Improve demo/testing code in client/server2

Previously it was missing reset in case 1, and in case 2 the code was never
executed as the option value was reset to 0.

Tighten checking of return values of save(NULL, 0) now that it works.

Also, improve the printed output as well as the comments.

I checked manually that everything now works and fail in the expected way:
save, reset-or-reinit and load all succeed, but the subsequent read or write
fails.
This commit is contained in:
Manuel Pégourié-Gonnard 2019-07-12 10:41:55 +02:00
parent f1f3e529a5
commit 3b23c7d2d2
2 changed files with 76 additions and 19 deletions

View file

@ -2491,14 +2491,10 @@ send_request:
size_t buf_len;
unsigned char *context_buf = NULL;
opt.serialize = 0;
mbedtls_printf( " Serializing live connection..." );
mbedtls_printf( " . Serializing live connection..." );
ret = mbedtls_ssl_context_save( &ssl, NULL, 0, &buf_len );
/* Allow stub implementation returning 0 for now */
if( ret != MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL &&
ret != 0 )
if( ret != MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_context_save returned "
"-0x%x\n\n", -ret );
@ -2517,14 +2513,32 @@ send_request:
if( ( ret = mbedtls_ssl_context_save( &ssl, context_buf,
buf_len, &buf_len ) ) != 0 )
{
mbedtls_printf( "failed\n ! mbedtls_ssl_context_save returned "
mbedtls_printf( " failed\n ! mbedtls_ssl_context_save returned "
"-0x%x\n\n", -ret );
goto exit;
}
mbedtls_printf( " ok\n" );
if( opt.serialize == 1 )
{
mbedtls_printf( " . Reseting context..." );
if( ( ret = mbedtls_ssl_session_reset( &ssl ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_session_reset returned "
"-0x%x\n\n", -ret );
goto exit;
}
mbedtls_printf( " ok\n" );
}
if( opt.serialize == 2 )
{
mbedtls_printf( " . Freeing and reinitializing context..." );
mbedtls_ssl_free( &ssl );
mbedtls_ssl_init( &ssl );
@ -2532,7 +2546,7 @@ send_request:
if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned "
" -0x%x\n\n", -ret );
"-0x%x\n\n", -ret );
goto exit;
}
@ -2540,8 +2554,8 @@ send_request:
mbedtls_ssl_set_bio( &ssl, &server_fd, my_send, my_recv,
NULL );
else
mbedtls_ssl_set_bio( &ssl, &server_fd,
mbedtls_net_send, mbedtls_net_recv,
mbedtls_ssl_set_bio( &ssl, &server_fd, mbedtls_net_send,
mbedtls_net_recv,
opt.nbio == 0 ? mbedtls_net_recv_timeout : NULL );
#if defined(MBEDTLS_TIMING_C)
@ -2557,9 +2571,11 @@ send_request:
#endif
}
#endif /* MBEDTLS_TIMING_C */
mbedtls_printf( " ok\n" );
}
mbedtls_printf( " Deserializing connection..." );
mbedtls_printf( " . Deserializing connection..." );
if( ( ret = mbedtls_ssl_context_load( &ssl, context_buf,
buf_len ) ) != 0 )
@ -2569,6 +2585,8 @@ send_request:
goto exit;
}
mbedtls_printf( " ok\n" );
}
#endif /* MBEDTLS_SSL_CONTEXT_SERIALIZATION */

View file

@ -3507,14 +3507,10 @@ data_exchange:
size_t buf_len;
unsigned char *context_buf = NULL;
opt.serialize = 0;
mbedtls_printf( " Serializing live connection..." );
mbedtls_printf( " . Serializing live connection..." );
ret = mbedtls_ssl_context_save( &ssl, NULL, 0, &buf_len );
/* Allow stub implementation returning 0 for now */
if( ret != MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL &&
ret != 0 )
if( ret != MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_context_save returned "
"-0x%x\n\n", -ret );
@ -3533,14 +3529,47 @@ data_exchange:
if( ( ret = mbedtls_ssl_context_save( &ssl, context_buf,
buf_len, &buf_len ) ) != 0 )
{
mbedtls_printf( "failed\n ! mbedtls_ssl_context_save returned "
mbedtls_printf( " failed\n ! mbedtls_ssl_context_save returned "
"-0x%x\n\n", -ret );
goto exit;
}
mbedtls_printf( " ok\n" );
/*
* This simulates a workflow where you have a long-lived server
* instance, potentially with a pool of ssl_context objects, and you
* just want to re-use one while the connection is inactive: in that
* case you can just reset() it, and then it's ready to receive
* serialized data from another connection (or the same here).
*/
if( opt.serialize == 1 )
{
mbedtls_printf( " . Reseting context..." );
if( ( ret = mbedtls_ssl_session_reset( &ssl ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_session_reset returned "
"-0x%x\n\n", -ret );
goto exit;
}
mbedtls_printf( " ok\n" );
}
/*
* This simulates a workflow where you have one server instance per
* connection, and want to release it entire when the connection is
* inactive, and spawn it again when needed again - this would happen
* between ssl_free() and ssl_init() below, together with any other
* teardown/startup code needed - for example, preparing the
* ssl_config again (see section 3 "setup stuff" in this file).
*/
if( opt.serialize == 2 )
{
mbedtls_printf( " . Freeing and reinitializing context..." );
mbedtls_ssl_free( &ssl );
mbedtls_ssl_init( &ssl );
@ -3552,6 +3581,12 @@ data_exchange:
goto exit;
}
/*
* This illustrates the minimum amount of things you need to set
* up, however you could set up much more if desired, for example
* if you want to share your set up code between the case of
* establishing a new connection and this case.
*/
if( opt.nbio == 2 )
mbedtls_ssl_set_bio( &ssl, &client_fd, my_send, my_recv,
NULL );
@ -3573,9 +3608,11 @@ data_exchange:
#endif
}
#endif /* MBEDTLS_TIMING_C */
mbedtls_printf( " ok\n" );
}
mbedtls_printf( " Deserializing connection..." );
mbedtls_printf( " . Deserializing connection..." );
if( ( ret = mbedtls_ssl_context_load( &ssl, context_buf,
buf_len ) ) != 0 )
@ -3585,6 +3622,8 @@ data_exchange:
goto exit;
}
mbedtls_printf( " ok\n" );
}
#endif /* MBEDTLS_SSL_CONTEXT_SERIALIZATION */