luna - wolfssl/examples/server/server.c

   1/* server.c
   2 *
   3 * Copyright (C) 2006-2026 wolfSSL Inc.
   4 *
   5 * This file is part of wolfSSL.
   6 *
   7 * wolfSSL is free software; you can redistribute it and/or modify
   8 * it under the terms of the GNU General Public License as published by
   9 * the Free Software Foundation; either version 3 of the License, or
  10 * (at your option) any later version.
  11 *
  12 * wolfSSL is distributed in the hope that it will be useful,
  13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
  14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  15 * GNU General Public License for more details.
  16 *
  17 * You should have received a copy of the GNU General Public License
  18 * along with this program; if not, write to the Free Software
  19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  20 */
  21
  22/* For simpler wolfSSL TLS server examples, visit
  23 * https://github.com/wolfSSL/wolfssl-examples/tree/master/tls
  24 */
  25
  26#ifdef HAVE_CONFIG_H
  27    #include <config.h>
  28#endif
  29
  30#ifndef WOLFSSL_USER_SETTINGS
  31    #include <wolfssl/options.h>
  32#endif
  33#include <wolfssl/wolfcrypt/settings.h>
  34
  35#include <wolfssl/ssl.h> /* name change portability layer */
  36
  37#ifdef HAVE_ECC
  38    #include <wolfssl/wolfcrypt/ecc.h>   /* wc_ecc_fp_free */
  39#endif
  40
  41#if defined(WOLFSSL_TLS13) && defined(HAVE_ECH)
  42    #include <wolfssl/wolfcrypt/coding.h>
  43#endif
  44
  45#ifdef WOLFSSL_WOLFSENTRY_HOOKS
  46#include <wolfsentry/wolfsentry.h>
  47#if !defined(NO_FILESYSTEM) && !defined(WOLFSENTRY_NO_JSON)
  48static const char *wolfsentry_config_path = NULL;
  49#endif
  50#endif /* WOLFSSL_WOLFSENTRY_HOOKS */
  51#if defined(WOLFSSL_MDK_ARM) || defined(WOLFSSL_KEIL_TCP_NET)
  52        #include <stdio.h>
  53        #include <string.h>
  54        #include "rl_fs.h"
  55        #include "rl_net.h"
  56#endif
  57
  58#ifdef NO_FILESYSTEM
  59    #ifdef NO_RSA
  60    #error currently the example only tries to load in a RSA buffer
  61    #endif
  62    #undef USE_CERT_BUFFERS_2048
  63    #define USE_CERT_BUFFERS_2048
  64    #include <wolfssl/certs_test.h>
  65#endif
  66
  67#include <wolfssl/test.h>
  68#include <wolfssl/error-ssl.h>
  69
  70#ifdef WOLFSSL_SWDEV
  71    #include "tests/swdev/swdev_loader.h"
  72#endif
  73
  74#ifdef USE_FLAT_TEST_H
  75    #include "server.h"
  76#else
  77    #include "examples/server/server.h"
  78#endif
  79
  80#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_TLS)
  81
  82#if defined(WOLFSSL_TLS13) && ( \
  83       defined(HAVE_ECC) \
  84    || defined(HAVE_CURVE25519) \
  85    || defined(HAVE_CURVE448) \
  86    || defined(HAVE_FFDHE_2048))
  87    #define CAN_FORCE_CURVE
  88#endif
  89#if defined(CAN_FORCE_CURVE) && defined(HAVE_ECC)
  90struct group_info {
  91    word16 group;
  92    const char *name;
  93};
  94static struct group_info group_id_to_text[] = {
  95    { WOLFSSL_ECC_SECP160K1, "SECP160K1" },
  96    { WOLFSSL_ECC_SECP160R1, "SECP160R1" },
  97    { WOLFSSL_ECC_SECP160R2, "SECP160R2" },
  98    { WOLFSSL_ECC_SECP192K1, "SECP192K1" },
  99    { WOLFSSL_ECC_SECP192R1, "SECP192R1" },
 100    { WOLFSSL_ECC_SECP224K1, "SECP224K1" },
 101    { WOLFSSL_ECC_SECP224R1, "SECP224R1" },
 102    { WOLFSSL_ECC_SECP256K1, "SECP256K1" },
 103    { WOLFSSL_ECC_SECP256R1, "SECP256R1" },
 104    { WOLFSSL_ECC_SECP384R1, "SECP384R1" },
 105    { WOLFSSL_ECC_SECP521R1, "SECP521R1" },
 106    { WOLFSSL_ECC_BRAINPOOLP256R1, "BRAINPOOLP256R1" },
 107    { WOLFSSL_ECC_BRAINPOOLP384R1, "BRAINPOOLP384R1" },
 108    { WOLFSSL_ECC_BRAINPOOLP512R1, "BRAINPOOLP512R1" },
 109    { WOLFSSL_ECC_BRAINPOOLP256R1TLS13, "BRAINPOOLP256R1TLS13" },
 110    { WOLFSSL_ECC_BRAINPOOLP384R1TLS13, "BRAINPOOLP384R1TLS13" },
 111    { WOLFSSL_ECC_BRAINPOOLP512R1TLS13, "BRAINPOOLP512R1TLS13" },
 112    { 0, NULL }
 113};
 114#endif /* CAN_FORCE_CURVE && HAVE_ECC */
 115
 116#ifdef WOLFSSL_ASYNC_CRYPT
 117    static int devId = INVALID_DEVID;
 118#endif
 119
 120#define DEFAULT_TIMEOUT_SEC 2
 121
 122/* Note on using port 0: if the server uses port 0 to bind an ephemeral port
 123 * number and is using the ready file for scripted testing, the code in
 124 * test.h will write the actual port number into the ready file for use
 125 * by the client. */
 126
 127#ifndef WOLFSSL_ALT_TEST_STRINGS
 128static const char kReplyMsg[] = "I hear you fa shizzle!";
 129#else
 130static const char kReplyMsg[] = "I hear you fa shizzle!\n";
 131#endif
 132
 133static const char kHttpServerMsg[] =
 134    "HTTP/1.1 200 OK\r\n"
 135    "Content-Type: text/html\r\n"
 136    "Connection: close\r\n"
 137    "Content-Length: 141\r\n"
 138    "\r\n"
 139    "<html>\r\n"
 140    "<head>\r\n"
 141    "<title>Welcome to wolfSSL!</title>\r\n"
 142    "</head>\r\n"
 143    "<body>\r\n"
 144    "<p>wolfSSL has successfully performed handshake!</p>\r\n"
 145    "</body>\r\n"
 146    "</html>\r\n";
 147
 148/* Read needs to be largest of the client.c message strings (29) */
 149#define SRV_READ_SZ    32
 150
 151
 152int runWithErrors = 0; /* Used with -x flag to run err_sys vs. print errors */
 153int catastrophic = 0; /* Use with -x flag to still exit when an error is
 154                      * considered catastrophic EG the servers own cert failing
 155                      * to load would be catastrophic since there would be no
 156                      * cert to send to clients attempting to connect. The
 157                      * server should error out completely in that case
 158                      */
 159static int quieter = 0; /* Print fewer messages. This is helpful with overly
 160                         * ambitious log parsers. */
 161static int lng_index = 0;
 162
 163#define LOG_ERROR(...) \
 164    do {                                  \
 165        if (!quieter)                     \
 166            fprintf(stderr, __VA_ARGS__); \
 167    } while(0)
 168
 169#ifdef WOLFSSL_CALLBACKS
 170    #if !defined(NO_OLD_TIMEVAL_NAME)
 171        Timeval srvTo;
 172    #else
 173        WOLFSSL_TIMEVAL srvTo;
 174    #endif
 175    static int srvHandShakeCB(HandShakeInfo* info)
 176    {
 177        (void)info;
 178        return 0;
 179    }
 180
 181    static int srvTimeoutCB(TimeoutInfo* info)
 182    {
 183        (void)info;
 184        return 0;
 185    }
 186
 187#endif
 188
 189#ifndef NO_HANDSHAKE_DONE_CB
 190    static int myHsDoneCb(WOLFSSL* ssl, void* user_ctx)
 191    {
 192        (void)user_ctx;
 193        (void)ssl;
 194
 195        /* printf("Notified HandShake done\n"); */
 196
 197        /* return negative number to end TLS connection now */
 198        return 0;
 199    }
 200#endif
 201
 202static void err_sys_ex(int out, const char* msg)
 203{
 204    if (out == 1) { /* if server is running w/ -x flag, print error w/o exit */
 205        LOG_ERROR("wolfSSL error: %s\n", msg);
 206        LOG_ERROR("Continuing server execution...\n\n");
 207    } else {
 208        err_sys(msg);
 209    }
 210}
 211
 212
 213#if defined(WOLFSSL_DTLS) && defined(USE_WOLFSSL_IO)
 214
 215/* Translates return codes returned from
 216 * send() and recv() if need be.
 217 */
 218static WC_INLINE int TranslateReturnCode(int old, int sd)
 219{
 220    (void)sd;
 221
 222#if defined(FREESCALE_MQX) || defined(FREESCALE_KSDK_MQX)
 223    if (old == 0) {
 224        errno = SOCKET_EWOULDBLOCK;
 225        return -1;  /* convert to BSD style wouldblock as error */
 226    }
 227
 228    if (old < 0) {
 229        errno = RTCS_geterror(sd);
 230        if (errno == RTCSERR_TCP_CONN_CLOSING)
 231            return 0;   /* convert to BSD style closing */
 232        if (errno == RTCSERR_TCP_CONN_RLSD)
 233            errno = SOCKET_ECONNRESET;
 234        if (errno == RTCSERR_TCP_TIMED_OUT)
 235            errno = SOCKET_EAGAIN;
 236    }
 237#endif
 238
 239    return old;
 240}
 241
 242static WC_INLINE int wolfSSL_LastError(void)
 243{
 244#ifdef USE_WINDOWS_API
 245    return WSAGetLastError();
 246#elif defined(EBSNET)
 247    return xn_getlasterror();
 248#else
 249    return errno;
 250#endif
 251}
 252
 253/* wolfSSL Sock Addr */
 254struct WOLFSSL_TEST_SOCKADDR {
 255    unsigned int  sz; /* sockaddr size */
 256    SOCKADDR_IN_T sa; /* pointer to the sockaddr_in or sockaddr_in6 */
 257};
 258
 259typedef struct WOLFSSL_TEST_DTLS_CTX {
 260    struct WOLFSSL_TEST_SOCKADDR peer;
 261    int rfd;
 262    int wfd;
 263    int failOnce;
 264    word32 blockSeq;
 265} WOLFSSL_TEST_DTLS_CTX;
 266
 267
 268static WC_INLINE int PeekSeq(const char* buf, word32* seq)
 269{
 270    const char* c = buf + 3;
 271
 272    if ((c[0] | c[1] | c[2] | c[3]) == 0) {
 273        *seq = ((word32)c[4] << 24) | ((word32)c[5] << 16) |
 274                ((word32)c[6] << 8) | (word32)c[7];
 275        return 1;
 276    }
 277
 278    return 0;
 279}
 280
 281/* The send embedded callback
 282 *  return : nb bytes sent, or error
 283 */
 284static int TestEmbedSendTo(WOLFSSL* ssl, char *buf, int sz, void *ctx)
 285{
 286    WOLFSSL_TEST_DTLS_CTX* dtlsCtx = (WOLFSSL_TEST_DTLS_CTX*)ctx;
 287    int sd = dtlsCtx->wfd;
 288    int sent;
 289
 290    (void)ssl;
 291
 292    WOLFSSL_ENTER("TestEmbedSendTo");
 293
 294    if (dtlsCtx->failOnce) {
 295        word32 seq = 0;
 296
 297        if (PeekSeq(buf, &seq) && seq == dtlsCtx->blockSeq) {
 298            dtlsCtx->failOnce = 0;
 299            WOLFSSL_MSG("Forcing WANT_WRITE");
 300            return WOLFSSL_CBIO_ERR_WANT_WRITE;
 301        }
 302    }
 303
 304    sent = (int)sendto(sd, buf, (size_t)sz, 0,
 305                        (const SOCKADDR*)&dtlsCtx->peer.sa, dtlsCtx->peer.sz);
 306
 307    sent = TranslateReturnCode(sent, sd);
 308
 309    if (sent < 0) {
 310        int err = wolfSSL_LastError();
 311        WOLFSSL_MSG("Embed Send To error");
 312
 313        if (err == SOCKET_EWOULDBLOCK || err == SOCKET_EAGAIN) {
 314            WOLFSSL_MSG("\tWould Block");
 315            return WOLFSSL_CBIO_ERR_WANT_WRITE;
 316        }
 317        else if (err == SOCKET_ECONNRESET) {
 318            WOLFSSL_MSG("\tConnection reset");
 319            return WOLFSSL_CBIO_ERR_CONN_RST;
 320        }
 321        else if (err == SOCKET_EINTR) {
 322            WOLFSSL_MSG("\tSocket interrupted");
 323            return WOLFSSL_CBIO_ERR_ISR;
 324        }
 325        else if (err == SOCKET_EPIPE) {
 326            WOLFSSL_MSG("\tSocket EPIPE");
 327            return WOLFSSL_CBIO_ERR_CONN_CLOSE;
 328        }
 329        else {
 330            WOLFSSL_MSG("\tGeneral error");
 331            return WOLFSSL_CBIO_ERR_GENERAL;
 332        }
 333    }
 334
 335    return sent;
 336}
 337#endif /* WOLFSSL_DTLS && USE_WOLFSSL_IO */
 338
 339static int NonBlockingSSL_Accept(WOLFSSL* ssl)
 340{
 341#ifndef WOLFSSL_CALLBACKS
 342    int ret = wolfSSL_accept(ssl);
 343#else
 344    int ret = wolfSSL_accept_ex(ssl, srvHandShakeCB, srvTimeoutCB, srvTo);
 345#endif
 346    int error = wolfSSL_get_error(ssl, ret);
 347    SOCKET_T sockfd = (SOCKET_T)wolfSSL_get_fd(ssl);
 348    int select_ret = 0;
 349
 350    while (ret != WOLFSSL_SUCCESS &&
 351        (error == WOLFSSL_ERROR_WANT_READ || error == WOLFSSL_ERROR_WANT_WRITE
 352        #ifdef WOLFSSL_ASYNC_CRYPT
 353            || error == WC_NO_ERR_TRACE(WC_PENDING_E)
 354        #endif
 355    )) {
 356        if (error == WOLFSSL_ERROR_WANT_READ) {
 357            /* printf("... server would read block\n"); */
 358        }
 359        else if (error == WOLFSSL_ERROR_WANT_WRITE) {
 360            /* printf("... server would write block\n"); */
 361        }
 362
 363    #ifdef WOLFSSL_ASYNC_CRYPT
 364        if (error == WC_NO_ERR_TRACE(WC_PENDING_E)) {
 365            ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
 366            if (ret < 0) break;
 367        }
 368        else
 369    #endif
 370        {
 371            int currTimeout = 1;
 372
 373            if (error == WOLFSSL_ERROR_WANT_WRITE)
 374            {
 375                select_ret = tcp_select_tx(sockfd, currTimeout);
 376            }
 377            else {
 378            #ifdef WOLFSSL_DTLS
 379                if (wolfSSL_dtls(ssl))
 380                    currTimeout = wolfSSL_dtls_get_current_timeout(ssl);
 381            #endif
 382                select_ret = tcp_select(sockfd, currTimeout);
 383            }
 384        }
 385
 386        if ((select_ret == TEST_RECV_READY) || (select_ret == TEST_SEND_READY)
 387            || (select_ret == TEST_ERROR_READY)
 388        #ifdef WOLFSSL_ASYNC_CRYPT
 389            || error == WC_NO_ERR_TRACE(WC_PENDING_E)
 390        #endif
 391        ) {
 392            #ifndef WOLFSSL_CALLBACKS
 393                ret = wolfSSL_accept(ssl);
 394            #else
 395                ret = wolfSSL_accept_ex(ssl,
 396                                    srvHandShakeCB, srvTimeoutCB, srvTo);
 397            #endif
 398            error = wolfSSL_get_error(ssl, ret);
 399        }
 400        else if (select_ret == TEST_TIMEOUT && !wolfSSL_dtls(ssl)) {
 401            error = WOLFSSL_ERROR_WANT_READ;
 402        }
 403    #ifdef WOLFSSL_DTLS
 404        else if (select_ret == TEST_TIMEOUT && wolfSSL_dtls(ssl)) {
 405            ret = wolfSSL_dtls_got_timeout(ssl);
 406            if (ret != WOLFSSL_SUCCESS)
 407                error = wolfSSL_get_error(ssl, ret);
 408            else
 409                error = WOLFSSL_ERROR_WANT_READ;
 410            ret = WOLFSSL_FAILURE; /* Reset error so we loop */
 411        }
 412    #endif
 413        else {
 414            error = WOLFSSL_FATAL_ERROR;
 415        }
 416    }
 417
 418    return ret;
 419}
 420
 421/* Echo number of bytes specified by -B arg */
 422int ServerEchoData(WOLFSSL* ssl, int clientfd, int echoData, int block,
 423                   size_t throughput)
 424{
 425    int ret = 0, err;
 426    double start = 0, rx_time = 0, tx_time = 0;
 427    int len, rx_pos;
 428    size_t xfer_bytes = 0;
 429    char* buffer;
 430
 431    buffer = (char*)XMALLOC((size_t)block, NULL, DYNAMIC_TYPE_TMP_BUFFER);
 432    if (!buffer) {
 433        err_sys_ex(runWithErrors, "Server buffer malloc failed");
 434    }
 435
 436    while ((echoData && throughput == 0) ||
 437          (!echoData && xfer_bytes < throughput))
 438    {
 439        int select_ret = tcp_select(clientfd, 1); /* Timeout=1 second */
 440        if (select_ret == TEST_RECV_READY) {
 441
 442            if (throughput)
 443                len = (int)min((word32)block, (word32)(throughput - xfer_bytes));
 444            else
 445                len = block;
 446            rx_pos = 0;
 447
 448            if (throughput) {
 449                start = current_time(1);
 450            }
 451
 452            /* Read data */
 453            while (rx_pos < len) {
 454                ret = wolfSSL_read(ssl, &buffer[rx_pos], len - rx_pos);
 455                if (ret <= 0) {
 456                    err = wolfSSL_get_error(ssl, ret);
 457                #ifdef WOLFSSL_ASYNC_CRYPT
 458                    if (err == WC_NO_ERR_TRACE(WC_PENDING_E)) {
 459                        ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
 460                        if (ret < 0) break;
 461                    }
 462                    else
 463                #endif
 464                    if (err != WOLFSSL_ERROR_WANT_READ &&
 465                        err != WOLFSSL_ERROR_WANT_WRITE &&
 466                        err != WOLFSSL_ERROR_ZERO_RETURN &&
 467                        err != WC_NO_ERR_TRACE(APP_DATA_READY))
 468                    {
 469                        LOG_ERROR("SSL_read echo error %d\n", err);
 470                        err_sys_ex(runWithErrors, "SSL_read failed");
 471                        break;
 472                    }
 473                    if (err == WOLFSSL_ERROR_ZERO_RETURN) {
 474                        XFREE(buffer, NULL, DYNAMIC_TYPE_TMP_BUFFER);
 475                        return WOLFSSL_ERROR_ZERO_RETURN;
 476                    }
 477                }
 478                else {
 479                    rx_pos += ret;
 480                    if (!throughput)
 481                        break;
 482                }
 483            }
 484            if (throughput) {
 485                rx_time += current_time(0) - start;
 486                start = current_time(1);
 487            }
 488
 489            /* Write data */
 490            WOLFSSL_ASYNC_WHILE_PENDING(
 491                  ret = wolfSSL_write(ssl, buffer, (int)min((word32)len, (word32)rx_pos)),
 492                  ret <= 0);
 493            if (ret != (int)min((word32)len, (word32)rx_pos)) {
 494                err = wolfSSL_get_error(ssl, 0);
 495                LOG_ERROR("SSL_write echo error %d\n", err);
 496                err_sys_ex(runWithErrors, "SSL_write failed");
 497            }
 498
 499            if (throughput) {
 500                tx_time += current_time(0) - start;
 501            }
 502
 503            xfer_bytes += (size_t)len;
 504        }
 505    }
 506
 507    XFREE(buffer, NULL, DYNAMIC_TYPE_TMP_BUFFER);
 508
 509    if (throughput) {
 510#ifdef __MINGW32__
 511#define SIZE_FMT "%d"
 512#define SIZE_TYPE int
 513#else
 514#define SIZE_FMT "%zu"
 515#define SIZE_TYPE size_t
 516#endif
 517        if (rx_time > 0.0 && tx_time > 0.0) {
 518            printf(
 519                "wolfSSL Server Benchmark " SIZE_FMT " bytes\n"
 520                "\tRX      %8.3f ms (%8.3f MBps)\n"
 521                "\tTX      %8.3f ms (%8.3f MBps)\n",
 522                (SIZE_TYPE)throughput,
 523                (double)rx_time * 1000, (double)throughput / rx_time / 1024 / 1024,
 524                (double)tx_time * 1000, (double)throughput / tx_time / 1024 / 1024
 525            );
 526        }
 527        else {
 528            printf("Invalid rx_time: %f or tx_time: %f\n", rx_time, tx_time);
 529        }
 530    }
 531
 532    return 0;
 533}
 534
 535static void ServerRead(WOLFSSL* ssl, char* input, int inputLen)
 536{
 537    int ret, err;
 538    char buffer[WOLFSSL_MAX_ERROR_SZ];
 539
 540    /* Read data */
 541    do {
 542        err = 0; /* reset error */
 543        ret = wolfSSL_read(ssl, input, inputLen);
 544        if (ret < 0) {
 545            err = wolfSSL_get_error(ssl, ret);
 546
 547        #ifdef HAVE_SECURE_RENEGOTIATION
 548            if (err == WC_NO_ERR_TRACE(APP_DATA_READY)) {
 549                /* If we receive a message during renegotiation
 550                 * then just print it. We return the message sent
 551                 * after the renegotiation. */
 552                ret = wolfSSL_read(ssl, input, inputLen);
 553                if (ret >= 0) {
 554                    /* null terminate message */
 555                    input[ret] = '\0';
 556                    printf("Client message received during "
 557                           "secure renegotiation: %s\n", input);
 558                    err = WOLFSSL_ERROR_WANT_READ;
 559                }
 560                else {
 561                    err = wolfSSL_get_error(ssl, ret);
 562                }
 563            }
 564        #endif
 565        #ifdef WOLFSSL_ASYNC_CRYPT
 566            if (err == WC_NO_ERR_TRACE(WC_PENDING_E)) {
 567                ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
 568                if (ret < 0) break;
 569            }
 570            else
 571        #endif
 572        #ifdef WOLFSSL_DTLS
 573            if (wolfSSL_dtls(ssl) && err == WC_NO_ERR_TRACE(DECRYPT_ERROR)) {
 574                LOG_ERROR("Dropped client's message due to a bad MAC\n");
 575            }
 576            else
 577        #endif
 578            if (err != WOLFSSL_ERROR_WANT_READ
 579                    && err != WOLFSSL_ERROR_WANT_WRITE /* Can happen during
 580                                                        * handshake */
 581        #ifdef HAVE_SECURE_RENEGOTIATION
 582                    && err != WC_NO_ERR_TRACE(APP_DATA_READY)
 583        #endif
 584            ) {
 585                LOG_ERROR("SSL_read input error %d, %s\n", err,
 586                                                 wolfSSL_ERR_error_string((unsigned long)err, buffer));
 587                err_sys_ex(runWithErrors, "SSL_read failed");
 588            }
 589        }
 590        else if (wolfSSL_get_error(ssl, 0) == 0 &&
 591                            tcp_select(wolfSSL_get_fd(ssl), 0) == TEST_RECV_READY) {
 592            /* do a peek and check for "pending" */
 593            #ifdef WOLFSSL_ASYNC_CRYPT
 594            err = 0;
