( ( ret = mbedtls_ssl_write( &ssl, buf + written, len - written ) ) <= 0 ) { - if( ret != POLARSSL_ERR_NET_WANT_READ && - ret != POLARSSL_ERR_NET_WANT_WRITE ) + if( ret != MBEDTLS_ERR_NET_WANT_READ && + ret != MBEDTLS_ERR_NET_WANT_WRITE ) { - polarssl_printf( " failed\n ! ssl_write returned -0x%x\n\n", -ret ); + mbedtls_printf( " failed\n ! mbedtls_ssl_write returned -0x%x\n\n", -ret ); goto exit; } } @@ -1389,13 +1389,13 @@ } else /* Not stream, so datagram */ { - do ret = ssl_write( &ssl, buf, len ); - while( ret == POLARSSL_ERR_NET_WANT_READ || - ret == POLARSSL_ERR_NET_WANT_WRITE ); + do ret = mbedtls_ssl_write( &ssl, buf, len ); + while( ret == MBEDTLS_ERR_NET_WANT_READ || + ret == MBEDTLS_ERR_NET_WANT_WRITE ); if( ret < 0 ) { - polarssl_printf( " failed\n ! ssl_write returned %d\n\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret ); goto exit; } @@ -1404,53 +1404,53 @@ } buf[written] = '\0'; - polarssl_printf( " %d bytes written in %d fragments\n\n%s\n", written, frags, (char *) buf ); + mbedtls_printf( " %d bytes written in %d fragments\n\n%s\n", written, frags, (char *) buf ); /* * 7. Read the HTTP response */ - polarssl_printf( " < Read from server:" ); + mbedtls_printf( " < Read from server:" ); fflush( stdout ); /* * TLS and DTLS need different reading styles (stream vs datagram) */ - if( opt.transport == SSL_TRANSPORT_STREAM ) + if( opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ) { do { len = sizeof( buf ) - 1; memset( buf, 0, sizeof( buf ) ); - ret = ssl_read( &ssl, buf, len ); + ret = mbedtls_ssl_read( &ssl, buf, len ); - if( ret == POLARSSL_ERR_NET_WANT_READ || - ret == POLARSSL_ERR_NET_WANT_WRITE ) + if( ret == MBEDTLS_ERR_NET_WANT_READ || + ret == MBEDTLS_ERR_NET_WANT_WRITE ) continue; if( ret <= 0 ) { switch( ret ) { - case POLARSSL_ERR_SSL_PEER_CLOSE_NOTIFY: - polarssl_printf( " connection was closed gracefully\n" ); + case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY: + mbedtls_printf( " connection was closed gracefully\n" ); ret = 0; goto close_notify; case 0: - case POLARSSL_ERR_NET_CONN_RESET: - polarssl_printf( " connection was reset by peer\n" ); + case MBEDTLS_ERR_NET_CONN_RESET: + mbedtls_printf( " connection was reset by peer\n" ); ret = 0; goto reconnect; default: - polarssl_printf( " ssl_read returned -0x%x\n", -ret ); + mbedtls_printf( " mbedtls_ssl_read returned -0x%x\n", -ret ); goto exit; } } len = ret; buf[len] = '\0'; - polarssl_printf( " %d bytes read\n\n%s", len, (char *) buf ); + mbedtls_printf( " %d bytes read\n\n%s", len, (char *) buf ); /* End of message should be detected according to the syntax of the * application protocol (eg HTTP), just use a dummy test here. */ @@ -1467,34 +1467,34 @@ len = sizeof( buf ) - 1; memset( buf, 0, sizeof( buf ) ); - do ret = ssl_read( &ssl, buf, len ); - while( ret == POLARSSL_ERR_NET_WANT_READ || - ret == POLARSSL_ERR_NET_WANT_WRITE ); + do ret = mbedtls_ssl_read( &ssl, buf, len ); + while( ret == MBEDTLS_ERR_NET_WANT_READ || + ret == MBEDTLS_ERR_NET_WANT_WRITE ); if( ret <= 0 ) { switch( ret ) { - case POLARSSL_ERR_NET_TIMEOUT: - polarssl_printf( " timeout\n" ); + case MBEDTLS_ERR_NET_TIMEOUT: + mbedtls_printf( " timeout\n" ); if( retry_left-- > 0 ) goto send_request; goto exit; - case POLARSSL_ERR_SSL_PEER_CLOSE_NOTIFY: - polarssl_printf( " connection was closed gracefully\n" ); + case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY: + mbedtls_printf( " connection was closed gracefully\n" ); ret = 0; goto close_notify; default: - polarssl_printf( " ssl_read returned -0x%x\n", -ret ); + mbedtls_printf( " mbedtls_ssl_read returned -0x%x\n", -ret ); goto exit; } } len = ret; buf[len] = '\0'; - polarssl_printf( " %d bytes read\n\n%s", len, (char *) buf ); + mbedtls_printf( " %d bytes read\n\n%s", len, (char *) buf ); ret = 0; } @@ -1508,14 +1508,14 @@ * 8. Done, cleanly close the connection */ close_notify: - polarssl_printf( " . Closing the connection..." ); + mbedtls_printf( " . Closing the connection..." ); /* No error checking, the connection might be closed already */ - do ret = ssl_close_notify( &ssl ); - while( ret == POLARSSL_ERR_NET_WANT_WRITE ); + do ret = mbedtls_ssl_close_notify( &ssl ); + while( ret == MBEDTLS_ERR_NET_WANT_WRITE ); ret = 0; - polarssl_printf( " done\n" ); + mbedtls_printf( " done\n" ); /* * 9. Reconnect? @@ -1525,58 +1525,58 @@ { --opt.reconnect; - net_close( server_fd ); + mbedtls_net_close( server_fd ); -#if defined(POLARSSL_TIMING_C) +#if defined(MBEDTLS_TIMING_C) if( opt.reco_delay > 0 ) - m_sleep( 1000 * opt.reco_delay ); + mbedtls_timing_m_sleep( 1000 * opt.reco_delay ); #endif - polarssl_printf( " . Reconnecting with saved session..." ); + mbedtls_printf( " . Reconnecting with saved session..." ); fflush( stdout ); - if( ( ret = ssl_session_reset( &ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_session_reset( &ssl ) ) != 0 ) { - polarssl_printf( " failed\n ! ssl_session_reset returned -0x%x\n\n", -ret ); + mbedtls_printf( " failed\n ! mbedtls_ssl_session_reset returned -0x%x\n\n", -ret ); goto exit; } - if( ( ret = ssl_set_session( &ssl, &saved_session ) ) != 0 ) + if( ( ret = mbedtls_ssl_set_session( &ssl, &saved_session ) ) != 0 ) { - polarssl_printf( " failed\n ! ssl_set_session returned %d\n\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_ssl_set_session returned %d\n\n", ret ); goto exit; } - if( ( ret = net_connect( &server_fd, opt.server_addr, opt.server_port, - opt.transport == SSL_TRANSPORT_STREAM ? - NET_PROTO_TCP : NET_PROTO_UDP ) ) != 0 ) + if( ( ret = mbedtls_net_connect( &server_fd, opt.server_addr, opt.server_port, + opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? + MBEDTLS_NET_PROTO_TCP : MBEDTLS_NET_PROTO_UDP ) ) != 0 ) { - polarssl_printf( " failed\n ! net_connect returned -0x%x\n\n", -ret ); + mbedtls_printf( " failed\n ! mbedtls_net_connect returned -0x%x\n\n", -ret ); goto exit; } if( opt.nbio > 0 ) - ret = net_set_nonblock( server_fd ); + ret = mbedtls_net_set_nonblock( server_fd ); else - ret = net_set_block( server_fd ); + ret = mbedtls_net_set_block( server_fd ); if( ret != 0 ) { - polarssl_printf( " failed\n ! net_set_(non)block() returned -0x%x\n\n", + mbedtls_printf( " failed\n ! net_set_(non)block() returned -0x%x\n\n", -ret ); goto exit; } - while( ( ret = ssl_handshake( &ssl ) ) != 0 ) + while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 ) { - if( ret != POLARSSL_ERR_NET_WANT_READ && - ret != POLARSSL_ERR_NET_WANT_WRITE ) + if( ret != MBEDTLS_ERR_NET_WANT_READ && + ret != MBEDTLS_ERR_NET_WANT_WRITE ) { - polarssl_printf( " failed\n ! ssl_handshake returned -0x%x\n\n", -ret ); + mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", -ret ); goto exit; } } - polarssl_printf( " ok\n" ); + mbedtls_printf( " ok\n" ); goto send_request; } @@ -1585,30 +1585,30 @@ * Cleanup and exit */ exit: -#ifdef POLARSSL_ERROR_C +#ifdef MBEDTLS_ERROR_C if( ret != 0 ) { char error_buf[100]; - polarssl_strerror( ret, error_buf, 100 ); - polarssl_printf("Last error was: -0x%X - %s\n\n", -ret, error_buf ); + mbedtls_strerror( ret, error_buf, 100 ); + mbedtls_printf("Last error was: -0x%X - %s\n\n", -ret, error_buf ); } #endif if( server_fd ) - net_close( server_fd ); + mbedtls_net_close( server_fd ); -#if defined(POLARSSL_X509_CRT_PARSE_C) - x509_crt_free( &clicert ); - x509_crt_free( &cacert ); - pk_free( &pkey ); +#if defined(MBEDTLS_X509_CRT_PARSE_C) + mbedtls_x509_crt_free( &clicert ); + mbedtls_x509_crt_free( &cacert ); + mbedtls_pk_free( &pkey ); #endif - ssl_session_free( &saved_session ); - ssl_free( &ssl ); - ctr_drbg_free( &ctr_drbg ); - entropy_free( &entropy ); + mbedtls_ssl_session_free( &saved_session ); + mbedtls_ssl_free( &ssl ); + mbedtls_ctr_drbg_free( &ctr_drbg ); + mbedtls_entropy_free( &entropy ); #if defined(_WIN32) - polarssl_printf( " + Press Enter to exit this program.\n" ); + mbedtls_printf( " + Press Enter to exit this program.\n" ); fflush( stdout ); getchar(); #endif @@ -1618,6 +1618,6 @@ return( ret ); } -#endif /* POLARSSL_BIGNUM_C && POLARSSL_ENTROPY_C && POLARSSL_SSL_TLS_C && - POLARSSL_SSL_CLI_C && POLARSSL_NET_C && POLARSSL_RSA_C && - POLARSSL_CTR_DRBG_C */ +#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C && + MBEDTLS_SSL_CLI_C && MBEDTLS_NET_C && MBEDTLS_RSA_C && + MBEDTLS_CTR_DRBG_C */
diff --git a/programs/ssl/ssl_fork_server.c b/programs/ssl/ssl_fork_server.c index 72d74b2..717d35b 100644 --- a/programs/ssl/ssl_fork_server.c +++ b/programs/ssl/ssl_fork_server.c
@@ -20,42 +20,42 @@ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#if !defined(POLARSSL_CONFIG_FILE) +#if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_PLATFORM_C) +#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" #else #include <stdio.h> -#define polarssl_fprintf fprintf -#define polarssl_printf printf +#define mbedtls_fprintf fprintf +#define mbedtls_printf printf #endif -#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_CERTS_C) || \ - !defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_SSL_TLS_C) || \ - !defined(POLARSSL_SSL_SRV_C) || !defined(POLARSSL_NET_C) || \ - !defined(POLARSSL_RSA_C) || !defined(POLARSSL_CTR_DRBG_C) || \ - !defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_TIMING_C) || \ - !defined(POLARSSL_FS_IO) || !defined(POLARSSL_PEM_PARSE_C) +#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_CERTS_C) || \ + !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_SSL_TLS_C) || \ + !defined(MBEDTLS_SSL_SRV_C) || !defined(MBEDTLS_NET_C) || \ + !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_CTR_DRBG_C) || \ + !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_TIMING_C) || \ + !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_PEM_PARSE_C) int main( int argc, char *argv[] ) { ((void) argc); ((void) argv); - polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_CERTS_C and/or POLARSSL_ENTROPY_C " - "and/or POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_SRV_C and/or " - "POLARSSL_NET_C and/or POLARSSL_RSA_C and/or " - "POLARSSL_CTR_DRBG_C and/or POLARSSL_X509_CRT_PARSE_C and/or " - "POLARSSL_TIMING_C and/or POLARSSL_PEM_PARSE_C not defined.\n"); + mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_CERTS_C and/or MBEDTLS_ENTROPY_C " + "and/or MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_SRV_C and/or " + "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " + "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C and/or " + "MBEDTLS_TIMING_C and/or MBEDTLS_PEM_PARSE_C not defined.\n"); return( 0 ); } #elif defined(_WIN32) int main( void ) { - polarssl_printf("_WIN32 defined. This application requires fork() and signals " + mbedtls_printf("_WIN32 defined. This application requires fork() and signals " "to work correctly.\n"); return( 0 ); } @@ -87,7 +87,7 @@ { if( level < DEBUG_LEVEL ) { - polarssl_fprintf( (FILE *) ctx, "%s", str ); + mbedtls_fprintf( (FILE *) ctx, "%s", str ); fflush( (FILE *) ctx ); } } @@ -100,86 +100,86 @@ unsigned char buf[1024]; const char *pers = "ssl_fork_server"; - entropy_context entropy; - ctr_drbg_context ctr_drbg; - ssl_context ssl; - x509_crt srvcert; - pk_context pkey; + mbedtls_entropy_context entropy; + mbedtls_ctr_drbg_context ctr_drbg; + mbedtls_ssl_context ssl; + mbedtls_x509_crt srvcert; + mbedtls_pk_context pkey; - memset( &ssl, 0, sizeof(ssl_context) ); + memset( &ssl, 0, sizeof(mbedtls_ssl_context) ); - entropy_init( &entropy ); - pk_init( &pkey ); - x509_crt_init( &srvcert ); + mbedtls_entropy_init( &entropy ); + mbedtls_pk_init( &pkey ); + mbedtls_x509_crt_init( &srvcert ); signal( SIGCHLD, SIG_IGN ); /* * 0. Initial seeding of the RNG */ - polarssl_printf( "\n . Initial seeding of the random generator..." ); + mbedtls_printf( "\n . Initial seeding of the random generator..." ); fflush( stdout ); - if( ( ret = ctr_drbg_init( &ctr_drbg, entropy_func, &entropy, + if( ( ret = mbedtls_ctr_drbg_init( &ctr_drbg, mbedtls_entropy_func, &entropy, (const unsigned char *) pers, strlen( pers ) ) ) != 0 ) { - polarssl_printf( " failed\n ! ctr_drbg_init returned %d\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_init returned %d\n", ret ); goto exit; } - polarssl_printf( " ok\n" ); + mbedtls_printf( " ok\n" ); /* * 1. Load the certificates and private RSA key */ - polarssl_printf( " . Loading the server cert. and key..." ); + mbedtls_printf( " . Loading the server cert. and key..." ); fflush( stdout ); /* * This demonstration program uses embedded test certificates. - * Instead, you may want to use x509_crt_parse_file() to read the - * server and CA certificates, as well as pk_parse_keyfile(). + * Instead, you may want to use mbedtls_x509_crt_parse_file() to read the + * server and CA certificates, as well as mbedtls_pk_parse_keyfile(). */ - ret = x509_crt_parse( &srvcert, (const unsigned char *) test_srv_crt, - test_srv_crt_len ); + ret = mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_srv_crt, + mbedtls_test_srv_crt_len ); if( ret != 0 ) { - polarssl_printf( " failed\n ! x509_crt_parse returned %d\n\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret ); goto exit; } - ret = x509_crt_parse( &srvcert, (const unsigned char *) test_cas_pem, - test_cas_pem_len ); + ret = mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_cas_pem, + mbedtls_test_cas_pem_len ); if( ret != 0 ) { - polarssl_printf( " failed\n ! x509_crt_parse returned %d\n\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret ); goto exit; } - ret = pk_parse_key( &pkey, (const unsigned char *) test_srv_key, - test_srv_key_len, NULL, 0 ); + ret = mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key, + mbedtls_test_srv_key_len, NULL, 0 ); if( ret != 0 ) { - polarssl_printf( " failed\n ! pk_parse_key returned %d\n\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_pk_parse_key returned %d\n\n", ret ); goto exit; } - polarssl_printf( " ok\n" ); + mbedtls_printf( " ok\n" ); /* * 2. Setup the listening TCP socket */ - polarssl_printf( " . Bind on https://localhost:4433/ ..." ); + mbedtls_printf( " . Bind on https://localhost:4433/ ..." ); fflush( stdout ); - if( ( ret = net_bind( &listen_fd, NULL, 4433, NET_PROTO_TCP ) ) != 0 ) + if( ( ret = mbedtls_net_bind( &listen_fd, NULL, 4433, MBEDTLS_NET_PROTO_TCP ) ) != 0 ) { - polarssl_printf( " failed\n ! net_bind returned %d\n\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_net_bind returned %d\n\n", ret ); goto exit; } - polarssl_printf( " ok\n" ); + mbedtls_printf( " ok\n" ); while( 1 ) { @@ -189,16 +189,16 @@ client_fd = -1; memset( &ssl, 0, sizeof( ssl ) ); - polarssl_printf( " . Waiting for a remote connection ..." ); + mbedtls_printf( " . Waiting for a remote connection ..." ); fflush( stdout ); - if( ( ret = net_accept( listen_fd, &client_fd, NULL ) ) != 0 ) + if( ( ret = mbedtls_net_accept( listen_fd, &client_fd, NULL ) ) != 0 ) { - polarssl_printf( " failed\n ! net_accept returned %d\n\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_net_accept returned %d\n\n", ret ); goto exit; } - polarssl_printf( " ok\n" ); + mbedtls_printf( " ok\n" ); /* * 3.5. Forking server thread @@ -206,24 +206,24 @@ pid = fork(); - polarssl_printf( " . Forking to handle connection ..." ); + mbedtls_printf( " . Forking to handle connection ..." ); fflush( stdout ); if( pid < 0 ) { - polarssl_printf(" failed\n ! fork returned %d\n\n", pid ); + mbedtls_printf(" failed\n ! fork returned %d\n\n", pid ); goto exit; } - polarssl_printf( " ok\n" ); + mbedtls_printf( " ok\n" ); if( pid != 0 ) { - if( ( ret = ctr_drbg_reseed( &ctr_drbg, + if( ( ret = mbedtls_ctr_drbg_reseed( &ctr_drbg, (const unsigned char *) "parent", 6 ) ) != 0 ) { - polarssl_printf( " failed\n ! ctr_drbg_reseed returned %d\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_reseed returned %d\n", ret ); goto exit; } @@ -236,85 +236,85 @@ /* * 4. Setup stuff */ - polarssl_printf( " . Setting up the SSL data...." ); + mbedtls_printf( " . Setting up the SSL data...." ); fflush( stdout ); - if( ( ret = ctr_drbg_reseed( &ctr_drbg, + if( ( ret = mbedtls_ctr_drbg_reseed( &ctr_drbg, (const unsigned char *) "child", 5 ) ) != 0 ) { - polarssl_printf( " failed\n ! ctr_drbg_reseed returned %d\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_reseed returned %d\n", ret ); goto exit; } - if( ( ret = ssl_init( &ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_init( &ssl ) ) != 0 ) { - polarssl_printf( " failed\n ! ssl_init returned %d\n\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_ssl_init returned %d\n\n", ret ); goto exit; } - polarssl_printf( " ok\n" ); + mbedtls_printf( " ok\n" ); - ssl_set_endpoint( &ssl, SSL_IS_SERVER ); - ssl_set_authmode( &ssl, SSL_VERIFY_NONE ); + mbedtls_ssl_set_endpoint( &ssl, MBEDTLS_SSL_IS_SERVER ); + mbedtls_ssl_set_authmode( &ssl, MBEDTLS_SSL_VERIFY_NONE ); - ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg ); - ssl_set_dbg( &ssl, my_debug, stdout ); - ssl_set_bio_timeout( &ssl, &client_fd, net_send, net_recv, NULL, 0 ); + mbedtls_ssl_set_rng( &ssl, mbedtls_ctr_drbg_random, &ctr_drbg ); + mbedtls_ssl_set_dbg( &ssl, my_debug, stdout ); + mbedtls_ssl_set_bio_timeout( &ssl, &client_fd, mbedtls_net_send, mbedtls_net_recv, NULL, 0 ); - ssl_set_ca_chain( &ssl, srvcert.next, NULL, NULL ); - if( ( ret = ssl_set_own_cert( &ssl, &srvcert, &pkey ) ) != 0 ) + mbedtls_ssl_set_ca_chain( &ssl, srvcert.next, NULL, NULL ); + if( ( ret = mbedtls_ssl_set_own_cert( &ssl, &srvcert, &pkey ) ) != 0 ) { - polarssl_printf( " failed\n ! ssl_set_own_cert returned %d\n\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_ssl_set_own_cert returned %d\n\n", ret ); goto exit; } /* * 5. Handshake */ - polarssl_printf( " . Performing the SSL/TLS handshake..." ); + mbedtls_printf( " . Performing the SSL/TLS handshake..." ); fflush( stdout ); - while( ( ret = ssl_handshake( &ssl ) ) != 0 ) + while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 ) { - if( ret != POLARSSL_ERR_NET_WANT_READ && ret != POLARSSL_ERR_NET_WANT_WRITE ) + if( ret != MBEDTLS_ERR_NET_WANT_READ && ret != MBEDTLS_ERR_NET_WANT_WRITE ) { - polarssl_printf( " failed\n ! ssl_handshake returned %d\n\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned %d\n\n", ret ); goto