 595            #endif
 596            do {
 597            #ifdef WOLFSSL_ASYNC_CRYPT
 598                if (err == WC_NO_ERR_TRACE(WC_PENDING_E)) {
 599                    ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
 600                    if (ret < 0) break;
 601                }
 602            #endif
 603                ret = wolfSSL_peek(ssl, buffer, 0);
 604                err = wolfSSL_get_error(ssl, ret);
 605            } while (err == WC_NO_ERR_TRACE(WC_PENDING_E)
 606                || err == WOLFSSL_ERROR_WANT_READ
 607                || err == WOLFSSL_ERROR_WANT_WRITE);
 608            if (err < 0) {
 609                err_sys_ex(runWithErrors, "wolfSSL_peek failed");
 610            }
 611            if (wolfSSL_pending(ssl))
 612                err = WOLFSSL_ERROR_WANT_READ;
 613        }
 614    } while (err == WC_NO_ERR_TRACE(WC_PENDING_E)
 615             || err == WOLFSSL_ERROR_WANT_READ
 616             || err == WOLFSSL_ERROR_WANT_WRITE);
 617    if (ret > 0) {
 618        /* null terminate message */
 619        input[ret] = '\0';
 620        printf("Client message: %s\n", input);
 621    }
 622}
 623
 624static void ServerWrite(WOLFSSL* ssl, const char* output, int outputLen)
 625{
 626    int ret, err;
 627    int len;
 628
 629#ifdef OPENSSL_ALL
 630    /* Fuzz testing expects reply split over two msgs when TLSv1.0 or below */
 631    if (wolfSSL_GetVersion(ssl) <= WOLFSSL_TLSV1)
 632         len = outputLen / 2;
 633    else
 634#endif
 635        len = outputLen;
 636
 637    do {
 638        err = 0; /* reset error */
 639        ret = wolfSSL_write(ssl, output, len);
 640        if (ret <= 0) {
 641            err = wolfSSL_get_error(ssl, ret);
 642
 643        #ifdef WOLFSSL_ASYNC_CRYPT
 644            if (err == WC_NO_ERR_TRACE(WC_PENDING_E)) {
 645                ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
 646                if (ret < 0) break;
 647            }
 648        #endif
 649        }
 650        else if (ret != outputLen) {
 651            output += ret;
 652            len = (outputLen -= ret);
 653            err = WOLFSSL_ERROR_WANT_WRITE;
 654        }
 655    } while (err == WC_NO_ERR_TRACE(WC_PENDING_E) ||
 656             err == WOLFSSL_ERROR_WANT_WRITE);
 657    if (ret != outputLen) {
 658        char buffer[WOLFSSL_MAX_ERROR_SZ];
 659        LOG_ERROR("SSL_write msg error %d, %s\n", err,
 660                                                 wolfSSL_ERR_error_string((unsigned long)err, buffer));
 661        err_sys_ex(runWithErrors, "SSL_write failed");
 662    }
 663}
 664
 665#if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES)
 666#define MAX_GROUP_NUMBER 4
 667static void SetKeyShare(WOLFSSL* ssl, int onlyKeyShare, int useX25519,
 668                        int useX448, int usePqc, char* pqcAlg)
 669{
 670    int ret;
 671    int groups[MAX_GROUP_NUMBER] = {0};
 672    int count = 0;
 673
 674    (void)useX25519;
 675    (void)useX448;
 676    (void)usePqc;
 677    (void)pqcAlg;
 678
 679    WOLFSSL_START(WC_FUNC_CLIENT_KEY_EXCHANGE_SEND);
 680    if (onlyKeyShare == 2) {
 681        if (useX25519) {
 682    #ifdef HAVE_CURVE25519
 683            do {
 684                ret = wolfSSL_UseKeyShare(ssl, WOLFSSL_ECC_X25519);
 685                if (ret == WOLFSSL_SUCCESS)
 686                    groups[count++] = WOLFSSL_ECC_X25519;
 687            #ifdef WOLFSSL_ASYNC_CRYPT
 688                else if (ret == WC_NO_ERR_TRACE(WC_PENDING_E))
 689                    wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
 690            #endif
 691                else
 692                    err_sys("unable to use curve x25519");
 693            } while (ret == WC_NO_ERR_TRACE(WC_PENDING_E));
 694    #endif
 695        }
 696        else if (useX448) {
 697    #ifdef HAVE_CURVE448
 698            do {
 699                ret = wolfSSL_UseKeyShare(ssl, WOLFSSL_ECC_X448);
 700                if (ret == WOLFSSL_SUCCESS)
 701                    groups[count++] = WOLFSSL_ECC_X448;
 702            #ifdef WOLFSSL_ASYNC_CRYPT
 703                else if (ret == WC_NO_ERR_TRACE(WC_PENDING_E))
 704                    wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
 705            #endif
 706                else
 707                    err_sys("unable to use curve x448");
 708            } while (ret == WC_NO_ERR_TRACE(WC_PENDING_E));
 709    #endif
 710        }
 711        else if (usePqc == 1) {
 712    #ifdef WOLFSSL_HAVE_MLKEM
 713            groups[count] = 0;
 714    #ifndef WOLFSSL_NO_ML_KEM
 715        #if !defined(WOLFSSL_NO_ML_KEM_512) && \
 716                                       !defined(WOLFSSL_TLS_NO_MLKEM_STANDALONE)
 717            if (XSTRCMP(pqcAlg, "ML_KEM_512") == 0) {
 718                groups[count] = WOLFSSL_ML_KEM_512;
 719            }
 720            else
 721        #endif
 722        #if !defined(WOLFSSL_NO_ML_KEM_768) && \
 723                                       !defined(WOLFSSL_TLS_NO_MLKEM_STANDALONE)
 724            if (XSTRCMP(pqcAlg, "ML_KEM_768") == 0) {
 725                groups[count] = WOLFSSL_ML_KEM_768;
 726            }
 727            else
 728        #endif
 729        #if !defined(WOLFSSL_NO_ML_KEM_1024) && \
 730                                       !defined(WOLFSSL_TLS_NO_MLKEM_STANDALONE)
 731            if (XSTRCMP(pqcAlg, "ML_KEM_1024") == 0) {
 732                groups[count] = WOLFSSL_ML_KEM_1024;
 733            }
 734            else
 735        #endif
 736        #if !defined(WOLFSSL_NO_ML_KEM_512) && \
 737                                       defined(WOLFSSL_EXTRA_PQC_HYBRIDS)
 738            if (XSTRCMP(pqcAlg, "SecP256r1MLKEM512") == 0) {
 739                groups[count] = WOLFSSL_SECP256R1MLKEM512;
 740            }
 741            else
 742        #endif
 743        #ifndef WOLFSSL_NO_ML_KEM_768
 744            #ifdef WOLFSSL_EXTRA_PQC_HYBRIDS
 745            if (XSTRCMP(pqcAlg, "SecP384r1MLKEM768") == 0) {
 746                groups[count] = WOLFSSL_SECP384R1MLKEM768;
 747            }
 748            else
 749            #endif /* WOLFSSL_EXTRA_PQC_HYBRIDS */
 750            #ifdef WOLFSSL_PQC_HYBRIDS
 751            if (XSTRCMP(pqcAlg, "SecP256r1MLKEM768") == 0) {
 752                groups[count] = WOLFSSL_SECP256R1MLKEM768;
 753            }
 754            else
 755            #endif /* WOLFSSL_PQC_HYBRIDS */
 756        #endif
 757        #ifndef WOLFSSL_NO_ML_KEM_1024
 758            #ifdef WOLFSSL_EXTRA_PQC_HYBRIDS
 759            if (XSTRCMP(pqcAlg, "SecP521r1MLKEM1024") == 0) {
 760                groups[count] = WOLFSSL_SECP521R1MLKEM1024;
 761            }
 762            else
 763            #endif /* WOLFSSL_EXTRA_PQC_HYBRIDS */
 764            #ifdef WOLFSSL_PQC_HYBRIDS
 765            if (XSTRCMP(pqcAlg, "SecP384r1MLKEM1024") == 0) {
 766                groups[count] = WOLFSSL_SECP384R1MLKEM1024;
 767            }
 768            else
 769            #endif /* WOLFSSL_PQC_HYBRIDS */
 770        #endif
 771        #if !defined(WOLFSSL_NO_ML_KEM_512) && defined(HAVE_CURVE25519) && \
 772                                       defined(WOLFSSL_EXTRA_PQC_HYBRIDS)
 773            if (XSTRCMP(pqcAlg, "X25519MLKEM512") == 0) {
 774                groups[count] = WOLFSSL_X25519MLKEM512;
 775            }
 776            else
 777        #endif
 778        #if !defined(WOLFSSL_NO_ML_KEM_768) && defined(HAVE_CURVE25519) && \
 779            defined(WOLFSSL_PQC_HYBRIDS)
 780            if (XSTRCMP(pqcAlg, "X25519MLKEM768") == 0) {
 781                groups[count] = WOLFSSL_X25519MLKEM768;
 782            }
 783            else
 784        #endif
 785        #if !defined(WOLFSSL_NO_ML_KEM_768) && defined(HAVE_CURVE448) && \
 786                                       defined(WOLFSSL_EXTRA_PQC_HYBRIDS)
 787            if (XSTRCMP(pqcAlg, "X448MLKEM768") == 0) {
 788                groups[count] = WOLFSSL_X448MLKEM768;
 789            }
 790            else
 791        #endif
 792    #endif /* WOLFSSL_NO_ML_KEM */
 793    #ifdef WOLFSSL_MLKEM_KYBER
 794        #ifndef WOLFSSL_NO_KYBER512
 795            if (XSTRCMP(pqcAlg, "KYBER_LEVEL1") == 0) {
 796                groups[count] = WOLFSSL_KYBER_LEVEL1;
 797            }
 798            else
 799        #endif
 800        #ifndef WOLFSSL_NO_KYBER768
 801            if (XSTRCMP(pqcAlg, "KYBER_LEVEL3") == 0) {
 802                groups[count] = WOLFSSL_KYBER_LEVEL3;
 803            }
 804            else
 805        #endif
 806        #ifndef WOLFSSL_NO_KYBER1024
 807            if (XSTRCMP(pqcAlg, "KYBER_LEVEL5") == 0) {
 808                groups[count] = WOLFSSL_KYBER_LEVEL5;
 809            }
 810            else
 811        #endif
 812        #ifndef WOLFSSL_NO_KYBER512
 813            if (XSTRCMP(pqcAlg, "P256_KYBER_LEVEL1") == 0) {
 814                groups[count] = WOLFSSL_P256_KYBER_LEVEL1;
 815            }
 816            else
 817        #endif
 818        #ifndef WOLFSSL_NO_KYBER768
 819            if (XSTRCMP(pqcAlg, "P384_KYBER_LEVEL3") == 0) {
 820                groups[count] = WOLFSSL_P384_KYBER_LEVEL3;
 821            }
 822            else if (XSTRCMP(pqcAlg, "P256_KYBER_LEVEL3") == 0) {
 823                groups[count] = WOLFSSL_P256_KYBER_LEVEL3;
 824            }
 825            else
 826        #endif
 827        #ifndef WOLFSSL_NO_KYBER1024
 828            if (XSTRCMP(pqcAlg, "P521_KYBER_LEVEL5") == 0) {
 829                groups[count] = WOLFSSL_P521_KYBER_LEVEL5;
 830            }
 831            else
 832        #endif
 833        #if !defined(WOLFSSL_NO_KYBER512) && defined(HAVE_CURVE25519)
 834            if (XSTRCMP(pqcAlg, "X25519_KYBER_LEVEL1") == 0) {
 835                groups[count] = WOLFSSL_X25519_KYBER_LEVEL1;
 836            }
 837            else
 838        #endif
 839        #if !defined(WOLFSSL_NO_KYBER768) && defined(HAVE_CURVE25519)
 840            if (XSTRCMP(pqcAlg, "X25519_KYBER_LEVEL3") == 0) {
 841                groups[count] = WOLFSSL_X25519_KYBER_LEVEL3;
 842            }
 843            else
 844        #endif
 845        #if !defined(WOLFSSL_NO_KYBER768) && defined(HAVE_CURVE448)
 846            if (XSTRCMP(pqcAlg, "X448_KYBER_LEVEL3") == 0) {
 847                groups[count] = WOLFSSL_X448_KYBER_LEVEL3;
 848            }
 849            else
 850        #endif
 851    #endif
 852            {
 853                err_sys("invalid post-quantum KEM specified");
 854            }
 855
 856            if (groups[count] == 0) {
 857                err_sys("invalid post-quantum KEM specified");
 858            }
 859            else {
 860                do {
 861                    ret = wolfSSL_UseKeyShare(ssl, groups[count]);
 862                    if (ret == WOLFSSL_SUCCESS) {
 863                        printf("Using Post-Quantum KEM: %s\n", pqcAlg);
 864                        count++;
 865                    }
 866                #ifdef WOLFSSL_ASYNC_CRYPT
 867                    else if (ret == WC_NO_ERR_TRACE(WC_PENDING_E))
 868                        wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
 869                #endif
 870                    else {
 871                        groups[count] = 0;
 872                        err_sys("unable to use post-quantum algorithm");
 873                    }
 874                } while (ret == WC_NO_ERR_TRACE(WC_PENDING_E));
 875            }
 876    #endif
 877        }
 878        else {
 879    #ifdef HAVE_ECC
 880        #if !defined(NO_ECC256) || defined(HAVE_ALL_CURVES)
 881            do {
 882                ret = wolfSSL_UseKeyShare(ssl, WOLFSSL_ECC_SECP256R1);
 883                if (ret == WOLFSSL_SUCCESS)
 884                    groups[count++] = WOLFSSL_ECC_SECP256R1;
 885            #ifdef WOLFSSL_ASYNC_CRYPT
 886                else if (ret == WC_NO_ERR_TRACE(WC_PENDING_E))
 887                    wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
 888            #endif
 889                else
 890                    err_sys("unable to use curve secp256r1");
 891            } while (ret == WC_NO_ERR_TRACE(WC_PENDING_E));
 892        #elif defined(WOLFSSL_SM2)
 893            do {
 894                ret = wolfSSL_UseKeyShare(ssl, WOLFSSL_ECC_SM2P256V1);
 895                if (ret == WOLFSSL_SUCCESS)
 896                    groups[count++] = WOLFSSL_ECC_SM2P256V1;
 897            #ifdef WOLFSSL_ASYNC_CRYPT
 898                else if (ret == WC_NO_ERR_TRACE(WC_PENDING_E))
 899                    wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
 900            #endif
 901                else
 902                    err_sys("unable to use curve sm2p256r1");
 903            } while (ret == WC_NO_ERR_TRACE(WC_PENDING_E));
 904        #endif
 905    #endif
 906        }
 907    }
 908    if (onlyKeyShare == 1) {
 909    #ifdef HAVE_FFDHE_2048
 910        do {
 911            ret = wolfSSL_UseKeyShare(ssl, WOLFSSL_FFDHE_2048);
 912            if (ret == WOLFSSL_SUCCESS)
 913                groups[count++] = WOLFSSL_FFDHE_2048;
 914        #ifdef WOLFSSL_ASYNC_CRYPT
 915            else if (ret == WC_NO_ERR_TRACE(WC_PENDING_E))
 916                wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
 917        #endif
 918            else
 919                err_sys("unable to use DH 2048-bit parameters");
 920        } while (ret == WC_NO_ERR_TRACE(WC_PENDING_E));
 921    #endif
 922    }
 923    if (count >= MAX_GROUP_NUMBER)
 924        err_sys("example group array size error");
 925    if (count > 0) {
 926        if (wolfSSL_set_groups(ssl, groups, count) != WOLFSSL_SUCCESS)
 927            err_sys("unable to set groups");
 928    }
 929    WOLFSSL_END(WC_FUNC_CLIENT_KEY_EXCHANGE_SEND);
 930}
 931#endif /* WOLFSSL_TLS13 && HAVE_SUPPORTED_CURVES */
 932
 933
 934/* when adding new option, please follow the steps below: */
 935/*  1. add new option message in English section          */
 936/*  2. increase the number of the second column           */
 937/*  3. increase the array dimension                       */
 938/*  4. add the same message into Japanese section         */
 939/*     (will be translated later)                         */
 940/*  5. add printf() into suitable position of Usage()     */
 941static const char* server_usage_msg[][71] = {
 942    /* English */
 943    {
 944        " NOTE: All files relative to wolfSSL home dir\n",               /* 0 */
 945        "-? <num>    Help, print this usage\n"
 946           "            0: English, 1: Japanese\n"
 947           "--help      Help, in English\n",                             /* 1 */
 948        "-p <num>    Port to listen on, not 0, default",                 /* 2 */
 949#ifndef WOLFSSL_TLS13
 950        "-v <num>    SSL version [0-3], SSLv3(0) - TLS1.2(3)), default", /* 3 */
 951#else
 952        "-v <num>    SSL version [0-4], SSLv3(0) - TLS1.3(4)), default", /* 3 */
 953#endif
 954        "-l <str>    Cipher suite list (: delimited)\n",                 /* 4 */
 955        "-c <file>   Certificate file,           default",               /* 5 */
 956        "-k <file>   Key file,                   default",               /* 6 */
 957        "-A <file>   Certificate Authority file, default",               /* 7 */
 958        "-R <file>   Create Ready file for external monitor"
 959                                                     " default none\n",  /* 8 */
 960#ifndef NO_DH
 961        "-D <file>   Diffie-Hellman Params file, default",               /* 9 */
 962        "-Z <num>    Minimum DH key bits,        default",              /* 10 */
 963#endif
 964#ifdef HAVE_ALPN
 965        "-L <str>    Application-Layer Protocol Negotiation"
 966                                                  " ({C,F}:<list>)\n",  /* 11 */
 967#endif
 968        "-d          Disable client cert check\n",                      /* 12 */
 969        "-b          Bind to any interface instead of localhost only\n",/* 13 */
 970        "-s          Use pre Shared keys\n",                            /* 14 */
 971#ifndef WOLFSSL_DTLS13
 972        "-u          Use UDP DTLS, add -v 2 for DTLSv1, -v 3 for DTLSv1.2"
 973            " (default)\n",                                             /* 15 */
 974#else
 975        "-u          Use UDP DTLS, add -v 2 for DTLSv1, -v 3 for DTLSv1.2"
 976            " (default), -v 4 for DTLSv1.3\n",                          /* 15 */
 977#endif /* !WOLFSSL_DTLS13 */
 978#ifdef WOLFSSL_SCTP
 979        "-G          Use SCTP DTLS,"
 980           " add -v 2 for DTLSv1, -v 3 for DTLSv1.2 (default)\n",       /* 16 */
 981#endif
 982        "-f          Fewer packets/group messages\n",                   /* 17 */
 983        "-r          Allow one client Resumption\n",                    /* 18 */
 984        "-N          Use Non-blocking sockets\n",                       /* 19 */
 985        "-S <str>    Use Host Name Indication\n",                       /* 20 */
 986        "-w          Wait for bidirectional shutdown\n",                /* 21 */
 987#ifdef HAVE_OCSP
 988        "-o          Perform OCSP lookup on peer certificate\n",        /* 22 */
 989        "-O <url>    Perform OCSP lookup using <url> as responder\n",   /* 23 */
 990#endif
 991#ifdef HAVE_PK_CALLBACKS
 992        "-P          Public Key Callbacks\n",                           /* 24 */
 993#endif
 994#ifdef HAVE_ANON
 995        "-a          Anonymous server\n",                               /* 25 */
 996#endif
 997#ifndef NO_PSK
 998        "-I          Do not send PSK identity hint\n",                  /* 26 */
 999#endif
1000        "-x          Print server errors but do not close connection\n",/* 27 */
1001        "-i          Loop indefinitely (allow repeated connections)\n", /* 28 */
1002        "-e          Echo data mode (return raw bytes received)\n",     /* 29 */
1003        "-B <num>    Benchmark throughput"
1004                            " using <num> bytes and print stats\n",     /* 31 */
1005#ifdef HAVE_CRL
1006        "-V          Disable CRL\n",                                    /* 32 */
1007#endif
1008#ifdef WOLFSSL_TRUST_PEER_CERT
1009        "-E <file>   Path to load trusted peer cert\n",                 /* 33 */
1010#endif
1011#ifdef HAVE_WNR
1012        "-q <file>   Whitewood config file,      default",              /* 34 */
1013#endif
1014        "-g          Return basic HTML web page\n",                     /* 35 */
1015        "-C <num>    The number of connections to accept, default: 1\n",/* 36 */
1016        "-H <arg>    Internal tests"
1017            " [defCipherList, exitWithRet, verifyFail, useSupCurve,\n", /* 37 */
1018        "                            loadSSL, disallowETM]\n",          /* 38 */
1019#ifdef WOLFSSL_TLS13
1020        "-U          Update keys and IVs before sending\n",             /* 39 */
1021        "-K          Key Exchange for PSK not using (EC)DHE\n",         /* 40 */
1022#ifndef NO_DH
1023        "-y          Pre-generate Key Share using FFDHE_2048 only\n",   /* 41 */
1024#endif
1025#ifdef HAVE_ECC
1026        "-Y          Pre-generate Key Share using P-256 only \n",       /* 42 */
1027#endif
1028#ifdef HAVE_CURVE25519
1029        "-t          Pre-generate Key share using Curve25519 only\n",   /* 43 */
1030#endif
1031#endif /* WOLFSSL_TLS13 */
1032#ifdef HAVE_SESSION_TICKET
1033#if defined(WOLFSSL_NO_TLS12) && defined(NO_OLD_TLS)
1034        "-T          Do not generate session ticket\n",                 /* 44 */
1035#else
1036        "-T [aon]    Do not generate session ticket\n",                 /* 44 */
1037        "            No option affects TLS 1.3 only, 'a' affects all"
1038            " protocol versions,\n",                                    /* 45 */
1039        "            'o' affects TLS 1.2 and below only\n",             /* 46 */
1040        "            'n' affects TLS 1.3 only\n",                       /* 47 */
1041#endif
1042#endif
1043#ifdef WOLFSSL_TLS13
1044        "-F          Send alert if no mutual authentication\n",         /* 48 */
1045#ifdef WOLFSSL_POST_HANDSHAKE_AUTH
1046        "-Q          Request certificate from client post-handshake\n", /* 49 */
1047#endif
1048#ifdef WOLFSSL_SEND_HRR_COOKIE
1049        "-J [n]      Server sends Cookie Extension containing state (n to "
1050        "disable)\n", /* 50 */
1051#endif
1052#endif /* WOLFSSL_TLS13 */
1053#ifdef WOLFSSL_EARLY_DATA
1054        "-0          Early data read from client (0-RTT handshake)\n",  /* 51 */
1055#endif
1056#ifdef WOLFSSL_MULTICAST
1057        "-3 <grpid>  Multicast, grpid < 256\n",                         /* 52 */
1058#endif
1059        "-1 <num>    Display a result by specified language."