exit; } } - polarssl_printf( " ok\n" ); + mbedtls_printf( " ok\n" ); /* * 6. Read the HTTP Request */ - polarssl_printf( " < Read from client:" ); + mbedtls_printf( " < Read from client:" ); fflush( stdout ); do { len = sizeof( buf ) - 1; memset( buf, 0, sizeof( buf ) ); - ret = ssl_read( &ssl, buf, len ); + ret = mbedtls_ssl_read( &ssl, buf, len ); - if( ret == POLARSSL_ERR_NET_WANT_READ || ret == POLARSSL_ERR_NET_WANT_WRITE ) + if( ret == MBEDTLS_ERR_NET_WANT_READ || ret == MBEDTLS_ERR_NET_WANT_WRITE ) continue; if( ret <= 0 ) { switch( ret ) { - case POLARSSL_ERR_SSL_PEER_CLOSE_NOTIFY: - polarssl_printf( " connection was closed gracefully\n" ); + case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY: + mbedtls_printf( " connection was closed gracefully\n" ); break; - case POLARSSL_ERR_NET_CONN_RESET: - polarssl_printf( " connection was reset by peer\n" ); + case MBEDTLS_ERR_NET_CONN_RESET: + mbedtls_printf( " connection was reset by peer\n" ); break; default: - polarssl_printf( " ssl_read returned %d\n", ret ); + mbedtls_printf( " mbedtls_ssl_read returned %d\n", ret ); break; } @@ -322,7 +322,7 @@ } len = ret; - polarssl_printf( " %d bytes read\n\n%s", len, (char *) buf ); + mbedtls_printf( " %d bytes read\n\n%s", len, (char *) buf ); if( ret > 0 ) break; @@ -332,57 +332,57 @@ /* * 7. Write the 200 Response */ - polarssl_printf( " > Write to client:" ); + mbedtls_printf( " > Write to client:" ); fflush( stdout ); len = sprintf( (char *) buf, HTTP_RESPONSE, - ssl_get_ciphersuite( &ssl ) ); + mbedtls_ssl_get_ciphersuite( &ssl ) ); while( cnt++ < 100 ) { - while( ( ret = ssl_write( &ssl, buf, len ) ) <= 0 ) + while( ( ret = mbedtls_ssl_write( &ssl, buf, len ) ) <= 0 ) { - if( ret == POLARSSL_ERR_NET_CONN_RESET ) + if( ret == MBEDTLS_ERR_NET_CONN_RESET ) { - polarssl_printf( " failed\n ! peer closed the connection\n\n" ); + mbedtls_printf( " failed\n ! peer closed the connection\n\n" ); goto exit; } - if( ret != POLARSSL_ERR_NET_WANT_READ && ret != POLARSSL_ERR_NET_WANT_WRITE ) + if( ret != MBEDTLS_ERR_NET_WANT_READ && ret != MBEDTLS_ERR_NET_WANT_WRITE ) { - polarssl_printf( " failed\n ! ssl_write returned %d\n\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret ); goto exit; } } len = ret; - polarssl_printf( " %d bytes written\n\n%s\n", len, (char *) buf ); + mbedtls_printf( " %d bytes written\n\n%s\n", len, (char *) buf ); - m_sleep( 1000 ); + mbedtls_timing_m_sleep( 1000 ); } - ssl_close_notify( &ssl ); + mbedtls_ssl_close_notify( &ssl ); goto exit; } exit: if( client_fd != -1 ) - net_close( client_fd ); + mbedtls_net_close( client_fd ); - x509_crt_free( &srvcert ); - pk_free( &pkey ); - ssl_free( &ssl ); - ctr_drbg_free( &ctr_drbg ); - entropy_free( &entropy ); + mbedtls_x509_crt_free( &srvcert ); + mbedtls_pk_free( &pkey ); + mbedtls_ssl_free( &ssl ); + mbedtls_ctr_drbg_free( &ctr_drbg ); + mbedtls_entropy_free( &entropy ); #if defined(_WIN32) - polarssl_printf( " Press Enter to exit this program.\n" ); + mbedtls_printf( " Press Enter to exit this program.\n" ); fflush( stdout ); getchar(); #endif return( ret ); } -#endif /* POLARSSL_BIGNUM_C && POLARSSL_CERTS_C && POLARSSL_ENTROPY_C && - POLARSSL_SSL_TLS_C && POLARSSL_SSL_SRV_C && POLARSSL_NET_C && - POLARSSL_RSA_C && POLARSSL_CTR_DRBG_C && POLARSSL_PEM_PARSE_C && +#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_CERTS_C && MBEDTLS_ENTROPY_C && + MBEDTLS_SSL_TLS_C && MBEDTLS_SSL_SRV_C && MBEDTLS_NET_C && + MBEDTLS_RSA_C && MBEDTLS_CTR_DRBG_C && MBEDTLS_PEM_PARSE_C && ! _WIN32 */
diff --git a/programs/ssl/ssl_mail_client.c b/programs/ssl/ssl_mail_client.c index 55d7f87..ca54070 100644 --- a/programs/ssl/ssl_mail_client.c +++ b/programs/ssl/ssl_mail_client.c
@@ -20,31 +20,31 @@ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#if !defined(POLARSSL_CONFIG_FILE) +#if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_PLATFORM_C) +#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" #else #include <stdio.h> -#define polarssl_fprintf fprintf -#define polarssl_printf printf +#define mbedtls_fprintf fprintf +#define mbedtls_printf printf #endif -#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_ENTROPY_C) || \ - !defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_CLI_C) || \ - !defined(POLARSSL_NET_C) || !defined(POLARSSL_RSA_C) || \ - !defined(POLARSSL_CTR_DRBG_C) || !defined(POLARSSL_X509_CRT_PARSE_C) || \ - !defined(POLARSSL_FS_IO) +#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_ENTROPY_C) || \ + !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_CLI_C) || \ + !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_RSA_C) || \ + !defined(MBEDTLS_CTR_DRBG_C) || !defined(MBEDTLS_X509_CRT_PARSE_C) || \ + !defined(MBEDTLS_FS_IO) int main( void ) { - polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_ENTROPY_C and/or " - "POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_CLI_C and/or " - "POLARSSL_NET_C and/or POLARSSL_RSA_C and/or " - "POLARSSL_CTR_DRBG_C and/or POLARSSL_X509_CRT_PARSE_C " + mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or " + "MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_CLI_C and/or " + "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " + "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C " "not defined.\n"); return( 0 ); } @@ -100,25 +100,25 @@ #define MODE_SSL_TLS 0 #define MODE_STARTTLS 0 -#if defined(POLARSSL_BASE64_C) +#if defined(MBEDTLS_BASE64_C) #define USAGE_AUTH \ " authentication=%%d default: 0 (disabled)\n" \ " user_name=%%s default: \"user\"\n" \ " user_pwd=%%s default: \"password\"\n" #else #define USAGE_AUTH \ - " authentication options disabled. (Require POLARSSL_BASE64_C)\n" -#endif /* POLARSSL_BASE64_C */ + " authentication options disabled. (Require MBEDTLS_BASE64_C)\n" +#endif /* MBEDTLS_BASE64_C */ -#if defined(POLARSSL_FS_IO) +#if defined(MBEDTLS_FS_IO) #define USAGE_IO \ " ca_file=%%s default: \"\" (pre-loaded)\n" \ " crt_file=%%s default: \"\" (pre-loaded)\n" \ " key_file=%%s default: \"\" (pre-loaded)\n" #else #define USAGE_IO \ - " No file operations available (POLARSSL_FS_IO not defined)\n" -#endif /* POLARSSL_FS_IO */ + " No file operations available (MBEDTLS_FS_IO not defined)\n" +#endif /* MBEDTLS_FS_IO */ #define USAGE \ "\n usage: ssl_mail_client param=<>...\n" \ @@ -158,12 +158,12 @@ { if( level < opt.debug_level ) { - polarssl_fprintf( (FILE *) ctx, "%s", str ); + mbedtls_fprintf( (FILE *) ctx, "%s", str ); fflush( (FILE *) ctx ); } } -static int do_handshake( ssl_context *ssl, struct options *opt ) +static int do_handshake( mbedtls_ssl_context *ssl, struct options *opt ) { int ret; unsigned char buf[1024]; @@ -172,69 +172,69 @@ /* * 4. Handshake */ - polarssl_printf( " . Performing the SSL/TLS handshake..." ); + mbedtls_printf( " . Performing the SSL/TLS handshake..." ); fflush( stdout ); - while( ( ret = ssl_handshake( ssl ) ) != 0 ) + while( ( ret = mbedtls_ssl_handshake( ssl ) ) != 0 ) { - if( ret != POLARSSL_ERR_NET_WANT_READ && ret != POLARSSL_ERR_NET_WANT_WRITE ) + if( ret != MBEDTLS_ERR_NET_WANT_READ && ret != MBEDTLS_ERR_NET_WANT_WRITE ) { -#if defined(POLARSSL_ERROR_C) - polarssl_strerror( ret, (char *) buf, 1024 ); +#if defined(MBEDTLS_ERROR_C) + mbedtls_strerror( ret, (char *) buf, 1024 ); #endif - polarssl_printf( " failed\n ! ssl_handshake returned %d: %s\n\n", ret, buf ); + mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned %d: %s\n\n", ret, buf ); return( -1 ); } } - polarssl_printf( " ok\n [ Ciphersuite is %s ]\n", - ssl_get_ciphersuite( ssl ) ); + mbedtls_printf( " ok\n [ Ciphersuite is %s ]\n", + mbedtls_ssl_get_ciphersuite( ssl ) ); /* * 5. Verify the server certificate */ - polarssl_printf( " . Verifying peer X.509 certificate..." ); + mbedtls_printf( " . Verifying peer X.509 certificate..." ); /* In real life, we may want to bail out when ret != 0 */ - if( ( ret = ssl_get_verify_result( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_get_verify_result( ssl ) ) != 0 ) { - polarssl_printf( " failed\n" ); + mbedtls_printf( " failed\n" ); - if( ( ret & BADCERT_EXPIRED ) != 0 ) - polarssl_printf( " ! server certificate has expired\n" ); + if( ( ret & MBEDTLS_BADCERT_EXPIRED ) != 0 ) + mbedtls_printf( " ! server certificate has expired\n" ); - if( ( ret & BADCERT_REVOKED ) != 0 ) - polarssl_printf( " ! server certificate has been revoked\n" ); + if( ( ret & MBEDTLS_X509_BADCERT_REVOKED ) != 0 ) + mbedtls_printf( " ! server certificate has been revoked\n" ); - if( ( ret & BADCERT_CN_MISMATCH ) != 0 ) - polarssl_printf( " ! CN mismatch (expected CN=%s)\n", opt->server_name ); + if( ( ret & MBEDTLS_X509_BADCERT_CN_MISMATCH ) != 0 ) + mbedtls_printf( " ! CN mismatch (expected CN=%s)\n", opt->server_name ); - if( ( ret & BADCERT_NOT_TRUSTED ) != 0 ) - polarssl_printf( " ! self-signed or not signed by a trusted CA\n" ); + if( ( ret & MBEDTLS_X509_BADCERT_NOT_TRUSTED ) != 0 ) + mbedtls_printf( " ! self-signed or not signed by a trusted CA\n" ); - polarssl_printf( "\n" ); + mbedtls_printf( "\n" ); } else - polarssl_printf( " ok\n" ); + mbedtls_printf( " ok\n" ); - polarssl_printf( " . Peer certificate information ...\n" ); - x509_crt_info( (char *) buf, sizeof( buf ) - 1, " ", - ssl_get_peer_cert( ssl ) ); - polarssl_printf( "%s\n", buf ); + mbedtls_printf( " . Peer certificate information ...\n" ); + mbedtls_x509_crt_info( (char *) buf, sizeof( buf ) - 1, " ", + mbedtls_ssl_get_peer_cert( ssl ) ); + mbedtls_printf( "%s\n", buf ); return( 0 ); } -static int write_ssl_data( ssl_context *ssl, unsigned char *buf, size_t len ) +static int write_ssl_data( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len ) { int ret; - polarssl_printf("\n%s", buf); - while( len && ( ret = ssl_write( ssl, buf, len ) ) <= 0 ) + mbedtls_printf("\n%s", buf); + while( len && ( ret = mbedtls_ssl_write( ssl, buf, len ) ) <= 0 ) { - if( ret != POLARSSL_ERR_NET_WANT_READ && ret != POLARSSL_ERR_NET_WANT_WRITE ) + if( ret != MBEDTLS_ERR_NET_WANT_READ && ret != MBEDTLS_ERR_NET_WANT_WRITE ) { - polarssl_printf( " failed\n ! ssl_write returned %d\n\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret ); return -1; } } @@ -242,19 +242,19 @@ return( 0 ); } -static int write_ssl_and_get_response( ssl_context *ssl, unsigned char *buf, size_t len ) +static int write_ssl_and_get_response( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len ) { int ret; unsigned char data[128]; char code[4]; size_t i, idx = 0; - polarssl_printf("\n%s", buf); - while( len && ( ret = ssl_write( ssl, buf, len ) ) <= 0 ) + mbedtls_printf("\n%s", buf); + while( len && ( ret = mbedtls_ssl_write( ssl, buf, len ) ) <= 0 ) { - if( ret != POLARSSL_ERR_NET_WANT_READ && ret != POLARSSL_ERR_NET_WANT_WRITE ) + if( ret != MBEDTLS_ERR_NET_WANT_READ && ret != MBEDTLS_ERR_NET_WANT_WRITE ) { - polarssl_printf( " failed\n ! ssl_write returned %d\n\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret ); return -1; } } @@ -263,21 +263,21 @@ { len = sizeof( data ) - 1; memset( data, 0, sizeof( data ) ); - ret = ssl_read( ssl, data, len ); + ret = mbedtls_ssl_read( ssl, data, len ); - if( ret == POLARSSL_ERR_NET_WANT_READ || ret == POLARSSL_ERR_NET_WANT_WRITE ) + if( ret == MBEDTLS_ERR_NET_WANT_READ || ret == MBEDTLS_ERR_NET_WANT_WRITE ) continue; - if( ret == POLARSSL_ERR_SSL_PEER_CLOSE_NOTIFY ) + if( ret == MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY ) return -1; if( ret <= 0 ) { - polarssl_printf( "failed\n ! ssl_read returned %d\n\n", ret ); + mbedtls_printf( "failed\n ! mbedtls_ssl_read returned %d\n\n", ret ); return -1; } - polarssl_printf("\n%s", data); + mbedtls_printf("\n%s", data); len = ret; for( i = 0; i < len; i++ ) { @@ -307,10 +307,10 @@ char code[4]; size_t i, idx = 0; - polarssl_printf("\n%s", buf); + mbedtls_printf("\n%s", buf); if( len && ( ret = write( sock_fd, buf, len ) ) <= 0 ) { - polarssl_printf( " failed\n ! ssl_write returned %d\n\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret ); return -1; } @@ -322,12 +322,12 @@ if( ret <= 0 ) { - polarssl_printf( "failed\n ! read returned %d\n\n", ret ); + mbedtls_printf( "failed\n ! read returned %d\n\n", ret ); return -1; } data[len] = '\0'; - polarssl_printf("\n%s", data); + mbedtls_printf("\n%s", data); len = ret; for( i = 0; i < len; i++ ) { @@ -354,18 +354,18 @@ { int ret = 0, len, server_fd; unsigned char buf[1024]; -#if defined(POLARSSL_BASE64_C) +#if defined(MBEDTLS_BASE64_C) unsigned char base[1024]; #endif char hostname[32]; const char *pers = "ssl_mail_client"; - entropy_context entropy; - ctr_drbg_context ctr_drbg; - ssl_context ssl; - x509_crt cacert; - x509_crt clicert; - pk_context pkey; + mbedtls_entropy_context entropy; + mbedtls_ctr_drbg_context ctr_drbg; + mbedtls_ssl_context ssl; + mbedtls_x509_crt cacert; + mbedtls_x509_crt clicert; + mbedtls_pk_context pkey; int i; size_t n; char *p, *q; @@ -375,24 +375,24 @@ * Make sure memory references are valid in case we exit early. */ server_fd = 0; - memset( &ssl, 0, sizeof( ssl_context ) ); + memset( &ssl, 0, sizeof( mbedtls_ssl_context ) ); memset( &buf, 0, sizeof( buf ) ); - x509_crt_init( &cacert ); - x509_crt_init( &clicert ); - pk_init( &pkey ); + mbedtls_x509_crt_init( &cacert ); + mbedtls_x509_crt_init( &clicert ); + mbedtls_pk_init( &pkey ); if( argc == 0 ) { usage: - polarssl_printf( USAGE ); + mbedtls_printf( USAGE ); - list = ssl_list_ciphersuites(); + list = mbedtls_ssl_list_ciphersuites(); while( *list ) { - polarssl_printf(" %s\n", ssl_get_ciphersuite_name( *list ) ); + mbedtls_printf(" %s\n", mbedtls_ssl_get_ciphersuite_name( *list ) ); list++; } - polarssl_printf("\n"); + mbedtls_printf("\n"); goto exit; } @@ -461,7 +461,7 @@ { opt.force_ciphersuite[0] = -1; - opt.force_ciphersuite[0] = ssl_get_ciphersuite_id( q ); + opt.force_ciphersuite[0] = mbedtls_ssl_get_ciphersuite_id( q ); if( opt.force_ciphersuite[0] <= 0 ) goto usage; @@ -475,151 +475,151 @@ /* * 0. Initialize the RNG and the session data */ - polarssl_printf( "\n . Seeding the random number generator..." ); + mbedtls_printf( "\n . Seeding the random number generator..." ); fflush( stdout ); - entropy_init( &entropy ); - if( ( ret = ctr_drbg_init( &ctr_drbg, entropy_func, &entropy, + mbedtls_entropy_init( &entropy ); + if( ( ret = mbedtls_ctr_drbg_init( &ctr_drbg, mbedtls_entropy_func, &entropy, (const unsigned char *) pers, strlen( pers ) ) ) != 0 ) { - polarssl_printf( " failed\n ! ctr_drbg_init returned %d\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_init returned %d\n", ret ); goto exit; } - polarssl_printf( " ok\n" ); + mbedtls_printf( " ok\n" ); /* * 1.1. Load the trusted CA */ - polarssl_printf( " . Loading the CA root certificate ..." ); + mbedtls_printf( " . Loading the CA root certificate ..." ); fflush( stdout ); -#if defined(POLARSSL_FS_IO) +#if defined(MBEDTLS_FS_IO) if( strlen( opt.ca_file ) ) - ret = x509_crt_parse_file( &cacert, opt.ca_file ); + ret = mbedtls_x509_crt_parse_file( &cacert, opt.ca_file ); else #endif -#if defined(POLARSSL_CERTS_C) - ret = x509_crt_parse( &cacert, (const unsigned char *) test_cas_pem, - test_cas_pem_len ); +#if defined(MBEDTLS_CERTS_C) + ret = mbedtls_x509_crt_parse( &cacert, (const unsigned char *) mbedtls_test_cas_pem, + mbedtls_test_cas_pem_len ); #else { ret = 1; - polarssl_printf("POLARSSL_CERTS_C not defined."); + mbedtls_printf("MBEDTLS_CERTS_C not defined."); } #endif if( ret < 0 ) { - polarssl_printf( " failed\n ! x509_crt_parse returned %d\n\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret ); goto exit; } - polarssl_printf( " ok (%d skipped)\n", ret ); + mbedtls_printf( " ok (%d skipped)\n", ret ); /* * 1.2. Load own certificate and private key * * (can be skipped if client authentication is not required) */ - polarssl_printf( " . Loading the client cert. and key..." ); + mbedtls_printf( " . Loading the client cert. and key..." ); fflush( stdout ); -#if defined(POLARSSL_FS_IO) +#if defined(MBEDTLS_FS_IO) if( strlen( opt.crt_file ) ) - ret = x509_crt_parse_file( &clicert, opt.crt_file ); + ret = mbedtls_x509_crt_parse_file( &clicert, opt.crt_file ); else #endif -#if defined(POLARSSL_CERTS_C) - ret = x509_crt_parse( &clicert, (const unsigned char *) test_cli_crt, - test_cli_crt_len ); +#if defined(MBEDTLS_CERTS_C) + ret = mbedtls_x509_crt_parse( &clicert, (const unsigned char *) mbedtls_test_cli_crt, + mbedtls_test_cli_crt_len ); #else { ret = -1; - polarssl_printf("POLARSSL_CERTS_C not defined."); + mbedtls_printf("MBEDTLS_CERTS_C not defined."); } #endif if( ret != 0 ) { - polarssl_printf( " failed\n ! x509_crt_parse returned %d\n\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret ); goto exit; } -#if defined(POLARSSL_FS_IO) +#if defined(MBEDTLS_FS_IO) if( strlen( opt.key_file ) ) - ret = pk_parse_keyfile( &pkey, opt.key_file, "" ); + ret = mbedtls_pk_parse_keyfile( &pkey, opt.key_file, "" ); else #endif -#if defined(POLARSSL_CERTS_C) && defined(POLARSSL_PEM_PARSE_C) - ret = pk_parse_key( &pkey, (const unsigned char *) test_cli_key, - test_cli_key_len, NULL, 0 ); +#if defined(MBEDTLS_CERTS_C) && defined(MBEDTLS_PEM_PARSE_C) + ret = mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_cli_key, + mbedtls_test_cli_key_len, NULL, 0 ); #else { ret = -1; - polarssl_printf("POLARSSL_CERTS_C or POLARSSL_PEM_PARSE_C not defined."); + mbedtls_printf("MBEDTLS_CERTS_C or MBEDTLS_PEM_PARSE_C not defined."); } #endif if( ret != 0 ) { - polarssl_printf( " failed\n ! pk_parse_key returned %d\n\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_pk_parse_key returned %d\n\n", ret ); goto exit; } - polarssl_printf( " ok\n" ); + mbedtls_printf( " ok\n" ); /* * 2. Start the connection */ - polarssl_printf( " . Connecting to tcp/%s/%-4d...", opt.server_name, + mbedtls_printf( " . Connecting to tcp/%s/%-4d...", opt.server_name, opt.server_port ); fflush( stdout ); - if( ( ret = net_connect( &server_fd, opt.server_name, - opt.server_port, NET_PROTO_TCP ) ) != 0 ) + if( ( ret = mbedtls_net_connect( &server_fd, opt.server_name, + opt.server_port, MBEDTLS_NET_PROTO_TCP ) ) != 0 ) { - polarssl_printf( " failed\n ! net_connect returned %d\n\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_net_connect returned %d\n\n", ret ); goto exit; } - polarssl_printf( " ok\n" ); + mbedtls_printf( " ok\n" ); /* * 3. Setup stuff */ - polarssl_printf( " . Setting up the SSL/TLS structure..." ); + mbedtls_printf( " . Setting up the SSL/TLS structure..." ); fflush( stdout ); - if( ( ret = ssl_init( &ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_init( &ssl ) ) != 0 ) { - polarssl_printf( " failed\n ! ssl_init returned %d\n\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_ssl_init returned %d\n\n", ret ); goto exit; } - polarssl_printf( " ok\n" ); + mbedtls_printf( " ok\n" ); - ssl_set_endpoint( &ssl, SSL_IS_CLIENT ); + mbedtls_ssl_set_endpoint( &ssl, MBEDTLS_SSL_IS_CLIENT ); /* OPTIONAL is not optimal for security, * but makes interop easier in this simplified example */ - ssl_set_authmode( &ssl, SSL_VERIFY_OPTIONAL ); + mbedtls_ssl_set_authmode( &ssl, MBEDTLS_SSL_VERIFY_OPTIONAL ); - ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg ); - ssl_set_dbg( &ssl, my_debug, stdout ); - ssl_set_bio_timeout( &ssl, &server_fd, net_send, net_recv, NULL, 0 ); + mbedtls_ssl_set_rng( &ssl, mbedtls_ctr_drbg_random, &ctr_drbg ); + mbedtls_ssl_set_dbg( &ssl, my_debug, stdout ); + mbedtls_ssl_set_bio_timeout( &ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL, 0 ); if( opt.force_ciphersuite[0] != DFL_FORCE_CIPHER ) - ssl_set_ciphersuites( &ssl, opt.force_ciphersuite ); + mbedtls_ssl_set_ciphersuites( &ssl, opt.force_ciphersuite ); - ssl_set_ca_chain( &ssl, &cacert, NULL, opt.server_name ); - if( ( ret = ssl_set_own_cert( &ssl, &clicert, &pkey ) ) != 0 ) + mbedtls_ssl_set_ca_chain( &ssl, &cacert, NULL, opt.server_name ); + if( ( ret = mbedtls_ssl_set_own_cert( &ssl, &clicert, &pkey ) ) != 0 ) { - polarssl_printf( " failed\n ! ssl_set_own_cert returned %d\n\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_ssl_set_own_cert returned %d\n\n", ret ); goto exit; } -#if defined(POLARSSL_SSL_SERVER_NAME_INDICATION) - if( ( ret = ssl_set_hostname( &ssl, opt.server_name ) ) != 0 ) +#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) + if( ( ret = mbedtls_ssl_set_hostname( &ssl, opt.server_name ) ) != 0 ) { - polarssl_printf( " failed\n ! ssl_set_hostname returned %d\n\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_ssl_set_hostname returned %d\n\n", ret ); goto exit; } #endif @@ -629,19 +629,19 @@ if( do_handshake( &ssl, &opt ) != 0 ) goto exit; - polarssl_printf( " > Get header from server:" ); + mbedtls_printf( " > Get header from server:" ); fflush( stdout ); ret = write_ssl_and_get_response( &ssl, buf, 0 ); if( ret < 200 || ret > 299 ) { - polarssl_printf( " failed\n ! server responded with %d\n\n", ret ); + mbedtls_printf( " failed\n ! server responded with %d\n\n", ret ); goto exit; } - polarssl_printf(" ok\n" ); + mbedtls_printf(" ok\n" ); - polarssl_printf( " > Write EHLO to server:" ); + mbedtls_printf( " > Write EHLO to server:" ); fflush( stdout ); gethostname( hostname, 32 ); @@ -649,25 +649,25 @@ ret = write_ssl_and_get_response( &ssl, buf, len ); if( ret < 200 || ret > 299 ) { - polarssl_printf( " failed\n ! server responded with %d\n\n", ret ); + mbedtls_printf( " failed\n ! server responded with %d\n\n", ret ); goto exit; } } else { - polarssl_printf( " > Get header from server:" ); + mbedtls_printf( " > Get header from server:" ); fflush( stdout ); ret = write_and_get_response( server_fd, buf, 0 ); if( ret < 200 || ret > 299 ) { - polarssl_printf( " failed\n ! server responded with %d\n\n", ret ); + mbedtls_printf( " failed\n ! server responded with %d\n\n", ret ); goto exit; } - polarssl_printf(" ok\n" ); + mbedtls_printf(" ok\n" ); - polarssl_printf( " > Write EHLO to server:" ); + mbedtls_printf( " > Write EHLO to server:" ); fflush( stdout ); gethostname( hostname, 32 ); @@ -675,13 +675,13 @@ ret = write_and_get_response( server_fd, buf, len ); if( ret < 200 || ret > 299 ) { - polarssl_printf( " failed\n ! server responded with %d\n\n", ret ); + mbedtls_printf( " failed\n ! server responded with %d\n\n", ret ); goto exit; } - polarssl_printf(" ok\n" ); + mbedtls_printf(" ok\n" ); - polarssl_printf( " > Write STARTTLS to server:" ); + mbedtls_printf( " > Write STARTTLS to server:" ); fflush( stdout ); gethostname( hostname, 32 ); @@ -689,115 +689,115 @@ ret = write_and_get_response( server_fd, buf, len ); if( ret < 200 || ret > 299 ) { - polarssl_printf( " failed\n ! server responded with %d\n\n", ret ); + mbedtls_printf( " failed\n ! server responded with %d\n\n", ret ); goto exit; } - polarssl_printf(" ok\n" ); + mbedtls_printf(" ok\n" ); if( do_handshake( &ssl, &opt ) != 0 ) goto exit; } -#if defined(POLARSSL_BASE64_C) +#if defined(MBEDTLS_BASE64_C) if( opt.authentication ) { - polarssl_printf( " > Write AUTH LOGIN to server:" ); + mbedtls_printf( " > Write AUTH LOGIN to server:" ); fflush( stdout ); len = sprintf( (char *) buf, "AUTH LOGIN\r\n" ); ret = write_ssl_and_get_response( &ssl, buf, len ); if( ret < 200 || ret > 399 ) { - polarssl_printf( " failed\n ! server responded with %d\n\n", ret ); + mbedtls_printf( " failed\n ! server responded with %d\n\n", ret ); goto exit; } - polarssl_printf(" ok\n" ); + mbedtls_printf(" ok\n" ); - polarssl_printf( " > Write username to server: %s", opt.user_name ); + mbedtls_printf( " > Write username to server: %s", opt.user_name ); fflush( stdout ); n = sizeof( buf ); - ret = base64_encode( base, &n, (const unsigned char *) opt.user_name, + ret = mbedtls_base64_encode( base, &n, (const unsigned char *) opt.user_name, strlen( opt.user_name ) ); if( ret != 0 ) { - polarssl_printf( " failed\n ! base64_encode returned %d\n\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_base64_encode returned %d\n\n", ret ); goto exit; } len = sprintf( (char *) buf, "%s\r\n", base ); ret = write_ssl_and_get_response( &ssl, buf, len ); if( ret < 300 || ret > 399 ) { - polarssl_printf( " failed\n ! server responded with %d\n\n", ret ); + mbedtls_printf( " failed\n ! server responded with %d\n\n", ret ); goto exit; } - polarssl_printf(" ok\n" ); + mbedtls_printf(" ok\n" ); - polarssl_printf( " > Write password to server: %s", opt.user_pwd ); + mbedtls_printf( " > Write password to server: %s", opt.user_pwd ); fflush( stdout ); - ret = base64_encode( base, &n, (const unsigned char *) opt.user_pwd, + ret = mbedtls_base64_encode( base, &n, (const unsigned char *) opt.user_pwd, strlen( opt.user_pwd ) ); if( ret != 0 ) { - polarssl_printf( " failed\n ! base64_encode returned %d\n\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_base64_encode returned %d\n\n", ret ); goto exit; } len = sprintf( (char *) buf, "%s\r\n", base ); ret = write_ssl_and_get_response( &ssl, buf, len ); if( ret < 200 || ret > 399 ) { - polarssl_printf( " failed\n ! server responded with %d\n\n", ret ); + mbedtls_printf( " failed\n ! server responded with %d\n\n", ret ); goto exit; } - polarssl_printf(" ok\n" ); + mbedtls_printf(" ok\n" ); } #endif - polarssl_printf( " > Write MAIL FROM to server:" ); + mbedtls_printf( " > Write MAIL FROM to server:" ); fflush( stdout ); len = sprintf( (char *) buf, "MAIL FROM:<%s>\r\n", opt.mail_from ); ret = write_ssl_and_get_response( &ssl, buf, len ); if( ret < 200 || ret > 299 ) { - polarssl_printf( " failed\n ! server responded with %d\n\n", ret ); + mbedtls_printf( " failed\n ! server responded with %d\n\n", ret ); goto exit; } - polarssl_printf(" ok\n" ); + mbedtls_printf(" ok\n" ); - polarssl_printf( " > Write RCPT TO to server:" ); + mbedtls_printf( " > Write RCPT TO to server:" ); fflush( stdout ); len = sprintf( (char *) buf, "RCPT TO:<%s>\r\n", opt.mail_to ); ret = write_ssl_and_get_response( &ssl, buf, len ); if( ret < 200 || ret > 299 ) { - polarssl_printf( " failed\n ! server responded with %d\n\n", ret ); + mbedtls_printf( " failed\n ! server responded with %d\n\n", ret ); goto exit; } - polarssl_printf(" ok\n" ); + mbedtls_printf(" ok\n" ); - polarssl_printf( " > Write DATA to server:" ); + mbedtls_printf( " > Write DATA to server:" ); fflush( stdout ); len = sprintf( (char *) buf, "DATA\r\n" ); ret = write_ssl_and_get_response( &ssl, buf, len ); if( ret < 300 || ret > 399 ) { - polarssl_printf( " failed\n ! server responded with %d\n\n", ret ); + mbedtls_printf( " failed\n ! server responded with %d\n\n", ret ); goto exit; } - polarssl_printf(" ok\n" ); + mbedtls_printf(" ok\n" ); - polarssl_printf( " > Write content to server:" ); + mbedtls_printf( " > Write content to server:" ); fflush( stdout ); len = sprintf( (char *) buf, "From: %s\r\nSubject: mbed TLS Test mail\r\n\r\n" @@ -811,32 +811,32 @@ ret = write_ssl_and_get_response( &ssl, buf, len ); if( ret < 200 || ret > 299 ) { - polarssl_printf( " failed\n ! server responded with %d\n\n", ret ); + mbedtls_printf( " failed\n ! server responded with %d\n\n", ret ); goto exit; } - polarssl_printf(" ok\n" ); + mbedtls_printf(" ok\n" ); - ssl_close_notify( &ssl ); + mbedtls_ssl_close_notify( &ssl ); exit: if( server_fd ) - net_close( server_fd ); - x509_crt_free( &clicert ); - x509_crt_free( &cacert ); - pk_free( &pkey ); - ssl_free( &ssl ); - ctr_drbg_free( &ctr_drbg ); - entropy_free( &entropy ); + mbedtls_net_close( server_fd ); + mbedtls_x509_crt_free( &clicert ); + mbedtls_x509_crt_free( &cacert ); + mbedtls_pk_free( &pkey ); + mbedtls_ssl_free( &ssl ); + mbedtls_ctr_drbg_free( &ctr_drbg ); + mbedtls_entropy_free( &entropy ); #if defined(_WIN32) - polarssl_printf( " + Press Enter to exit this program.\n" ); + mbedtls_printf( " + Press Enter to exit this program.\n" ); fflush( stdout ); getchar(); #endif return( ret ); } -#endif /* POLARSSL_BIGNUM_C && POLARSSL_ENTROPY_C && POLARSSL_SSL_TLS_C && - POLARSSL_SSL_CLI_C && POLARSSL_NET_C && POLARSSL_RSA_C ** - POLARSSL_CTR_DRBG_C */ +#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C && + MBEDTLS_SSL_CLI_C && MBEDTLS_NET_C && MBEDTLS_RSA_C ** + MBEDTLS_CTR_DRBG_C */
diff --git a/programs/ssl/ssl_pthread_server.c b/programs/ssl/ssl_pthread_server.c index 9702ab1..1ca6f17 100644 --- a/programs/ssl/ssl_pthread_server.c +++ b/programs/ssl/ssl_pthread_server.c
@@ -21,36 +21,36 @@ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#if !defined(POLARSSL_CONFIG_FILE) +#if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_PLATFORM_C) +#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" #else #include <stdio.h> -#define polarssl_fprintf fprintf -#define polarssl_printf printf -#define polarssl_snprintf snprintf +#define mbedtls_fprintf fprintf +#define mbedtls_printf printf +#define mbedtls_snprintf snprintf #endif -#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_CERTS_C) || \ - !defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_SSL_TLS_C) || \ - !defined(POLARSSL_SSL_SRV_C) || !defined(POLARSSL_NET_C) || \ - !defined(POLARSSL_RSA_C) || !defined(POLARSSL_CTR_DRBG_C) || \ - !defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_FS_IO) || \ - !defined(POLARSSL_THREADING_C) || !defined(POLARSSL_THREADING_PTHREAD) || \ - !defined(POLARSSL_PEM_PARSE_C) +#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_CERTS_C) || \ + !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_SSL_TLS_C) || \ + !defined(MBEDTLS_SSL_SRV_C) || !defined(MBEDTLS_NET_C) || \ + !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_CTR_DRBG_C) || \ + !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_FS_IO) || \ + !defined(MBEDTLS_THREADING_C) || !defined(MBEDTLS_THREADING_PTHREAD) || \ + !defined(MBEDTLS_PEM_PARSE_C) int main( void ) { - polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_CERTS_C and/or POLARSSL_ENTROPY_C " - "and/or POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_SRV_C and/or " - "POLARSSL_NET_C and/or POLARSSL_RSA_C and/or " - "POLARSSL_CTR_DRBG_C and/or POLARSSL_X509_CRT_PARSE_C and/or " - "POLARSSL_THREADING_C and/or POLARSSL_THREADING_PTHREAD " - "and/or POLARSSL_PEM_PARSE_C not defined.\n"); + mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_CERTS_C and/or MBEDTLS_ENTROPY_C " + "and/or MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_SRV_C and/or " + "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " + "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C and/or " + "MBEDTLS_THREADING_C and/or MBEDTLS_THREADING_PTHREAD " + "and/or MBEDTLS_PEM_PARSE_C not defined.\n"); return( 0 ); } #else @@ -70,11 +70,11 @@ #include "mbedtls/net.h" #include "mbedtls/error.h" -#if defined(POLARSSL_SSL_CACHE_C) +#if defined(MBEDTLS_SSL_CACHE_C) #include "mbedtls/ssl_cache.h" #endif -#if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C) +#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) #include "mbedtls/memory_buffer_alloc.h" #endif @@ -87,29 +87,29 @@ #define MAX_NUM_THREADS 5 -threading_mutex_t debug_mutex; +mbedtls_threading_mutex_t debug_mutex; static void my_mutexed_debug( void *ctx, int level, const char *str ) { - polarssl_mutex_lock( &debug_mutex ); + mbedtls_mutex_lock( &debug_mutex ); if( level < DEBUG_LEVEL ) { - polarssl_fprintf( (FILE *) ctx, "%s", str ); + mbedtls_fprintf( (FILE *) ctx, "%s", str ); fflush( (FILE *) ctx ); } - polarssl_mutex_unlock( &debug_mutex ); + mbedtls_mutex_unlock( &debug_mutex ); } typedef struct { int client_fd; int thread_complete; - entropy_context *entropy; -#if defined(POLARSSL_SSL_CACHE_C) - ssl_cache_context *cache; + mbedtls_entropy_context *entropy; +#if defined(MBEDTLS_SSL_CACHE_C) + mbedtls_ssl_cache_context *cache; #endif - x509_crt *ca_chain; - x509_crt *server_cert; - pk_context *server_key; + mbedtls_x509_crt *ca_chain; + mbedtls_x509_crt *server_cert; + mbedtls_pk_context *server_key; } thread_info_t; typedef struct { @@ -129,123 +129,123 @@ int thread_id = (int) pthread_self(); unsigned char buf[1024]; char pers[50]; - ssl_context ssl; - ctr_drbg_context ctr_drbg; + mbedtls_ssl_context ssl; + mbedtls_ctr_drbg_context ctr_drbg; /* Make sure memory references are valid */ - memset( &ssl, 0, sizeof( ssl_context ) ); - memset( &ctr_drbg, 0, sizeof( ctr_drbg_context ) ); + memset( &ssl, 0, sizeof( mbedtls_ssl_context ) ); + memset( &ctr_drbg, 0, sizeof( mbedtls_ctr_drbg_context ) ); - polarssl_snprintf( pers, sizeof(pers), "SSL Pthread Thread %d", thread_id ); - polarssl_printf( " [ #%d ] Client FD %d\n", thread_id, client_fd ); - polarssl_printf( " [ #%d ] Seeding the random number generator...\n", thread_id ); + mbedtls_snprintf( pers, sizeof(pers), "SSL Pthread Thread %d", thread_id ); + mbedtls_printf( " [ #%d ] Client FD %d\n", thread_id, client_fd ); + mbedtls_printf( " [ #%d ] Seeding the random number generator...\n", thread_id ); - /* entropy_func() is thread-safe if POLARSSL_THREADING_C is set + /* mbedtls_entropy_func() is thread-safe if MBEDTLS_THREADING_C is set */ - if( ( ret = ctr_drbg_init( &ctr_drbg, entropy_func, thread_info->entropy, + if( ( ret = mbedtls_ctr_drbg_init( &ctr_drbg, mbedtls_entropy_func, thread_info->entropy, (const unsigned char *) pers, strlen( pers ) ) ) != 0 ) { - polarssl_printf( " [ #%d ] failed: ctr_drbg_init returned -0x%04x\n", + mbedtls_printf( " [ #%d ] failed: mbedtls_ctr_drbg_init returned -0x%04x\n", thread_id, -ret ); goto thread_exit; } - polarssl_printf( " [ #%d ] ok\n", thread_id ); + mbedtls_printf( " [ #%d ] ok\n", thread_id ); /* * 4. Setup stuff */ - polarssl_printf( " [ #%d ] Setting up the SSL data....\n", thread_id ); + mbedtls_printf( " [ #%d ] Setting up the SSL data....\n", thread_id ); - if( ( ret = ssl_init( &ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_init( &ssl ) ) != 0 ) { - polarssl_printf( " [ #%d ] failed: ssl_init returned -0x%04x\n", + mbedtls_printf( " [ #%d ] failed: mbedtls_ssl_init returned -0x%04x\n", thread_id, -ret ); goto thread_exit; } - ssl_set_endpoint( &ssl, SSL_IS_SERVER ); - ssl_set_authmode( &ssl, SSL_VERIFY_NONE ); + mbedtls_ssl_set_endpoint( &ssl, MBEDTLS_SSL_IS_SERVER ); + mbedtls_ssl_set_authmode( &ssl, MBEDTLS_SSL_VERIFY_NONE ); - ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg ); - ssl_set_dbg( &ssl, my_mutexed_debug, stdout ); + mbedtls_ssl_set_rng( &ssl, mbedtls_ctr_drbg_random, &ctr_drbg ); + mbedtls_ssl_set_dbg( &ssl, my_mutexed_debug, stdout ); - /* ssl_cache_get() and ssl_cache_set() are thread-safe if - * POLARSSL_THREADING_C is set. + /* mbedtls_ssl_cache_get() and mbedtls_ssl_cache_set() are thread-safe if + * MBEDTLS_THREADING_C is set. */ -#if defined(POLARSSL_SSL_CACHE_C) - ssl_set_session_cache( &ssl, ssl_cache_get, thread_info->cache, - ssl_cache_set, thread_info->cache ); +#if defined(MBEDTLS_SSL_CACHE_C) + mbedtls_ssl_set_session_cache( &ssl, mbedtls_ssl_cache_get, thread_info->cache, + mbedtls_ssl_cache_set, thread_info->cache ); #endif - ssl_set_ca_chain( &ssl, thread_info->ca_chain, NULL, NULL ); - if( ( ret = ssl_set_own_cert( &ssl, thread_info->server_cert, thread_info->server_key ) ) != 0 ) + mbedtls_ssl_set_ca_chain( &ssl, thread_info->ca_chain, NULL, NULL ); + if( ( ret = mbedtls_ssl_set_own_cert( &ssl, thread_info->server_cert, thread_info->server_key ) ) != 0 ) { - polarssl_printf( " failed\n ! ssl_set_own_cert returned %d\n\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_ssl_set_own_cert returned %d\n\n", ret ); goto thread_exit; } - polarssl_printf( " [ #%d ] ok\n", thread_id ); + mbedtls_printf( " [ #%d ] ok\n", thread_id ); - ssl_set_bio_timeout( &ssl, &client_fd, net_send, net_recv, NULL, 0 ); + mbedtls_ssl_set_bio_timeout( &ssl, &client_fd, mbedtls_net_send, mbedtls_net_recv, NULL, 0 ); - polarssl_printf( " [ #%d ] ok\n", thread_id ); + mbedtls_printf( " [ #%d ] ok\n", thread_id ); /* * 5. Handshake */ - polarssl_printf( " [ #%d ] Performing the SSL/TLS handshake\n", thread_id ); + mbedtls_printf( " [ #%d ] Performing the SSL/TLS handshake\n", thread_id ); - while( ( ret = ssl_handshake( &ssl ) ) != 0 ) + while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 ) { - if( ret != POLARSSL_ERR_NET_WANT_READ && ret != POLARSSL_ERR_NET_WANT_WRITE ) + if( ret != MBEDTLS_ERR_NET_WANT_READ && ret != MBEDTLS_ERR_NET_WANT_WRITE ) { - polarssl_printf( " [ #%d ] failed: ssl_handshake returned -0x%04x\n", + mbedtls_printf( " [ #%d ] failed: mbedtls_ssl_handshake returned -0x%04x\n", thread_id, -ret ); goto thread_exit; } } - polarssl_printf( " [ #%d ] ok\n", thread_id ); + mbedtls_printf( " [ #%d ] ok\n", thread_id ); /* * 6. Read