1060                             "\n            0: English, 1: Japanese\n", /* 53 */
1061#ifdef HAVE_TRUSTED_CA
1062        "-5          Use Trusted CA Key Indication\n",                  /* 54 */
1063#endif
1064        "-6          Simulate WANT_WRITE errors on every other IO send\n",
1065                                                                        /* 55 */
1066#ifdef HAVE_CURVE448
1067        "-8          Pre-generate Key share using Curve448 only\n",     /* 56 */
1068#endif
1069#if defined(OPENSSL_ALL) && defined(WOLFSSL_CERT_GEN) && \
1070    (defined(WOLFSSL_CERT_REQ) || defined(WOLFSSL_CERT_EXT)) && \
1071    !defined(NO_FILESYSTEM) && !defined(NO_WOLFSSL_DIR)
1072        "-9          Use hash dir look up for certificate loading\n"
1073        "            loading from <wolfSSL home>/certs folder\n"
1074        "            files in the folder would have the form \"hash.N\" file name\n"
1075        "            e.g symbolic link to the file at certs folder\n"
1076        "            ln -s client-ca.pem  `openssl x509 -in client-ca.pem -hash -noout`.0\n",
1077                                                                        /* 57 */
1078#endif
1079#if defined(WOLFSSL_WOLFSENTRY_HOOKS) && !defined(NO_FILESYSTEM) && !defined(WOLFSENTRY_NO_JSON)
1080        "--wolfsentry-config <file>    Path for JSON wolfSentry config\n",
1081                                                                        /* 58 */
1082#endif
1083#ifndef WOLFSSL_TLS13
1084        "-7          Set minimum downgrade protocol version [0-3] "
1085        " SSLv3(0) - TLS1.2(3)\n",
1086#else
1087        "-7          Set minimum downgrade protocol version [0-4] "
1088           " SSLv3(0) - TLS1.3(4)\n",                                   /* 59 */
1089#endif
1090#ifdef WOLFSSL_HAVE_MLKEM
1091        "--pqc <alg> Key Share with specified post-quantum algorithm only:\n"
1092#ifndef WOLFSSL_NO_ML_KEM
1093            "            ML_KEM_512, ML_KEM_768, ML_KEM_1024,\n"
1094            "            SecP256r1MLKEM512,\n"
1095            "            SecP384r1MLKEM768,\n"
1096            "            SecP521r1MLKEM1024,\n"
1097            "            SecP256r1MLKEM768,\n"
1098            "            SecP521r1MLKEM1024,\n"
1099            "            SecP384r1MLKEM1024,\n"
1100            "            X25519MLKEM512,\n"
1101            "            X25519MLKEM768,\n"
1102            "            X448MLKEM768\n"
1103#endif
1104#ifdef WOLFSSL_MLKEM_KYBER
1105            "            KYBER_LEVEL1, KYBER_LEVEL3, KYBER_LEVEL5, "
1106            "P256_KYBER_LEVEL1,\n"
1107            "            P384_KYBER_LEVEL3, P256_KYBER_LEVEL3, "
1108            "P521_KYBER_LEVEL5,\n"
1109            "            X25519_KYBER_LEVEL1, X25519_KYBER_LEVEL3, "
1110            "X448_KYBER_LEVEL3\n"
1111#endif
1112            "",
1113                                                                        /* 60 */
1114#endif
1115#ifdef WOLFSSL_SRTP
1116        "--srtp <profile> (default is SRTP_AES128_CM_SHA1_80)\n",       /* 61 */
1117#endif
1118#if defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET)
1119        "--send-ticket    Send a new session ticket during application data\n",
1120                                                                        /* 62 */
1121#endif
1122#ifdef CAN_FORCE_CURVE
1123        "--force-curve [<curve>] Pre-generate a Key Share using <curve>.\n"
1124            "                        Leave <curve> blank to list all curves.\n"
1125            "                        Note: requires TLS1.3\n",
1126                                                                        /* 63 */
1127#endif
1128#ifdef HAVE_SUPPORTED_CURVES
1129        "--onlyPskDheKe Must use DHE key exchange with PSK\n",          /* 64 */
1130#endif
1131#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_CERT_WITH_EXTERN_PSK) && \
1132    !defined(NO_PSK)
1133        "--psk-with-certs  Use TLS 1.3 PSK with certificates\n",        /* 65 */
1134#endif
1135#ifdef WOLFSSL_DUAL_ALG_CERTS
1136        "--altPrivKey <file> Generate alternative signature with this key.\n", /* 66 */
1137#endif
1138#ifdef WOLFSSL_SYS_CRYPTO_POLICY
1139        "--crypto-policy  <path to crypto policy file>\n", /* 67 */
1140#endif
1141#if defined(WOLFSSL_TLS13) && defined(HAVE_ECH)
1142        "--ech <name>  Generate Encrypted Client Hello config with "
1143            "public name <name>\n",
1144                                                                        /* 68 */
1145        "--ech-suite <KEM,KDF,AEAD>  HPKE suite to use for ech config.\n"
1146            "                            Supplied as 3 integers (ex: 32,1,3)\n",
1147                                                                        /* 69 */
1148#endif
1149        "\n"
1150           "For simpler wolfSSL TLS server examples, visit\n"
1151           "https://github.com/wolfSSL/wolfssl-examples/tree/master/tls\n",
1152                                                                        /* 70 */
1153        NULL,
1154    },
1155#ifndef NO_MULTIBYTE_PRINT
1156    /* Japanese */
1157    {
1158        " 注意 : 全てのファイルは"
1159        " wolfSSL ホーム・ディレクトリからの相対です。\n",               /* 0 */
1160        "-? <num>    ヘルプ, 使い方を表示\n"
1161        "            0: 英語、 1: 日本語\n"
1162        "--ヘルプ    日本語で使い方を表示\n",                            /* 1 */
1163        "-p <num>    接続先ポート, 0は無効, 既定値",                     /* 2 */
1164#ifndef WOLFSSL_TLS13
1165        "-v <num>    SSL バージョン [0-3], SSLv3(0) - TLS1.2(3)),"
1166                                                            " 既定値",   /* 3 */
1167#else
1168        "-v <num>    SSL バージョン [0-4], SSLv3(0) - TLS1.3(4)),"
1169                                                            " 既定値",   /* 3 */
1170#endif
1171        "-l <str>    暗号スイートリスト (区切り文字 :)\n",               /* 4 */
1172        "-c <file>   証明書ファイル,  既定値",                           /* 5 */
1173        "-k <file>   鍵ファイル,      既定値",                           /* 6 */
1174        "-A <file>   認証局ファイル,  既定値",                           /* 7 */
1175        "-R <file>   外部モニタ用の準備完了ファイルを作成する。"
1176                                                      "既定値  なし\n",  /* 8 */
1177#ifndef NO_DH
1178        "-D <file>   ディフィー・ヘルマンのパラメータファイル,"
1179                                                     " 既定値",          /* 9 */
1180        "-Z <num>    最小 DH 鍵 ビット, 既定値",                        /* 10 */
1181#endif
1182#ifdef HAVE_ALPN
1183        "-L <str>    アプリケーション層プロトコルネゴシエーションを行う"
1184                                                  " ({C,F}:<list>)\n",  /* 11 */
1185#endif
1186        "-d          クライアント認証を無効とする\n",                   /* 12 */
1187        "-b          ローカルホスト以外のインターフェースへも"
1188                                                "バインドする\n",       /* 13 */
1189        "-s          事前共有鍵を使用する\n",                           /* 14 */
1190        "-u          UDP DTLSを使用する。\n"
1191
1192#ifndef WOLFSSL_DTLS13
1193        "           -v 2 を追加指定するとDTLSv1, "
1194                    "-v 3 を追加指定すると DTLSv1.2 (既定値)\n",        /* 15 */
1195#else
1196        "           -v 2 を追加指定するとDTLSv1, "
1197                    "-v 3 を追加指定すると DTLSv1.2 (既定値),\n"
1198        "           -v 4 を追加指定すると DTLSv1.3\n",                  /* 15 */
1199#endif /* !WOLFSSL_DTLS13 */
1200#ifdef WOLFSSL_SCTP
1201        "-G          SCTP DTLSを使用する。-v 2 を追加指定すると"
1202              " DTLSv1, -v 3 を追加指定すると DTLSv1.2 (既定値)\n",     /* 16 */
1203#endif
1204        "-f          より少ないパケット/グループメッセージを使用する\n",/* 17 */
1205        "-r          クライアントの再開を許可する\n",                   /* 18 */
1206        "-N          ノンブロッキング・ソケットを使用する\n",           /* 19 */
1207        "-S <str>    ホスト名表示を使用する\n",                         /* 20 */
1208        "-w          双方向シャットダウンを待つ\n",                     /* 21 */
1209#ifdef HAVE_OCSP
1210        "-o          OCSPルックアップをピア証明書で実施する\n",         /* 22 */
1211        "-O <url>    OCSPルックアップを、"
1212                        "<url>を使用し応答者として実施する\n",          /* 23 */
1213#endif
1214#ifdef HAVE_PK_CALLBACKS
1215        "-P          公開鍵コールバック\n",                             /* 24 */
1216#endif
1217#ifdef HAVE_ANON
1218        "-a          匿名サーバー\n",                                   /* 25 */
1219#endif
1220#ifndef NO_PSK
1221        "-I          PSKアイデンティティのヒントを送信しない\n",        /* 26 */
1222#endif
1223        "-x          サーバーエラーを出力するが接続を切断しない\n",     /* 27 */
1224        "-i          無期限にループする(繰り返し接続を許可)\n",         /* 28 */
1225        "-e          エコー・データモード"
1226                                   "(受け取ったバイトデータを返す)\n",  /* 29 */
1227        "-B <num>    <num> バイトを用いてのベンチマーク・スループット"
1228                                          "測定と結果を出力する\n",     /* 31 */
1229#ifdef HAVE_CRL
1230        "-V          CRLを無効とする\n",                                /* 32 */
1231#endif
1232#ifdef WOLFSSL_TRUST_PEER_CERT
1233        "-E <file>   信頼出来るピアの証明書ロードの為のパス\n\n",       /* 33 */
1234#endif
1235#ifdef HAVE_WNR
1236        "-q <file>   Whitewood コンフィグファイル,      既定値",        /* 34 */
1237#endif
1238        "-g          基本的な Web ページを返す\n",                      /* 35 */
1239        "-C <num>    アクセプト可能な接続数を指定する。既定値: 1\n",    /* 36 */
1240        "-H <arg>    内部テスト"
1241            " [defCipherList, exitWithRet, verifyFail, useSupCurve,\n", /* 37 */
1242        "                            loadSSL, disallowETM]\n",          /* 38 */
1243#ifdef WOLFSSL_TLS13
1244        "-U          データ送信前に、鍵とIVを更新する\n",               /* 39 */
1245        "-K          鍵交換にPSKを使用、(EC)DHEは使用しない\n",         /* 40 */
1246#ifndef NO_DH
1247        "-y          FFDHE_2048のみを使用して鍵共有を事前生成する\n",   /* 41 */
1248#endif
1249#ifdef HAVE_ECC
1250        "-Y          P-256のみを使用したキー共有の事前生成\n",          /* 42 */
1251#endif
1252#ifdef HAVE_CURVE25519
1253        "-t          Curve25519のみを使用して鍵共有を事前生成する\n",   /* 43 */
1254#endif
1255#endif /* WOLFSSL_TLS13 */
1256#if defined(WOLFSSL_NO_TLS12) && defined(NO_OLD_TLS)
1257        "-T          セッションチケットを生成しない\n",                 /* 44 */
1258#else
1259        "-T [aon]    セッションチケットを生成しない\n",                 /* 44 */
1260        "            オプション指定なしの場合、TLS 1.3 にだけ有効\n"
1261        "           'a' を指定した場合、"
1262                    "全てのプロトコルバージョンに有効\n"                /* 45 */
1263        "           'o' を指定した場合、TLS 1.2 及び"
1264                               "それ以下のプロトコルバージョンに有効\n" /* 46 */
1265        "           'n' を指定した場合、TLS 1.3 にのみ有効\n",          /* 47 */
1266
1267#endif
1268#ifdef WOLFSSL_TLS13
1269        "-F          相互認証が無い場合にalert を送信\n",               /* 48 */
1270#ifdef WOLFSSL_POST_HANDSHAKE_AUTH
1271        "-Q          クライアントのポストハンドシェイクから"
1272                                              "証明書を要求する\n",     /* 49 */
1273#endif
1274#ifdef WOLFSSL_SEND_HRR_COOKIE
1275        "-J          サーバーの状態を含むTLS Cookie 拡張を送信する\n",  /* 50 */
1276#endif
1277#endif /* WOLFSSL_TLS13 */
1278#ifdef WOLFSSL_EARLY_DATA
1279        "-0          クライアントからの Early Data 読み取り"
1280                                      "（0-RTTハンドシェイク）\n",      /* 51 */
1281#endif
1282#ifdef WOLFSSL_MULTICAST
1283        "-3 <grpid>  マルチキャスト, grpid < 256\n",                    /* 52 */
1284#endif
1285        "-1 <num>    指定された言語で結果を表示します。"
1286                                 "\n            0: 英語、 1: 日本語\n", /* 53 */
1287#ifdef HAVE_TRUSTED_CA
1288        "-5          信頼できる認証局の鍵表示を使用する\n",             /* 54 */
1289#endif
1290        "-6          交互の IO 送信で WANT_WRITE エラー"
1291                                           "をシュミレート\n",
1292                                                                        /* 55 */
1293#ifdef HAVE_CURVE448
1294        "-8          Curve448のみを使用して鍵共有を事前生成する\n",     /* 56 */
1295#endif
1296#if defined(OPENSSL_ALL) && defined(WOLFSSL_CERT_GEN) && \
1297    (defined(WOLFSSL_CERT_REQ) || defined(WOLFSSL_CERT_EXT)) && \
1298    !defined(NO_FILESYSTEM) && !defined(NO_WOLFSSL_DIR)
1299        "-9          証明書の読み込みに hash dir 機能を使用する\n"
1300        "            <wolfSSL home>/certs フォルダーからロードします\n"
1301        "            フォルダー中のファイルは、\"hash.N\"[N:0-9]名である必要があります\n"
1302        "            以下の例ではca-cert.pemにシンボリックリンクを設定します\n"
1303        "            ln -s client-ca.pem  `openssl x509 -in client-ca.pem -hash -noout`.0\n",
1304                                                                        /* 57 */
1305#endif
1306#if defined(WOLFSSL_WOLFSENTRY_HOOKS) && !defined(NO_FILESYSTEM) && !defined(WOLFSENTRY_NO_JSON)
1307        "--wolfsentry-config <file>    wolfSentry コンフィグファイル\n",
1308                                                                       /* 58 */
1309#endif
1310#ifndef WOLFSSL_TLS13
1311        "-7          最小ダウングレード可能なプロトコルバージョンを設定します [0-3] "
1312        " SSLv3(0) - TLS1.2(3)\n",
1313#else
1314        "-7          最小ダウングレード可能なプロトコルバージョンを設定します [0-4] "
1315        " SSLv3(0) - TLS1.3(4)\n",                          /* 59 */
1316#endif
1317#ifdef WOLFSSL_HAVE_MLKEM
1318        "--pqc <alg> post-quantum 名前付きグループとの鍵共有のみ:\n"
1319#ifndef WOLFSSL_NO_ML_KEM
1320            "            ML_KEM_512, ML_KEM_768, ML_KEM_1024,"
1321            "            SecP256r1MLKEM512,\n"
1322            "            SecP384r1MLKEM768,\n"
1323            "            SecP521r1MLKEM1024,\n"
1324            "            SecP256r1MLKEM768,\n"
1325            "            SecP521r1MLKEM1024,\n"
1326            "            SecP384r1MLKEM1024,\n"
1327            "            X25519MLKEM512,\n"
1328            "            X25519MLKEM768,\n"
1329            "            X448MLKEM768\n"
1330#endif
1331#ifdef WOLFSSL_MLKEM_KYBER
1332            "            KYBER_LEVEL1, KYBER_LEVEL3, KYBER_LEVEL5, "
1333            "P256_KYBER_LEVEL1,\n"
1334            "            P384_KYBER_LEVEL3, P521_KYBER_LEVEL5\n"
1335#endif
1336            "",
1337                                                                        /* 60 */
1338#endif
1339#ifdef WOLFSSL_SRTP
1340        "--srtp <profile> (デフォルトはSRTP_AES128_CM_SHA1_80)\n",       /* 61 */
1341#endif
1342#if defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET)
1343        "--send-ticket    Application data 中に新しい"
1344                                             "セッションチケットを送信します\n",
1345                                                                        /* 62 */
1346#endif
1347#ifdef CAN_FORCE_CURVE
1348        /* TODO: Need Japanese translation */
1349        "--force-curve [<curve>] Pre-generate a Key Share using <curve>.\n"
1350            "                        Leave <curve> blank to list all curves.\n"
1351            "                        Note: requires TLS1.3\n",
1352                                                                        /* 63 */
1353#endif
1354#ifdef HAVE_SUPPORTED_CURVES
1355        "--onlyPskDheKe Must use DHE key exchange with PSK\n",          /* 64 */
1356#endif
1357#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_CERT_WITH_EXTERN_PSK) && \
1358    !defined(NO_PSK)
1359        "--psk-with-certs  Use TLS 1.3 PSK with certificates\n",        /* 65 */
1360#endif
1361#ifdef WOLFSSL_DUAL_ALG_CERTS
1362        "--altPrivKey <file> Generate alternative signature with this key.\n", /* 66 */
1363#endif
1364#ifdef WOLFSSL_SYS_CRYPTO_POLICY
1365        "--crypto-policy  <path to crypto policy file>\n", /* 67 */
1366#endif
1367#if defined(WOLFSSL_TLS13) && defined(HAVE_ECH)
1368        "--ech <name>  Generate Encrypted Client Hello config with "
1369            "public name <name>\n",
1370                                                                        /* 68 */
1371        "--ech-suite <KEM,KDF,AEAD>  HPKE suite to use for ech config.\n"
1372            "                            Supplied as 3 integers (ex: 32,1,3)\n",
1373                                                                        /* 69 */
1374#endif
1375        "\n"
1376        "より簡単なwolfSSL TSL クライアントの例については"
1377                                          "下記にアクセスしてください\n"
1378        "https://github.com/wolfSSL/wolfssl-examples/tree/master/tls\n",
1379                                                                        /* 70 */
1380        NULL,
1381    },
1382#endif
1383};
1384
1385static void Usage(void)
1386{
1387    int msgId = 0;
1388    const char** msg = server_usage_msg[lng_index];
1389
1390    printf("%s%s%s", "server ", LIBWOLFSSL_VERSION_STRING,
1391           msg[msgId]);
1392    printf("%s", msg[++msgId]);                     /* ? */
1393    printf("%s %d\n", msg[++msgId], wolfSSLPort);   /* -p */
1394#ifndef WOLFSSL_TLS13
1395    printf("%s %d\n", msg[++msgId], SERVER_DEFAULT_VERSION); /* -v */
1396#else
1397    printf("%s %d\n", msg[++msgId], SERVER_DEFAULT_VERSION); /* -v */
1398#endif
1399    printf("%s", msg[++msgId]);     /* -l */
1400    printf("%s %s\n", msg[++msgId], svrCertFile);    /* -c */
1401    printf("%s %s\n", msg[++msgId], svrKeyFile);     /* -k */
1402    printf("%s %s\n", msg[++msgId], cliCertFile);    /* -A */
1403    printf("%s", msg[++msgId]);     /* -R */
1404#ifndef NO_DH
1405    printf("%s %s\n", msg[++msgId], dhParamFile);           /* -D */
1406    printf("%s %d\n", msg[++msgId], DEFAULT_MIN_DHKEY_BITS);/* -Z */
1407#endif
1408#ifdef HAVE_ALPN
1409    printf("%s", msg[++msgId]);     /* -L */
1410#endif
1411    printf("%s", msg[++msgId]);     /* -d */
1412    printf("%s", msg[++msgId]);     /* -b */
1413    printf("%s", msg[++msgId]);     /* -s */
1414    printf("%s", msg[++msgId]);     /* -u */
1415#ifdef WOLFSSL_SCTP
1416    printf("%s", msg[++msgId]);     /* -G */
1417#endif
1418    printf("%s", msg[++msgId]);     /* -f */
1419    printf("%s", msg[++msgId]);     /* -r */
1420    printf("%s", msg[++msgId]);     /* -N */
1421    printf("%s", msg[++msgId]);     /* -S */
1422    printf("%s", msg[++msgId]);     /* -w */
1423#ifdef HAVE_SECURE_RENEGOTIATION
1424    printf("-M          Allow Secure Renegotiation\n");
1425    printf("-m          Force Server Initiated Secure Renegotiation\n");
1426#endif /* HAVE_SECURE_RENEGOTIATION */
1427#ifdef HAVE_OCSP
1428    printf("%s", msg[++msgId]);     /* -o */
1429    printf("%s", msg[++msgId]);     /* -O */
1430#endif
1431#ifdef HAVE_PK_CALLBACKS
1432    printf("%s", msg[++msgId]);     /* -P */
1433#endif
1434#ifdef HAVE_ANON
1435    printf("%s", msg[++msgId]);     /* -a */
1436#endif
1437#ifndef NO_PSK
1438    printf("%s", msg[++msgId]);     /* -I */
1439#endif
1440    printf("%s", msg[++msgId]);     /* -x */
1441    printf("%s", msg[++msgId]);     /* -i */
1442    printf("%s", msg[++msgId]);     /* -e */
1443    printf("%s", msg[++msgId]);     /* -B */
1444#ifdef HAVE_CRL
1445    printf("%s", msg[++msgId]);     /* -V */
1446#endif
1447#ifdef WOLFSSL_TRUST_PEER_CERT
1448    printf("%s", msg[++msgId]);     /* -E */
1449#endif
1450#ifdef HAVE_WNR
1451    printf("%s %s\n", msg[++msgId], wnrConfig);  /* -q */
1452#endif
1453    printf("%s", msg[++msgId]);     /* -g */
1454    printf("%s", msg[++msgId]);     /* -C */
1455    printf("%s", msg[++msgId]);     /* -H */
1456    printf("%s", msg[++msgId]);     /* more -H options */
1457#ifdef WOLFSSL_TLS13
1458    printf("%s", msg[++msgId]);     /* -U */
1459    printf("%s", msg[++msgId]);     /* -K */
1460#ifndef NO_DH
1461    printf("%s", msg[++msgId]);     /* -y */
1462#endif
1463#ifdef HAVE_ECC
1464    printf("%s", msg[++msgId]);     /* -Y */
1465#endif
1466#ifdef HAVE_CURVE25519
1467    printf("%s", msg[++msgId]);     /* -t */
1468#endif
1469#endif /* WOLFSSL_TLS13 */
1470#ifdef HAVE_SESSION_TICKET
1471    printf("%s", msg[++msgId]);     /* -T */
1472    #if !defined(WOLFSSL_NO_TLS12) || !defined(NO_OLD_TLS)
1473    printf("%s", msg[++msgId]);     /* -T */
1474    printf("%s", msg[++msgId]);     /* -T */
1475    printf("%s", msg[++msgId]);     /* -T */
1476    #endif
1477#endif
1478#ifdef WOLFSSL_TLS13
1479    printf("%s", msg[++msgId]);     /* -F */
1480#ifdef WOLFSSL_POST_HANDSHAKE_AUTH
1481    printf("%s", msg[++msgId]);     /* -Q */
1482#endif
1483#ifdef WOLFSSL_SEND_HRR_COOKIE
1484    printf("%s", msg[++msgId]);     /* -J */
1485#endif
1486#endif /* WOLFSSL_TLS13 */
1487#ifdef WOLFSSL_EARLY_DATA
1488    printf("%s", msg[++msgId]);     /* -0 */
1489#endif
1490#if !defined(NO_DH) && !defined(HAVE_FIPS) && \
1491    !defined(HAVE_SELFTEST) && !defined(WOLFSSL_OLD_PRIME_CHECK)
1492    printf("-2          Disable DH Prime check\n");
1493#endif
1494#ifdef WOLFSSL_DTLS
1495    printf("-4 <seq>    DTLS fake would-block for message seq\n");
1496#endif
1497#ifdef WOLFSSL_MULTICAST
1498    printf("%s", msg[++msgId]);     /* -3 */
1499#endif
1500    printf("%s", msg[++msgId]);     /* -1 */
1501#ifdef HAVE_TRUSTED_CA
1502    printf("%s", msg[++msgId]);     /* -5 */
1503#endif /* HAVE_TRUSTED_CA */
1504    printf("%s", msg[++msgId]);     /* -6 */
1505#ifdef HAVE_CURVE448
1506    printf("%s", msg[++msgId]);     /* -8 */
1507#endif
1508#if defined(OPENSSL_ALL) && defined(WOLFSSL_CERT_GEN) && \
1509    (defined(WOLFSSL_CERT_REQ) || defined(WOLFSSL_CERT_EXT)) && \
1510    !defined(NO_FILESYSTEM) && !defined(NO_WOLFSSL_DIR)
1511    printf("%s", msg[++msgId]); /* -9 */
1512#endif
1513#if defined(WOLFSSL_WOLFSENTRY_HOOKS) && !defined(NO_FILESYSTEM) && \
1514    !defined(WOLFSENTRY_NO_JSON)
1515    printf("%s", msg[++msgId]); /* --wolfsentry-config */
1516#endif
1517    printf("%s", msg[++msgId]); /* -7 */
1518#ifdef WOLFSSL_HAVE_MLKEM
1519    printf("%s", msg[++msgId]);     /* --pqc */
1520    printf("%s", msg[++msgId]);     /* --pqc options */
1521    printf("%s", msg[++msgId]);     /* more --pqc options */
1522    printf("%s", msg[++msgId]);     /* more --pqc options */
1523#endif
1524#ifdef WOLFSSL_SRTP
1525    printf("%s", msg[++msgId]);     /* dtls-srtp */
1526#endif
1527#if defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET)
1528    printf("%s", msg[++msgId]);     /* send-ticket */
1529#endif
1530#ifdef CAN_FORCE_CURVE
1531    printf("%s", msg[++msgId]);     /* force-curve */
1532#endif
1533#ifdef HAVE_SUPPORTED_CURVES
1534    printf("%s", msg[++msgId]);     /* --onlyPskDheKe */
1535#endif
1536#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_CERT_WITH_EXTERN_PSK) && \
1537    !defined(NO_PSK)
1538    printf("%s", msg[++msgId]);     /* --psk-with-certs */
1539#endif
1540#ifdef WOLFSSL_DUAL_ALG_CERTS
1541    printf("%s", msg[++msgId]);     /* --altPrivKey */
1542#endif
1543#if defined(WOLFSSL_TLS13) && defined(HAVE_ECH)
1544    printf("%s", msg[++msgId]);     /* --ech */
1545    printf("%s", msg[++msgId]);     /* --ech-suite */
1546#endif
1547    printf("%s", msg[++msgId]);     /* Examples repo link */
1548}
1549
1550#ifdef WOLFSSL_SRTP
1551/**
1552 * server_srtp_test() - print the ekm and share it with the client
1553 * @ssl: ssl context
1554 * @srtp_helper: srtp_test_helper shared struct with the client
1555 *
1556 * if @srtp_helper is NULL the ekm isn't shared, but it is still printed.