the HTTP Request */ - polarssl_printf( " [ #%d ] < Read from client\n", thread_id ); + mbedtls_printf( " [ #%d ] < Read from client\n", thread_id ); do { len = sizeof( buf ) - 1; memset( buf, 0, sizeof( buf ) ); - ret = ssl_read( &ssl, buf, len ); + ret = mbedtls_ssl_read( &ssl, buf, len ); - if( ret == POLARSSL_ERR_NET_WANT_READ || ret == POLARSSL_ERR_NET_WANT_WRITE ) + if( ret == MBEDTLS_ERR_NET_WANT_READ || ret == MBEDTLS_ERR_NET_WANT_WRITE ) continue; if( ret <= 0 ) { switch( ret ) { - case POLARSSL_ERR_SSL_PEER_CLOSE_NOTIFY: - polarssl_printf( " [ #%d ] connection was closed gracefully\n", + case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY: + mbedtls_printf( " [ #%d ] connection was closed gracefully\n", thread_id ); goto thread_exit; - case POLARSSL_ERR_NET_CONN_RESET: - polarssl_printf( " [ #%d ] connection was reset by peer\n", + case MBEDTLS_ERR_NET_CONN_RESET: + mbedtls_printf( " [ #%d ] connection was reset by peer\n", thread_id ); goto thread_exit; default: - polarssl_printf( " [ #%d ] ssl_read returned -0x%04x\n", + mbedtls_printf( " [ #%d ] mbedtls_ssl_read returned -0x%04x\n", thread_id, -ret ); goto thread_exit; } } len = ret; - polarssl_printf( " [ #%d ] %d bytes read\n=====\n%s\n=====\n", + mbedtls_printf( " [ #%d ] %d bytes read\n=====\n%s\n=====\n", thread_id, len, (char *) buf ); if( ret > 0 ) @@ -256,64 +256,64 @@ /* * 7. Write the 200 Response */ - polarssl_printf( " [ #%d ] > Write to client:\n", thread_id ); + mbedtls_printf( " [ #%d ] > Write to client:\n", thread_id ); len = sprintf( (char *) buf, HTTP_RESPONSE, - ssl_get_ciphersuite( &ssl ) ); + mbedtls_ssl_get_ciphersuite( &ssl ) ); - while( ( ret = ssl_write( &ssl, buf, len ) ) <= 0 ) + while( ( ret = mbedtls_ssl_write( &ssl, buf, len ) ) <= 0 ) { - if( ret == POLARSSL_ERR_NET_CONN_RESET ) + if( ret == MBEDTLS_ERR_NET_CONN_RESET ) { - polarssl_printf( " [ #%d ] failed: peer closed the connection\n", + mbedtls_printf( " [ #%d ] failed: peer closed the connection\n", thread_id ); goto thread_exit; } - if( ret != POLARSSL_ERR_NET_WANT_READ && ret != POLARSSL_ERR_NET_WANT_WRITE ) + if( ret != MBEDTLS_ERR_NET_WANT_READ && ret != MBEDTLS_ERR_NET_WANT_WRITE ) { - polarssl_printf( " [ #%d ] failed: ssl_write returned -0x%04x\n", + mbedtls_printf( " [ #%d ] failed: mbedtls_ssl_write returned -0x%04x\n", thread_id, ret ); goto thread_exit; } } len = ret; - polarssl_printf( " [ #%d ] %d bytes written\n=====\n%s\n=====\n", + mbedtls_printf( " [ #%d ] %d bytes written\n=====\n%s\n=====\n", thread_id, len, (char *) buf ); - polarssl_printf( " [ #%d ] . Closing the connection...", thread_id ); + mbedtls_printf( " [ #%d ] . Closing the connection...", thread_id ); - while( ( ret = ssl_close_notify( &ssl ) ) < 0 ) + while( ( ret = mbedtls_ssl_close_notify( &ssl ) ) < 0 ) { - if( ret != POLARSSL_ERR_NET_WANT_READ && - ret != POLARSSL_ERR_NET_WANT_WRITE ) + if( ret != MBEDTLS_ERR_NET_WANT_READ && + ret != MBEDTLS_ERR_NET_WANT_WRITE ) { - polarssl_printf( " [ #%d ] failed: ssl_close_notify returned -0x%04x\n", + mbedtls_printf( " [ #%d ] failed: mbedtls_ssl_close_notify returned -0x%04x\n", thread_id, ret ); goto thread_exit; } } - polarssl_printf( " ok\n" ); + mbedtls_printf( " ok\n" ); ret = 0; thread_exit: -#ifdef POLARSSL_ERROR_C +#ifdef MBEDTLS_ERROR_C if( ret != 0 ) { char error_buf[100]; - polarssl_strerror( ret, error_buf, 100 ); - polarssl_printf(" [ #%d ] Last error was: -0x%04x - %s\n\n", + mbedtls_strerror( ret, error_buf, 100 ); + mbedtls_printf(" [ #%d ] Last error was: -0x%04x - %s\n\n", thread_id, -ret, error_buf ); } #endif - net_close( client_fd ); - ctr_drbg_free( &ctr_drbg ); - ssl_free( &ssl ); + mbedtls_net_close( client_fd ); + mbedtls_ctr_drbg_free( &ctr_drbg ); + mbedtls_ssl_free( &ssl ); thread_info->thread_complete = 1; @@ -334,7 +334,7 @@ if( threads[i].data.thread_complete == 1 ) { - polarssl_printf( " [ main ] Cleaning up thread %d\n", i ); + mbedtls_printf( " [ main ] Cleaning up thread %d\n", i ); pthread_join(threads[i].thread, NULL ); memset( &threads[i], 0, sizeof(pthread_info_t) ); break; @@ -365,70 +365,70 @@ int listen_fd; int client_fd = -1; - entropy_context entropy; - x509_crt srvcert; - pk_context pkey; -#if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C) + mbedtls_entropy_context entropy; + mbedtls_x509_crt srvcert; + mbedtls_pk_context pkey; +#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) unsigned char alloc_buf[100000]; #endif -#if defined(POLARSSL_SSL_CACHE_C) - ssl_cache_context cache; +#if defined(MBEDTLS_SSL_CACHE_C) + mbedtls_ssl_cache_context cache; #endif -#if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C) - memory_buffer_alloc_init( alloc_buf, sizeof(alloc_buf) ); +#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) + mbedtls_memory_buffer_alloc_init( alloc_buf, sizeof(alloc_buf) ); #endif -#if defined(POLARSSL_SSL_CACHE_C) - ssl_cache_init( &cache ); +#if defined(MBEDTLS_SSL_CACHE_C) + mbedtls_ssl_cache_init( &cache ); base_info.cache = &cache; #endif memset( threads, 0, sizeof(threads) ); - polarssl_mutex_init( &debug_mutex ); + mbedtls_mutex_init( &debug_mutex ); /* * We use only a single entropy source that is used in all the threads. */ - entropy_init( &entropy ); + mbedtls_entropy_init( &entropy ); base_info.entropy = &entropy; /* * 1. Load the certificates and private RSA key */ - polarssl_printf( "\n . Loading the server cert. and key..." ); + mbedtls_printf( "\n . Loading the server cert. and key..." ); fflush( stdout ); - x509_crt_init( &srvcert ); + mbedtls_x509_crt_init( &srvcert ); /* * This demonstration program uses embedded test certificates. - * Instead, you may want to use x509_crt_parse_file() to read the - * server and CA certificates, as well as pk_parse_keyfile(). + * Instead, you may want to use mbedtls_x509_crt_parse_file() to read the + * server and CA certificates, as well as mbedtls_pk_parse_keyfile(). */ - ret = x509_crt_parse( &srvcert, (const unsigned char *) test_srv_crt, - test_srv_crt_len ); + ret = mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_srv_crt, + mbedtls_test_srv_crt_len ); if( ret != 0 ) { - polarssl_printf( " failed\n ! x509_crt_parse returned %d\n\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret ); goto exit; } - ret = x509_crt_parse( &srvcert, (const unsigned char *) test_cas_pem, - test_cas_pem_len ); + ret = mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_cas_pem, + mbedtls_test_cas_pem_len ); if( ret != 0 ) { - polarssl_printf( " failed\n ! x509_crt_parse returned %d\n\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret ); goto exit; } - pk_init( &pkey ); - ret = pk_parse_key( &pkey, (const unsigned char *) test_srv_key, - test_srv_key_len, NULL, 0 ); + mbedtls_pk_init( &pkey ); + ret = mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key, + mbedtls_test_srv_key_len, NULL, 0 ); if( ret != 0 ) { - polarssl_printf( " failed\n ! pk_parse_key returned %d\n\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_pk_parse_key returned %d\n\n", ret ); goto exit; } @@ -436,29 +436,29 @@ base_info.server_cert = &srvcert; base_info.server_key = &pkey; - polarssl_printf( " ok\n" ); + mbedtls_printf( " ok\n" ); /* * 2. Setup the listening TCP socket */ - polarssl_printf( " . Bind on https://localhost:4433/ ..." ); + mbedtls_printf( " . Bind on https://localhost:4433/ ..." ); fflush( stdout ); - if( ( ret = net_bind( &listen_fd, NULL, 4433, NET_PROTO_TCP ) ) != 0 ) + if( ( ret = mbedtls_net_bind( &listen_fd, NULL, 4433, MBEDTLS_NET_PROTO_TCP ) ) != 0 ) { - polarssl_printf( " failed\n ! net_bind returned %d\n\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_net_bind returned %d\n\n", ret ); goto exit; } - polarssl_printf( " ok\n" ); + mbedtls_printf( " ok\n" ); reset: -#ifdef POLARSSL_ERROR_C +#ifdef MBEDTLS_ERROR_C if( ret != 0 ) { char error_buf[100]; - polarssl_strerror( ret, error_buf, 100 ); - polarssl_printf( " [ main ] Last error was: -0x%04x - %s\n", -ret, error_buf ); + mbedtls_strerror( ret, error_buf, 100 ); + mbedtls_printf( " [ main ] Last error was: -0x%04x - %s\n", -ret, error_buf ); } #endif @@ -467,21 +467,21 @@ */ client_fd = -1; - polarssl_printf( " [ main ] Waiting for a remote connection\n" ); + mbedtls_printf( " [ main ] Waiting for a remote connection\n" ); - if( ( ret = net_accept( listen_fd, &client_fd, NULL ) ) != 0 ) + if( ( ret = mbedtls_net_accept( listen_fd, &client_fd, NULL ) ) != 0 ) { - polarssl_printf( " [ main ] failed: net_accept returned -0x%04x\n", ret ); + mbedtls_printf( " [ main ] failed: mbedtls_net_accept returned -0x%04x\n", ret ); goto exit; } - polarssl_printf( " [ main ] ok\n" ); - polarssl_printf( " [ main ] Creating a new thread\n" ); + mbedtls_printf( " [ main ] ok\n" ); + mbedtls_printf( " [ main ] Creating a new thread\n" ); if( ( ret = thread_create( client_fd ) ) != 0 ) { - polarssl_printf( " [ main ] failed: thread_create returned %d\n", ret ); - net_close( client_fd ); + mbedtls_printf( " [ main ] failed: thread_create returned %d\n", ret ); + mbedtls_net_close( client_fd ); goto reset; } @@ -489,28 +489,28 @@ goto reset; exit: - x509_crt_free( &srvcert ); - pk_free( &pkey ); -#if defined(POLARSSL_SSL_CACHE_C) - ssl_cache_free( &cache ); + mbedtls_x509_crt_free( &srvcert ); + mbedtls_pk_free( &pkey ); +#if defined(MBEDTLS_SSL_CACHE_C) + mbedtls_ssl_cache_free( &cache ); #endif - entropy_free( &entropy ); + mbedtls_entropy_free( &entropy ); - polarssl_mutex_free( &debug_mutex ); + mbedtls_mutex_free( &debug_mutex ); -#if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C) - memory_buffer_alloc_free(); +#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) + mbedtls_memory_buffer_alloc_free(); #endif #if defined(_WIN32) - polarssl_printf( " Press Enter to exit this program.\n" ); + mbedtls_printf( " Press Enter to exit this program.\n" ); fflush( stdout ); getchar(); #endif return( ret ); } -#endif /* POLARSSL_BIGNUM_C && POLARSSL_CERTS_C && POLARSSL_ENTROPY_C && - POLARSSL_SSL_TLS_C && POLARSSL_SSL_SRV_C && POLARSSL_NET_C && - POLARSSL_RSA_C && POLARSSL_CTR_DRBG_C && POLARSSL_THREADING_C && - POLARSSL_THREADING_PTHREAD && POLARSSL_PEM_PARSE_C */ +#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_CERTS_C && MBEDTLS_ENTROPY_C && + MBEDTLS_SSL_TLS_C && MBEDTLS_SSL_SRV_C && MBEDTLS_NET_C && + MBEDTLS_RSA_C && MBEDTLS_CTR_DRBG_C && MBEDTLS_THREADING_C && + MBEDTLS_THREADING_PTHREAD && MBEDTLS_PEM_PARSE_C */
diff --git a/programs/ssl/ssl_server.c b/programs/ssl/ssl_server.c index 2e4fcd8..34dc2a1 100644 --- a/programs/ssl/ssl_server.c +++ b/programs/ssl/ssl_server.c
@@ -20,33 +20,33 @@ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#if !defined(POLARSSL_CONFIG_FILE) +#if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_PLATFORM_C) +#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" #else #include <stdio.h> -#define polarssl_fprintf fprintf -#define polarssl_printf printf +#define mbedtls_fprintf fprintf +#define mbedtls_printf printf #endif -#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_CERTS_C) || \ - !defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_SSL_TLS_C) || \ - !defined(POLARSSL_SSL_SRV_C) || !defined(POLARSSL_NET_C) || \ - !defined(POLARSSL_RSA_C) || !defined(POLARSSL_CTR_DRBG_C) || \ - !defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_FS_IO) || \ - !defined(POLARSSL_PEM_PARSE_C) +#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_CERTS_C) || \ + !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_SSL_TLS_C) || \ + !defined(MBEDTLS_SSL_SRV_C) || !defined(MBEDTLS_NET_C) || \ + !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_CTR_DRBG_C) || \ + !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_FS_IO) || \ + !defined(MBEDTLS_PEM_PARSE_C) int main( void ) { - polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_CERTS_C and/or POLARSSL_ENTROPY_C " - "and/or POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_SRV_C and/or " - "POLARSSL_NET_C and/or POLARSSL_RSA_C and/or " - "POLARSSL_CTR_DRBG_C and/or POLARSSL_X509_CRT_PARSE_C " - "and/or POLARSSL_PEM_PARSE_C not defined.\n"); + mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_CERTS_C and/or MBEDTLS_ENTROPY_C " + "and/or MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_SRV_C and/or " + "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " + "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C " + "and/or MBEDTLS_PEM_PARSE_C not defined.\n"); return( 0 ); } #else @@ -67,7 +67,7 @@ #include "mbedtls/error.h" #include "mbedtls/debug.h" -#if defined(POLARSSL_SSL_CACHE_C) +#if defined(MBEDTLS_SSL_CACHE_C) #include "mbedtls/ssl_cache.h" #endif @@ -82,7 +82,7 @@ { ((void) level); - polarssl_fprintf( (FILE *) ctx, "%s", str ); + mbedtls_fprintf( (FILE *) ctx, "%s", str ); fflush( (FILE *) ctx ); } @@ -94,205 +94,205 @@ unsigned char buf[1024]; const char *pers = "ssl_server"; - entropy_context entropy; - ctr_drbg_context ctr_drbg; - ssl_context ssl; - x509_crt srvcert; - pk_context pkey; -#if defined(POLARSSL_SSL_CACHE_C) - ssl_cache_context cache; + mbedtls_entropy_context entropy; + mbedtls_ctr_drbg_context ctr_drbg; + mbedtls_ssl_context ssl; + mbedtls_x509_crt srvcert; + mbedtls_pk_context pkey; +#if defined(MBEDTLS_SSL_CACHE_C) + mbedtls_ssl_cache_context cache; #endif - memset( &ssl, 0, sizeof(ssl_context) ); -#if defined(POLARSSL_SSL_CACHE_C) - ssl_cache_init( &cache ); + memset( &ssl, 0, sizeof(mbedtls_ssl_context) ); +#if defined(MBEDTLS_SSL_CACHE_C) + mbedtls_ssl_cache_init( &cache ); #endif - x509_crt_init( &srvcert ); - pk_init( &pkey ); - entropy_init( &entropy ); + mbedtls_x509_crt_init( &srvcert ); + mbedtls_pk_init( &pkey ); + mbedtls_entropy_init( &entropy ); -#if defined(POLARSSL_DEBUG_C) - debug_set_threshold( DEBUG_LEVEL ); +#if defined(MBEDTLS_DEBUG_C) + mbedtls_debug_set_threshold( DEBUG_LEVEL ); #endif /* * 1. Load the certificates and private RSA key */ - polarssl_printf( "\n . Loading the server cert. and key..." ); + mbedtls_printf( "\n . Loading the server cert. and key..." ); fflush( stdout ); /* * This demonstration program uses embedded test certificates. - * Instead, you may want to use x509_crt_parse_file() to read the - * server and CA certificates, as well as pk_parse_keyfile(). + * Instead, you may want to use mbedtls_x509_crt_parse_file() to read the + * server and CA certificates, as well as mbedtls_pk_parse_keyfile(). */ - ret = x509_crt_parse( &srvcert, (const unsigned char *) test_srv_crt, - test_srv_crt_len ); + ret = mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_srv_crt, + mbedtls_test_srv_crt_len ); if( ret != 0 ) { - polarssl_printf( " failed\n ! x509_crt_parse returned %d\n\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret ); goto exit; } - ret = x509_crt_parse( &srvcert, (const unsigned char *) test_cas_pem, - test_cas_pem_len ); + ret = mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_cas_pem, + mbedtls_test_cas_pem_len ); if( ret != 0 ) { - polarssl_printf( " failed\n ! x509_crt_parse returned %d\n\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret ); goto exit; } - ret = pk_parse_key( &pkey, (const unsigned char *) test_srv_key, - test_srv_key_len, NULL, 0 ); + ret = mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key, + mbedtls_test_srv_key_len, NULL, 0 ); if( ret != 0 ) { - polarssl_printf( " failed\n ! pk_parse_key returned %d\n\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_pk_parse_key returned %d\n\n", ret ); goto exit; } - polarssl_printf( " ok\n" ); + mbedtls_printf( " ok\n" ); /* * 2. Setup the listening TCP socket */ - polarssl_printf( " . Bind on https://localhost:4433/ ..." ); + mbedtls_printf( " . Bind on https://localhost:4433/ ..." ); fflush( stdout ); - if( ( ret = net_bind( &listen_fd, NULL, 4433, NET_PROTO_TCP ) ) != 0 ) + if( ( ret = mbedtls_net_bind( &listen_fd, NULL, 4433, MBEDTLS_NET_PROTO_TCP ) ) != 0 ) { - polarssl_printf( " failed\n ! net_bind returned %d\n\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_net_bind returned %d\n\n", ret ); goto exit; } - polarssl_printf( " ok\n" ); + mbedtls_printf( " ok\n" ); /* * 3. Seed the RNG */ - polarssl_printf( " . Seeding the random number generator..." ); + mbedtls_printf( " . Seeding the random number generator..." ); fflush( stdout ); - if( ( ret = ctr_drbg_init( &ctr_drbg, entropy_func, &entropy, + if( ( ret = mbedtls_ctr_drbg_init( &ctr_drbg, mbedtls_entropy_func, &entropy, (const unsigned char *) pers, strlen( pers ) ) ) != 0 ) { - polarssl_printf( " failed\n ! ctr_drbg_init returned %d\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_init returned %d\n", ret ); goto exit; } - polarssl_printf( " ok\n" ); + mbedtls_printf( " ok\n" ); /* * 4. Setup stuff */ - polarssl_printf( " . Setting up the SSL data...." ); + mbedtls_printf( " . Setting up the SSL data...." ); fflush( stdout ); - if( ( ret = ssl_init( &ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_init( &ssl ) ) != 0 ) { - polarssl_printf( " failed\n ! ssl_init returned %d\n\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_ssl_init returned %d\n\n", ret ); goto exit; } - ssl_set_endpoint( &ssl, SSL_IS_SERVER ); - ssl_set_authmode( &ssl, SSL_VERIFY_NONE ); + mbedtls_ssl_set_endpoint( &ssl, MBEDTLS_SSL_IS_SERVER ); + mbedtls_ssl_set_authmode( &ssl, MBEDTLS_SSL_VERIFY_NONE ); - ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg ); - ssl_set_dbg( &ssl, my_debug, stdout ); + mbedtls_ssl_set_rng( &ssl, mbedtls_ctr_drbg_random, &ctr_drbg ); + mbedtls_ssl_set_dbg( &ssl, my_debug, stdout ); -#if defined(POLARSSL_SSL_CACHE_C) - ssl_set_session_cache( &ssl, ssl_cache_get, &cache, - ssl_cache_set, &cache ); +#if defined(MBEDTLS_SSL_CACHE_C) + mbedtls_ssl_set_session_cache( &ssl, mbedtls_ssl_cache_get, &cache, + mbedtls_ssl_cache_set, &cache ); #endif - ssl_set_ca_chain( &ssl, srvcert.next, NULL, NULL ); - if( ( ret = ssl_set_own_cert( &ssl, &srvcert, &pkey ) ) != 0 ) + mbedtls_ssl_set_ca_chain( &ssl, srvcert.next, NULL, NULL ); + if( ( ret = mbedtls_ssl_set_own_cert( &ssl, &srvcert, &pkey ) ) != 0 ) { - polarssl_printf( " failed\n ! ssl_set_own_cert returned %d\n\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_ssl_set_own_cert returned %d\n\n", ret ); goto exit; } - polarssl_printf( " ok\n" ); + mbedtls_printf( " ok\n" ); reset: -#ifdef POLARSSL_ERROR_C +#ifdef MBEDTLS_ERROR_C if( ret != 0 ) { char error_buf[100]; - polarssl_strerror( ret, error_buf, 100 ); - polarssl_printf("Last error was: %d - %s\n\n", ret, error_buf ); + mbedtls_strerror( ret, error_buf, 100 ); + mbedtls_printf("Last error was: %d - %s\n\n", ret, error_buf ); } #endif if( client_fd != -1 ) - net_close( client_fd ); + mbedtls_net_close( client_fd ); - ssl_session_reset( &ssl ); + mbedtls_ssl_session_reset( &ssl ); /* * 3. Wait until a client connects */ client_fd = -1; - polarssl_printf( " . Waiting for a remote connection ..." ); + mbedtls_printf( " . Waiting for a remote connection ..." ); fflush( stdout ); - if( ( ret = net_accept( listen_fd, &client_fd, NULL ) ) != 0 ) + if( ( ret = mbedtls_net_accept( listen_fd, &client_fd, NULL ) ) != 0 ) { - polarssl_printf( " failed\n ! net_accept returned %d\n\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_net_accept returned %d\n\n", ret ); goto exit; } - ssl_set_bio_timeout( &ssl, &client_fd, net_send, net_recv, NULL, 0 ); + mbedtls_ssl_set_bio_timeout( &ssl, &client_fd, mbedtls_net_send, mbedtls_net_recv, NULL, 0 ); - polarssl_printf( " ok\n" ); + mbedtls_printf( " ok\n" ); /* * 5. Handshake */ - polarssl_printf( " . Performing the SSL/TLS handshake..." ); + mbedtls_printf( " . Performing the SSL/TLS handshake..." ); fflush( stdout ); - while( ( ret = ssl_handshake( &ssl ) ) != 0 ) + while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 ) { - if( ret != POLARSSL_ERR_NET_WANT_READ && ret != POLARSSL_ERR_NET_WANT_WRITE ) + if( ret != MBEDTLS_ERR_NET_WANT_READ && ret != MBEDTLS_ERR_NET_WANT_WRITE ) { - polarssl_printf( " failed\n ! ssl_handshake returned %d\n\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned %d\n\n", ret ); goto reset; } } - polarssl_printf( " ok\n" ); + mbedtls_printf( " ok\n" ); /* * 6. Read the HTTP Request */ - polarssl_printf( " < Read from client:" ); + mbedtls_printf( " < Read from client:" ); fflush( stdout ); do { len = sizeof( buf ) - 1; memset( buf, 0, sizeof( buf ) ); - ret = ssl_read( &ssl, buf, len ); + ret = mbedtls_ssl_read( &ssl, buf, len ); - if( ret == POLARSSL_ERR_NET_WANT_READ || ret == POLARSSL_ERR_NET_WANT_WRITE ) + if( ret == MBEDTLS_ERR_NET_WANT_READ || ret == MBEDTLS_ERR_NET_WANT_WRITE ) continue; if( ret <= 0 ) { switch( ret ) { - case POLARSSL_ERR_SSL_PEER_CLOSE_NOTIFY: - polarssl_printf( " connection was closed gracefully\n" ); + case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY: + mbedtls_printf( " connection was closed gracefully\n" ); break; - case POLARSSL_ERR_NET_CONN_RESET: - polarssl_printf( " connection was reset by peer\n" ); + case MBEDTLS_ERR_NET_CONN_RESET: + mbedtls_printf( " connection was reset by peer\n" ); break; default: - polarssl_printf( " ssl_read returned -0x%x\n", -ret ); + mbedtls_printf( " mbedtls_ssl_read returned -0x%x\n", -ret ); break; } @@ -300,7 +300,7 @@ } len = ret; - polarssl_printf( " %d bytes read\n\n%s", len, (char *) buf ); + mbedtls_printf( " %d bytes read\n\n%s", len, (char *) buf ); if( ret > 0 ) break; @@ -310,78 +310,78 @@ /* * 7. Write the 200 Response */ - polarssl_printf( " > Write to client:" ); + mbedtls_printf( " > Write to client:" ); fflush( stdout ); len = sprintf( (char *) buf, HTTP_RESPONSE, - ssl_get_ciphersuite( &ssl ) ); + mbedtls_ssl_get_ciphersuite( &ssl ) ); - while( ( ret = ssl_write( &ssl, buf, len ) ) <= 0 ) + while( ( ret = mbedtls_ssl_write( &ssl, buf, len ) ) <= 0 ) { - if( ret == POLARSSL_ERR_NET_CONN_RESET ) + if( ret == MBEDTLS_ERR_NET_CONN_RESET ) { - polarssl_printf( " failed\n ! peer closed the connection\n\n" ); + mbedtls_printf( " failed\n ! peer closed the connection\n\n" ); goto reset; } - if( ret != POLARSSL_ERR_NET_WANT_READ && ret != POLARSSL_ERR_NET_WANT_WRITE ) + if( ret != MBEDTLS_ERR_NET_WANT_READ && ret != MBEDTLS_ERR_NET_WANT_WRITE ) { - polarssl_printf( " failed\n ! ssl_write returned %d\n\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret ); goto exit; } } len = ret; - polarssl_printf( " %d bytes written\n\n%s\n", len, (char *) buf ); + mbedtls_printf( " %d bytes written\n\n%s\n", len, (char *) buf ); - polarssl_printf( " . Closing the connection..." ); + mbedtls_printf( " . Closing the connection..." ); - while( ( ret = ssl_close_notify( &ssl ) ) < 0 ) + while( ( ret = mbedtls_ssl_close_notify( &ssl ) ) < 0 ) { - if( ret != POLARSSL_ERR_NET_WANT_READ && - ret != POLARSSL_ERR_NET_WANT_WRITE ) + if( ret != MBEDTLS_ERR_NET_WANT_READ && + ret != MBEDTLS_ERR_NET_WANT_WRITE ) { - polarssl_printf( " failed\n ! ssl_close_notify returned %d\n\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_ssl_close_notify returned %d\n\n", ret ); goto reset; } } - polarssl_printf( " ok\n" ); + mbedtls_printf( " ok\n" ); ret = 0; goto reset; exit: -#ifdef POLARSSL_ERROR_C +#ifdef MBEDTLS_ERROR_C if( ret != 0 ) { char error_buf[100]; - polarssl_strerror( ret, error_buf, 100 ); - polarssl_printf("Last error was: %d - %s\n\n", ret, error_buf ); + mbedtls_strerror( ret, error_buf, 100 ); + mbedtls_printf("Last error was: %d - %s\n\n", ret, error_buf ); } #endif if( client_fd != -1 ) - net_close( client_fd ); + mbedtls_net_close( client_fd ); - x509_crt_free( &srvcert ); - pk_free( &pkey ); - ssl_free( &ssl ); -#if defined(POLARSSL_SSL_CACHE_C) - ssl_cache_free( &cache ); + mbedtls_x509_crt_free( &srvcert ); + mbedtls_pk_free( &pkey ); + mbedtls_ssl_free( &ssl ); +#if defined(MBEDTLS_SSL_CACHE_C) + mbedtls_ssl_cache_free( &cache ); #endif - ctr_drbg_free( &ctr_drbg ); - entropy_free( &entropy ); + mbedtls_ctr_drbg_free( &ctr_drbg ); + mbedtls_entropy_free( &entropy ); #if defined(_WIN32) - polarssl_printf( " Press Enter to exit this program.\n" ); + mbedtls_printf( " Press Enter to exit this program.\n" ); fflush( stdout ); getchar(); #endif return( ret ); } -#endif /* POLARSSL_BIGNUM_C && POLARSSL_CERTS_C && POLARSSL_ENTROPY_C && - POLARSSL_SSL_TLS_C && POLARSSL_SSL_SRV_C && POLARSSL_NET_C && - POLARSSL_RSA_C && POLARSSL_CTR_DRBG_C && POLARSSL_X509_CRT_PARSE_C - && POLARSSL_FS_IO && POLARSSL_PEM_PARSE_C */ +#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_CERTS_C && MBEDTLS_ENTROPY_C && + MBEDTLS_SSL_TLS_C && MBEDTLS_SSL_SRV_C && MBEDTLS_NET_C && + MBEDTLS_RSA_C && MBEDTLS_CTR_DRBG_C && MBEDTLS_X509_CRT_PARSE_C + && MBEDTLS_FS_IO && MBEDTLS_PEM_PARSE_C */
diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index ce633bd..b536c22 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c
@@ -20,23 +20,23 @@ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#if !defined(POLARSSL_CONFIG_FILE) +#if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_PLATFORM_C) +#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" #else #include <stdio.h> -#define polarssl_free free -#define polarssl_malloc malloc -#define polarssl_fprintf fprintf -#define polarssl_printf printf +#define mbedtls_free free +#define mbedtls_malloc malloc +#define mbedtls_fprintf fprintf +#define mbedtls_printf printf #endif -#if defined(POLARSSL_SSL_SERVER_NAME_INDICATION) && defined(POLARSSL_FS_IO) +#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) && defined(MBEDTLS_FS_IO) #define SNI_OPTION #endif @@ -44,9 +44,9 @@ #include <windows.h> #endif -#if defined(POLARSSL_ENTROPY_C) && \ - defined(POLARSSL_SSL_TLS_C) && defined(POLARSSL_SSL_SRV_C) && \ - defined(POLARSSL_NET_C) && defined(POLARSSL_CTR_DRBG_C) +#if defined(MBEDTLS_ENTROPY_C) && \ + defined(MBEDTLS_SSL_TLS_C) && defined(MBEDTLS_SSL_SRV_C) && \ + defined(MBEDTLS_NET_C) && defined(MBEDTLS_CTR_DRBG_C) #include "mbedtls/net.h" #include "mbedtls/ssl.h" #include "mbedtls/entropy.h" @@ -65,15 +65,15 @@ #include <signal.h> #endif -#if defined(POLARSSL_SSL_CACHE_C) +#if defined(MBEDTLS_SSL_CACHE_C) #include "mbedtls/ssl_cache.h" #endif -#if defined(POLARSSL_SSL_COOKIE_C) +#if defined(MBEDTLS_SSL_COOKIE_C) #include "mbedtls/ssl_cookie.h" #endif -#if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C) +#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) #include "mbedtls/memory_buffer_alloc.h" #endif @@ -93,7 +93,7 @@ #define DFL_PSK_LIST NULL #define DFL_FORCE_CIPHER 0 #define DFL_VERSION_SUITES NULL -#define DFL_RENEGOTIATION SSL_RENEGOTIATION_DISABLED +#define DFL_RENEGOTIATION MBEDTLS_SSL_RENEGOTIATION_DISABLED #define DFL_ALLOW_LEGACY -2 #define DFL_RENEGOTIATE 0 #define DFL_RENEGO_DELAY -2 @@ -103,16 +103,16 @@ #define DFL_MAX_VERSION -1 #define DFL_ARC4 -1 #define DFL_AUTH_MODE -1 -#define DFL_MFL_CODE SSL_MAX_FRAG_LEN_NONE +#define DFL_MFL_CODE MBEDTLS_SSL_MAX_FRAG_LEN_NONE #define DFL_TRUNC_HMAC -1 -#define DFL_TICKETS SSL_SESSION_TICKETS_ENABLED +#define DFL_TICKETS MBEDTLS_SSL_SESSION_TICKETS_ENABLED #define DFL_TICKET_TIMEOUT -1 #define DFL_CACHE_MAX -1 #define DFL_CACHE_TIMEOUT -1 #define DFL_SNI NULL #define DFL_ALPN_STRING NULL #define DFL_DHM_FILE NULL -#define DFL_TRANSPORT SSL_TRANSPORT_STREAM +#define DFL_TRANSPORT MBEDTLS_SSL_TRANSPORT_STREAM #define DFL_COOKIES 1 #define DFL_ANTI_REPLAY -1 #define DFL_HS_TO_MIN 0 @@ -139,13 +139,13 @@ /* * Size of the basic I/O buffer. Able to hold our default response. * - * You will need to adapt the ssl_get_bytes_avail() test in ssl-opt.sh + * You will need to adapt the mbedtls_ssl_get_bytes_avail() test in ssl-opt.sh * if you change this value to something outside the range <= 100 or > 500 */ #define IO_BUF_LEN 200 -#if defined(POLARSSL_X509_CRT_PARSE_C) -#if defined(POLARSSL_FS_IO) +#if defined(MBEDTLS_X509_CRT_PARSE_C) +#if defined(MBEDTLS_FS_IO) #define USAGE_IO \ " ca_file=%%s The single file containing the top-level CA(s) you fully trust\n" \ " default: \"\" (pre-loaded)\n" \ @@ -164,36 +164,36 @@ #else #define USAGE_IO \ "\n" \ - " No file operations available (POLARSSL_FS_IO not defined)\n" \ + " No file operations available (MBEDTLS_FS_IO not defined)\n" \ "\n" -#endif /* POLARSSL_FS_IO */ +#endif /* MBEDTLS_FS_IO */ #else #define USAGE_IO "" -#endif /* POLARSSL_X509_CRT_PARSE_C */ +#endif /* MBEDTLS_X509_CRT_PARSE_C */ -#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED) +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) #define USAGE_PSK \ " psk=%%s default: \"\" (in hex, without 0x)\n" \ " psk_identity=%%s default: \"Client_identity\"\n" #else #define USAGE_PSK "" -#endif /* POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED */ +#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ -#if defined(POLARSSL_SSL_SESSION_TICKETS) +#if defined(MBEDTLS_SSL_SESSION_TICKETS) #define USAGE_TICKETS \ " tickets=%%d default: 1 (enabled)\n" \ " ticket_timeout=%%d default: ticket default (1d)\n" #else #define USAGE_TICKETS "" -#endif /* POLARSSL_SSL_SESSION_TICKETS */ +#endif /* MBEDTLS_SSL_SESSION_TICKETS */ -#if defined(POLARSSL_SSL_CACHE_C) +#if defined(MBEDTLS_SSL_CACHE_C) #define USAGE_CACHE \ " cache_max=%%d default: cache default (50)\n" \ " cache_timeout=%%d default: cache default (1d)\n" #else #define USAGE_CACHE "" -#endif /* POLARSSL_SSL_CACHE_C */ +#endif /* MBEDTLS_SSL_CACHE_C */ #if defined(SNI_OPTION) #define USAGE_SNI \ @@ -203,30 +203,30 @@ #define USAGE_SNI "" #endif /* SNI_OPTION */ -#if defined(POLARSSL_SSL_MAX_FRAGMENT_LENGTH) +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) #define USAGE_MAX_FRAG_LEN \ " max_frag_len=%%d default: 16384 (tls default)\n" \ " options: 512, 1024, 2048, 4096\n" #else #define USAGE_MAX_FRAG_LEN "" -#endif /* POLARSSL_SSL_MAX_FRAGMENT_LENGTH */ +#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ -#if defined(POLARSSL_SSL_TRUNCATED_HMAC) +#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) #define USAGE_TRUNC_HMAC \ " trunc_hmac=%%d default: library default\n" #else #define USAGE_TRUNC_HMAC "" #endif -#if defined(POLARSSL_SSL_ALPN) +#if defined(MBEDTLS_SSL_ALPN) #define USAGE_ALPN \ " alpn=%%s default: \"\" (disabled)\n" \ " example: spdy/1,http/1.1\n" #else #define USAGE_ALPN "" -#endif /* POLARSSL_SSL_ALPN */ +#endif /* MBEDTLS_SSL_ALPN */ -#if defined(POLARSSL_SSL_DTLS_HELLO_VERIFY) +#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) #define USAGE_COOKIES \ " cookies=0/1/-1 default: 1 (enabled)\n" \ " 0: disabled, -1: library default (broken)\n" @@ -234,21 +234,21 @@ #define USAGE_COOKIES "" #endif -#if defined(POLARSSL_SSL_DTLS_ANTI_REPLAY) +#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) #define USAGE_ANTI_REPLAY \ " anti_replay=0/1 default: (library default: enabled)\n" #else #define USAGE_ANTI_REPLAY "" #endif -#if defined(POLARSSL_SSL_DTLS_BADMAC_LIMIT) +#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) #define USAGE_BADMAC_LIMIT \ " badmac_limit=%%d default: (library default: disabled)\n" #else #define USAGE_BADMAC_LIMIT "" #endif -#if defined(POLARSSL_SSL_PROTO_DTLS) +#if defined(MBEDTLS_SSL_PROTO_DTLS) #define USAGE_DTLS \ " dtls=%%d default: 0 (TLS)\n" \ " hs_timeout=%%d-%%d default: (library default: 1000-60000)\n" \ @@ -257,21 +257,21 @@ #define USAGE_DTLS "" #endif -#if defined(POLARSSL_SSL_EXTENDED_MASTER_SECRET) +#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) #define USAGE_EMS \ " extended_ms=0/1 default: (library default: on)\n" #else #define USAGE_EMS "" #endif -#if defined(POLARSSL_SSL_ENCRYPT_THEN_MAC) +#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) #define USAGE_ETM \ " etm=0/1 default: (library default: on)\n" #else #define USAGE_ETM "" #endif -#if defined(POLARSSL_SSL_RENEGOTIATION) +#if defined(MBEDTLS_SSL_RENEGOTIATION) #define USAGE_RENEGO \ " renegotiation=%%d default: 0 (disabled)\n" \ " renegotiate=%%d default: 0 (disabled)\n" \ @@ -327,15 +327,15 @@ " force_ciphersuite=<name> default: all enabled\n" \ " acceptable ciphersuite names:\n" -#if !defined(POLARSSL_ENTROPY_C) || \ - !defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_SRV_C) || \ - !defined(POLARSSL_NET_C) || !defined(POLARSSL_CTR_DRBG_C) +#if !defined(MBEDTLS_ENTROPY_C) || \ + !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_SRV_C) || \ + !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_CTR_DRBG_C) #include <stdio.h> int main( void ) { - polarssl_printf("POLARSSL_ENTROPY_C and/or " - "POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_SRV_C and/or " - "POLARSSL_NET_C and/or POLARSSL_CTR_DRBG_C not defined.\n"); + mbedtls_printf("MBEDTLS_ENTROPY_C and/or " + "MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_SRV_C and/or " + "MBEDTLS_NET_C and/or MBEDTLS_CTR_DRBG_C not defined.\n"); return( 0 ); } #else @@ -348,7 +348,7 @@ int server_port; /* port on which the ssl service runs */ int debug_level; /* level of debugging */ int nbio; /* should I/O be blocking? */ - uint32_t read_timeout; /* timeout on ssl_read() in milliseconds */ + uint32_t read_timeout; /* timeout on mbedtls_ssl_read() in milliseconds */ const char *ca_file; /* the file with the CA certificate(s) */ const char *ca_path; /* the path with the CA certificate(s) reside */ const char *crt_file; /* the file with the server certificate */ @@ -393,7 +393,7 @@ { ((void) level); - polarssl_fprintf( (FILE *) ctx, "%s", str ); + mbedtls_fprintf( (FILE *) ctx, "%s", str ); fflush( (FILE *) ctx ); } @@ -409,11 +409,11 @@ if( first_try ) { first_try = 0; - return( POLARSSL_ERR_NET_WANT_READ ); + return( MBEDTLS_ERR_NET_WANT_READ ); } - ret = net_recv( ctx, buf, len ); - if( ret != POLARSSL_ERR_NET_WANT_READ ) + ret = mbedtls_net_recv( ctx, buf, len ); + if( ret != MBEDTLS_ERR_NET_WANT_READ ) first_try = 1; /* Next call will be a new operation */ return( ret ); } @@ -426,11 +426,11 @@ if( first_try ) { first_try = 0; - return( POLARSSL_ERR_NET_WANT_WRITE ); + return( MBEDTLS_ERR_NET_WANT_WRITE ); } - ret = net_send( ctx, buf, len ); - if( ret != POLARSSL_ERR_NET_WANT_WRITE ) + ret = mbedtls_net_send( ctx, buf, len ); + if( ret != MBEDTLS_ERR_NET_WANT_WRITE ) first_try = 1; /* Next call will be a new operation */ return( ret ); } @@ -450,8 +450,8 @@ struct _sni_entry { const char *name; - x509_crt *cert; - pk_context *key; + mbedtls_x509_crt *cert; + mbedtls_pk_context *key; sni_entry *next; }; @@ -461,14 +461,14 @@ while( cur != NULL ) { - x509_crt_free( cur->cert ); - polarssl_free( cur->cert ); + mbedtls_x509_crt_free( cur->cert ); + mbedtls_free( cur->cert ); - pk_free( cur->key ); - polarssl_free( cur->key ); + mbedtls_pk_free( cur->key ); + mbedtls_free( cur->key ); next = cur->next; - polarssl_free( cur ); + mbedtls_free( cur ); cur = next; } } @@ -492,7 +492,7 @@ while( p <= end ) { - if( ( new = polarssl_malloc( sizeof( sni_entry ) ) ) == NULL ) + if( ( new = mbedtls_malloc( sizeof( sni_entry ) ) ) == NULL ) { sni_free( cur ); return( NULL ); @@ -500,24 +500,24 @@ memset( new, 0, sizeof( sni_entry ) ); - if( ( new->cert = polarssl_malloc( sizeof( x509_crt ) ) ) == NULL || - ( new->key = polarssl_malloc( sizeof( pk_context ) ) ) == NULL ) + if( ( new->cert = mbedtls_malloc( sizeof( mbedtls_x509_crt ) ) ) == NULL || + ( new->key = mbedtls_malloc( sizeof( mbedtls_pk_context ) ) ) == NULL ) { - polarssl_free( new->cert ); - polarssl_free( new ); + mbedtls_free( new->cert ); + mbedtls_free( new ); sni_free( cur ); return( NULL ); } - x509_crt_init( new->cert ); - pk_init( new->key ); + mbedtls_x509_crt_init( new->cert ); + mbedtls_pk_init( new->key ); GET_ITEM( new->name ); GET_ITEM( crt_file ); GET_ITEM( key_file ); - if( x509_crt_parse_file( new->cert, crt_file ) != 0 || - pk_parse_keyfile( new->key, key_file, "" ) != 0 ) + if( mbedtls_x509_crt_parse_file( new->cert, crt_file ) != 0 || + mbedtls_pk_parse_keyfile( new->key, key_file, "" ) != 0 ) { goto error; } @@ -537,7 +537,7 @@ /* * SNI callback. */ -int sni_callback( void *p_info, ssl_context *ssl, +int sni_callback( void *p_info, mbedtls_ssl_context *ssl, const unsigned char *name, size_t name_len ) { sni_entry *cur = (sni_entry *) p_info; @@ -547,7 +547,7 @@ if( name_len == strlen( cur->name ) && memcmp( name, cur->name, name_len ) == 0 ) { - return( ssl_set_own_cert( ssl, cur->cert, cur->key ) ); + return( mbedtls_ssl_set_own_cert( ssl, cur->cert, cur->key ) ); } cur = cur->next; @@ -558,7 +558,7 @@ #endif /* SNI_OPTION */ -#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED) +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) #define