1557 *
1558 * calls srtp_helper_set_ekm() to wake the client and share the ekm with
1559 * him. The client will check that the ekm matches the one computed by itself.
1560 */
1561static int server_srtp_test(WOLFSSL *ssl, func_args *args)
1562{
1563    size_t srtp_secret_length;
1564    byte *srtp_secret, *p;
1565    int ret;
1566#ifdef WOLFSSL_COND
1567    srtp_test_helper *srtp_helper = args->srtp_helper;
1568#else
1569    (void)args;
1570#endif
1571
1572    ret = wolfSSL_export_dtls_srtp_keying_material(ssl, NULL,
1573                                                   &srtp_secret_length);
1574    if (ret != WC_NO_ERR_TRACE(LENGTH_ONLY_E)) {
1575        LOG_ERROR("DTLS SRTP: Error getting key material length\n");
1576        return ret;
1577    }
1578
1579    srtp_secret = (byte*)XMALLOC(srtp_secret_length,
1580                                    NULL, DYNAMIC_TYPE_TMP_BUFFER);
1581    if (srtp_secret == NULL) {
1582        err_sys("DTLS SRTP: Memory error");
1583    }
1584
1585    ret = wolfSSL_export_dtls_srtp_keying_material(ssl, srtp_secret,
1586                                                   &srtp_secret_length);
1587    if (ret != WOLFSSL_SUCCESS) {
1588        XFREE(srtp_secret, NULL, DYNAMIC_TYPE_TMP_BUFFER);
1589        LOG_ERROR("DTLS SRTP: Error getting key material\n");
1590        return ret;
1591    }
1592
1593    printf("DTLS SRTP: Exported key material: ");
1594    for (p = srtp_secret; p < srtp_secret + srtp_secret_length; p++)
1595        printf("%02X", *p);
1596    printf("\n");
1597
1598#ifdef WOLFSSL_COND
1599    if (srtp_helper != NULL) {
1600        srtp_helper_set_ekm(srtp_helper, srtp_secret, srtp_secret_length);
1601
1602        /* client code will free srtp_secret buffer after checking for
1603           correctness */
1604        return 0;
1605    }
1606#endif /* WOLFSSL_COND */
1607
1608    XFREE(srtp_secret, NULL, DYNAMIC_TYPE_TMP_BUFFER);
1609    return 0;
1610}
1611#endif
1612
1613
1614THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
1615{
1616    SOCKET_T sockfd   = WOLFSSL_SOCKET_INVALID;
1617    SOCKET_T clientfd = WOLFSSL_SOCKET_INVALID;
1618    SOCKADDR_IN_T client_addr;
1619    socklen_t client_len;
1620
1621    wolfSSL_method_func method = NULL;
1622    WOLFSSL_CTX*    ctx    = 0;
1623    WOLFSSL*        ssl    = 0;
1624#ifdef WOLFSSL_WOLFSENTRY_HOOKS
1625    wolfsentry_errcode_t wolfsentry_ret;
1626#endif
1627    int    minVersion = SERVER_INVALID_VERSION;
1628    int    useWebServerMsg = 0;
1629    char   input[SRV_READ_SZ];
1630#ifndef WOLFSSL_VXWORKS
1631    int    ch;
1632    static const struct mygetopt_long_config long_options[] = {
1633#if defined(WOLFSSL_WOLFSENTRY_HOOKS) && !defined(NO_FILESYSTEM) && \
1634    !defined(WOLFSENTRY_NO_JSON)
1635        { "wolfsentry-config", 1, 256 },
1636#endif
1637        { "help", 0, 257 },
1638#ifndef NO_MULTIBYTE_PRINT
1639        { "ヘルプ", 0, 258 },
1640#endif
1641#if defined(WOLFSSL_HAVE_MLKEM)
1642        { "pqc", 1, 259 },
1643#endif
1644#ifdef WOLFSSL_SRTP
1645        { "srtp", 2, 260 }, /* optional argument */
1646#endif
1647#if defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET)
1648        { "send-ticket", 0, 261 },
1649#endif
1650#ifdef CAN_FORCE_CURVE
1651        { "force-curve", 2, 262},
1652#endif
1653#ifdef WOLFSSL_DTLS_CID
1654        {"cid", 2, 263},
1655#endif /* WOLFSSL_DTLS_CID */
1656#ifdef HAVE_SUPPORTED_CURVES
1657        {"onlyPskDheKe", 2, 264},
1658#endif /* HAVE_SUPPORTED_CURVES */
1659#ifdef HAVE_CRL
1660        {"crl-dir", 1, 265},
1661#endif
1662        {"quieter", 0, 266},
1663#ifdef WOLFSSL_DUAL_ALG_CERTS
1664        { "altPrivKey", 1, 267},
1665#endif
1666#if defined(WOLFSSL_SYS_CRYPTO_POLICY)
1667        { "crypto-policy", 1, 268 },
1668#endif /* WOLFSSL_SYS_CRYPTO_POLICY */
1669#if defined(WOLFSSL_TLS13) && defined(HAVE_ECH)
1670        { "ech", 1, 269 },
1671        { "ech-suite", 1, 270 },
1672#endif
1673#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_CERT_WITH_EXTERN_PSK) && \
1674    !defined(NO_PSK)
1675        { "psk-with-certs", 0, 271 },
1676#endif
1677        { 0, 0, 0 }
1678    };
1679#endif
1680    int    version = SERVER_DEFAULT_VERSION;
1681#ifndef WOLFSSL_NO_CLIENT_AUTH
1682    int    doCliCertCheck = 1;
1683#else
1684    int    doCliCertCheck = 0;
1685#endif
1686#if defined(HAVE_CRL) && !defined(NO_FILESYSTEM)
1687    int    disableCRL = 0;
1688#endif
1689    int    useAnyAddr = 0;
1690    word16 port = wolfSSLPort;
1691    int    usePsk = 0;
1692    int    usePskPlus = 0;
1693    int    usePskWithCerts = 0;
1694    int    useAnon = 0;
1695    int    doDTLS = 0;
1696    int    dtlsUDP = 0;
1697#if (defined(WOLFSSL_SCTP) || defined(WOLFSSL_DTLS_MTU)) && \
1698                                               defined(WOLFSSL_DTLS)
1699    int    dtlsMTU = 0;
1700#endif
1701    int    dtlsSCTP = 0;
1702    int    doMcast = 0;
1703#if defined(WOLFSSL_DTLS) && defined(USE_WOLFSSL_IO)
1704    int    doBlockSeq = 0;
1705    WOLFSSL_TEST_DTLS_CTX dtlsCtx;
1706#endif
1707    int    needDH = 0;
1708    int    nonBlocking  = 0;
1709    int    simulateWantWrite = 0;
1710    int    fewerPackets = 0;
1711#ifdef HAVE_PK_CALLBACKS
1712    int    pkCallbacks  = 0;
1713    PkCbInfo pkCbInfo;
1714#endif
1715    int    wc_shutdown     = 0;
1716    int    resume = 0;
1717    int    resumeCount = 0;
1718    int    loops = 1;
1719    int    cnt = 0;
1720    int    echoData = 0;
1721    int    block = TEST_BUFFER_SIZE;
1722    size_t throughput = 0;
1723    int    minDhKeyBits  = DEFAULT_MIN_DHKEY_BITS;
1724    short  minRsaKeyBits = DEFAULT_MIN_RSAKEY_BITS;
1725    short  minEccKeyBits = DEFAULT_MIN_ECCKEY_BITS;
1726    int    doListen = 1;
1727    int    crlFlags = 0;
1728    int    ret;
1729    int    err = 0;
1730    char*  serverReadyFile = NULL;
1731    char*  alpnList = NULL;
1732    unsigned char alpn_opt = 0;
1733    char*  cipherList = NULL;
1734    int    useDefCipherList = 0;
1735    const char* verifyCert;
1736    const char* ourCert;
1737    const char* ourKey;
1738    const char* ourDhParam = dhParamFile;
1739    tcp_ready*  readySignal = NULL;
1740    int    argc = ((func_args*)args)->argc;
1741    char** argv = ((func_args*)args)->argv;
1742
1743#ifdef WOLFSSL_TRUST_PEER_CERT
1744    const char* trustCert  = NULL;
1745#endif
1746
1747#ifndef NO_PSK
1748    int sendPskIdentityHint = 1;
1749#endif
1750
1751#ifdef HAVE_SNI
1752    char*  sniHostName = NULL;
1753#endif
1754#if defined(WOLFSSL_TLS13) && defined(HAVE_ECH)
1755    char*  echPublicName = NULL;
1756    char*  echSuite = NULL;
1757    word16 kemId = 0;
1758    word16 kdfId = 0;
1759    word16 aeadId = 0;
1760#endif
1761
1762#ifdef HAVE_TRUSTED_CA
1763    int trustedCaKeyId = 0;
1764#endif /* HAVE_TRUSTED_CA */
1765
1766#ifdef HAVE_OCSP
1767    int    useOcsp  = 0;
1768    char*  ocspUrl  = NULL;
1769#endif
1770
1771#ifdef HAVE_WNR
1772    const char* wnrConfigFile = wnrConfig;
1773#endif
1774    char buffer[WOLFSSL_MAX_ERROR_SZ];
1775#ifdef WOLFSSL_TLS13
1776    int noPskDheKe = 0;
1777#ifdef HAVE_SUPPORTED_CURVES
1778    int onlyPskDheKe = 0;
1779#endif
1780#endif
1781    int updateKeysIVs = 0;
1782#ifndef NO_CERTS
1783    int mutualAuth = 0;
1784#endif
1785    int postHandAuth = 0;
1786    int sendTicket = 0;
1787#ifdef WOLFSSL_EARLY_DATA
1788    int earlyData = 0;
1789#endif
1790#ifdef HAVE_SECURE_RENEGOTIATION
1791    int scr = 0;
1792    int forceScr = 0;
1793#endif /* HAVE_SECURE_RENEGOTIATION */
1794#ifdef WOLFSSL_SEND_HRR_COOKIE
1795    int hrrCookie = 0;
1796#endif
1797    byte mcastID = 0;
1798#if !defined(NO_DH) && !defined(HAVE_FIPS) && \
1799    !defined(HAVE_SELFTEST) && !defined(WOLFSSL_OLD_PRIME_CHECK)
1800    int doDhKeyCheck = 1;
1801#endif
1802#ifdef WOLFSSL_DTLS_CID
1803    int useDtlsCID = 0;
1804    char dtlsCID[DTLS_CID_BUFFER_SIZE] = { 0 };
1805#endif /* WOLFSSL_DTLS_CID */
1806#if defined(HAVE_CRL) && !defined(NO_FILESYSTEM)
1807    char* crlDir = NULL;
1808#endif
1809#if defined(WOLFSSL_SYS_CRYPTO_POLICY)
1810    const char * policy = NULL;
1811#endif /* WOLFSSL_SYS_CRYPTO_POLICY */
1812
1813#ifdef WOLFSSL_STATIC_MEMORY
1814    /* Note: Actual memory used is much less, this is the entire buffer buckets,
1815     * which is partitioned into pools of common sizes. To adjust the buckets
1816     * sizes see WOLFMEM_BUCKETS in memory.h */
1817    #if (defined(HAVE_ECC) && !defined(ALT_ECC_SIZE)) || \
1818        defined(SESSION_CERTS) || defined(WOLFSSL_HAVE_MLKEM)
1819        /* big enough to handle most cases including session certs */
1820        #if !defined(WOLFSSL_NO_CLIENT_AUTH) && \
1821               ((defined(HAVE_ED25519) && !defined(NO_ED25519_CLIENT_AUTH)) || \
1822                (defined(HAVE_ED448) && !defined(NO_ED448_CLIENT_AUTH)))
1823        /* increase is due to EdDSA_Update */
1824        byte memory[440000];
1825        #else
1826        byte memory[320000];
1827        #endif
1828    #else
1829        byte memory[80000];
1830    #endif
1831    byte memoryIO[34500]; /* max for IO buffer (TLS packet can be 16k) */
1832    #if !defined(WOLFSSL_STATIC_MEMORY_LEAN)
1833    WOLFSSL_MEM_CONN_STATS ssl_stats;
1834    #if defined(DEBUG_WOLFSSL)
1835        WOLFSSL_MEM_STATS mem_stats;
1836    #endif
1837    #endif
1838#endif
1839#if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES)
1840    int onlyKeyShare = 0;
1841#endif
1842#if defined(HAVE_SESSION_TICKET)
1843#ifdef WOLFSSL_TLS13
1844    int noTicketTls13 = 0;
1845#endif
1846#if !defined(WOLFSSL_NO_TLS12) || !defined(NO_OLD_TLS)
1847    int noTicketTls12 = 0;
1848#endif
1849#endif
1850    int useX25519 = 0;
1851    int useX448 = 0;
1852    int usePqc = 0;
1853    char* pqcAlg = NULL;
1854    char* altPrivKey = NULL;
1855    int exitWithRet = 0;
1856    int loadCertKeyIntoSSLObj = 0;
1857
1858#ifdef HAVE_ENCRYPT_THEN_MAC
1859    int disallowETM = 0;
1860#endif
1861#if defined(OPENSSL_ALL) && defined(WOLFSSL_CERT_GEN) && \
1862    (defined(WOLFSSL_CERT_REQ) || defined(WOLFSSL_CERT_EXT)) && \
1863    !defined(NO_FILESYSTEM) && !defined(NO_WOLFSSL_DIR)
1864    int useCertFolder = 0;
1865#endif
1866
1867#ifdef WOLFSSL_SRTP
1868    const char* dtlsSrtpProfiles = NULL;
1869#endif
1870
1871#ifdef HAVE_TEST_SESSION_TICKET
1872    MyTicketCtx myTicketCtx;
1873#endif
1874
1875#ifdef CAN_FORCE_CURVE
1876    int force_curve_group_id = 0;
1877#endif
1878
1879    ((func_args*)args)->return_code = -1; /* error state */
1880
1881#ifndef NO_RSA
1882    verifyCert = cliCertFile;
1883    ourCert    = svrCertFile;
1884    ourKey     = svrKeyFile;
1885#else
1886    #ifdef HAVE_ECC
1887        verifyCert = cliEccCertFile;
1888        ourCert    = eccCertFile;
1889        ourKey     = eccKeyFile;
1890    #elif defined(HAVE_ED25519)
1891        verifyCert = cliEdCertFile;
1892        ourCert    = edCertFile;
1893        ourKey     = edKeyFile;
1894    #elif defined(HAVE_ED448)
1895        verifyCert = cliEd448CertFile;
1896        ourCert    = ed448CertFile;
1897        ourKey     = ed448KeyFile;
1898    #else
1899        verifyCert = NULL;
1900        ourCert    = NULL;
1901        ourKey     = NULL;
1902    #endif
1903#endif
1904
1905    (void)needDH;
1906    (void)ourKey;
1907    (void)ourCert;
1908    (void)ourDhParam;
1909    (void)verifyCert;
1910    (void)doCliCertCheck;
1911    (void)minDhKeyBits;
1912    (void)minRsaKeyBits;
1913    (void)minEccKeyBits;
1914    (void)alpnList;
1915    (void)alpn_opt;
1916    (void)crlFlags;
1917    (void)readySignal;
1918    (void)updateKeysIVs;
1919#ifndef NO_CERTS
1920    (void)mutualAuth;
1921#endif
1922    (void)postHandAuth;
1923    (void)sendTicket;
1924    (void)mcastID;
1925    (void)loadCertKeyIntoSSLObj;
1926    (void)nonBlocking;
1927    (void)pqcAlg;
1928    (void)usePqc;
1929    (void)altPrivKey;
1930    (void)usePskWithCerts;
1931
1932#ifdef WOLFSSL_TIRTOS
1933    fdOpenSession(Task_self());
1934#endif
1935
1936#ifdef WOLFSSL_VXWORKS
1937    useAnyAddr = 1;
1938#else
1939
1940    /* Reinitialize the global myVerifyAction. */
1941    myVerifyAction = VERIFY_OVERRIDE_ERROR;
1942
1943    /* Not Used: h, z, W, X */
1944    while ((ch = mygetopt_long(argc, argv, "?:"
1945                "abc:defgijk:l:mop:q:rstu;v:wxy"
1946                "A:B:C:D:E:FGH:IJ;KL:MNO:PQR:S:T;UVYZ:"
1947                "01:23:4:567:89"
1948                "@#", long_options, 0)) != -1) {
1949        switch (ch) {
1950            case '?' :
1951                if(myoptarg!=NULL) {
1952                    lng_index = atoi(myoptarg);
1953                    if(lng_index<0||lng_index>1){
1954                        lng_index = 0;
1955                    }
1956                }
1957                Usage();
1958                XEXIT_T(EXIT_SUCCESS);
1959
1960            case 257 :
1961                lng_index = 0;
1962                Usage();
1963                XEXIT_T(EXIT_SUCCESS);
1964
1965            case 258 :
1966                lng_index = 1;
1967                Usage();
1968                XEXIT_T(EXIT_SUCCESS);
1969
1970            case 'x' :
1971                runWithErrors = 1;
1972                break;
1973
1974            case 'd' :
1975                doCliCertCheck = 0;
1976                break;
1977
1978            case 'V' :
1979                #if defined(HAVE_CRL) && !defined(NO_FILESYSTEM)
1980                    disableCRL = 1;
1981                #endif
1982                break;
1983
1984            case 'b' :
1985                useAnyAddr = 1;
1986                break;
1987
1988            case 's' :
1989                usePsk = 1;
1990                break;
1991
1992            case 'j' :
1993                usePskPlus = 1;
1994                break;
1995
1996            case 'u' :
1997                doDTLS  = 1;
1998                dtlsUDP = 1;
1999            #if (defined(WOLFSSL_SCTP) || defined(WOLFSSL_DTLS_MTU)) && \
2000                                                           defined(WOLFSSL_DTLS)
2001                dtlsMTU = atoi(myoptarg);
2002            #endif
2003                break;
2004
2005        #ifdef WOLFSSL_SRTP
2006            case 260:
2007                doDTLS = 1;
2008                dtlsUDP = 1;
2009                dtlsSrtpProfiles = myoptarg != NULL ? myoptarg :
2010                    "SRTP_AES128_CM_SHA1_80";
2011                printf("Using SRTP Profile(s): %s\n", dtlsSrtpProfiles);
2012                break;
2013        #endif
2014
2015            case 'G' :
2016            #ifdef WOLFSSL_SCTP
2017                doDTLS  = 1;
2018                dtlsUDP = 1;
2019                dtlsSCTP = 1;
2020            #endif
2021                break;
2022
2023            case 'f' :
2024                fewerPackets = 1;
2025                break;
2026
2027            case 'R' :
2028                serverReadyFile = myoptarg;
2029                break;
2030
2031            case 'r' :
2032                #ifndef NO_SESSION_CACHE
2033                    resume = 1;
2034                #endif
2035                break;
2036
2037            case 'P' :
2038            #ifdef HAVE_PK_CALLBACKS
2039                pkCallbacks = 1;
2040            #endif
2041                break;
2042
2043            case 'p' :
2044                port = (word16)atoi(myoptarg);
2045                break;
2046
2047            case 'w' :
2048                wc_shutdown = 1;
2049                break;
2050
2051            case 'v' :
2052                if (myoptarg[0] == 'd') {
2053                    version = SERVER_DOWNGRADE_VERSION;
2054                    break;
2055                }
2056            #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE)
2057                else if (myoptarg[0] == 'e') {
2058                    version = EITHER_DOWNGRADE_VERSION;
2059                #ifndef NO_CERTS
2060                    loadCertKeyIntoSSLObj = 1;
2061                #endif
2062                    break;
2063                }
2064            #endif
2065                version = atoi(myoptarg);
2066                if (version < 0 || version > 4) {
2067                    Usage();
2068                    XEXIT_T(MY_EX_USAGE);
2069                }
2070                break;
2071
2072            case 'l' :
2073                cipherList = myoptarg;
2074                break;
2075
2076            case 'H' :
2077                if (XSTRCMP(myoptarg, "defCipherList") == 0) {
2078                    printf("Using default cipher list for testing\n");
2079                    useDefCipherList = 1;
2080                }
2081                else if (XSTRCMP(myoptarg, "exitWithRet") == 0) {
2082                    printf("Skip exit() for testing\n");
2083                    exitWithRet = 1;
2084                }
2085                else if (XSTRCMP(myoptarg, "verifyFail") == 0) {
2086                    printf("Verify should fail\n");
2087                    myVerifyAction = VERIFY_FORCE_FAIL;
2088                }
2089                else if (XSTRCMP(myoptarg, "verifyInfo") == 0) {
2090                    printf("Verify should use preverify (just show info)\n");
2091                    myVerifyAction = VERIFY_USE_PREVERIFY;
2092                }
2093                else if (XSTRCMP(myoptarg, "loadSSL") == 0) {
2094                    printf("Also load cert/key into wolfSSL object\n");
2095                #ifndef NO_CERTS
2096                    loadCertKeyIntoSSLObj = 2;
2097                #endif
2098                }
2099                else if (XSTRCMP(myoptarg, "loadSSLOnly") == 0) {
2100                    printf("Only load cert/key into wolfSSL object\n");
2101                #ifndef NO_CERTS
2102                    loadCertKeyIntoSSLObj = 1;
2103                #endif
2104                }
2105                else if (XSTRCMP(myoptarg, "disallowETM") == 0) {
2106                    printf("Disallow Encrypt-Then-MAC\n");
2107                #ifdef HAVE_ENCRYPT_THEN_MAC
2108                    disallowETM = 1;
2109                #endif
2110                }
2111                else if (XSTRCMP(myoptarg, "overrideDateErr") == 0) {
2112                #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
2113                    myVerifyAction = VERIFY_OVERRIDE_DATE_ERR;
2114                #endif
2115                }
2116                else {
2117                    Usage();
2118                    XEXIT_T(MY_EX_USAGE);
2119                }
2120                break;
2121
2122            case 'A' :
2123                verifyCert = myoptarg;
2124                break;
2125
2126            case 'c' :
2127                ourCert = myoptarg;
2128                break;
2129
2130            case 'k' :
2131                ourKey = myoptarg;
2132                break;
2133
2134            case 'D' :
2135                #ifndef NO_DH
2136                    ourDhParam = myoptarg;
2137                #endif
2138                break;
2139
2140            case 'Z' :
2141                #ifndef NO_DH
2142                    minDhKeyBits = atoi(myoptarg);
2143                    if (minDhKeyBits <= 0 || minDhKeyBits > 16000) {
2144                        Usage();
2145                        XEXIT_T(MY_EX_USAGE);
2146                    }
2147                #endif
2148                break;
2149
2150            case 'N':
2151                nonBlocking = 1;
2152                break;
2153
2154            case 'S' :
2155                #ifdef HAVE_SNI
2156                    sniHostName = myoptarg;
2157                #endif
2158                break;
2159
2160            case 'o' :
2161                #ifdef HAVE_OCSP
2162                    useOcsp = 1;
2163                #endif
2164                break;
2165
2166            case 'O' :
2167                #ifdef HAVE_OCSP
2168                    useOcsp = 1;
2169                    ocspUrl = myoptarg;
2170                #endif
2171                break;
2172
2173            case 'a' :
2174                #ifdef HAVE_ANON
2175                    useAnon = 1;
2176                #endif
2177                break;
2178            case 'I':
2179                #ifndef NO_PSK
2180                    sendPskIdentityHint = 0;
2181                #endif
2182                break;
2183
2184            case 'L' :
2185                #ifdef HAVE_ALPN
2186                    alpnList = myoptarg;
2187
2188                    if (alpnList[0] == 'C' && alpnList[1] == ':')
2189                        alpn_opt = WOLFSSL_ALPN_CONTINUE_ON_MISMATCH;
2190                    else if (alpnList[0] == 'F' && alpnList[1] == ':')
2191                        alpn_opt = WOLFSSL_ALPN_FAILED_ON_MISMATCH;
2192                    else {
2193                        Usage();
2194                        XEXIT_T(MY_EX_USAGE);
2195                    }
2196
2197                    alpnList += 2;
2198
2199                #endif
2200                break;
2201
2202            case 'i' :
2203                loops = -1;
2204                break;
2205
2206            case 'C' :
2207                loops = atoi(myoptarg);
2208                if (loops <= 0) {
2209                    Usage();
2210                    XEXIT_T(MY_EX_USAGE);
2211                }
2212                break;
2213
2214            case 'e' :
2215                echoData = 1;
2216                break;
2217
2218            case 'B':
2219                throughput = (size_t)atol(myoptarg);
2220                for (; *myoptarg != '\0'; myoptarg++) {
2221                    if (*myoptarg == ',') {
2222                        block = atoi(myoptarg + 1);
2223                        break;
2224                    }
2225                }
2226                if (throughput == 0 || block <= 0) {
2227                    Usage();
2228                    XEXIT_T(MY_EX_USAGE);
2229                }
2230                break;
2231
2232            #ifdef WOLFSSL_TRUST_PEER_CERT
2233            case 'E' :
2234                 trustCert = myoptarg;
2235                break;
2236            #endif
2237
2238            case 'q' :
2239                #ifdef HAVE_WNR
2240                    wnrConfigFile = myoptarg;
2241                #endif
2242                break;
2243
2244            case 'g' :
2245                useWebServerMsg = 1;
2246                break;
2247
2248            case 'y' :
2249                #if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES) \
2250                    && !defined(NO_DH)
2251                    onlyKeyShare = 1;
2252                #endif
2253                break;
2254
2255            case 'Y' :
2256                #if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES) \
2257                    && defined(HAVE_ECC)
2258                    onlyKeyShare = 2;
2259                #endif
2260                break;
2261
2262            case 't' :
2263                #ifdef HAVE_CURVE25519
2264                    useX25519 = 1;
2265                    #if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES)
2266                        onlyKeyShare = 2;
2267                    #endif
2268                #endif
2269                break;
2270
2271            case 'K' :
2272                #ifdef WOLFSSL_TLS13
2273                    noPskDheKe = 1;
2274                #endif
2275                break;
2276
2277            case 'T' :
2278                #if defined(HAVE_SESSION_TICKET)
2279                    if (XSTRLEN(myoptarg) == 0) {
2280                    #if defined(WOLFSSL_TLS13)
2281                        noTicketTls13 = 1;
2282                    #endif
2283                    }
2284                #if !defined(WOLFSSL_NO_TLS12) || !defined(NO_OLD_TLS)
2285                    else if (XSTRCMP(myoptarg, "a") == 0) {
2286                        noTicketTls12 = 1;
2287                    #if defined(WOLFSSL_TLS13)
2288                        noTicketTls13 = 1;
2289                    #endif
2290                    }
2291                    else if (XSTRCMP(myoptarg, "o") == 0) {
2292                        noTicketTls12 = 1;
2293                    }
2294                    else if (XSTRCMP(myoptarg, "n") == 0) {
2295                    #if defined(WOLFSSL_TLS13)
2296                        noTicketTls13 = 1;
2297                    #endif
2298                    }
2299                #endif
2300                    else {
2301                        Usage();
2302                        XEXIT_T(MY_EX_USAGE);
2303                    }
2304                #endif
2305                break;
2306
2307            case 'U' :
2308                #ifdef WOLFSSL_TLS13
2309                    updateKeysIVs = 1;
2310                #endif
2311                break;
2312
2313        #ifndef NO_CERTS
2314            case 'F' :
2315                mutualAuth = 1;
2316                break;
2317        #endif
2318
2319            case 'Q' :
2320            #if defined(WOLFSSL_TLS13) && defined(WOLFSSL_POST_HANDSHAKE_AUTH)
2321                postHandAuth = 1;
2322                doCliCertCheck = 0;
2323            #endif
2324                break;
2325
2326            case 'J' :
2327            #ifdef WOLFSSL_SEND_HRR_COOKIE
2328                hrrCookie = 1;
2329                if (XSTRCMP(myoptarg, "n") == 0)
2330                    hrrCookie = -1;
2331            #endif
2332                break;
2333
2334            case 'M' :
2335            #ifdef HAVE_SECURE_RENEGOTIATION
2336                scr = 1;
2337            #endif /* HAVE_SECURE_RENEGOTIATION */
2338                break;
2339
2340            case 'm' :
2341            #ifdef HAVE_SECURE_RENEGOTIATION
2342                scr = 1;
2343                forceScr = 1;
2344            #endif /* HAVE_SECURE_RENEGOTIATION */
2345                break;
2346
2347            case '0' :
2348            #ifdef WOLFSSL_EARLY_DATA
2349                earlyData = 1;
2350            #endif
2351                break;
2352
2353            case '1' :
2354                lng_index = atoi(myoptarg);
2355                if(lng_index<0||lng_index>1){
2356                    lng_index = 0;
2357                }
2358                break;
2359
2360            case '2' :
2361               #if !defined(NO_DH) && !defined(HAVE_FIPS) && \
2362                   !defined(HAVE_SELFTEST) && !defined(WOLFSSL_OLD_PRIME_CHECK)
2363                    doDhKeyCheck = 0;
2364                #endif
2365                break;
2366
2367            case '3' :
2368                #ifdef WOLFSSL_MULTICAST
2369                    doMcast = 1;
2370                    mcastID = (byte)(atoi(myoptarg) & 0xFF);
2371                #endif
2372                break;
2373
2374            case '4' :
2375                #if defined(WOLFSSL_DTLS) && defined(USE_WOLFSSL_IO)
2376                    XMEMSET(&dtlsCtx, 0, sizeof(dtlsCtx));
2377                    doBlockSeq = 1;
2378                    dtlsCtx.blockSeq = (word32)atoi(myoptarg);
2379                #endif
2380                    break;
2381
2382            case '5' :
2383            #ifdef HAVE_TRUSTED_CA
2384                trustedCaKeyId = 1;
2385            #endif /* HAVE_TRUSTED_CA */
2386                break;
2387
2388            case '6' :
2389#ifdef WOLFSSL_ASYNC_IO
2390                nonBlocking = 1;
2391                simulateWantWrite = 1;
2392#else
2393                LOG_ERROR("Ignoring -6 since async I/O support not "
2394                                "compiled in.\n");
2395#endif
2396                break;
2397            case '7' :
2398                minVersion = atoi(myoptarg);
2399                if (minVersion < 0 || minVersion > 4) {
2400                    Usage();
2401                    XEXIT_T(MY_EX_USAGE);
2402                }
2403                break;
2404            case '8' :
2405                #ifdef HAVE_CURVE448
2406                    useX448 = 1;
2407                    #if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES)
2408                        onlyKeyShare = 2;
2409                    #endif
2410                #endif
2411                break;
2412            case '9' :
2413#if defined(OPENSSL_ALL) && defined(WOLFSSL_CERT_GEN) && \
2414    (defined(WOLFSSL_CERT_REQ) || defined(WOLFSSL_CERT_EXT)) && \
2415    !defined(NO_FILESYSTEM) && !defined(NO_WOLFSSL_DIR)
2416                    useCertFolder = 1;
2417                    break;
2418#endif
2419            case '@' :
2420            {
2421#ifdef HAVE_WC_INTROSPECTION
2422                const char *conf_args = wolfSSL_configure_args();
2423                if (conf_args) {
2424                    puts(conf_args);
2425                    XEXIT_T(EXIT_SUCCESS);
2426                } else {
2427                    fputs("configure args not compiled in.\n",stderr);
2428                    XEXIT_T(MY_EX_USAGE);
2429                }
2430#else
2431                fputs("compiled without BUILD_INTROSPECTION.\n",stderr);
2432                XEXIT_T(MY_EX_USAGE);
2433#endif
2434            }
2435
2436            case '#' :
2437            {
2438#ifdef HAVE_WC_INTROSPECTION
2439                const char *cflags = wolfSSL_global_cflags();
2440                if (cflags) {
2441                    puts(cflags);
2442                    XEXIT_T(EXIT_SUCCESS);
2443                } else {
2444                    fputs("CFLAGS not compiled in.\n",stderr);
2445                    XEXIT_T(MY_EX_USAGE);
2446                }
2447#else
2448                fputs("compiled without BUILD_INTROSPECTION.\n",stderr);
2449                XEXIT_T(MY_EX_USAGE);
2450#endif
2451            }
2452
2453#ifdef WOLFSSL_WOLFSENTRY_HOOKS
2454            case 256:
2455#if !defined(NO_FILESYSTEM) && !defined(WOLFSENTRY_NO_JSON)
2456                wolfsentry_config_path = myoptarg;
2457#endif
2458                break;
2459#endif
2460
2461#ifdef WOLFSSL_HAVE_MLKEM
2462            case 259:
2463            {
2464                usePqc = 1;
2465    #if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES)
2466                onlyKeyShare = 2;
2467    #endif
2468                pqcAlg = myoptarg;
2469            } break;
2470#endif
2471
2472#if defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET)
2473            case 261:
2474                sendTicket = 1;
2475                break;
2476#endif
2477#ifdef CAN_FORCE_CURVE
2478            case 262: {
2479                /* Note: this requires TSL1.3 (version >= 4) */
2480                #ifdef HAVE_ECC
2481                int j = 0; /* our group index */
2482                #endif
2483                if (NULL == myoptarg) {
2484                #ifdef HAVE_ECC
2485                    int idx = 0; /* ecc curve index */
2486                #endif
2487                    Usage();
2488                    if (lng_index == 1) {
2489                        /* TODO: Need Japanese translation */
2490                        printf("\nAvailable choices for --force-curve:\n");
2491                    } else {
2492                        printf("\nAvailable choices for --force-curve:\n");
2493                    }
2494                    #ifdef HAVE_ECC
2495                    for (idx=0; ; ++idx) {
2496                        int id = wc_ecc_get_curve_id(idx);
2497                        if (ECC_CURVE_INVALID == id) {
2498                            break;
2499                        }
2500                        for (j=0; group_id_to_text[j].group != 0; ++j) {
2501                            if (XSTRCMP(group_id_to_text[j].name,
2502                                wc_ecc_get_curve_name_from_id(id)) == 0) {
2503                                printf("\t%s\n", group_id_to_text[j].name);
2504                            }
2505                        }
2506                    }
2507                    #endif
2508                    #ifdef HAVE_CURVE25519
2509                    printf("\tCURVE25519\n");
2510                    #endif
2511                    #ifdef HAVE_CURVE448
2512                    printf("\tCURVE448\n");
2513                    #endif
2514                    printf("\n");
2515                    XEXIT_T(EXIT_SUCCESS);
2516                }
2517                #ifdef HAVE_ECC
2518                for (j=0; group_id_to_text[j].group != 0; ++j) {
2519                    if (XSTRCMP(group_id_to_text[j].name, myoptarg) == 0) {
2520                        force_curve_group_id = group_id_to_text[j].group;
2521                    }
2522                }
2523                #endif
2524                #ifdef HAVE_CURVE25519
2525                if (force_curve_group_id <= 0) {
2526                    if (XSTRCMP(myoptarg, "CURVE25519") == 0) {
2527                        force_curve_group_id = WOLFSSL_ECC_X25519;
2528                    }
2529                }
2530                #endif
2531                #ifdef HAVE_CURVE448
2532                if (force_curve_group_id <= 0) {
2533                    if (XSTRCMP(myoptarg, "CURVE448") == 0) {
2534                        force_curve_group_id = WOLFSSL_ECC_X448;
2535                    }
2536                }
2537                #endif
2538                if (force_curve_group_id <= 0) {
2539                    if (lng_index == 1) {
2540                        /* TODO: Need Japanese translation */
2541                        LOG_ERROR("Invalid curve '%s'\n", myoptarg);
2542                    } else {
2543                        LOG_ERROR("Invalid curve '%s'\n", myoptarg);
2544                    }
2545                    XEXIT_T(EXIT_FAILURE);
2546                }
2547            }
2548            break;
2549#endif /* CAN_FORCE_CURVE */
2550#ifdef WOLFSSL_DTLS_CID
2551        case 263:
2552            useDtlsCID = 1;
2553            if (myoptarg != NULL) {
2554                if (XSTRLEN(myoptarg) >= DTLS_CID_BUFFER_SIZE) {
2555                    err_sys("provided connection ID is too big");
2556                }
2557                else {
2558                    XSTRLCPY(dtlsCID, myoptarg, DTLS_CID_BUFFER_SIZE);
2559                }
2560            }
2561            break;
2562#endif /* WOLFSSL_CID */
2563        case 264:
2564#ifdef HAVE_SUPPORTED_CURVES
2565        #ifdef WOLFSSL_TLS13
2566            onlyPskDheKe = 1;
2567        #endif
2568#endif
2569            break;
2570        case 265:
2571#if defined(HAVE_CRL) && !defined(NO_FILESYSTEM)
2572            crlDir = myoptarg;
2573#endif
2574            break;
2575
2576        case 266:
2577            quieter = 1;
2578            break;
2579
2580#ifdef WOLFSSL_DUAL_ALG_CERTS
2581        case 267:
2582            altPrivKey = myoptarg;
2583            break;
2584#endif
2585            case 268:
2586#if defined(WOLFSSL_SYS_CRYPTO_POLICY)
2587                policy = myoptarg;
2588#endif /* WOLFSSL_SYS_CRYPTO_POLICY */
2589                break;
2590#if defined(WOLFSSL_TLS13) && defined(HAVE_ECH)
2591            case 269:
2592                echPublicName = myoptarg;
2593                break;
2594            case 270:
2595                echSuite = myoptarg;
2596
2597                /* parse alg id's
2598                 * commas can be entered with no number to accept the default */
2599                if (echSuite != NULL) {
2600                    kemId = (word16)atoi(echSuite);
2601                    for (; *echSuite != '\0' && *echSuite != ','; echSuite++);
2602                    if (*echSuite != ',') {
2603                        LOG_ERROR("Expected two commas in '%s'\n", myoptarg);
2604                        XEXIT_T(EXIT_FAILURE);
2605                    }
2606                    echSuite++;
2607
2608                    kdfId = (word16)atoi(echSuite);
2609                    for (; *echSuite != '\0' && *echSuite != ','; echSuite++);
2610                    if (*echSuite != ',') {
2611                        LOG_ERROR("Expected two commas in '%s'\n", myoptarg);
2612                        XEXIT_T(EXIT_FAILURE);
2613                    }
2614                    echSuite++;
2615
2616                    aeadId = (word16)atoi(echSuite);
2617                }
2618
2619                break;
2620#endif
2621#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_CERT_WITH_EXTERN_PSK) && \
2622    !defined(NO_PSK)
2623        case 271:
2624            usePskWithCerts = 1;
2625            break;
2626#endif
2627
2628        case -1:
2629            default:
2630                Usage();
2631                XEXIT_T(MY_EX_USAGE);
2632        }
2633    }
2634
2635    myoptind = 0;      /* reset for test cases */
2636#endif /* !WOLFSSL_VXWORKS */
2637
2638#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_CERT_WITH_EXTERN_PSK) && \
2639    !defined(NO_PSK)
2640    if (usePskWithCerts) {
2641        usePsk = 1;
2642        if (noPskDheKe) {
2643            LOG_ERROR("--psk-with-certs requires PSK key exchange with (EC)DHE");
2644            Usage();
2645            XEXIT_T(MY_EX_USAGE);
2646        }
2647    }
2648#endif
2649
2650    /* Can only use DTLS over UDP or SCTP, can't do both. */
2651    if (dtlsUDP && dtlsSCTP) {
2652        err_sys_ex(runWithErrors, "Cannot use DTLS with both UDP and SCTP.");
2653    }
2654
2655    /* sort out DTLS versus TLS versions */
2656    if (version == CLIENT_INVALID_VERSION) {
2657        if (doDTLS)
2658            version = CLIENT_DTLS_DEFAULT_VERSION;
2659        else
2660            version = CLIENT_DEFAULT_VERSION;
2661    }
2662    else {
2663        if (doDTLS) {
2664            if (version == 3) {
2665                version = -2;
2666            }
2667            else if (version == 4) {
2668#ifdef WOLFSSL_DTLS13
2669                version = -4;
2670#else
2671                err_sys_ex(runWithErrors, "Bad DTLS version");
2672#endif /* WOLFSSL_DTLS13 */
2673            }
2674        #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE)
2675            else if (version == EITHER_DOWNGRADE_VERSION) {
2676                version = -3;
2677            }
2678        #endif
2679            else if (version == 2)
2680                version = -1;
2681        }
2682    }
2683
2684#ifndef HAVE_SESSION_TICKET
2685    if ((version >= 4) && resume) {
2686        LOG_ERROR("Can't do TLS 1.3 resumption; need session tickets!\n");
2687    }
2688#endif
2689
2690#ifdef HAVE_WNR
2691    if (wc_InitNetRandom(wnrConfigFile, NULL, 5000) != 0)
2692        err_sys_ex(runWithErrors, "can't load whitewood net random config "
2693                   "file");
2694#endif
2695
2696#ifdef WOLFSSL_HAVE_MLKEM
2697    if (usePqc) {
2698        if (version == SERVER_DOWNGRADE_VERSION ||
2699            version == EITHER_DOWNGRADE_VERSION) {
2700            LOG_ERROR(
2701                   "WARNING: If a TLS 1.3 connection is not negotiated, you "
2702                   "will not be using a post-quantum group.\n");
2703        } else if (version != 4 && version != -4) {
2704            err_sys("can only use post-quantum groups with TLS 1.3 or DTLS 1.3");
2705        }
2706    }
2707#endif
2708
2709    switch (version) {
2710#ifndef NO_OLD_TLS
2711    #ifdef WOLFSSL_ALLOW_SSLV3
2712        case 0:
2713            method = wolfSSLv3_server_method_ex;
2714            break;
2715    #endif
2716
2717    #ifndef NO_TLS
2718        #ifdef WOLFSSL_ALLOW_TLSV10
2719        case 1:
2720            method = wolfTLSv1_server_method_ex;
2721            break;
2722        #endif
2723
2724        case 2:
2725            method = wolfTLSv1_1_server_method_ex;
2726            break;
2727    #endif /* !NO_TLS */
2728#endif /* !NO_OLD_TLS */
2729
2730#ifndef NO_TLS
2731    #ifndef WOLFSSL_NO_TLS12
2732        case 3:
2733            method = wolfTLSv1_2_server_method_ex;
2734            break;
2735    #endif
2736
2737    #ifdef WOLFSSL_TLS13
2738        case 4:
2739            method = wolfTLSv1_3_server_method_ex;
2740            break;
2741    #endif
2742
2743        case SERVER_DOWNGRADE_VERSION:
2744            if (!doDTLS) {
2745                method = wolfSSLv23_server_method_ex;
2746            }
2747            else {
2748#ifdef WOLFSSL_DTLS
2749                method = wolfDTLS_server_method_ex;
2750#else
2751                err_sys_ex(runWithErrors, "version not supported");
2752#endif /* WOLFSSL_DTLS */
2753            }
2754            break;
2755    #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE)
2756        case EITHER_DOWNGRADE_VERSION:
2757            method = wolfSSLv23_method_ex;
2758            break;
2759    #endif
2760#endif /* NO_TLS */
2761
2762#ifdef WOLFSSL_DTLS
2763    #ifndef NO_OLD_TLS
2764        case -1:
2765            method = wolfDTLSv1_server_method_ex;
2766            break;
2767    #endif
2768
2769    #ifndef WOLFSSL_NO_TLS12
2770        case -2:
2771            method = wolfDTLSv1_2_server_method_ex;
2772            break;
2773    #endif
2774#ifdef WOLFSSL_DTLS13
2775        case -4:
2776            method = wolfDTLSv1_3_server_method_ex;
2777            break;
2778#endif
2779    #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE)
2780        case -3:
2781            method = wolfDTLSv1_2_method_ex;
2782            break;
2783    #endif
2784#endif
2785
2786        default:
2787            err_sys_ex(runWithErrors, "Bad SSL version");
2788    }
2789
2790    if (method == NULL)
2791        err_sys_ex(runWithErrors, "unable to get method");
2792
2793#if defined(WOLFSSL_SYS_CRYPTO_POLICY)
2794    if (policy != NULL) {
2795        if (wolfSSL_crypto_policy_enable(policy) != WOLFSSL_SUCCESS) {
2796            err_sys("wolfSSL_crypto_policy_enable failed");
2797        }
2798    }
2799#endif /* WOLFSSL_SYS_CRYPTO_POLICY */
2800
2801#ifdef WOLFSSL_STATIC_MEMORY
2802    #if defined(DEBUG_WOLFSSL) && !defined(WOLFSSL_STATIC_MEMORY_LEAN)
2803    /* print off helper buffer sizes for use with static memory
2804     * printing to stderr in case of debug mode turned on */
2805    LOG_ERROR("static memory management size = %d\n",
2806            wolfSSL_MemoryPaddingSz());
2807    LOG_ERROR("calculated optimum general buffer size = %d\n",
2808            wolfSSL_StaticBufferSz(memory, sizeof(memory), 0));
2809    LOG_ERROR("calculated optimum IO buffer size      = %d\n",
2810            wolfSSL_StaticBufferSz(memoryIO, sizeof(memoryIO),
2811                                                  WOLFMEM_IO_POOL_FIXED));
2812    #endif /* DEBUG_WOLFSSL */
2813
2814    if (wolfSSL_CTX_load_static_memory(&ctx, method, memory, sizeof(memory),0,1)
2815            != WOLFSSL_SUCCESS)
2816        err_sys_ex(catastrophic, "unable to load static memory and create ctx");
2817
2818    /* load in a buffer for IO */
2819    if (wolfSSL_CTX_load_static_memory(&ctx, NULL, memoryIO, sizeof(memoryIO),
2820                                 WOLFMEM_IO_POOL_FIXED | WOLFMEM_TRACK_STATS, 1)
2821            != WOLFSSL_SUCCESS)
2822        err_sys_ex(catastrophic, "unable to load static memory and create ctx");
2823#else
2824    if (method != NULL) {
2825        ctx = wolfSSL_CTX_new(method(NULL));
2826    }
2827#ifdef WOLFSSL_CALLBACKS
2828    wolfSSL_CTX_set_msg_callback(ctx, msgDebugCb);
2829#endif
2830#endif /* WOLFSSL_STATIC_MEMORY */
2831    if (ctx == NULL)
2832        err_sys_ex(catastrophic, "unable to get ctx");
2833
2834    if (minVersion != SERVER_INVALID_VERSION) {
2835#ifdef WOLFSSL_DTLS
2836        if (doDTLS) {
2837            switch (minVersion) {
2838#ifdef WOLFSSL_DTLS13
2839            case 4:
2840                minVersion = WOLFSSL_DTLSV1_3;
2841                break;
2842#endif /* WOLFSSL_DTLS13 */
2843            case 3:
2844                minVersion = WOLFSSL_DTLSV1_2;
2845                break;
2846            case 2:
2847                minVersion = WOLFSSL_DTLSV1;
2848                break;
2849            }
2850        }
2851#endif /* WOLFSSL_DTLS13 */
2852        if (wolfSSL_CTX_SetMinVersion(ctx, minVersion) != WOLFSSL_SUCCESS)
2853            err_sys_ex(catastrophic, "can't set minimum downgrade version");
2854    }
2855
2856#ifdef WOLFSSL_EARLY_DATA
2857    if (earlyData)
2858        wolfSSL_CTX_set_max_early_data(ctx, 4096);
2859#endif
2860#ifdef OPENSSL_COMPATIBLE_DEFAULTS
2861    /* Restore wolfSSL verify defaults */
2862    wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_DEFAULT, NULL);
2863#endif
2864
2865#ifdef WOLFSSL_SRTP
2866    if (dtlsSrtpProfiles != NULL) {
2867        if (wolfSSL_CTX_set_tlsext_use_srtp(ctx, dtlsSrtpProfiles)
2868                                                           != 0) {
2869            err_sys_ex(catastrophic, "unable to set DTLS SRTP profile");
2870        }
2871    }
2872#endif
2873
2874#ifdef WOLFSSL_WOLFSENTRY_HOOKS
2875    if (wolfsentry_setup(&wolfsentry, wolfsentry_config_path,
2876                                      WOLFSENTRY_ROUTE_FLAG_DIRECTION_IN) < 0) {
2877        err_sys("unable to initialize wolfSentry");
2878    }
2879
2880    if (wolfSSL_CTX_set_AcceptFilter(
2881            ctx,
2882            (NetworkFilterCallback_t)wolfSentry_NetworkFilterCallback,
2883            wolfsentry) < 0) {
2884        err_sys_ex(catastrophic,
2885                   "unable to install wolfSentry_NetworkFilterCallback");
2886    }
2887#endif
2888
2889    if (simulateWantWrite)
2890    {
2891    #ifdef USE_WOLFSSL_IO
2892        wolfSSL_CTX_SetIOSend(ctx, SimulateWantWriteIOSendCb);
2893    #endif
2894    }
2895
2896#ifdef HAVE_TEST_SESSION_TICKET
2897    if (TicketInit() != 0)
2898        err_sys_ex(catastrophic, "unable to setup Session Ticket Key context");
2899    wolfSSL_CTX_set_TicketEncCb(ctx, myTicketEncCb);
2900    XMEMSET(&myTicketCtx, 0, sizeof(myTicketCtx));
2901    wolfSSL_CTX_set_TicketEncCtx(ctx, &myTicketCtx);
2902#endif
2903
2904#if defined(WOLFSSL_SNIFFER) && defined(WOLFSSL_STATIC_EPHEMERAL) && \
2905    defined(WOLFSSL_PEM_TO_DER)
2906    /* used for testing only to set a static/fixed ephemeral key
2907        for use with the sniffer */
2908#if defined(HAVE_ECC) && !defined(NO_ECC_SECP) && \
2909        (!defined(NO_ECC256) || defined(HAVE_ALL_CURVES))
2910    ret = wolfSSL_CTX_set_ephemeral_key(ctx, WC_PK_TYPE_ECDH,
2911        "./certs/statickeys/ecc-secp256r1.pem", 0, WOLFSSL_FILETYPE_PEM);
2912    if (ret != 0) {
2913        err_sys_ex(runWithErrors, "error loading static ECDH key");
2914    }
2915    {
2916        const byte* key = NULL;
2917        word32 keySz = 0;
2918        /* example for getting pointer to loaded static ephemeral key */
2919        wolfSSL_CTX_get_ephemeral_key(ctx, WC_PK_TYPE_ECDH, &key, &keySz);
2920        (void)key;
2921        (void)keySz;
2922    }
2923#endif
2924#ifndef NO_DH
2925    ret = wolfSSL_CTX_set_ephemeral_key(ctx, WC_PK_TYPE_DH,
2926        "./certs/statickeys/dh-ffdhe2048.pem", 0, WOLFSSL_FILETYPE_PEM);
2927    if (ret != 0) {
2928        err_sys_ex(runWithErrors, "error loading static DH key");
2929    }
2930#endif
2931#ifdef HAVE_CURVE25519
2932    ret = wolfSSL_CTX_set_ephemeral_key(ctx, WC_PK_TYPE_CURVE25519,
2933        "./certs/statickeys/x25519.pem", 0, WOLFSSL_FILETYPE_PEM);
2934    if (ret != 0) {
2935        err_sys_ex(runWithErrors, "error loading static X25519 key");
2936    }
2937#endif
2938#endif /* WOLFSSL_SNIFFER && WOLFSSL_STATIC_EPHEMERAL && WOLFSSL_PEM_TO_DER */
2939
2940    if (cipherList && !useDefCipherList) {
2941        if (wolfSSL_CTX_set_cipher_list(ctx, cipherList) != WOLFSSL_SUCCESS)
2942            err_sys_ex(runWithErrors, "server can't set custom cipher list");
2943    }
2944
2945#ifdef WOLFSSL_LEANPSK
2946    if (!usePsk) {
2947        usePsk = 1;
2948    }
2949#endif
2950
2951#if defined(NO_RSA) && !defined(HAVE_ECC) && !defined(HAVE_ED25519) && \
2952                                                            !defined(HAVE_ED448)
2953    if (!usePsk) {
2954        usePsk = 1;
2955    }
2956#endif
2957
2958    if (fewerPackets)
2959        wolfSSL_CTX_set_group_messages(ctx);
2960#if (defined(WOLFSSL_SCTP) || defined(WOLFSSL_DTLS_MTU)) && \
2961                                                           defined(WOLFSSL_DTLS)
2962    if (dtlsMTU)
2963        wolfSSL_CTX_dtls_set_mtu(ctx, (unsigned short)dtlsMTU);
2964#endif
2965
2966#ifdef WOLFSSL_SCTP
2967    if (dtlsSCTP)
2968        wolfSSL_CTX_dtls_set_sctp(ctx);
2969#endif
2970
2971#ifdef WOLFSSL_ENCRYPTED_KEYS
2972    wolfSSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
2973#endif
2974
2975#if !defined(NO_CERTS)
2976    if ((!usePsk || usePskPlus || usePskWithCerts) && !useAnon &&
2977            !(loadCertKeyIntoSSLObj == 1)) {
2978    #if defined(NO_FILESYSTEM) && defined(USE_CERT_BUFFERS_2048)
2979        if (wolfSSL_CTX_use_certificate_chain_buffer_format(ctx,
2980                server_cert_der_2048, sizeof_server_cert_der_2048,
2981                WOLFSSL_FILETYPE_ASN1) != WOLFSSL_SUCCESS)
2982            err_sys_ex(catastrophic, "can't load server cert buffer");
2983    #elif !defined(TEST_LOAD_BUFFER)
2984        #if defined(WOLFSSL_PEM_TO_DER)
2985        if (wolfSSL_CTX_use_certificate_chain_file(ctx, ourCert)
2986                                         != WOLFSSL_SUCCESS)
2987        #else
2988        if (wolfSSL_CTX_use_certificate_chain_file_format(ctx, ourCert,
2989                WOLFSSL_FILETYPE_ASN1) != WOLFSSL_SUCCESS)
2990        #endif
2991            err_sys_ex(catastrophic, "can't load server cert file, check file "
2992                       "and run from wolfSSL home dir");
2993    #else
2994        /* loads cert chain file using buffer API */
2995        load_buffer(ctx, ourCert, WOLFSSL_CERT_CHAIN);
2996    #endif
2997    }
2998#endif
2999
3000#ifndef NO_DH
3001    if (wolfSSL_CTX_SetMinDhKey_Sz(ctx, (word16)minDhKeyBits)
3002        != WOLFSSL_SUCCESS) {
3003        err_sys_ex(runWithErrors, "Error setting minimum DH key size");
3004    }
3005#endif
3006#ifndef NO_RSA
3007    if (wolfSSL_CTX_SetMinRsaKey_Sz(ctx, minRsaKeyBits) != WOLFSSL_SUCCESS){
3008        err_sys_ex(runWithErrors, "Error setting minimum RSA key size");
3009    }
3010#endif
3011#ifdef HAVE_ECC
3012    if (wolfSSL_CTX_SetMinEccKey_Sz(ctx, minEccKeyBits) != WOLFSSL_SUCCESS){
3013        err_sys_ex(runWithErrors, "Error setting minimum ECC key size");
3014    }
3015#endif
3016
3017#if !defined(NO_CERTS)
3018    #ifdef HAVE_PK_CALLBACKS
3019        pkCbInfo.ourKey = ourKey;
3020    #endif
3021    if ((!usePsk || usePskPlus || usePskWithCerts) && !useAnon
3022        && !(loadCertKeyIntoSSLObj == 1)
3023    #if defined(HAVE_PK_CALLBACKS) && defined(TEST_PK_PRIVKEY)
3024        && !pkCallbacks
3025    #endif /* HAVE_PK_CALLBACKS && TEST_PK_PRIVKEY */
3026    ) {
3027    #ifdef NO_FILESYSTEM
3028        if (wolfSSL_CTX_use_PrivateKey_buffer(ctx, server_key_der_2048,
3029            sizeof_server_key_der_2048, WOLFSSL_FILETYPE_ASN1) != WOLFSSL_SUCCESS)
3030            err_sys_ex(catastrophic, "can't load server private key buffer");
3031    #elif !defined(TEST_LOAD_BUFFER)
3032        #if defined(WOLFSSL_PEM_TO_DER)
3033        if (wolfSSL_CTX_use_PrivateKey_file(ctx, ourKey, WOLFSSL_FILETYPE_PEM)
3034                                         != WOLFSSL_SUCCESS)
3035        #else
3036        if (wolfSSL_CTX_use_PrivateKey_file(ctx, ourKey, WOLFSSL_FILETYPE_ASN1)
3037                                         != WOLFSSL_SUCCESS)
3038        #endif
3039            err_sys_ex(catastrophic, "can't load server private key file, "
3040                       "check file and run from wolfSSL home dir");
3041        #ifdef WOLFSSL_DUAL_ALG_CERTS
3042        if ((altPrivKey != NULL) &&
3043            wolfSSL_CTX_use_AltPrivateKey_file(ctx, altPrivKey,
3044                                               WOLFSSL_FILETYPE_PEM)
3045                                               != WOLFSSL_SUCCESS)
3046            err_sys_ex(catastrophic, "can't load alt private key file, "
3047                       "check file and run from wolfSSL home dir");
3048        #endif /* WOLFSSL_DUAL_ALG_CERTS */
3049    #else
3050        /* loads private key file using buffer API */
3051        load_buffer(ctx, ourKey, WOLFSSL_KEY);
3052    #endif
3053    }
3054#endif
3055
3056    if (usePsk || usePskPlus) {
3057#ifndef NO_PSK
3058        const char *defaultCipherList = cipherList;
3059
3060        wolfSSL_CTX_set_psk_server_callback(ctx, my_psk_server_cb);
3061    #ifdef WOLFSSL_TLS13
3062        wolfSSL_CTX_set_psk_server_tls13_callback(ctx, my_psk_server_tls13_cb);
3063    #if defined(WOLFSSL_CERT_WITH_EXTERN_PSK)
3064        if (usePskWithCerts) {
3065            if (wolfSSL_CTX_set_cert_with_extern_psk(ctx, 1) != WOLFSSL_SUCCESS) {
3066                err_sys_ex(runWithErrors,
3067                    "server can't enable cert_with_extern_psk");
3068            }
3069        }
3070    #endif
3071    #endif
3072        if (sendPskIdentityHint == 1)
3073            wolfSSL_CTX_use_psk_identity_hint(ctx, "cyassl server");
3074
3075        if (defaultCipherList == NULL && !usePskPlus) {
3076        #if defined(HAVE_AESGCM) && !defined(NO_DH)
3077            #ifdef WOLFSSL_TLS13
3078                defaultCipherList = "TLS13-AES128-GCM-SHA256"
3079                #ifndef WOLFSSL_NO_TLS12
3080                                    ":DHE-PSK-AES128-GCM-SHA256"
3081                #endif
3082                ;
3083            #else
3084                defaultCipherList = "DHE-PSK-AES128-GCM-SHA256";
3085            #endif
3086                needDH = 1;
3087        #elif defined(HAVE_AESGCM) && defined(WOLFSSL_TLS13)
3088                defaultCipherList = "TLS13-AES128-GCM-SHA256"
3089                #ifndef WOLFSSL_NO_TLS12
3090                                    ":PSK-AES128-GCM-SHA256"
3091                #endif
3092                ;
3093        #elif defined(HAVE_NULL_CIPHER)
3094                defaultCipherList = "PSK-NULL-SHA256";
3095        #elif !defined(NO_AES_CBC)
3096                defaultCipherList = "PSK-AES128-CBC-SHA256";
3097        #else
3098                defaultCipherList = "PSK-AES128-GCM-SHA256";
3099        #endif
3100            if (wolfSSL_CTX_set_cipher_list(ctx, defaultCipherList)
3101                != WOLFSSL_SUCCESS)
3102                err_sys_ex(runWithErrors, "server can't set cipher list 2");
3103        }
3104        wolfSSL_CTX_set_psk_callback_ctx(ctx, (void*)defaultCipherList);
3105#endif /* !NO_PSK */
3106    }
3107#ifndef NO_CERTS
3108    if (mutualAuth)
3109        wolfSSL_CTX_mutual_auth(ctx, 1);
3110#endif
3111
3112
3113#ifdef HAVE_ECC
3114    /* Use ECDHE key size that matches long term key.
3115     * Zero means use ctx->privateKeySz.