HEX2NUM( c ) \ if( c >= '0' && c <= '9' ) \ @@ -580,7 +580,7 @@ size_t j; *olen = strlen( input ); - if( *olen % 2 != 0 || *olen / 2 > POLARSSL_PSK_MAX_LEN ) + if( *olen % 2 != 0 || *olen / 2 > MBEDTLS_PSK_MAX_LEN ) return( -1 ); *olen /= 2; @@ -604,7 +604,7 @@ { const char *name; size_t key_len; - unsigned char key[POLARSSL_PSK_MAX_LEN]; + unsigned char key[MBEDTLS_PSK_MAX_LEN]; psk_entry *next; }; @@ -618,7 +618,7 @@ while( head != NULL ) { next = head->next; - polarssl_free( head ); + mbedtls_free( head ); head = next; } } @@ -642,7 +642,7 @@ while( p <= end ) { - if( ( new = polarssl_malloc( sizeof( psk_entry ) ) ) == NULL ) + if( ( new = mbedtls_malloc( sizeof( psk_entry ) ) ) == NULL ) goto error; memset( new, 0, sizeof( psk_entry ) ); @@ -668,7 +668,7 @@ /* * PSK callback */ -int psk_callback( void *p_info, ssl_context *ssl, +int psk_callback( void *p_info, mbedtls_ssl_context *ssl, const unsigned char *name, size_t name_len ) { psk_entry *cur = (psk_entry *) p_info; @@ -678,7 +678,7 @@ if( name_len == strlen( cur->name ) && memcmp( name, cur->name, name_len ) == 0 ) { - return( ssl_set_psk( ssl, cur->key, cur->key_len, + return( mbedtls_ssl_set_psk( ssl, cur->key, cur->key_len, name, name_len ) ); } @@ -687,7 +687,7 @@ return( -1 ); } -#endif /* POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED */ +#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ static int listen_fd, client_fd = -1; @@ -698,8 +698,8 @@ { ((void) sig); received_sigterm = 1; - net_close( listen_fd ); /* causes net_accept() to abort */ - net_close( client_fd ); /* causes net_read() to abort */ + mbedtls_net_close( listen_fd ); /* causes mbedtls_net_accept() to abort */ + mbedtls_net_close( client_fd ); /* causes net_read() to abort */ } #endif @@ -708,44 +708,44 @@ int ret = 0, len, written, frags, exchanges_left; int version_suites[4][2]; unsigned char buf[IO_BUF_LEN]; -#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED) - unsigned char psk[POLARSSL_PSK_MAX_LEN]; +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) + unsigned char psk[MBEDTLS_PSK_MAX_LEN]; size_t psk_len = 0; psk_entry *psk_info = NULL; #endif const char *pers = "ssl_server2"; unsigned char client_ip[16] = { 0 }; -#if defined(POLARSSL_SSL_COOKIE_C) - ssl_cookie_ctx cookie_ctx; +#if defined(MBEDTLS_SSL_COOKIE_C) + mbedtls_ssl_cookie_ctx cookie_ctx; #endif - entropy_context entropy; - ctr_drbg_context ctr_drbg; - ssl_context ssl; -#if defined(POLARSSL_SSL_RENEGOTIATION) + mbedtls_entropy_context entropy; + mbedtls_ctr_drbg_context ctr_drbg; + mbedtls_ssl_context ssl; +#if defined(MBEDTLS_SSL_RENEGOTIATION) unsigned char renego_period[8] = { 0 }; #endif -#if defined(POLARSSL_X509_CRT_PARSE_C) - x509_crt cacert; - x509_crt srvcert; - pk_context pkey; - x509_crt srvcert2; - pk_context pkey2; +#if defined(MBEDTLS_X509_CRT_PARSE_C) + mbedtls_x509_crt cacert; + mbedtls_x509_crt srvcert; + mbedtls_pk_context pkey; + mbedtls_x509_crt srvcert2; + mbedtls_pk_context pkey2; int key_cert_init = 0, key_cert_init2 = 0; #endif -#if defined(POLARSSL_DHM_C) && defined(POLARSSL_FS_IO) - dhm_context dhm; +#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO) + mbedtls_dhm_context dhm; #endif -#if defined(POLARSSL_SSL_CACHE_C) - ssl_cache_context cache; +#if defined(MBEDTLS_SSL_CACHE_C) + mbedtls_ssl_cache_context cache; #endif #if defined(SNI_OPTION) sni_entry *sni_info = NULL; #endif -#if defined(POLARSSL_SSL_ALPN) +#if defined(MBEDTLS_SSL_ALPN) const char *alpn_list[10]; #endif -#if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C) +#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) unsigned char alloc_buf[100000]; #endif @@ -753,33 +753,33 @@ char *p, *q; const int *list; -#if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C) - memory_buffer_alloc_init( alloc_buf, sizeof(alloc_buf) ); +#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) + mbedtls_memory_buffer_alloc_init( alloc_buf, sizeof(alloc_buf) ); #endif /* * Make sure memory references are valid in case we exit early. */ listen_fd = 0; - memset( &ssl, 0, sizeof( ssl_context ) ); -#if defined(POLARSSL_X509_CRT_PARSE_C) - x509_crt_init( &cacert ); - x509_crt_init( &srvcert ); - pk_init( &pkey ); - x509_crt_init( &srvcert2 ); - pk_init( &pkey2 ); + memset( &ssl, 0, sizeof( mbedtls_ssl_context ) ); +#if defined(MBEDTLS_X509_CRT_PARSE_C) + mbedtls_x509_crt_init( &cacert ); + mbedtls_x509_crt_init( &srvcert ); + mbedtls_pk_init( &pkey ); + mbedtls_x509_crt_init( &srvcert2 ); + mbedtls_pk_init( &pkey2 ); #endif -#if defined(POLARSSL_DHM_C) && defined(POLARSSL_FS_IO) - dhm_init( &dhm ); +#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO) + mbedtls_dhm_init( &dhm ); #endif -#if defined(POLARSSL_SSL_CACHE_C) - ssl_cache_init( &cache ); +#if defined(MBEDTLS_SSL_CACHE_C) + mbedtls_ssl_cache_init( &cache ); #endif -#if defined(POLARSSL_SSL_ALPN) +#if defined(MBEDTLS_SSL_ALPN) memset( (void *) alpn_list, 0, sizeof( alpn_list ) ); #endif -#if defined(POLARSSL_SSL_COOKIE_C) - ssl_cookie_init( &cookie_ctx ); +#if defined(MBEDTLS_SSL_COOKIE_C) + mbedtls_ssl_cookie_init( &cookie_ctx ); #endif #if !defined(_WIN32) @@ -794,19 +794,19 @@ if( ret == 0 ) ret = 1; - polarssl_printf( USAGE ); + mbedtls_printf( USAGE ); - list = ssl_list_ciphersuites(); + list = mbedtls_ssl_list_ciphersuites(); while( *list ) { - polarssl_printf(" %-42s", ssl_get_ciphersuite_name( *list ) ); + mbedtls_printf(" %-42s", mbedtls_ssl_get_ciphersuite_name( *list ) ); list++; if( !*list ) break; - polarssl_printf(" %s\n", ssl_get_ciphersuite_name( *list ) ); + mbedtls_printf(" %s\n", mbedtls_ssl_get_ciphersuite_name( *list ) ); list++; } - polarssl_printf("\n"); + mbedtls_printf("\n"); goto exit; } @@ -873,9 +873,9 @@ { int t = atoi( q ); if( t == 0 ) - opt.transport = SSL_TRANSPORT_STREAM; + opt.transport = MBEDTLS_SSL_TRANSPORT_STREAM; else if( t == 1 ) - opt.transport = SSL_TRANSPORT_DATAGRAM; + opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM; else goto usage; } @@ -915,7 +915,7 @@ opt.psk_list = q; else if( strcmp( p, "force_ciphersuite" ) == 0 ) { - opt.force_ciphersuite[0] = ssl_get_ciphersuite_id( q ); + opt.force_ciphersuite[0] = mbedtls_ssl_get_ciphersuite_id( q ); if( opt.force_ciphersuite[0] == 0 ) { @@ -928,16 +928,16 @@ opt.version_suites = q; else if( strcmp( p, "renegotiation" ) == 0 ) { - opt.renegotiation = (atoi( q )) ? SSL_RENEGOTIATION_ENABLED : - SSL_RENEGOTIATION_DISABLED; + opt.renegotiation = (atoi( q )) ? MBEDTLS_SSL_RENEGOTIATION_ENABLED : + MBEDTLS_SSL_RENEGOTIATION_DISABLED; } else if( strcmp( p, "allow_legacy" ) == 0 ) { switch( atoi( q ) ) { - case -1: opt.allow_legacy = SSL_LEGACY_BREAK_HANDSHAKE; break; - case 0: opt.allow_legacy = SSL_LEGACY_NO_RENEGOTIATION; break; - case 1: opt.allow_legacy = SSL_LEGACY_ALLOW_RENEGOTIATION; break; + case -1: opt.allow_legacy = MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE; break; + case 0: opt.allow_legacy = MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION; break; + case 1: opt.allow_legacy = MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION; break; default: goto usage; } } @@ -966,30 +966,30 @@ else if( strcmp( p, "min_version" ) == 0 ) { if( strcmp( q, "ssl3" ) == 0 ) - opt.min_version = SSL_MINOR_VERSION_0; + opt.min_version = MBEDTLS_SSL_MINOR_VERSION_0; else if( strcmp( q, "tls1" ) == 0 ) - opt.min_version = SSL_MINOR_VERSION_1; + opt.min_version = MBEDTLS_SSL_MINOR_VERSION_1; else if( strcmp( q, "tls1_1" ) == 0 || strcmp( q, "dtls1" ) == 0 ) - opt.min_version = SSL_MINOR_VERSION_2; + opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2; else if( strcmp( q, "tls1_2" ) == 0 || strcmp( q, "dtls1_2" ) == 0 ) - opt.min_version = SSL_MINOR_VERSION_3; + opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3; else goto usage; } else if( strcmp( p, "max_version" ) == 0 ) { if( strcmp( q, "ssl3" ) == 0 ) - opt.max_version = SSL_MINOR_VERSION_0; + opt.max_version = MBEDTLS_SSL_MINOR_VERSION_0; else if( strcmp( q, "tls1" ) == 0 ) - opt.max_version = SSL_MINOR_VERSION_1; + opt.max_version = MBEDTLS_SSL_MINOR_VERSION_1; else if( strcmp( q, "tls1_1" ) == 0 || strcmp( q, "dtls1" ) == 0 ) - opt.max_version = SSL_MINOR_VERSION_2; + opt.max_version = MBEDTLS_SSL_MINOR_VERSION_2; else if( strcmp( q, "tls1_2" ) == 0 || strcmp( q, "dtls1_2" ) == 0 ) - opt.max_version = SSL_MINOR_VERSION_3; + opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3; else goto usage; } @@ -997,8 +997,8 @@ { switch( atoi( q ) ) { - case 0: opt.arc4 = SSL_ARC4_DISABLED; break; - case 1: opt.arc4 = SSL_ARC4_ENABLED; break; + case 0: opt.arc4 = MBEDTLS_SSL_ARC4_DISABLED; break; + case 1: opt.arc4 = MBEDTLS_SSL_ARC4_ENABLED; break; default: goto usage; } } @@ -1006,35 +1006,35 @@ { if( strcmp( q, "ssl3" ) == 0 ) { - opt.min_version = SSL_MINOR_VERSION_0; - opt.max_version = SSL_MINOR_VERSION_0; + opt.min_version = MBEDTLS_SSL_MINOR_VERSION_0; + opt.max_version = MBEDTLS_SSL_MINOR_VERSION_0; } else if( strcmp( q, "tls1" ) == 0 ) { - opt.min_version = SSL_MINOR_VERSION_1; - opt.max_version = SSL_MINOR_VERSION_1; + opt.min_version = MBEDTLS_SSL_MINOR_VERSION_1; + opt.max_version = MBEDTLS_SSL_MINOR_VERSION_1; } else if( strcmp( q, "tls1_1" ) == 0 ) { - opt.min_version = SSL_MINOR_VERSION_2; - opt.max_version = SSL_MINOR_VERSION_2; + opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2; + opt.max_version = MBEDTLS_SSL_MINOR_VERSION_2; } else if( strcmp( q, "tls1_2" ) == 0 ) { - opt.min_version = SSL_MINOR_VERSION_3; - opt.max_version = SSL_MINOR_VERSION_3; + opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3; + opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3; } else if( strcmp( q, "dtls1" ) == 0 ) { - opt.min_version = SSL_MINOR_VERSION_2; - opt.max_version = SSL_MINOR_VERSION_2; - opt.transport = SSL_TRANSPORT_DATAGRAM; + opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2; + opt.max_version = MBEDTLS_SSL_MINOR_VERSION_2; + opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM; } else if( strcmp( q, "dtls1_2" ) == 0 ) { - opt.min_version = SSL_MINOR_VERSION_3; - opt.max_version = SSL_MINOR_VERSION_3; - opt.transport = SSL_TRANSPORT_DATAGRAM; + opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3; + opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3; + opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM; } else goto usage; @@ -1042,24 +1042,24 @@ else if( strcmp( p, "auth_mode" ) == 0 ) { if( strcmp( q, "none" ) == 0 ) - opt.auth_mode = SSL_VERIFY_NONE; + opt.auth_mode = MBEDTLS_SSL_VERIFY_NONE; else if( strcmp( q, "optional" ) == 0 ) - opt.auth_mode = SSL_VERIFY_OPTIONAL; + opt.auth_mode = MBEDTLS_SSL_VERIFY_OPTIONAL; else if( strcmp( q, "required" ) == 0 ) - opt.auth_mode = SSL_VERIFY_REQUIRED; + opt.auth_mode = MBEDTLS_SSL_VERIFY_REQUIRED; else goto usage; } else if( strcmp( p, "max_frag_len" ) == 0 ) { if( strcmp( q, "512" ) == 0 ) - opt.mfl_code = SSL_MAX_FRAG_LEN_512; + opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_512; else if( strcmp( q, "1024" ) == 0 ) - opt.mfl_code = SSL_MAX_FRAG_LEN_1024; + opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_1024; else if( strcmp( q, "2048" ) == 0 ) - opt.mfl_code = SSL_MAX_FRAG_LEN_2048; + opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_2048; else if( strcmp( q, "4096" ) == 0 ) - opt.mfl_code = SSL_MAX_FRAG_LEN_4096; + opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_4096; else goto usage; } @@ -1071,8 +1071,8 @@ { switch( atoi( q ) ) { - case 0: opt.trunc_hmac = SSL_TRUNC_HMAC_DISABLED; break; - case 1: opt.trunc_hmac = SSL_TRUNC_HMAC_ENABLED; break; + case 0: opt.trunc_hmac = MBEDTLS_SSL_TRUNC_HMAC_DISABLED; break; + case 1: opt.trunc_hmac = MBEDTLS_SSL_TRUNC_HMAC_ENABLED; break; default: goto usage; } } @@ -1080,8 +1080,8 @@ { switch( atoi( q ) ) { - case 0: opt.extended_ms = SSL_EXTENDED_MS_DISABLED; break; - case 1: opt.extended_ms = SSL_EXTENDED_MS_ENABLED; break; + case 0: opt.extended_ms = MBEDTLS_SSL_EXTENDED_MS_DISABLED; break; + case 1: opt.extended_ms = MBEDTLS_SSL_EXTENDED_MS_ENABLED; break; default: goto usage; } } @@ -1089,8 +1089,8 @@ { switch( atoi( q ) ) { - case 0: opt.etm = SSL_ETM_DISABLED; break; - case 1: opt.etm = SSL_ETM_ENABLED; break; + case 0: opt.etm = MBEDTLS_SSL_ETM_DISABLED; break; + case 1: opt.etm = MBEDTLS_SSL_ETM_ENABLED; break; default: goto usage; } } @@ -1154,26 +1154,26 @@ goto usage; } -#if defined(POLARSSL_DEBUG_C) - debug_set_threshold( opt.debug_level ); +#if defined(MBEDTLS_DEBUG_C) + mbedtls_debug_set_threshold( opt.debug_level ); #endif if( opt.force_ciphersuite[0] > 0 ) { - const ssl_ciphersuite_t *ciphersuite_info; - ciphersuite_info = ssl_ciphersuite_from_id( opt.force_ciphersuite[0] ); + const mbedtls_ssl_ciphersuite_t *ciphersuite_info; + ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( opt.force_ciphersuite[0] ); if( opt.max_version != -1 && ciphersuite_info->min_minor_ver > opt.max_version ) { - polarssl_printf("forced ciphersuite not allowed with this protocol version\n"); + mbedtls_printf("forced ciphersuite not allowed with this protocol version\n"); ret = 2; goto usage; } if( opt.min_version != -1 && ciphersuite_info->max_minor_ver < opt.min_version ) { - polarssl_printf("forced ciphersuite not allowed with this protocol version\n"); + mbedtls_printf("forced ciphersuite not allowed with this protocol version\n"); ret = 2; goto usage; } @@ -1189,22 +1189,22 @@ { opt.min_version = ciphersuite_info->min_minor_ver; /* DTLS starts with TLS 1.1 */ - if( opt.transport == SSL_TRANSPORT_DATAGRAM && - opt.min_version < SSL_MINOR_VERSION_2 ) - opt.min_version = SSL_MINOR_VERSION_2; + if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + opt.min_version < MBEDTLS_SSL_MINOR_VERSION_2 ) + opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2; } /* Enable RC4 if needed and not explicitly disabled */ - if( ciphersuite_info->cipher == POLARSSL_CIPHER_ARC4_128 ) + if( ciphersuite_info->cipher == MBEDTLS_CIPHER_ARC4_128 ) { - if( opt.arc4 == SSL_ARC4_DISABLED ) + if( opt.arc4 == MBEDTLS_SSL_ARC4_DISABLED ) { - polarssl_printf("forced RC4 ciphersuite with RC4 disabled\n"); + mbedtls_printf("forced RC4 ciphersuite with RC4 disabled\n"); ret = 2; goto usage; } - opt.arc4 = SSL_ARC4_ENABLED; + opt.arc4 = MBEDTLS_SSL_ARC4_ENABLED; } } @@ -1228,7 +1228,7 @@ if( i != 4 ) { - polarssl_printf( "too few values for version_suites\n" ); + mbedtls_printf( "too few values for version_suites\n" ); ret = 1; goto exit; } @@ -1238,24 +1238,24 @@ /* Get the suites identifiers from their name */ for( i = 0; i < 4; i++ ) { - version_suites[i][0] = ssl_get_ciphersuite_id( name[i] ); + version_suites[i][0] = mbedtls_ssl_get_ciphersuite_id( name[i] ); if( version_suites[i][0] == 0 ) { - polarssl_printf( "unknown ciphersuite: '%s'\n", name[i] ); + mbedtls_printf( "unknown ciphersuite: '%s'\n", name[i] ); ret = 2; goto usage; } } } -#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED) +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) /* * Unhexify the pre-shared key and parse the list if any given */ if( unhexify( psk, opt.psk, &psk_len ) != 0 ) { - polarssl_printf( "pre-shared key not valid hex\n" ); + mbedtls_printf( "pre-shared key not valid hex\n" ); goto exit; } @@ -1263,13 +1263,13 @@ { if( ( psk_info = psk_parse( opt.psk_list ) ) == NULL ) { - polarssl_printf( "psk_list invalid" ); + mbedtls_printf( "psk_list invalid" ); goto exit; } } -#endif /* POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED */ +#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ -#if defined(POLARSSL_SSL_ALPN) +#if defined(MBEDTLS_SSL_ALPN) if( opt.alpn_string != NULL ) { p = (char *) opt.alpn_string; @@ -1287,81 +1287,81 @@ *p++ = '\0'; } } -#endif /* POLARSSL_SSL_ALPN */ +#endif /* MBEDTLS_SSL_ALPN */ /* * 0. Initialize the RNG and the session data */ - polarssl_printf( "\n . Seeding the random number generator..." ); + mbedtls_printf( "\n . Seeding the random number generator..." ); fflush( stdout ); - entropy_init( &entropy ); - if( ( ret = ctr_drbg_init( &ctr_drbg, entropy_func, &entropy, + mbedtls_entropy_init( &entropy ); + if( ( ret = mbedtls_ctr_drbg_init( &ctr_drbg, mbedtls_entropy_func, &entropy, (const unsigned char *) pers, strlen( pers ) ) ) != 0 ) { - polarssl_printf( " failed\n ! ctr_drbg_init returned -0x%x\n", -ret ); + mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_init returned -0x%x\n", -ret ); goto exit; } - polarssl_printf( " ok\n" ); + mbedtls_printf( " ok\n" ); -#if defined(POLARSSL_X509_CRT_PARSE_C) +#if defined(MBEDTLS_X509_CRT_PARSE_C) /* * 1.1. Load the trusted CA */ - polarssl_printf( " . Loading the CA root certificate ..." ); + mbedtls_printf( " . Loading the CA root certificate ..." ); fflush( stdout ); -#if defined(POLARSSL_FS_IO) +#if defined(MBEDTLS_FS_IO) if( strlen( opt.ca_path ) ) if( strcmp( opt.ca_path, "none" ) == 0 ) ret = 0; else - ret = x509_crt_parse_path( &cacert, opt.ca_path ); + ret = mbedtls_x509_crt_parse_path( &cacert, opt.ca_path ); else if( strlen( opt.ca_file ) ) if( strcmp( opt.ca_file, "none" ) == 0 ) ret = 0; else - ret = x509_crt_parse_file( &cacert, opt.ca_file ); + ret = mbedtls_x509_crt_parse_file( &cacert, opt.ca_file ); else #endif -#if defined(POLARSSL_CERTS_C) - for( i = 0; test_cas[i] != NULL; i++ ) +#if defined(MBEDTLS_CERTS_C) + for( i = 0; mbedtls_test_cas[i] != NULL; i++ ) { - ret = x509_crt_parse( &cacert, - (const unsigned char *) test_cas[i], - test_cas_len[i] ); + ret = mbedtls_x509_crt_parse( &cacert, + (const unsigned char *) mbedtls_test_cas[i], + mbedtls_test_cas_len[i] ); if( ret != 0 ) break; } #else { ret = 1; - polarssl_printf("POLARSSL_CERTS_C not defined."); + mbedtls_printf("MBEDTLS_CERTS_C not defined."); } #endif if( ret < 0 ) { - polarssl_printf( " failed\n ! x509_crt_parse returned -0x%x\n\n", -ret ); + mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", -ret ); goto exit; } - polarssl_printf( " ok (%d skipped)\n", ret ); + mbedtls_printf( " ok (%d skipped)\n", ret ); /* * 1.2. Load own certificate and private key */ - polarssl_printf( " . Loading the server cert. and key..." ); + mbedtls_printf( " . Loading the server cert. and key..." ); fflush( stdout ); -#if defined(POLARSSL_FS_IO) +#if defined(MBEDTLS_FS_IO) if( strlen( opt.crt_file ) && strcmp( opt.crt_file, "none" ) != 0 ) { key_cert_init++; - if( ( ret = x509_crt_parse_file( &srvcert, opt.crt_file ) ) != 0 ) + if( ( ret = mbedtls_x509_crt_parse_file( &srvcert, opt.crt_file ) ) != 0 ) { - polarssl_printf( " failed\n ! x509_crt_parse_file returned -0x%x\n\n", + mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse_file returned -0x%x\n\n", -ret ); goto exit; } @@ -1369,24 +1369,24 @@ if( strlen( opt.key_file ) && strcmp( opt.key_file, "none" ) != 0 ) { key_cert_init++; - if( ( ret = pk_parse_keyfile( &pkey, opt.key_file, "" ) ) != 0 ) + if( ( ret = mbedtls_pk_parse_keyfile( &pkey, opt.key_file, "" ) ) != 0 ) { - polarssl_printf( " failed\n ! pk_parse_keyfile returned -0x%x\n\n", -ret ); + mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile returned -0x%x\n\n", -ret ); goto exit; } } if( key_cert_init == 1 ) { - polarssl_printf( " failed\n ! crt_file without key_file or vice-versa\n\n" ); + mbedtls_printf( " failed\n ! crt_file without key_file or vice-versa\n\n" ); goto exit; } if( strlen( opt.crt_file2 ) && strcmp( opt.crt_file2, "none" ) != 0 ) { key_cert_init2++; - if( ( ret = x509_crt_parse_file( &srvcert2, opt.crt_file2 ) ) != 0 ) + if( ( ret = mbedtls_x509_crt_parse_file( &srvcert2, opt.crt_file2 ) ) != 0 ) { - polarssl_printf( " failed\n ! x509_crt_parse_file(2) returned -0x%x\n\n", + mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse_file(2) returned -0x%x\n\n", -ret ); goto exit; } @@ -1394,16 +1394,16 @@ if( strlen( opt.key_file2 ) && strcmp( opt.key_file2, "none" ) != 0 ) { key_cert_init2++; - if( ( ret = pk_parse_keyfile( &pkey2, opt.key_file2, "" ) ) != 0 ) + if( ( ret = mbedtls_pk_parse_keyfile( &pkey2, opt.key_file2, "" ) ) != 0 ) { - polarssl_printf( " failed\n ! pk_parse_keyfile(2) returned -0x%x\n\n", + mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile(2) returned -0x%x\n\n", -ret ); goto exit; } } if( key_cert_init2 == 1 ) { - polarssl_printf( " failed\n ! crt_file2 without key_file2 or vice-versa\n\n" ); + mbedtls_printf( " failed\n ! crt_file2 without key_file2 or vice-versa\n\n" ); goto exit; } #endif @@ -1414,529 +1414,529 @@ strcmp( opt.crt_file2, "none" ) != 0 && strcmp( opt.key_file2, "none" ) != 0 ) { -#if !defined(POLARSSL_CERTS_C) - polarssl_printf( "Not certificated or key provided, and \n" - "POLARSSL_CERTS_C not defined!