3116     * Default ECDHE_SIZE is 32 bytes
3117     */
3118    if (wolfSSL_CTX_SetTmpEC_DHE_Sz(ctx, 0) != WOLFSSL_SUCCESS){
3119        err_sys_ex(runWithErrors, "Error setting ECDHE size");
3120    }
3121#endif
3122
3123    if (useAnon) {
3124#ifdef HAVE_ANON
3125        wolfSSL_CTX_allow_anon_cipher(ctx);
3126        if (cipherList == NULL || (cipherList && useDefCipherList)) {
3127            const char* defaultCipherList;
3128            defaultCipherList = "ADH-AES256-GCM-SHA384:"
3129                                "ADH-AES128-SHA";
3130            if (wolfSSL_CTX_set_cipher_list(ctx, defaultCipherList)
3131                                                            != WOLFSSL_SUCCESS)
3132                err_sys_ex(runWithErrors, "server can't set cipher list 4");
3133        }
3134#endif
3135    }
3136
3137#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
3138    /* if not using PSK, verify peer with certs
3139       if using PSK Plus then verify peer certs except PSK suites */
3140    if (doCliCertCheck && (usePsk == 0 || usePskPlus) && useAnon == 0) {
3141        unsigned int verify_flags = 0;
3142        wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_PEER |
3143                            (usePskPlus ? WOLFSSL_VERIFY_FAIL_EXCEPT_PSK :
3144                                WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT),
3145                  (myVerifyAction == VERIFY_OVERRIDE_DATE_ERR ||
3146                   myVerifyAction == VERIFY_FORCE_FAIL) ? myVerify : NULL);
3147
3148    #ifdef TEST_BEFORE_DATE
3149        verify_flags |= WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY;
3150    #endif
3151    #if defined(OPENSSL_ALL) && defined(WOLFSSL_CERT_GEN) && \
3152    (defined(WOLFSSL_CERT_REQ) || defined(WOLFSSL_CERT_EXT)) && \
3153    !defined(NO_FILESYSTEM) && !defined(NO_WOLFSSL_DIR)
3154        if (useCertFolder) {
3155            WOLFSSL_X509_STORE      *store;
3156            WOLFSSL_X509_LOOKUP     *lookup;
3157
3158            store = wolfSSL_CTX_get_cert_store(ctx);
3159            if (store == NULL) {
3160                wolfSSL_CTX_free(ctx); ctx = NULL;
3161                err_sys("can't get WOLFSSL_X509_STORE");
3162            }
3163            lookup = wolfSSL_X509_STORE_add_lookup(store, X509_LOOKUP_hash_dir());
3164            if (lookup == NULL) {
3165                wolfSSL_CTX_free(ctx); ctx = NULL;
3166                err_sys("can't add lookup");
3167            }
3168            if (wolfSSL_X509_LOOKUP_ctrl(lookup, WOLFSSL_X509_L_ADD_DIR, caCertFolder,
3169                            X509_FILETYPE_PEM, NULL) != WOLFSSL_SUCCESS) {
3170                err_sys("X509_LOOKUP_ctrl w/ L_ADD_DIR failed");
3171            }
3172        } else {
3173    #endif
3174        if (wolfSSL_CTX_load_verify_locations_ex(ctx, verifyCert, 0,
3175            verify_flags) != WOLFSSL_SUCCESS) {
3176            err_sys_ex(catastrophic,
3177                       "can't load ca file, Please run from wolfSSL home dir");
3178        }
3179        #ifdef WOLFSSL_TRUST_PEER_CERT
3180        if (trustCert) {
3181            if (wolfSSL_CTX_trust_peer_cert(ctx, trustCert,
3182                                     WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) {
3183                err_sys_ex(runWithErrors, "can't load trusted peer cert file");
3184            }
3185        }
3186        #endif /* WOLFSSL_TRUST_PEER_CERT */
3187    #if defined(OPENSSL_ALL) && defined(WOLFSSL_CERT_GEN) && \
3188        (defined(WOLFSSL_CERT_REQ) || defined(WOLFSSL_CERT_EXT)) && \
3189        !defined(NO_FILESYSTEM) && !defined(NO_WOLFSSL_DIR)
3190        }
3191    #endif
3192   }
3193#endif
3194
3195#ifdef WOLFSSL_SNIFFER
3196    if (cipherList == NULL && version < 4) {
3197        /* static RSA or static ECC cipher suites */
3198        const char* staticCipherList = "AES128-SHA:ECDH-ECDSA-AES128-SHA";
3199        if (wolfSSL_CTX_set_cipher_list(ctx, staticCipherList) != WOLFSSL_SUCCESS) {
3200            err_sys_ex(runWithErrors, "server can't set cipher list 3");
3201        }
3202    }
3203#endif
3204
3205#ifdef HAVE_SNI
3206    if (sniHostName)
3207        if (wolfSSL_CTX_UseSNI(ctx, WOLFSSL_SNI_HOST_NAME, sniHostName,
3208                    (word16) XSTRLEN(sniHostName)) != WOLFSSL_SUCCESS)
3209            err_sys_ex(runWithErrors, "UseSNI failed");
3210#endif
3211
3212#ifdef HAVE_ECH
3213    if (echPublicName != NULL) {
3214        byte echConfig[512];
3215        word32 echConfigLen = sizeof(echConfig);
3216        char echConfigBase64[512];
3217        char* echConfigBase64Ptr;
3218        word32 echConfigBase64Len = sizeof(echConfigBase64);
3219
3220        if (wolfSSL_CTX_GenerateEchConfig(ctx, echPublicName, kemId, kdfId,
3221                aeadId) != WOLFSSL_SUCCESS) {
3222            err_sys_ex(runWithErrors, "GenerateEchConfig failed");
3223        }
3224        if (wolfSSL_CTX_GetEchConfigs(ctx, echConfig, &echConfigLen)
3225                != WOLFSSL_SUCCESS) {
3226            err_sys_ex(runWithErrors, "GetEchConfigs failed");
3227        }
3228        if (Base64_Encode_NoNl(echConfig, echConfigLen, (byte*)echConfigBase64,
3229                &echConfigBase64Len) != 0) {
3230            err_sys_ex(runWithErrors, "Base64_Encode_NoNl failed");
3231        }
3232        else {
3233            echConfigBase64Ptr = echConfigBase64;
3234            printf("ECH config (base64): ");
3235            while (echConfigBase64Len-- > 0) {
3236                printf("%c", *echConfigBase64Ptr++);
3237            }
3238            printf("\n");
3239        }
3240    }
3241#endif
3242
3243#ifdef WOLFSSL_ASYNC_CRYPT
3244    ret = wolfAsync_DevOpen(&devId);
3245    if (ret < 0) {
3246        LOG_ERROR("Async device open failed\nRunning without async\n");
3247    }
3248    wolfSSL_CTX_SetDevId(ctx, devId);
3249#endif /* WOLFSSL_ASYNC_CRYPT */
3250
3251#ifdef WOLFSSL_TLS13
3252    if (noPskDheKe)
3253        wolfSSL_CTX_no_dhe_psk(ctx);
3254#ifdef HAVE_SUPPORTED_CURVES
3255    if (onlyPskDheKe)
3256        wolfSSL_CTX_only_dhe_psk(ctx);
3257#endif
3258#endif
3259#ifdef HAVE_SESSION_TICKET
3260#ifdef WOLFSSL_TLS13
3261    if (noTicketTls13)
3262        wolfSSL_CTX_no_ticket_TLSv13(ctx);
3263#endif
3264#if !defined(WOLFSSL_NO_TLS12) || !defined(NO_OLD_TLS)
3265    if (noTicketTls12)
3266        wolfSSL_CTX_NoTicketTLSv12(ctx);
3267#endif
3268#endif
3269#if defined(HAVE_CRL) && !defined(NO_FILESYSTEM)
3270    if (!disableCRL) {
3271        /* Need to load CA's to confirm CRL signatures */
3272        unsigned int verify_flags = 0;
3273#ifdef TEST_BEFORE_DATE
3274        verify_flags |= WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY;
3275#endif
3276        if (wolfSSL_CTX_load_verify_locations_ex(ctx, verifyCert, 0,
3277            verify_flags) != WOLFSSL_SUCCESS) {
3278            err_sys_ex(catastrophic,
3279                       "can't load ca file, Please run from wolfSSL home dir");
3280        }
3281#ifdef HAVE_CRL_MONITOR
3282        crlFlags = WOLFSSL_CRL_MONITOR | WOLFSSL_CRL_START_MON;
3283#endif
3284        if (wolfSSL_CTX_EnableCRL(ctx, 0) != WOLFSSL_SUCCESS)
3285            err_sys_ex(runWithErrors, "unable to enable CRL");
3286        if (wolfSSL_CTX_LoadCRL(ctx, crlDir != NULL ? crlDir : crlPemDir,
3287                            WOLFSSL_FILETYPE_PEM, crlFlags) != WOLFSSL_SUCCESS)
3288            err_sys_ex(runWithErrors, "unable to load CRL");
3289        if (wolfSSL_CTX_SetCRL_Cb(ctx, CRL_CallBack) != WOLFSSL_SUCCESS)
3290            err_sys_ex(runWithErrors, "unable to set CRL callback url");
3291    }
3292#endif
3293
3294
3295    while (1) {
3296        /* allow resume option */
3297        if (resumeCount > 1) {
3298            if (dtlsUDP == 0) {
3299                client_len = sizeof client_addr;
3300                clientfd = accept(sockfd, (struct sockaddr*)&client_addr,
3301                                 (ACCEPT_THIRD_T)&client_len);
3302            }
3303            else {
3304                tcp_listen(&sockfd, &port, useAnyAddr, dtlsUDP, dtlsSCTP);
3305                clientfd = sockfd;
3306            }
3307            if (WOLFSSL_SOCKET_IS_INVALID(clientfd)) {
3308                err_sys_ex(runWithErrors, "tcp accept failed");
3309            }
3310        }
3311#if defined(WOLFSSL_STATIC_MEMORY) && defined(DEBUG_WOLFSSL) && \
3312    !defined(WOLFSSL_STATIC_MEMORY_LEAN)
3313        LOG_ERROR("Before creating SSL\n");
3314        if (wolfSSL_CTX_is_static_memory(ctx, &mem_stats) != 1)
3315            err_sys_ex(runWithErrors, "ctx not using static memory");
3316        if (wolfSSL_PrintStats(&mem_stats) != 1) /* function in test.h */
3317            err_sys_ex(runWithErrors, "error printing out memory stats");
3318#endif
3319
3320    if (doMcast) {
3321#ifdef WOLFSSL_MULTICAST
3322        wolfSSL_CTX_mcast_set_member_id(ctx, mcastID);
3323        if (wolfSSL_CTX_set_cipher_list(ctx, "WDM-NULL-SHA256")
3324            != WOLFSSL_SUCCESS)
3325            err_sys("Couldn't set multicast cipher list.");
3326#endif
3327    }
3328
3329    if (doDTLS && dtlsUDP) {
3330#if defined(WOLFSSL_DTLS) && defined(USE_WOLFSSL_IO)
3331        if (doBlockSeq) {
3332            wolfSSL_CTX_SetIOSend(ctx, TestEmbedSendTo);
3333        }
3334#endif
3335    }
3336
3337#ifdef HAVE_PK_CALLBACKS
3338    if (pkCallbacks)
3339        SetupPkCallbacks(ctx);
3340#endif
3341
3342    ssl = wolfSSL_new(ctx);
3343    if (ssl == NULL)
3344        err_sys_ex(catastrophic, "unable to create an SSL object");
3345
3346#if defined(OPENSSL_EXTRA) || defined(HAVE_SECRET_CALLBACK)
3347    wolfSSL_KeepArrays(ssl);
3348#endif
3349
3350    /* Support for loading private key and cert using WOLFSSL object */
3351#if !defined(NO_CERTS)
3352    if ((!usePsk || usePskPlus || usePskWithCerts) && !useAnon &&
3353            loadCertKeyIntoSSLObj) {
3354    #if defined(NO_FILESYSTEM) && defined(USE_CERT_BUFFERS_2048)
3355        if (wolfSSL_use_certificate_chain_buffer_format(ssl,
3356                server_cert_der_2048, sizeof_server_cert_der_2048,
3357                WOLFSSL_FILETYPE_ASN1) != WOLFSSL_SUCCESS)
3358            err_sys_ex(catastrophic, "can't load server cert buffer");
3359    #elif !defined(TEST_LOAD_BUFFER)
3360        if (wolfSSL_use_certificate_chain_file(ssl, ourCert)
3361                                         != WOLFSSL_SUCCESS)
3362            err_sys_ex(catastrophic, "can't load server cert file, check file "
3363                       "and run from wolfSSL home dir");
3364    #else
3365        /* loads cert chain file using buffer API */
3366        load_ssl_buffer(ssl, ourCert, WOLFSSL_CERT_CHAIN);
3367    #endif
3368    }
3369
3370    if ((!usePsk || usePskPlus || usePskWithCerts) && !useAnon &&
3371        loadCertKeyIntoSSLObj
3372    #if defined(HAVE_PK_CALLBACKS) && defined(TEST_PK_PRIVKEY)
3373        && !pkCallbacks
3374    #endif /* HAVE_PK_CALLBACKS && TEST_PK_PRIVKEY */
3375    ) {
3376    #if defined(NO_FILESYSTEM)
3377        if (wolfSSL_use_PrivateKey_buffer(ssl, server_key_der_2048,
3378            sizeof_server_key_der_2048, WOLFSSL_FILETYPE_ASN1) != WOLFSSL_SUCCESS)
3379            err_sys_ex(catastrophic, "can't load server private key buffer");
3380    #elif !defined(TEST_LOAD_BUFFER)
3381        if (wolfSSL_use_PrivateKey_file(ssl, ourKey, WOLFSSL_FILETYPE_PEM)
3382                                         != WOLFSSL_SUCCESS)
3383            err_sys_ex(catastrophic, "can't load server private key file, check"
3384                       "file and run from wolfSSL home dir");
3385    #else
3386        /* loads private key file using buffer API */
3387        load_ssl_buffer(ssl, ourKey, WOLFSSL_KEY);
3388    #endif
3389    }
3390#endif /* !NO_CERTS */
3391
3392#ifdef WOLFSSL_SEND_HRR_COOKIE
3393        if (hrrCookie == 1 && wolfSSL_send_hrr_cookie(ssl, NULL, 0)
3394            != WOLFSSL_SUCCESS) {
3395            err_sys("unable to set use of cookie with HRR msg");
3396        }
3397        else if (hrrCookie == -1) {
3398            wolfSSL_disable_hrr_cookie(ssl);
3399        }
3400#endif
3401
3402#if defined(WOLFSSL_STATIC_MEMORY) && defined(DEBUG_WOLFSSL) && \
3403    !defined(WOLFSSL_STATIC_MEMORY_LEAN)
3404        LOG_ERROR("After creating SSL\n");
3405        if (wolfSSL_CTX_is_static_memory(ctx, &mem_stats) != 1)
3406            err_sys_ex(runWithErrors, "ctx not using static memory");
3407        if (wolfSSL_PrintStats(&mem_stats) != 1) /* function in test.h */
3408            err_sys_ex(runWithErrors, "error printing out memory stats");
3409#endif
3410
3411    if (doMcast) {
3412#ifdef WOLFSSL_MULTICAST
3413        /* DTLS multicast secret for testing only */
3414        #define CLI_SRV_RANDOM_SZ 32     /* RAN_LEN (see internal.h) */
3415        #define PMS_SZ            512    /* ENCRYPT_LEN (see internal.h) */
3416        byte pms[PMS_SZ];                /* pre master secret */
3417        byte cr[CLI_SRV_RANDOM_SZ];      /* client random */
3418        byte sr[CLI_SRV_RANDOM_SZ];      /* server random */
3419        const byte suite[2] = {0, 0xfe}; /* WDM_WITH_NULL_SHA256 */
3420
3421        XMEMSET(pms, 0x23, sizeof(pms));
3422        XMEMSET(cr, 0xA5, sizeof(cr));
3423        XMEMSET(sr, 0x5A, sizeof(sr));
3424
3425        if (wolfSSL_set_secret(ssl, 1, pms, sizeof(pms), cr, sr, suite)
3426                != WOLFSSL_SUCCESS) {
3427            err_sys("unable to set mcast secret");
3428        }
3429#endif
3430    }
3431
3432#ifdef HAVE_SECURE_RENEGOTIATION
3433        if (scr) {
3434            if (wolfSSL_UseSecureRenegotiation(ssl) != WOLFSSL_SUCCESS) {
3435                err_sys_ex(runWithErrors, "can't enable secure renegotiation");
3436            }
3437        }
3438#endif /* HAVE_SECURE_RENEGOTIATION */
3439
3440#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
3441    #if defined(WOLFSSL_TLS13) && defined(WOLFSSL_POST_HANDSHAKE_AUTH)
3442        if (postHandAuth) {
3443            unsigned int verify_flags = 0;
3444
3445        #ifdef TEST_BEFORE_DATE
3446            verify_flags |= WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY;
3447        #endif
3448
3449            if (wolfSSL_CTX_load_verify_locations_ex(ctx, verifyCert, 0,
3450                                                     verify_flags)
3451                                                     != WOLFSSL_SUCCESS) {
3452                err_sys_ex(runWithErrors, "can't load ca file, Please run from "
3453                                          "wolfSSL home dir");
3454            }
3455            #ifdef WOLFSSL_TRUST_PEER_CERT
3456            if (trustCert) {
3457                if (wolfSSL_trust_peer_cert(ssl, trustCert,
3458                                     WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) {
3459                    err_sys_ex(runWithErrors, "can't load trusted peer cert "
3460                                              "file");
3461                }
3462            }
3463            #endif /* WOLFSSL_TRUST_PEER_CERT */
3464       }
3465    #endif
3466#endif
3467
3468
3469#ifndef NO_HANDSHAKE_DONE_CB
3470        wolfSSL_SetHsDoneCb(ssl, myHsDoneCb, NULL);
3471#endif
3472#ifdef HAVE_OCSP
3473        if (useOcsp) {
3474            if (ocspUrl != NULL) {
3475                wolfSSL_CTX_SetOCSP_OverrideURL(ctx, ocspUrl);
3476                wolfSSL_CTX_EnableOCSP(ctx, WOLFSSL_OCSP_NO_NONCE
3477                                                   | WOLFSSL_OCSP_URL_OVERRIDE);
3478            }
3479            else
3480                wolfSSL_CTX_EnableOCSP(ctx, WOLFSSL_OCSP_NO_NONCE);
3481        }
3482#ifndef NO_RSA
3483    /* All the OCSP Stapling test certs are RSA. */
3484#if !defined(NO_FILESYSTEM) && (\
3485       defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
3486    || defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2))
3487        { /* scope start */
3488            const char* ca1 = "certs/ocsp/intermediate1-ca-cert.pem";
3489            const char* ca2 = "certs/ocsp/intermediate2-ca-cert.pem";
3490            const char* ca3 = "certs/ocsp/intermediate3-ca-cert.pem";
3491            int fails = 0;
3492
3493            if (wolfSSL_CTX_EnableOCSPStapling(ctx) != WOLFSSL_SUCCESS) {
3494                err_sys_ex(catastrophic, "can't enable OCSP Stapling "
3495                           "Certificate Manager");
3496            }
3497            if (wolfSSL_CTX_load_verify_locations(ctx, ca1, 0) != WOLFSSL_SUCCESS) {
3498                fails++;
3499                err_sys_ex(runWithErrors, "can't load ca file, Please run from "
3500                           "wolfSSL home dir");
3501            }
3502            if (wolfSSL_CTX_load_verify_locations(ctx, ca2, 0) != WOLFSSL_SUCCESS) {
3503                fails++;
3504                err_sys_ex(runWithErrors, "can't load ca file, Please run from "
3505                           "wolfSSL home dir");
3506            }
3507            if (wolfSSL_CTX_load_verify_locations(ctx, ca3, 0) != WOLFSSL_SUCCESS) {
3508                fails++;
3509                err_sys_ex(runWithErrors, "can't load ca file, Please run from "
3510                           "wolfSSL home dir");
3511            }
3512            if (fails > 2) {
3513                err_sys_ex(catastrophic, "Failed to load any intermediates for "
3514                           "OCSP stapling test");
3515            }
3516        } /* scope end */
3517#endif /* HAVE_CERTIFICATE_STATUS_REQUEST HAVE_CERTIFICATE_STATUS_REQUEST_V2 */
3518#endif /* NO_RSA */
3519#endif /* HAVE_OCSP */
3520
3521    #ifdef HAVE_PK_CALLBACKS
3522        /* This must be before SetKeyShare */
3523        if (pkCallbacks) {
3524            SetupPkCallbackContexts(ssl, &pkCbInfo);
3525        }
3526    #endif
3527
3528    #if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES)
3529        if (version >= 4 || version == -4) {
3530            #ifdef CAN_FORCE_CURVE
3531            if (force_curve_group_id > 0) {
3532                do {
3533                    ret = wolfSSL_UseKeyShare(ssl, (word16)force_curve_group_id);
3534                    if (ret == WOLFSSL_SUCCESS) {
3535
3536                    }
3537                    #ifdef WOLFSSL_ASYNC_CRYPT
3538                    else if (ret == WC_NO_ERR_TRACE(WC_PENDING_E)) {
3539                        wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
3540                    }
3541                    #endif
3542                    else {
3543                        err_sys("Failed wolfSSL_UseKeyShare in force-curve");
3544                    }
3545                } while (ret == WC_NO_ERR_TRACE(WC_PENDING_E));
3546                ret = wolfSSL_set_groups(ssl, &force_curve_group_id, 1);
3547                if (WOLFSSL_SUCCESS != ret) {
3548                    err_sys("Failed wolfSSL_set_groups in force-curve");
3549                }
3550            }
3551            else
3552            #endif
3553                SetKeyShare(ssl, onlyKeyShare, useX25519, useX448, usePqc,
3554                    pqcAlg);
3555        }
3556    #endif
3557
3558    #ifdef HAVE_ENCRYPT_THEN_MAC
3559        if (disallowETM)
3560            wolfSSL_AllowEncryptThenMac(ssl, 0);
3561    #endif
3562
3563
3564        /* do accept */
3565        readySignal = ((func_args*)args)->signal;
3566        if (readySignal) {
3567            readySignal->srfName = serverReadyFile;
3568        }
3569
3570        client_len = sizeof client_addr;
3571        tcp_accept(&sockfd, &clientfd, (func_args*)args, port, useAnyAddr,
3572                   dtlsUDP, dtlsSCTP, serverReadyFile ? 1 : 0, doListen,
3573                   &client_addr, &client_len);
3574
3575        doListen = 0; /* Don't listen next time */
3576
3577        if (port == 0) {
3578            port = readySignal->port;
3579        }
3580
3581        if (wolfSSL_set_fd(ssl, clientfd) != WOLFSSL_SUCCESS) {
3582            err_sys_ex(catastrophic, "error in setting fd");
3583        }
3584
3585#ifdef HAVE_TRUSTED_CA
3586        if (trustedCaKeyId) {
3587            if (wolfSSL_UseTrustedCA(ssl, WOLFSSL_TRUSTED_CA_PRE_AGREED,
3588                        NULL, 0) != WOLFSSL_SUCCESS) {
3589                err_sys_ex(runWithErrors, "UseTrustedCA failed");
3590            }
3591        }
3592#endif /* HAVE_TRUSTED_CA */
3593
3594#ifdef HAVE_ALPN
3595        if (alpnList != NULL) {
3596            printf("ALPN accepted protocols list : %s\n", alpnList);
3597            wolfSSL_UseALPN(ssl, alpnList, (word32)XSTRLEN(alpnList), alpn_opt);
3598        }
3599#endif
3600
3601#if defined(WOLFSSL_DTLS) && defined(USE_WOLFSSL_IO)
3602        if (doDTLS && dtlsUDP) {
3603            byte          b[1500];
3604            int           isClientHello = 0;
3605
3606            while (!isClientHello) {
3607                int n;
3608
3609                client_len = sizeof client_addr;
3610
3611                /* For DTLS, peek at the next datagram so we can get the
3612                 * client's address and set it into the ssl object later to
3613                 * generate the cookie. */
3614                n = (int)recvfrom(clientfd, (char*)b, sizeof(b), MSG_PEEK,
3615                                  (struct sockaddr*)&client_addr, &client_len);
3616
3617                if (n <= 0)
3618                    err_sys_ex(runWithErrors, "recvfrom failed");
3619
3620                /* when doing resumption, it may happen that we receive the
3621                   alert used to shutdown the first connection as the first
3622                   packet of the second accept:
3623
3624                   Client                |    Server
3625                                         |    WolfSSL_Shutdown()
3626                                         |    <- Alert
3627                                         |    recvfrom(peek)
3628                   WolfSSL_Shutdown()    |
3629                   Alert->               |
3630                                         |    wolfSSL_set_dtls_peer()
3631
3632                   but this will set the wrong src port, making the test fail.