\n" ); +#if !defined(MBEDTLS_CERTS_C) + mbedtls_printf( "Not certificated or key provided, and \n" + "MBEDTLS_CERTS_C not defined!\n" ); goto exit; #else -#if defined(POLARSSL_RSA_C) - if( ( ret = x509_crt_parse( &srvcert, - (const unsigned char *) test_srv_crt_rsa, - test_srv_crt_rsa_len ) ) != 0 ) +#if defined(MBEDTLS_RSA_C) + if( ( ret = mbedtls_x509_crt_parse( &srvcert, + (const unsigned char *) mbedtls_test_srv_crt_rsa, + mbedtls_test_srv_crt_rsa_len ) ) != 0 ) { - polarssl_printf( " failed\n ! x509_crt_parse returned -0x%x\n\n", -ret ); + mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", -ret ); goto exit; } - if( ( ret = pk_parse_key( &pkey, - (const unsigned char *) test_srv_key_rsa, - test_srv_key_rsa_len, NULL, 0 ) ) != 0 ) + if( ( ret = mbedtls_pk_parse_key( &pkey, + (const unsigned char *) mbedtls_test_srv_key_rsa, + mbedtls_test_srv_key_rsa_len, NULL, 0 ) ) != 0 ) { - polarssl_printf( " failed\n ! pk_parse_key returned -0x%x\n\n", -ret ); + mbedtls_printf( " failed\n ! mbedtls_pk_parse_key returned -0x%x\n\n", -ret ); goto exit; } key_cert_init = 2; -#endif /* POLARSSL_RSA_C */ -#if defined(POLARSSL_ECDSA_C) - if( ( ret = x509_crt_parse( &srvcert2, - (const unsigned char *) test_srv_crt_ec, - test_srv_crt_ec_len ) ) != 0 ) +#endif /* MBEDTLS_RSA_C */ +#if defined(MBEDTLS_ECDSA_C) + if( ( ret = mbedtls_x509_crt_parse( &srvcert2, + (const unsigned char *) mbedtls_test_srv_crt_ec, + mbedtls_test_srv_crt_ec_len ) ) != 0 ) { - polarssl_printf( " failed\n ! x509_crt_parse2 returned -0x%x\n\n", -ret ); + mbedtls_printf( " failed\n ! x509_crt_parse2 returned -0x%x\n\n", -ret ); goto exit; } - if( ( ret = pk_parse_key( &pkey2, - (const unsigned char *) test_srv_key_ec, - test_srv_key_ec_len, NULL, 0 ) ) != 0 ) + if( ( ret = mbedtls_pk_parse_key( &pkey2, + (const unsigned char *) mbedtls_test_srv_key_ec, + mbedtls_test_srv_key_ec_len, NULL, 0 ) ) != 0 ) { - polarssl_printf( " failed\n ! pk_parse_key2 returned -0x%x\n\n", -ret ); + mbedtls_printf( " failed\n ! pk_parse_key2 returned -0x%x\n\n", -ret ); goto exit; } key_cert_init2 = 2; -#endif /* POLARSSL_ECDSA_C */ -#endif /* POLARSSL_CERTS_C */ +#endif /* MBEDTLS_ECDSA_C */ +#endif /* MBEDTLS_CERTS_C */ } - polarssl_printf( " ok\n" ); -#endif /* POLARSSL_X509_CRT_PARSE_C */ + mbedtls_printf( " ok\n" ); +#endif /* MBEDTLS_X509_CRT_PARSE_C */ -#if defined(POLARSSL_DHM_C) && defined(POLARSSL_FS_IO) +#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO) if( opt.dhm_file != NULL ) { - polarssl_printf( " . Loading DHM parameters..." ); + mbedtls_printf( " . Loading DHM parameters..." ); fflush( stdout ); - if( ( ret = dhm_parse_dhmfile( &dhm, opt.dhm_file ) ) != 0 ) + if( ( ret = mbedtls_dhm_parse_dhmfile( &dhm, opt.dhm_file ) ) != 0 ) { - polarssl_printf( " failed\n ! dhm_parse_dhmfile returned -0x%04X\n\n", + mbedtls_printf( " failed\n ! mbedtls_dhm_parse_dhmfile returned -0x%04X\n\n", -ret ); goto exit; } - polarssl_printf( " ok\n" ); + mbedtls_printf( " ok\n" ); } #endif #if defined(SNI_OPTION) if( opt.sni != NULL ) { - polarssl_printf( " . Setting up SNI information..." ); + mbedtls_printf( " . Setting up SNI information..." ); fflush( stdout ); if( ( sni_info = sni_parse( opt.sni ) ) == NULL ) { - polarssl_printf( " failed\n" ); + mbedtls_printf( " failed\n" ); goto exit; } - polarssl_printf( " ok\n" ); + mbedtls_printf( " ok\n" ); } #endif /* SNI_OPTION */ /* * 2. Setup the listening TCP socket */ - polarssl_printf( " . Bind on %s://%s:%-4d/ ...", - opt.transport == SSL_TRANSPORT_STREAM ? "tcp" : "udp", + mbedtls_printf( " . Bind on %s://%s:%-4d/ ...", + opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? "tcp" : "udp", opt.server_addr ? opt.server_addr : "*", opt.server_port ); fflush( stdout ); - if( ( ret = net_bind( &listen_fd, opt.server_addr, opt.server_port, - opt.transport == SSL_TRANSPORT_STREAM ? - NET_PROTO_TCP : NET_PROTO_UDP ) ) != 0 ) + if( ( ret = mbedtls_net_bind( &listen_fd, opt.server_addr, opt.server_port, + opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? + MBEDTLS_NET_PROTO_TCP : MBEDTLS_NET_PROTO_UDP ) ) != 0 ) { - polarssl_printf( " failed\n ! net_bind returned -0x%x\n\n", -ret ); + mbedtls_printf( " failed\n ! mbedtls_net_bind returned -0x%x\n\n", -ret ); goto exit; } - polarssl_printf( " ok\n" ); + mbedtls_printf( " ok\n" ); /* * 3. Setup stuff */ - polarssl_printf( " . Setting up the SSL/TLS structure..." ); + mbedtls_printf( " . Setting up the SSL/TLS structure..." ); fflush( stdout ); - if( ( ret = ssl_init( &ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_init( &ssl ) ) != 0 ) { - polarssl_printf( " failed\n ! ssl_init returned -0x%x\n\n", -ret ); + mbedtls_printf( " failed\n ! mbedtls_ssl_init returned -0x%x\n\n", -ret ); goto exit; } - ssl_set_endpoint( &ssl, SSL_IS_SERVER ); + mbedtls_ssl_set_endpoint( &ssl, MBEDTLS_SSL_IS_SERVER ); if( opt.auth_mode != DFL_AUTH_MODE ) - ssl_set_authmode( &ssl, opt.auth_mode ); + mbedtls_ssl_set_authmode( &ssl, opt.auth_mode ); -#if defined(POLARSSL_SSL_PROTO_DTLS) - if( ( ret = ssl_set_transport( &ssl, opt.transport ) ) != 0 ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ( ret = mbedtls_ssl_set_transport( &ssl, opt.transport ) ) != 0 ) { - polarssl_printf( " failed\n ! selected transport is not available\n" ); + mbedtls_printf( " failed\n ! selected transport is not available\n" ); goto exit; } if( opt.hs_to_min != DFL_HS_TO_MIN || opt.hs_to_max != DFL_HS_TO_MAX ) - ssl_set_handshake_timeout( &ssl, opt.hs_to_min, opt.hs_to_max ); -#endif /* POLARSSL_SSL_PROTO_DTLS */ + mbedtls_ssl_set_handshake_timeout( &ssl, opt.hs_to_min, opt.hs_to_max ); +#endif /* MBEDTLS_SSL_PROTO_DTLS */ -#if defined(POLARSSL_SSL_MAX_FRAGMENT_LENGTH) - if( ( ret = ssl_set_max_frag_len( &ssl, opt.mfl_code ) ) != 0 ) +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) + if( ( ret = mbedtls_ssl_set_max_frag_len( &ssl, opt.mfl_code ) ) != 0 ) { - polarssl_printf( " failed\n ! ssl_set_max_frag_len returned %d\n\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_ssl_set_max_frag_len returned %d\n\n", ret ); goto exit; }; #endif -#if defined(POLARSSL_SSL_TRUNCATED_HMAC) +#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) if( opt.trunc_hmac != DFL_TRUNC_HMAC ) - ssl_set_truncated_hmac( &ssl, opt.trunc_hmac ); + mbedtls_ssl_set_truncated_hmac( &ssl, opt.trunc_hmac ); #endif -#if defined(POLARSSL_SSL_EXTENDED_MASTER_SECRET) +#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) if( opt.extended_ms != DFL_EXTENDED_MS ) - ssl_set_extended_master_secret( &ssl, opt.extended_ms ); + mbedtls_ssl_set_extended_master_secret( &ssl, opt.extended_ms ); #endif -#if defined(POLARSSL_SSL_ENCRYPT_THEN_MAC) +#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) if( opt.etm != DFL_ETM ) - ssl_set_encrypt_then_mac( &ssl, opt.etm ); + mbedtls_ssl_set_encrypt_then_mac( &ssl, opt.etm ); #endif -#if defined(POLARSSL_SSL_ALPN) +#if defined(MBEDTLS_SSL_ALPN) if( opt.alpn_string != NULL ) - if( ( ret = ssl_set_alpn_protocols( &ssl, alpn_list ) ) != 0 ) + if( ( ret = mbedtls_ssl_set_alpn_protocols( &ssl, alpn_list ) ) != 0 ) { - polarssl_printf( " failed\n ! ssl_set_alpn_protocols returned %d\n\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_ssl_set_alpn_protocols returned %d\n\n", ret ); goto exit; } #endif - ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg ); - ssl_set_dbg( &ssl, my_debug, stdout ); + mbedtls_ssl_set_rng( &ssl, mbedtls_ctr_drbg_random, &ctr_drbg ); + mbedtls_ssl_set_dbg( &ssl, my_debug, stdout ); -#if defined(POLARSSL_SSL_CACHE_C) +#if defined(MBEDTLS_SSL_CACHE_C) if( opt.cache_max != -1 ) - ssl_cache_set_max_entries( &cache, opt.cache_max ); + mbedtls_ssl_cache_set_max_entries( &cache, opt.cache_max ); if( opt.cache_timeout != -1 ) - ssl_cache_set_timeout( &cache, opt.cache_timeout ); + mbedtls_ssl_cache_set_timeout( &cache, opt.cache_timeout ); - ssl_set_session_cache( &ssl, ssl_cache_get, &cache, - ssl_cache_set, &cache ); + mbedtls_ssl_set_session_cache( &ssl, mbedtls_ssl_cache_get, &cache, + mbedtls_ssl_cache_set, &cache ); #endif -#if defined(POLARSSL_SSL_SESSION_TICKETS) - if( ( ret = ssl_set_session_tickets( &ssl, opt.tickets ) ) != 0 ) +#if defined(MBEDTLS_SSL_SESSION_TICKETS) + if( ( ret = mbedtls_ssl_set_session_tickets( &ssl, opt.tickets ) ) != 0 ) { - polarssl_printf( " failed\n ! ssl_set_session_tickets returned %d\n\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_ssl_set_session_tickets returned %d\n\n", ret ); goto exit; } if( opt.ticket_timeout != -1 ) - ssl_set_session_ticket_lifetime( &ssl, opt.ticket_timeout ); + mbedtls_ssl_set_session_ticket_lifetime( &ssl, opt.ticket_timeout ); #endif -#if defined(POLARSSL_SSL_PROTO_DTLS) - if( opt.transport == SSL_TRANSPORT_DATAGRAM ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { -#if defined(POLARSSL_SSL_COOKIE_C) +#if defined(MBEDTLS_SSL_COOKIE_C) if( opt.cookies > 0 ) { - if( ( ret = ssl_cookie_setup( &cookie_ctx, - ctr_drbg_random, &ctr_drbg ) ) != 0 ) + if( ( ret = mbedtls_ssl_cookie_setup( &cookie_ctx, + mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) { - polarssl_printf( " failed\n ! ssl_cookie_setup returned %d\n\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_ssl_cookie_setup returned %d\n\n", ret ); goto exit; } - ssl_set_dtls_cookies( &ssl, ssl_cookie_write, ssl_cookie_check, + mbedtls_ssl_set_dtls_cookies( &ssl, mbedtls_ssl_cookie_write, mbedtls_ssl_cookie_check, &cookie_ctx ); } else -#endif /* POLARSSL_SSL_COOKIE_C */ -#if defined(POLARSSL_SSL_DTLS_HELLO_VERIFY) +#endif /* MBEDTLS_SSL_COOKIE_C */ +#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) if( opt.cookies == 0 ) { - ssl_set_dtls_cookies( &ssl, NULL, NULL, NULL ); + mbedtls_ssl_set_dtls_cookies( &ssl, NULL, NULL, NULL ); } else -#endif /* POLARSSL_SSL_DTLS_HELLO_VERIFY */ +#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */ { ; /* Nothing to do */ } -#if defined(POLARSSL_SSL_DTLS_ANTI_REPLAY) +#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) if( opt.anti_replay != DFL_ANTI_REPLAY ) - ssl_set_dtls_anti_replay( &ssl, opt.anti_replay ); + mbedtls_ssl_set_dtls_anti_replay( &ssl, opt.anti_replay ); #endif -#if defined(POLARSSL_SSL_DTLS_BADMAC_LIMIT) +#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) if( opt.badmac_limit != DFL_BADMAC_LIMIT ) - ssl_set_dtls_badmac_limit( &ssl, opt.badmac_limit ); + mbedtls_ssl_set_dtls_badmac_limit( &ssl, opt.badmac_limit ); #endif } -#endif /* POLARSSL_SSL_PROTO_DTLS */ +#endif /* MBEDTLS_SSL_PROTO_DTLS */ if( opt.force_ciphersuite[0] != DFL_FORCE_CIPHER ) - ssl_set_ciphersuites( &ssl, opt.force_ciphersuite ); + mbedtls_ssl_set_ciphersuites( &ssl, opt.force_ciphersuite ); if( opt.arc4 != DFL_ARC4 ) - ssl_set_arc4_support( &ssl, opt.arc4 ); + mbedtls_ssl_set_arc4_support( &ssl, opt.arc4 ); if( opt.version_suites != NULL ) { - ssl_set_ciphersuites_for_version( &ssl, version_suites[0], - SSL_MAJOR_VERSION_3, - SSL_MINOR_VERSION_0 ); - ssl_set_ciphersuites_for_version( &ssl, version_suites[1], - SSL_MAJOR_VERSION_3, - SSL_MINOR_VERSION_1 ); - ssl_set_ciphersuites_for_version( &ssl, version_suites[2], - SSL_MAJOR_VERSION_3, - SSL_MINOR_VERSION_2 ); - ssl_set_ciphersuites_for_version( &ssl, version_suites[3], - SSL_MAJOR_VERSION_3, - SSL_MINOR_VERSION_3 ); + mbedtls_ssl_set_ciphersuites_for_version( &ssl, version_suites[0], + MBEDTLS_SSL_MAJOR_VERSION_3, + MBEDTLS_SSL_MINOR_VERSION_0 ); + mbedtls_ssl_set_ciphersuites_for_version( &ssl, version_suites[1], + MBEDTLS_SSL_MAJOR_VERSION_3, + MBEDTLS_SSL_MINOR_VERSION_1 ); + mbedtls_ssl_set_ciphersuites_for_version( &ssl, version_suites[2], + MBEDTLS_SSL_MAJOR_VERSION_3, + MBEDTLS_SSL_MINOR_VERSION_2 ); + mbedtls_ssl_set_ciphersuites_for_version( &ssl, version_suites[3], + MBEDTLS_SSL_MAJOR_VERSION_3, + MBEDTLS_SSL_MINOR_VERSION_3 ); } if( opt.allow_legacy != DFL_ALLOW_LEGACY ) - ssl_legacy_renegotiation( &ssl, opt.allow_legacy ); -#if defined(POLARSSL_SSL_RENEGOTIATION) - ssl_set_renegotiation( &ssl, opt.renegotiation ); + mbedtls_ssl_legacy_renegotiation( &ssl, opt.allow_legacy ); +#if defined(MBEDTLS_SSL_RENEGOTIATION) + mbedtls_ssl_set_renegotiation( &ssl, opt.renegotiation ); if( opt.renego_delay != DFL_RENEGO_DELAY ) - ssl_set_renegotiation_enforced( &ssl, opt.renego_delay ); + mbedtls_ssl_set_renegotiation_enforced( &ssl, opt.renego_delay ); if( opt.renego_period != DFL_RENEGO_PERIOD ) { renego_period[7] = opt.renego_period; - ssl_set_renegotiation_period( &ssl, renego_period ); + mbedtls_ssl_set_renegotiation_period( &ssl, renego_period ); } #endif -#if defined(POLARSSL_X509_CRT_PARSE_C) +#if defined(MBEDTLS_X509_CRT_PARSE_C) if( strcmp( opt.ca_path, "none" ) != 0 && strcmp( opt.ca_file, "none" ) != 0 ) { - ssl_set_ca_chain( &ssl, &cacert, NULL, NULL ); + mbedtls_ssl_set_ca_chain( &ssl, &cacert, NULL, NULL ); } if( key_cert_init ) - if( ( ret = ssl_set_own_cert( &ssl, &srvcert, &pkey ) ) != 0 ) + if( ( ret = mbedtls_ssl_set_own_cert( &ssl, &srvcert, &pkey ) ) != 0 ) { - polarssl_printf( " failed\n ! ssl_set_own_cert returned %d\n\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_ssl_set_own_cert returned %d\n\n", ret ); goto exit; } if( key_cert_init2 ) - if( ( ret = ssl_set_own_cert( &ssl, &srvcert2, &pkey2 ) ) != 0 ) + if( ( ret = mbedtls_ssl_set_own_cert( &ssl, &srvcert2, &pkey2 ) ) != 0 ) { - polarssl_printf( " failed\n ! ssl_set_own_cert returned %d\n\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_ssl_set_own_cert returned %d\n\n", ret ); goto exit; } #endif #if defined(SNI_OPTION) if( opt.sni != NULL ) - ssl_set_sni( &ssl, sni_callback, sni_info ); + mbedtls_ssl_set_sni( &ssl, sni_callback, sni_info ); #endif -#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED) +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) if( strlen( opt.psk ) != 0 && strlen( opt.psk_identity ) != 0 ) { - ret = ssl_set_psk( &ssl, psk, psk_len, + ret = mbedtls_ssl_set_psk( &ssl, psk, psk_len, (const unsigned char *) opt.psk_identity, strlen( opt.psk_identity ) ); if( ret != 0 ) { - polarssl_printf( " failed\n ssl_set_psk returned -0x%04X\n\n", - ret ); + mbedtls_printf( " failed\n mbedtls_ssl_set_psk returned -0x%04X\n\n", - ret ); goto exit; } } if( opt.psk_list != NULL ) - ssl_set_psk_cb( &ssl, psk_callback, psk_info ); + mbedtls_ssl_set_psk_cb( &ssl, psk_callback, psk_info ); #endif -#if defined(POLARSSL_DHM_C) +#if defined(MBEDTLS_DHM_C) /* * Use different group than default DHM group */ -#if defined(POLARSSL_FS_IO) +#if defined(MBEDTLS_FS_IO) if( opt.dhm_file != NULL ) - ret = ssl_set_dh_param_ctx( &ssl, &dhm ); + ret = mbedtls_ssl_set_dh_param_ctx( &ssl, &dhm ); else #endif - ret = ssl_set_dh_param( &ssl, POLARSSL_DHM_RFC5114_MODP_2048_P, - POLARSSL_DHM_RFC5114_MODP_2048_G ); + ret = mbedtls_ssl_set_dh_param( &ssl, MBEDTLS_DHM_RFC5114_MODP_2048_P, + MBEDTLS_DHM_RFC5114_MODP_2048_G ); if( ret != 0 ) { - polarssl_printf( " failed\n ssl_set_dh_param returned -0x%04X\n\n", - ret ); + mbedtls_printf( " failed\n mbedtls_ssl_set_dh_param returned -0x%04X\n\n", - ret ); goto exit; } #endif if( opt.min_version != DFL_MIN_VERSION ) { - ret = ssl_set_min_version( &ssl, SSL_MAJOR_VERSION_3, opt.min_version ); + ret = mbedtls_ssl_set_min_version( &ssl, MBEDTLS_SSL_MAJOR_VERSION_3, opt.min_version ); if( ret != 0 ) { - polarssl_printf( " failed\n ! selected min_version is not available\n" ); + mbedtls_printf( " failed\n ! selected min_version is not available\n" ); goto exit; } } if( opt.max_version != DFL_MIN_VERSION ) { - ret = ssl_set_max_version( &ssl, SSL_MAJOR_VERSION_3, opt.max_version ); + ret = mbedtls_ssl_set_max_version( &ssl, MBEDTLS_SSL_MAJOR_VERSION_3, opt.max_version ); if( ret != 0 ) { - polarssl_printf( " failed\n ! selected max_version is not available\n" ); + mbedtls_printf( " failed\n ! selected max_version is not available\n" ); goto exit; } } - polarssl_printf( " ok\n" ); + mbedtls_printf( " ok\n" ); reset: #if !defined(_WIN32) if( received_sigterm ) { - polarssl_printf( " interrupted by SIGTERM\n" ); + mbedtls_printf( " interrupted by SIGTERM\n" ); ret = 0; goto exit; } #endif -#ifdef POLARSSL_ERROR_C +#ifdef MBEDTLS_ERROR_C if( ret != 0 ) { char error_buf[100]; - polarssl_strerror( ret, error_buf, 100 ); - polarssl_printf("Last error was: %d - %s\n\n", ret, error_buf ); + mbedtls_strerror( ret, error_buf, 100 ); + mbedtls_printf("Last error was: %d - %s\n\n", ret, error_buf ); } #endif if( client_fd != -1 ) - net_close( client_fd ); + mbedtls_net_close( client_fd ); - ssl_session_reset( &ssl ); + mbedtls_ssl_session_reset( &ssl ); /* * 3. Wait until a client connects */ client_fd = -1; - polarssl_printf( " . Waiting for a remote connection ..." ); + mbedtls_printf( " . Waiting for a remote connection ..." ); fflush( stdout ); - if( ( ret = net_accept( listen_fd, &client_fd, client_ip ) ) != 0 ) + if( ( ret = mbedtls_net_accept( listen_fd, &client_fd, client_ip ) ) != 0 ) { #if !defined(_WIN32) if( received_sigterm ) { - polarssl_printf( " interrupted by signal\n" ); + mbedtls_printf( " interrupted by signal\n" ); ret = 0; goto exit; } #endif - polarssl_printf( " failed\n ! net_accept returned -0x%x\n\n", -ret ); + mbedtls_printf( " failed\n ! mbedtls_net_accept returned -0x%x\n\n", -ret ); goto exit; } if( opt.nbio > 0 ) - ret = net_set_nonblock( client_fd ); + ret = mbedtls_net_set_nonblock( client_fd ); else - ret = net_set_block( client_fd ); + ret = mbedtls_net_set_block( client_fd ); if( ret != 0 ) { - polarssl_printf( " failed\n ! net_set_(non)block() returned -0x%x\n\n", -ret ); + mbedtls_printf( " failed\n ! net_set_(non)block() returned -0x%x\n\n", -ret ); goto exit; } if( opt.nbio == 2 ) - ssl_set_bio_timeout( &ssl, &client_fd, my_send, my_recv, NULL, 0 ); + mbedtls_ssl_set_bio_timeout( &ssl, &client_fd, my_send, my_recv, NULL, 0 ); else - ssl_set_bio_timeout( &ssl, &client_fd, net_send, net_recv, -#if defined(POLARSSL_HAVE_TIME) - opt.nbio == 0 ? net_recv_timeout : NULL, + mbedtls_ssl_set_bio_timeout( &ssl, &client_fd, mbedtls_net_send, mbedtls_net_recv, +#if defined(MBEDTLS_HAVE_TIME) + opt.nbio == 0 ? mbedtls_net_recv_timeout : NULL, #else NULL, #endif opt.read_timeout ); -#if defined(POLARSSL_SSL_DTLS_HELLO_VERIFY) - if( opt.transport == SSL_TRANSPORT_DATAGRAM ) +#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) + if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { - if( ( ret = ssl_set_client_transport_id( &ssl, client_ip, + if( ( ret = mbedtls_ssl_set_client_transport_id( &ssl, client_ip, sizeof( client_ip ) ) ) != 0 ) { - polarssl_printf( " failed\n ! " + mbedtls_printf( " failed\n ! " "ssl_set_client_tranport_id() returned -0x%x\n\n", -ret ); goto exit; } } -#endif /* POLARSSL_SSL_DTLS_HELLO_VERIFY */ +#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */ - polarssl_printf( " ok\n" ); + mbedtls_printf( " ok\n" ); /* * With UDP, bind_fd is hijacked by client_fd, so bind a new one */ -#if defined(POLARSSL_SSL_PROTO_DTLS) - if( opt.transport == SSL_TRANSPORT_DATAGRAM ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { - polarssl_printf( " . Re-bind on udp://%s:%-4d/ ...", + mbedtls_printf( " . Re-bind on udp://%s:%-4d/ ...", opt.server_addr ? opt.server_addr : "*", opt.server_port ); fflush( stdout ); - if( ( ret = net_bind( &listen_fd, opt.server_addr, - opt.server_port, NET_PROTO_UDP ) ) != 0 ) + if( ( ret = mbedtls_net_bind( &listen_fd, opt.server_addr, + opt.server_port, MBEDTLS_NET_PROTO_UDP ) ) != 0 ) { - polarssl_printf( " failed\n ! net_bind returned -0x%x\n\n", -ret ); + mbedtls_printf( " failed\n ! mbedtls_net_bind returned -0x%x\n\n", -ret ); goto exit; } - polarssl_printf( " ok\n" ); + mbedtls_printf( " ok\n" ); } -#endif /* POLARSSL_SSL_PROTO_DTLS */ +#endif /* MBEDTLS_SSL_PROTO_DTLS */ /* * 4. Handshake */ - polarssl_printf( " . Performing the SSL/TLS handshake..." ); + mbedtls_printf( " . Performing the SSL/TLS handshake..." ); fflush( stdout ); - do ret = ssl_handshake( &ssl ); - while( ret == POLARSSL_ERR_NET_WANT_READ || - ret == POLARSSL_ERR_NET_WANT_WRITE ); + do ret = mbedtls_ssl_handshake( &ssl ); + while( ret == MBEDTLS_ERR_NET_WANT_READ || + ret == MBEDTLS_ERR_NET_WANT_WRITE ); - if( ret == POLARSSL_ERR_SSL_HELLO_VERIFY_REQUIRED ) + if( ret == MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED ) { - polarssl_printf( " hello verification requested\n" ); + mbedtls_printf( " hello verification requested\n" ); ret = 0; goto reset; } else if( ret != 0 ) { - polarssl_printf( " failed\n ! ssl_handshake returned -0x%x\n\n", -ret ); + mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", -ret ); goto reset; } else /* ret == 0 */ { - polarssl_printf( " ok\n [ Protocol is %s ]\n [ Ciphersuite is %s ]\n", - ssl_get_version( &ssl ), ssl_get_ciphersuite( &ssl ) ); + mbedtls_printf( " ok\n [ Protocol is %s ]\n [ Ciphersuite is %s ]\n", + mbedtls_ssl_get_version( &ssl ), mbedtls_ssl_get_ciphersuite( &ssl ) ); } - if( ( ret = ssl_get_record_expansion( &ssl ) ) >= 0 ) - polarssl_printf( " [ Record expansion is %d ]\n", ret ); + if( ( ret = mbedtls_ssl_get_record_expansion( &ssl ) ) >= 0 ) + mbedtls_printf( " [ Record expansion is %d ]\n", ret ); else - polarssl_printf( " [ Record expansion is unknown (compression) ]\n" ); + mbedtls_printf( " [ Record expansion is unknown (compression) ]\n" ); -#if defined(POLARSSL_SSL_ALPN) +#if defined(MBEDTLS_SSL_ALPN) if( opt.alpn_string != NULL ) { - const char *alp = ssl_get_alpn_protocol( &ssl ); - polarssl_printf( " [ Application Layer Protocol is %s ]\n", + const char *alp = mbedtls_ssl_get_alpn_protocol( &ssl ); + mbedtls_printf( " [ Application Layer Protocol is %s ]\n", alp ? alp : "(none)" ); } #endif -#if defined(POLARSSL_X509_CRT_PARSE_C) +#if defined(MBEDTLS_X509_CRT_PARSE_C) /* * 5. Verify the server certificate */ - polarssl_printf( " . Verifying peer X.509 certificate..." ); + mbedtls_printf( " . Verifying peer X.509 certificate..." ); - if( ( ret = ssl_get_verify_result( &ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_get_verify_result( &ssl ) ) != 0 ) { - polarssl_printf( " failed\n" ); + mbedtls_printf( " failed\n" ); - if( !ssl_get_peer_cert( &ssl ) ) - polarssl_printf( " ! no client certificate sent\n" ); + if( !mbedtls_ssl_get_peer_cert( &ssl ) ) + mbedtls_printf( " ! no client certificate sent\n" ); - if( ( ret & BADCERT_EXPIRED ) != 0 ) - polarssl_printf( " ! client certificate has expired\n" ); + if( ( ret & MBEDTLS_BADCERT_EXPIRED ) != 0 ) + mbedtls_printf( " ! client certificate has expired\n" ); - if( ( ret & BADCERT_REVOKED ) != 0 ) - polarssl_printf( " ! client certificate has been revoked\n" ); + if( ( ret & MBEDTLS_X509_BADCERT_REVOKED ) != 0 ) + mbedtls_printf( " ! client certificate has been revoked\n" ); - if( ( ret & BADCERT_NOT_TRUSTED ) != 0 ) - polarssl_printf( " ! self-signed or not signed by a trusted CA\n" ); + if( ( ret & MBEDTLS_X509_BADCERT_NOT_TRUSTED ) != 0 ) + mbedtls_printf( " ! self-signed or not signed by a trusted CA\n" ); - polarssl_printf( "\n" ); + mbedtls_printf( "\n" ); } else - polarssl_printf( " ok\n" ); + mbedtls_printf( " ok\n" ); - if( ssl_get_peer_cert( &ssl ) ) + if( mbedtls_ssl_get_peer_cert( &ssl ) ) { - polarssl_printf( " . Peer certificate information ...\n" ); - x509_crt_info( (char *) buf, sizeof( buf ) - 1, " ", - ssl_get_peer_cert( &ssl ) ); - polarssl_printf( "%s\n", buf ); + mbedtls_printf( " . Peer certificate information ...\n" ); + mbedtls_x509_crt_info( (char *) buf, sizeof( buf ) - 1, " ", + mbedtls_ssl_get_peer_cert( &ssl ) ); + mbedtls_printf( "%s\n", buf ); } -#endif /* POLARSSL_X509_CRT_PARSE_C */ +#endif /* MBEDTLS_X509_CRT_PARSE_C */ if( opt.exchanges == 0 ) goto close_notify; @@ -1946,50 +1946,50 @@ /* * 6. Read the HTTP Request */ - polarssl_printf( " < Read from client:" ); + mbedtls_printf( " < Read from client:" ); fflush( stdout ); /* * TLS and DTLS need different reading styles (stream vs datagram) */ - if( opt.transport == SSL_TRANSPORT_STREAM ) + if( opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ) { do { int terminated = 0; len = sizeof( buf ) - 1; memset( buf, 0, sizeof( buf ) ); - ret = ssl_read( &ssl, buf, len ); + ret = mbedtls_ssl_read( &ssl, buf, len ); - if( ret == POLARSSL_ERR_NET_WANT_READ || - ret == POLARSSL_ERR_NET_WANT_WRITE ) + if( ret == MBEDTLS_ERR_NET_WANT_READ || + ret == MBEDTLS_ERR_NET_WANT_WRITE ) continue; if( ret <= 0 ) { switch( ret ) { - case POLARSSL_ERR_SSL_PEER_CLOSE_NOTIFY: - polarssl_printf( " connection was closed gracefully\n" ); + case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY: + mbedtls_printf( " connection was closed gracefully\n" ); goto close_notify; case 0: - case POLARSSL_ERR_NET_CONN_RESET: - polarssl_printf( " connection was reset by peer\n" ); - ret = POLARSSL_ERR_NET_CONN_RESET; + case MBEDTLS_ERR_NET_CONN_RESET: + mbedtls_printf( " connection was reset by peer\n" ); + ret = MBEDTLS_ERR_NET_CONN_RESET; goto reset; default: - polarssl_printf( " ssl_read returned -0x%x\n", -ret ); + mbedtls_printf( " mbedtls_ssl_read returned -0x%x\n", -ret ); goto reset; } } - if( ssl_get_bytes_avail( &ssl ) == 0 ) + if( mbedtls_ssl_get_bytes_avail( &ssl ) == 0 ) { len = ret; buf[len] = '\0'; - polarssl_printf( " %d bytes read\n\n%s\n", len, (char *) buf ); + mbedtls_printf( " %d bytes read\n\n%s\n", len, (char *) buf ); /* End of message should be detected according to the syntax of the * application protocol (eg HTTP), just use a dummy test here. */ @@ -2002,12 +2002,12 @@ unsigned char *larger_buf; ori_len = ret; - extra_len = ssl_get_bytes_avail( &ssl ); + extra_len = mbedtls_ssl_get_bytes_avail( &ssl ); - larger_buf = polarssl_malloc( ori_len + extra_len + 1 ); + larger_buf = mbedtls_malloc( ori_len + extra_len + 1 ); if( larger_buf == NULL ) { - polarssl_printf( " ! memory allocation failed\n" ); + mbedtls_printf( " ! memory allocation failed\n" ); ret = 1; goto reset; } @@ -2016,17 +2016,17 @@ memcpy( larger_buf, buf, ori_len ); /* This read should never fail and get the whole cached data */ - ret = ssl_read( &ssl, larger_buf + ori_len, extra_len ); + ret = mbedtls_ssl_read( &ssl, larger_buf + ori_len, extra_len ); if( ret != extra_len || - ssl_get_bytes_avail( &ssl ) != 0 ) + mbedtls_ssl_get_bytes_avail( &ssl ) != 0 ) { - polarssl_printf( " ! ssl_read failed on cached data\n" ); + mbedtls_printf( " ! mbedtls_ssl_read failed on cached data\n" ); ret = 1; goto reset; } larger_buf[ori_len + extra_len] = '\0'; - polarssl_printf( " %u bytes read (%u + %u)\n\n%s\n", + mbedtls_printf( " %u bytes read (%u + %u)\n\n%s\n", ori_len + extra_len, ori_len, extra_len, (char *) larger_buf ); @@ -2035,7 +2035,7 @@ if( larger_buf[ori_len + extra_len - 1] == '\n' ) terminated = 1; - polarssl_free( larger_buf ); + mbedtls_free( larger_buf ); } if( terminated ) @@ -2051,28 +2051,28 @@ len = sizeof( buf ) - 1; memset( buf, 0, sizeof( buf ) ); - do ret = ssl_read( &ssl, buf, len ); - while( ret == POLARSSL_ERR_NET_WANT_READ || - ret == POLARSSL_ERR_NET_WANT_WRITE ); + do ret = mbedtls_ssl_read( &ssl, buf, len ); + while( ret == MBEDTLS_ERR_NET_WANT_READ || + ret == MBEDTLS_ERR_NET_WANT_WRITE ); if( ret <= 0 ) { switch( ret ) { - case POLARSSL_ERR_SSL_PEER_CLOSE_NOTIFY: - polarssl_printf( " connection was closed gracefully\n" ); + case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY: + mbedtls_printf( " connection was closed gracefully\n" ); ret = 0; goto close_notify; default: - polarssl_printf( " ssl_read returned -0x%x\n", -ret ); + mbedtls_printf( " mbedtls_ssl_read returned -0x%x\n", -ret ); goto reset; } } len = ret; buf[len] = '\0'; - polarssl_printf( " %d bytes read\n\n%s", len, (char *) buf ); + mbedtls_printf( " %d bytes read\n\n%s", len, (char *) buf ); ret = 0; } @@ -2080,52 +2080,52 @@ * 7a. Request renegotiation while client is waiting for input from us. * (only on the first exchange, to be able to test retransmission) */ -#if defined(POLARSSL_SSL_RENEGOTIATION) +#if defined(MBEDTLS_SSL_RENEGOTIATION) if( opt.renegotiate && exchanges_left == opt.exchanges ) { - polarssl_printf( " . Requestion renegotiation..." ); + mbedtls_printf( " . Requestion renegotiation..." ); fflush( stdout ); - while( ( ret = ssl_renegotiate( &ssl ) ) != 0 ) + while( ( ret = mbedtls_ssl_renegotiate( &ssl ) ) != 0 ) { - if( ret != POLARSSL_ERR_NET_WANT_READ && - ret != POLARSSL_ERR_NET_WANT_WRITE ) + if( ret != MBEDTLS_ERR_NET_WANT_READ && + ret != MBEDTLS_ERR_NET_WANT_WRITE ) { - polarssl_printf( " failed\n ! ssl_renegotiate returned %d\n\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_ssl_renegotiate returned %d\n\n", ret ); goto reset; } } - polarssl_printf( " ok\n" ); + mbedtls_printf( " ok\n" ); } -#endif /* POLARSSL_SSL_RENEGOTIATION */ +#endif /* MBEDTLS_SSL_RENEGOTIATION */ /* * 7. Write the 200 Response */ - polarssl_printf( " > Write to client:" ); + mbedtls_printf( " > Write to client:" ); fflush( stdout ); len = sprintf( (char *) buf, HTTP_RESPONSE, - ssl_get_ciphersuite( &ssl ) ); + mbedtls_ssl_get_ciphersuite( &ssl ) ); - if( opt.transport == SSL_TRANSPORT_STREAM ) + if( opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ) { for( written = 0, frags = 0; written < len; written += ret, frags++ ) { - while( ( ret = ssl_write( &ssl, buf + written, len - written ) ) + while( ( ret = mbedtls_ssl_write( &ssl, buf + written, len - written ) ) <= 0 ) { - if( ret == POLARSSL_ERR_NET_CONN_RESET ) + if( ret == MBEDTLS_ERR_NET_CONN_RESET ) { - polarssl_printf( " failed\n ! peer closed the connection\n\n" ); + mbedtls_printf( " failed\n ! peer closed the connection\n\n" ); goto reset; } - if( ret != POLARSSL_ERR_NET_WANT_READ && - ret != POLARSSL_ERR_NET_WANT_WRITE ) + if( ret != MBEDTLS_ERR_NET_WANT_READ && + ret != MBEDTLS_ERR_NET_WANT_WRITE ) { - polarssl_printf( " failed\n ! ssl_write returned %d\n\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret ); goto reset; } } @@ -2133,13 +2133,13 @@ } else /* Not stream, so datagram */ { - do ret = ssl_write( &ssl, buf, len ); - while( ret == POLARSSL_ERR_NET_WANT_READ || - ret == POLARSSL_ERR_NET_WANT_WRITE ); + do ret = mbedtls_ssl_write( &ssl, buf, len ); + while( ret == MBEDTLS_ERR_NET_WANT_READ || + ret == MBEDTLS_ERR_NET_WANT_WRITE ); if( ret < 0 ) { - polarssl_printf( " failed\n ! ssl_write returned %d\n\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret ); goto reset; } @@ -2148,7 +2148,7 @@ } buf[written] = '\0'; - polarssl_printf( " %d bytes written in %d fragments\n\n%s\n", written, frags, (char *) buf ); + mbedtls_printf( " %d bytes written in %d fragments\n\n%s\n", written, frags, (char *) buf ); ret = 0; /* @@ -2161,14 +2161,14 @@ * 8. Done, cleanly close the connection */ close_notify: - polarssl_printf( " . Closing the connection..." ); + mbedtls_printf( " . Closing the connection..." ); /* No error checking, the connection might be closed already */ - do ret = ssl_close_notify( &ssl ); - while( ret == POLARSSL_ERR_NET_WANT_WRITE ); + do ret = mbedtls_ssl_close_notify( &ssl ); + while( ret == MBEDTLS_ERR_NET_WANT_WRITE ); ret = 0; - polarssl_printf( " done\n" ); + mbedtls_printf( " done\n" ); goto reset; @@ -2176,63 +2176,63 @@ * Cleanup and exit */ exit: -#ifdef POLARSSL_ERROR_C +#ifdef MBEDTLS_ERROR_C if( ret != 0 ) { char error_buf[100]; - polarssl_strerror( ret, error_buf, 100 ); - polarssl_printf("Last error was: -0x%X - %s\n\n", -ret, error_buf ); + mbedtls_strerror( ret, error_buf, 100 ); + mbedtls_printf("Last error was: -0x%X - %s\n\n", -ret, error_buf ); } #endif - polarssl_printf( " . Cleaning up..." ); + mbedtls_printf( " . Cleaning up..." ); fflush( stdout ); if( client_fd != -1 ) - net_close( client_fd ); + mbedtls_net_close( client_fd ); -#if defined(POLARSSL_DHM_C) && defined(POLARSSL_FS_IO) - dhm_free( &dhm ); +#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO) + mbedtls_dhm_free( &dhm ); #endif -#if defined(POLARSSL_X509_CRT_PARSE_C) - x509_crt_free( &cacert ); - x509_crt_free( &srvcert ); - pk_free( &pkey ); - x509_crt_free( &srvcert2 ); - pk_free( &pkey2 ); +#if defined(MBEDTLS_X509_CRT_PARSE_C) + mbedtls_x509_crt_free( &cacert ); + mbedtls_x509_crt_free( &srvcert ); + mbedtls_pk_free( &pkey ); + mbedtls_x509_crt_free( &srvcert2 ); + mbedtls_pk_free( &pkey2 ); #endif #if defined(SNI_OPTION) sni_free( sni_info ); #endif -#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED) +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) psk_free( psk_info ); #endif -#if defined(POLARSSL_DHM_C) && defined(POLARSSL_FS_IO) - dhm_free( &dhm ); +#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO) + mbedtls_dhm_free( &dhm ); #endif - ssl_free( &ssl ); - ctr_drbg_free( &ctr_drbg ); - entropy_free( &entropy ); + mbedtls_ssl_free( &ssl ); + mbedtls_ctr_drbg_free( &ctr_drbg ); + mbedtls_entropy_free( &entropy ); -#if defined(POLARSSL_SSL_CACHE_C) - ssl_cache_free( &cache ); +#if defined(MBEDTLS_SSL_CACHE_C) + mbedtls_ssl_cache_free( &cache ); #endif -#if defined(POLARSSL_SSL_COOKIE_C) - ssl_cookie_free( &cookie_ctx ); +#if defined(MBEDTLS_SSL_COOKIE_C) + mbedtls_ssl_cookie_free( &cookie_ctx ); #endif -#if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C) -#if defined(POLARSSL_MEMORY_DEBUG) - memory_buffer_alloc_status(); +#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) +#if defined(MBEDTLS_MEMORY_DEBUG) + mbedtls_memory_buffer_alloc_status(); #endif - memory_buffer_alloc_free(); + mbedtls_memory_buffer_alloc_free(); #endif - polarssl_printf( " done.\n" ); + mbedtls_printf( " done.\n" ); #if defined(_WIN32) - polarssl_printf( " + Press Enter to exit this program.\n" ); + mbedtls_printf( " + Press Enter to exit this program.\n" ); fflush( stdout ); getchar(); #endif @@ -2242,6 +2242,6 @@ return( ret ); } -#endif /* POLARSSL_BIGNUM_C && POLARSSL_ENTROPY_C && POLARSSL_SSL_TLS_C && - POLARSSL_SSL_SRV_C && POLARSSL_NET_C && POLARSSL_RSA_C && - POLARSSL_CTR_DRBG_C */ +#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C && + MBEDTLS_SSL_SRV_C && MBEDTLS_NET_C && MBEDTLS_RSA_C && + MBEDTLS_CTR_DRBG_C */