3633                   Discard not-handshake message to avoid this.
3634                */
3635                if (b[0] != 0x16) {
3636                    /* discard the packet */
3637                    n = (int)recvfrom(clientfd, (char *)b, sizeof(b), 0,
3638                        (struct sockaddr *)&client_addr, &client_len);
3639
3640                    if (n <= 0)
3641                        err_sys_ex(runWithErrors, "recvfrom failed");
3642                }
3643                else {
3644                    isClientHello = 1;
3645                }
3646            }
3647
3648            if (doBlockSeq) {
3649                XMEMCPY(&dtlsCtx.peer.sa, &client_addr, client_len);
3650                dtlsCtx.peer.sz = client_len;
3651                dtlsCtx.wfd = clientfd;
3652                dtlsCtx.failOnce = 1;
3653
3654                wolfSSL_SetIOWriteCtx(ssl, &dtlsCtx);
3655            }
3656            else {
3657                wolfSSL_dtls_set_peer(ssl, &client_addr, client_len);
3658            }
3659            if (simulateWantWrite) {
3660#ifdef USE_WOLFSSL_IO
3661                /* connect on a udp to associate peer with this fd to make it
3662                 * simpler for SimulateWantWriteIOSendCb */
3663                if (connect(clientfd, (struct sockaddr*)&client_addr,
3664                                        client_len) != 0) {
3665                    err_sys_ex(catastrophic, "error in connecting to peer");
3666                }
3667                wolfSSL_SetIOWriteCtx(ssl, (void*)&sockfd);
3668#endif
3669            }
3670        }
3671#endif
3672
3673#ifdef WOLFSSL_WOLFSENTRY_HOOKS
3674        {
3675            SOCKADDR_IN_T local_addr;
3676            socklen_t local_len = sizeof(local_addr);
3677            getsockname(clientfd, (struct sockaddr *)&local_addr,
3678                        (socklen_t *)&local_len);
3679
3680            if (((struct sockaddr *)&client_addr)->sa_family !=
3681                ((struct sockaddr *)&local_addr)->sa_family)
3682                err_sys_ex(catastrophic,
3683                           "client_addr.sa_family != local_addr.sa_family");
3684
3685            if (wolfsentry_store_endpoints(
3686                    ssl, &client_addr, &local_addr,
3687                    dtlsUDP ? IPPROTO_UDP : IPPROTO_TCP,
3688                    WOLFSENTRY_ROUTE_FLAG_DIRECTION_IN, NULL) != WOLFSSL_SUCCESS)
3689                err_sys_ex(catastrophic,
3690                           "error in wolfsentry_store_endpoints()");
3691        }
3692#endif /* WOLFSSL_WOLFSENTRY_HOOKS */
3693
3694        if ((usePsk == 0 || usePskPlus) || useAnon == 1 || cipherList != NULL
3695                                                               || needDH == 1) {
3696            #if !defined(NO_FILESYSTEM) && !defined(NO_DH) && !defined(NO_ASN)
3697                wolfSSL_SetTmpDH_file(ssl, ourDhParam, WOLFSSL_FILETYPE_PEM);
3698            #elif !defined(NO_DH)
3699                SetDH(ssl);  /* repick suites with DHE, higher priority than
3700                              * PSK */
3701            #endif
3702#if !defined(NO_DH) && !defined(WOLFSSL_OLD_PRIME_CHECK) && \
3703    !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
3704            if (!doDhKeyCheck)
3705                wolfSSL_SetEnableDhKeyTest(ssl, 0);
3706#endif
3707        }
3708
3709#ifdef WOLFSSL_DTLS_CID
3710    if (useDtlsCID) {
3711        ret = wolfSSL_dtls_cid_use(ssl);
3712        if (ret != WOLFSSL_SUCCESS)
3713            err_sys("Can't enable DTLS ConnectionID");
3714        ret = wolfSSL_dtls_cid_set(ssl, (byte*)dtlsCID,
3715            (word32)XSTRLEN(dtlsCID));
3716        if (ret != WOLFSSL_SUCCESS)
3717            err_sys("Can't set DTLS ConnectionID");
3718    }
3719#endif /* WOLFSSL_DTLS_CID */
3720
3721#ifdef WOLFSSL_DTLS_CH_FRAG
3722    if (doDTLS)
3723        wolfSSL_dtls13_allow_ch_frag(ssl, 1);
3724#endif
3725
3726#ifndef WOLFSSL_CALLBACKS
3727        if (nonBlocking) {
3728            #ifdef WOLFSSL_DTLS
3729            if (doDTLS) {
3730                wolfSSL_dtls_set_using_nonblock(ssl, 1);
3731            }
3732            #endif
3733            tcp_set_nonblocking(&clientfd);
3734
3735            ret = NonBlockingSSL_Accept(ssl);
3736        }
3737        else {
3738    #ifdef WOLFSSL_EARLY_DATA
3739            if (earlyData) {
3740                do {
3741                    int len;
3742                    err = 0; /* reset error */
3743                    ret = wolfSSL_read_early_data(ssl, input, sizeof(input)-1,
3744                                                                          &len);
3745                    if (ret <= 0) {
3746                        err = wolfSSL_get_error(ssl, 0);
3747                    #ifdef WOLFSSL_ASYNC_CRYPT
3748                        if (err == WC_NO_ERR_TRACE(WC_PENDING_E)) {
3749                            /* returns the number of polled items or <0 for
3750                             * error */
3751                            ret = wolfSSL_AsyncPoll(ssl,
3752                                                    WOLF_POLL_FLAG_CHECK_HW);
3753                            if (ret < 0) break;
3754                        }
3755                    #endif
3756                    }
3757                    else if (ret > 0) {
3758                        input[ret] = 0; /* null terminate message */
3759                        printf("Early Data Client message: %s\n", input);
3760                    }
3761                } while (err == WC_NO_ERR_TRACE(WC_PENDING_E) || ret > 0);
3762            }
3763    #endif
3764            WOLFSSL_ASYNC_WHILE_PENDING(ret = wolfSSL_accept(ssl),
3765                                        ret != WOLFSSL_SUCCESS);
3766        }
3767#else
3768        if (nonBlocking) {
3769            #ifdef WOLFSSL_DTLS
3770            if (doDTLS) {
3771                wolfSSL_dtls_set_using_nonblock(ssl, 1);
3772            }
3773            #endif
3774            tcp_set_nonblocking(&clientfd);
3775        }
3776        ret = NonBlockingSSL_Accept(ssl);
3777#endif
3778#ifdef WOLFSSL_EARLY_DATA
3779        EarlyDataStatus(ssl);
3780#endif
3781        if (ret != WOLFSSL_SUCCESS) {
3782            err = wolfSSL_get_error(ssl, ret);
3783            LOG_ERROR("SSL_accept error %d, %s\n", err,
3784                                            wolfSSL_ERR_error_string((unsigned long)err, buffer));
3785            if (exitWithRet || !runWithErrors) {
3786                /* cleanup before exit */
3787                wolfSSL_free(ssl); ssl = NULL;
3788                wolfSSL_CTX_free(ctx); ctx = NULL;
3789                CloseSocket(clientfd);
3790                CloseSocket(sockfd);
3791            }
3792            if (!exitWithRet) {
3793                err_sys_ex(runWithErrors, "SSL_accept failed");
3794            } else {
3795                ((func_args*)args)->return_code = err;
3796                goto exit;
3797            }
3798        }
3799
3800        showPeerEx(ssl, lng_index);
3801        if (wolfSSL_state(ssl) != 0) {
3802            err_sys_ex(runWithErrors, "SSL in error state");
3803        }
3804
3805        /* if the caller requested a particular cipher, check here that either
3806         * a canonical name of the established cipher matches the requested
3807         * cipher name, or the requested cipher name is marked as an alias
3808         * that matches the established cipher.
3809         */
3810        if (cipherList && !useDefCipherList && (! XSTRSTR(cipherList, ":"))) {
3811            WOLFSSL_CIPHER* established_cipher = wolfSSL_get_current_cipher(ssl);
3812            byte requested_cipherSuite0, requested_cipherSuite;
3813            int requested_cipherFlags;
3814            if (established_cipher &&
3815                /* don't test for pseudo-ciphers like "ALL" and "DEFAULT". */
3816                (wolfSSL_get_cipher_suite_from_name(cipherList,
3817                                                    &requested_cipherSuite0,
3818                                                    &requested_cipherSuite,
3819                                                    &requested_cipherFlags) == 0)) {
3820                word32 established_cipher_id = wolfSSL_CIPHER_get_id(established_cipher);
3821                byte established_cipherSuite0 = (established_cipher_id >> 8) & 0xff;
3822                byte established_cipherSuite = established_cipher_id & 0xff;
3823                const char *established_cipher_name =
3824                    wolfSSL_get_cipher_name_from_suite(established_cipherSuite0,
3825                                                       established_cipherSuite);
3826                const char *established_cipher_name_iana =
3827                    wolfSSL_get_cipher_name_iana_from_suite(established_cipherSuite0,
3828                                                            established_cipherSuite);
3829
3830                if (established_cipher_name == NULL)
3831                    err_sys_ex(catastrophic, "error looking up name of established cipher");
3832
3833                if (strcmp(cipherList, established_cipher_name) &&
3834                    ((established_cipher_name_iana == NULL) ||
3835                     strcmp(cipherList, established_cipher_name_iana))) {
3836                    if (! (requested_cipherFlags & WOLFSSL_CIPHER_SUITE_FLAG_NAMEALIAS))
3837                        err_sys_ex(
3838                            catastrophic,
3839                            "Unexpected mismatch between names of requested and established ciphers.");
3840                    else if ((requested_cipherSuite0 != established_cipherSuite0) ||
3841                             (requested_cipherSuite != established_cipherSuite))
3842                        err_sys_ex(
3843                            catastrophic,
3844                            "Mismatch between IDs of requested and established ciphers.");
3845                }
3846            }
3847        }
3848
3849#if defined(OPENSSL_EXTRA) || defined(HAVE_SECRET_CALLBACK)
3850    {
3851        byte*  rnd = NULL;
3852        size_t size;
3853
3854        /* get size of buffer then print */
3855        size = wolfSSL_get_server_random(NULL, NULL, 0);
3856        if (size == 0) {
3857            err_sys_ex(runWithErrors, "error getting server random buffer "
3858                       "size");
3859        }
3860        else {
3861            rnd = (byte*)XMALLOC(size, NULL, DYNAMIC_TYPE_TMP_BUFFER);
3862        }
3863
3864        if (rnd == NULL) {
3865            err_sys_ex(runWithErrors, "error creating server random buffer");
3866        }
3867
3868        size = wolfSSL_get_server_random(ssl, rnd, size);
3869        if (size == 0) {
3870            XFREE(rnd, NULL, DYNAMIC_TYPE_TMP_BUFFER);
3871            rnd = NULL;
3872            err_sys_ex(runWithErrors, "error getting server random buffer");
3873        }
3874
3875        if (rnd) {
3876            byte*  pt;
3877            printf("Server Random : ");
3878            for (pt = rnd; pt < rnd + size; pt++) printf("%02X", *pt);
3879            printf("\n");
3880
3881            XFREE(rnd, NULL, DYNAMIC_TYPE_TMP_BUFFER);
3882            rnd = NULL;
3883        }
3884    }
3885#endif
3886
3887#ifdef WOLFSSL_SRTP
3888    if (dtlsSrtpProfiles != NULL) {
3889        err = server_srtp_test(ssl, (func_args*)args);
3890        if (err != 0) {
3891            if (exitWithRet) {
3892                ((func_args*)args)->return_code = err;
3893                wolfSSL_free(ssl); ssl = NULL;
3894                wolfSSL_CTX_free(ctx); ctx = NULL;
3895                goto exit;
3896            }
3897            /* else */
3898            err_sys("SRTP check failed");
3899        }
3900    }
3901#endif /* WOLFSSL_SRTP */
3902
3903#ifdef WOLFSSL_DTLS_CID
3904    if (useDtlsCID && wolfSSL_dtls_cid_is_enabled(ssl)) {
3905        byte receivedCID[DTLS_CID_BUFFER_SIZE];
3906        unsigned int receivedCIDSz;
3907        printf("CID extension was negotiated\n");
3908        ret = wolfSSL_dtls_cid_get_tx_size(ssl, &receivedCIDSz);
3909        if (ret == WOLFSSL_SUCCESS && receivedCIDSz > 0) {
3910            ret = wolfSSL_dtls_cid_get_tx(ssl, receivedCID,
3911                DTLS_CID_BUFFER_SIZE - 1);
3912            if (ret != WOLFSSL_SUCCESS)
3913                err_sys("Can't get negotiated DTLS CID\n");
3914
3915            printf("Sending CID is ");
3916            printBuffer(receivedCID, receivedCIDSz);
3917            printf("\n");
3918        }
3919        else {
3920            printf("other peer provided empty CID\n");
3921        }
3922    }
3923#endif
3924
3925#ifdef HAVE_ALPN
3926        if (alpnList != NULL) {
3927            char *protocol_name = NULL, *list = NULL;
3928            word16 protocol_nameSz = 0, listSz = 0;
3929
3930            err = wolfSSL_ALPN_GetProtocol(ssl, &protocol_name,
3931                                           &protocol_nameSz);
3932            if (err == WOLFSSL_SUCCESS)
3933                printf("Sent ALPN protocol : %s (%d)\n",
3934                       protocol_name, protocol_nameSz);
3935            else if (err == WC_NO_ERR_TRACE(WOLFSSL_ALPN_NOT_FOUND))
3936                printf("No ALPN response sent (no match)\n");
3937            else
3938                printf("Getting ALPN protocol name failed\n");
3939
3940            err = wolfSSL_ALPN_GetPeerProtocol(ssl, &list, &listSz);
3941            if (err == WOLFSSL_SUCCESS)
3942                printf("List of protocol names sent by Client: %s (%d)\n",
3943                       list, listSz);
3944            else
3945                printf("Get list of client's protocol name failed\n");
3946
3947            (void)wolfSSL_ALPN_FreePeerProtocol(ssl, &list);
3948        }
3949#endif
3950
3951        if (echoData == 0 && throughput == 0) {
3952            ServerRead(ssl, input, sizeof(input)-1);
3953            err = wolfSSL_get_error(ssl, 0);
3954        }
3955
3956#if defined(HAVE_SECURE_RENEGOTIATION) && \
3957    defined(HAVE_SERVER_RENEGOTIATION_INFO)
3958        if (scr && forceScr) {
3959            if (nonBlocking) {
3960                if (wolfSSL_Rehandshake(ssl) != WOLFSSL_SUCCESS) {
3961                    err = wolfSSL_get_error(ssl, 0);
3962                    if (err == WOLFSSL_ERROR_WANT_READ ||
3963                            err == WOLFSSL_ERROR_WANT_WRITE) {
3964                        do {
3965                        #ifdef WOLFSSL_ASYNC_CRYPT
3966                            if (err == WC_NO_ERR_TRACE(WC_PENDING_E)) {
3967                                ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
3968                                if (ret < 0) break;
3969                            }
3970                        #endif
3971                            if (err == WC_NO_ERR_TRACE(APP_DATA_READY)) {
3972                                if (wolfSSL_read(ssl, input, sizeof(input)-1) < 0) {
3973                                    err_sys("APP DATA should be present but error returned");
3974                                }
3975                                printf("Received message: %s\n", input);
3976                            }
3977                            err = 0;
3978                            if ((ret = wolfSSL_accept(ssl)) != WOLFSSL_SUCCESS) {
3979                                err = wolfSSL_get_error(ssl, ret);
3980                            }
3981                        } while (ret != WOLFSSL_SUCCESS &&
3982                                (err == WOLFSSL_ERROR_WANT_READ ||
3983                                 err == WOLFSSL_ERROR_WANT_WRITE ||
3984                                 err == WC_NO_ERR_TRACE(APP_DATA_READY) ||
3985                                 err == WC_NO_ERR_TRACE(WC_PENDING_E)));
3986
3987                        if (ret == WOLFSSL_SUCCESS) {
3988                            printf("NON-BLOCKING RENEGOTIATION SUCCESSFUL\n");
3989                            err = 0;
3990                        }
3991                    }
3992                    if (ret != WOLFSSL_SUCCESS) {
3993                        err = wolfSSL_get_error(ssl, 0);
3994                        LOG_ERROR(
3995                            "wolfSSL_Rehandshake error %d, %s\n", err,
3996                            wolfSSL_ERR_error_string(err, buffer));
3997                        wolfSSL_free(ssl); ssl = NULL;
3998                        wolfSSL_CTX_free(ctx); ctx = NULL;
3999                        err_sys("non-blocking wolfSSL_Rehandshake failed");
4000                    }
4001                }
4002            } else {
4003                if (wolfSSL_Rehandshake(ssl) != WOLFSSL_SUCCESS) {
4004#ifdef WOLFSSL_ASYNC_CRYPT
4005                    err = wolfSSL_get_error(ssl, 0);
4006                    while (err == WC_NO_ERR_TRACE(WC_PENDING_E)) {
4007                        err = 0;
4008                        ret = wolfSSL_negotiate(ssl);
4009                        if (ret != WOLFSSL_SUCCESS) {
4010                            err = wolfSSL_get_error(ssl, 0);
4011                            if (err == WC_NO_ERR_TRACE(WC_PENDING_E)) {
4012                                ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
4013                                if (ret < 0) break;
4014                            }
4015                        }
4016                    }
4017                    if (ret != WOLFSSL_SUCCESS)
4018#endif
4019                        printf("not doing secure renegotiation\n");
4020                }
4021                else {
4022                    printf("RENEGOTIATION SUCCESSFUL\n");
4023                }
4024            }
4025        }
4026#endif /* HAVE_SECURE_RENEGOTIATION */
4027
4028        if (err == 0 && echoData == 0 && throughput == 0) {
4029            const char* write_msg;
4030            int write_msg_sz;
4031
4032#ifdef WOLFSSL_TLS13
4033            if (updateKeysIVs)
4034                wolfSSL_update_keys(ssl);
4035#endif
4036
4037#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
4038    #if defined(WOLFSSL_TLS13) && defined(WOLFSSL_POST_HANDSHAKE_AUTH)
4039            if (postHandAuth) {
4040
4041                wolfSSL_set_verify(ssl, WOLFSSL_VERIFY_PEER |
4042                               ((usePskPlus) ? WOLFSSL_VERIFY_FAIL_EXCEPT_PSK :
4043                                WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT), 0);
4044
4045                if (wolfSSL_request_certificate(ssl) != WOLFSSL_SUCCESS) {
4046                    LOG_ERROR("Request for post-hs certificate failed\n");
4047                }
4048                else {
4049                    LOG_ERROR("Successfully requested post-hs certificate\n");
4050                }
4051            }
4052
4053    #endif
4054#endif
4055#if defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET)
4056            if (sendTicket) {
4057                if (wolfSSL_send_SessionTicket(ssl) != WOLFSSL_SUCCESS) {
4058                    LOG_ERROR("Sending new session ticket failed\n");
4059                }
4060                else {
4061                    LOG_ERROR("New session ticket sent\n");
4062                }
4063            }
4064#endif
4065
4066            /* Write data */
4067            if (!useWebServerMsg) {
4068                write_msg = kReplyMsg;
4069                write_msg_sz = (int)XSTRLEN(kReplyMsg);
4070            }
4071            else {
4072                write_msg = kHttpServerMsg;
4073                write_msg_sz = (int)XSTRLEN(kHttpServerMsg);
4074            }
4075            ServerWrite(ssl, write_msg, write_msg_sz);
4076
4077#ifdef WOLFSSL_TLS13
4078            if (updateKeysIVs || postHandAuth)
4079                ServerRead(ssl, input, sizeof(input)-1);
4080#endif
4081        }
4082        else if (err == 0 ||
4083                 err == WOLFSSL_ERROR_ZERO_RETURN)
4084        {
4085            err = ServerEchoData(ssl, clientfd, echoData, block, throughput);
4086            /* Got close notify. Ignore it if not expecting a failure. */
4087            if (err == WOLFSSL_ERROR_ZERO_RETURN &&
4088                exitWithRet == 0)
4089            {
4090                err = 0;
4091            }
4092            if (err != 0) {
4093                wolfSSL_free(ssl); ssl = NULL;
4094                wolfSSL_CTX_free(ctx); ctx = NULL;
4095                CloseSocket(clientfd);
4096                CloseSocket(sockfd);
4097                ((func_args*)args)->return_code = err;
4098                goto exit;
4099            }
4100        }
4101
4102#if defined(WOLFSSL_MDK_SHELL) && defined(HAVE_MDK_RTX)
4103        os_dly_wait(500) ;
4104#elif defined (WOLFSSL_TIRTOS)
4105        Task_yield();
4106#endif
4107
4108#if defined(WOLFSSL_DTLS13)
4109        if (wolfSSL_dtls(ssl) && version == -4) {
4110            int zero_return = 0;
4111            while (wolfSSL_dtls13_has_pending_msg(ssl)) {
4112                err =
4113                    process_handshake_messages(ssl, !nonBlocking, &zero_return);
4114                if (err < 0) {
4115                    /* other peer closes the connection, non fatal */
4116                    if (zero_return)
4117                        break;
4118
4119                    err_sys("Error while processing pending DTLSv1.3 messages");
4120                }
4121            }
4122        }
4123#endif /* WOLFSSL_DTLS13 */
4124
4125        ret = wolfSSL_shutdown(ssl);
4126        if (wc_shutdown && ret == WC_NO_ERR_TRACE(WOLFSSL_SHUTDOWN_NOT_DONE)) {
4127            while (tcp_select(wolfSSL_get_fd(ssl), DEFAULT_TIMEOUT_SEC) ==
4128                    TEST_RECV_READY) {
4129                ret = wolfSSL_shutdown(ssl); /* bidirectional shutdown */
4130                if (ret == WOLFSSL_SUCCESS) {
4131                    printf("Bidirectional shutdown complete\n");
4132                    break;
4133                }
4134                else if (ret != WC_NO_ERR_TRACE(WOLFSSL_SHUTDOWN_NOT_DONE)) {
4135                    LOG_ERROR("Bidirectional shutdown failed\n");
4136                    break;
4137                }
4138            }
4139            if (ret != WOLFSSL_SUCCESS)
4140                LOG_ERROR("Bidirectional shutdown failed\n");
4141        }
4142
4143        /* display collected statistics */
4144#if defined(WOLFSSL_STATIC_MEMORY) && !defined(WOLFSSL_STATIC_MEMORY_LEAN)
4145        if (wolfSSL_is_static_memory(ssl, &ssl_stats) != 1)
4146            err_sys_ex(runWithErrors, "static memory was not used with ssl");
4147
4148        LOG_ERROR("\nprint off SSL memory stats\n");
4149        LOG_ERROR("*** This is memory state before wolfSSL_free is "
4150                "called\n");
4151        wolfSSL_PrintStatsConn(&ssl_stats);
4152
4153#endif
4154        wolfSSL_free(ssl); ssl = NULL;
4155
4156        CloseSocket(clientfd);
4157
4158        if (resume == 1 && resumeCount == 0) {
4159            resumeCount++;           /* only do one resume for testing */
4160            continue;
4161        }
4162        resumeCount = 0;
4163
4164        cnt++;
4165        if (loops > 0) {
4166            if (--loops == 0) {
4167                break;  /* out of while loop, done with normal and resume
4168                         * option
4169                         */
4170            }
4171        }
4172    } /* while(1) */
4173
4174    WOLFSSL_TIME(cnt);
4175    (void)cnt;
4176
4177#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
4178 || defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
4179    wolfSSL_CTX_DisableOCSPStapling(ctx);
4180#endif
4181
4182    CloseSocket(sockfd);
4183    wolfSSL_CTX_free(ctx); ctx = NULL;
4184
4185    ((func_args*)args)->return_code = 0;
4186
4187exit:
4188
4189#ifdef WOLFSSL_WOLFSENTRY_HOOKS
4190    wolfsentry_ret =
4191        wolfsentry_shutdown(WOLFSENTRY_CONTEXT_ARGS_OUT_EX4(&wolfsentry, NULL));
4192    if (wolfsentry_ret < 0) {
4193        LOG_ERROR(
4194                "wolfsentry_shutdown() returned " WOLFSENTRY_ERROR_FMT "\n",
4195                WOLFSENTRY_ERROR_FMT_ARGS(wolfsentry_ret));
4196    }
4197#endif
4198
4199#if defined(HAVE_ECC) && defined(FP_ECC) && defined(HAVE_THREAD_LS) \
4200                      && (defined(NO_MAIN_DRIVER) || defined(HAVE_STACK_SIZE))
4201    wc_ecc_fp_free();  /* free per thread cache */
4202#endif
4203
4204#ifdef WOLFSSL_TIRTOS
4205    fdCloseSession(Task_self());
4206#endif
4207
4208#ifdef HAVE_TEST_SESSION_TICKET
4209    TicketCleanup();
4210#endif
4211
4212#ifdef WOLFSSL_ASYNC_CRYPT
4213    wolfAsync_DevClose(&devId);
4214#endif
4215
4216    /* There are use cases  when these assignments are not read. To avoid
4217     * potential confusion those warnings have been handled here.
4218     */
4219    (void) ourKey;
4220    (void) verifyCert;
4221    (void) doCliCertCheck;
4222    (void) ourDhParam;
4223    (void) ourCert;
4224    (void) useX25519;
4225    (void) useX448;
4226#ifdef HAVE_SECURE_RENEGOTIATION
4227    (void) forceScr;
4228#endif
4229#if defined(WOLFSSL_CALLBACKS) && defined(WOLFSSL_EARLY_DATA)
4230    (void) earlyData;
4231#endif
4232    WOLFSSL_RETURN_FROM_THREAD(0);
4233}
4234
4235#endif /* !NO_WOLFSSL_SERVER && !NO_TLS */
4236
4237
4238/* so overall tests can pull in test function */
4239#ifndef NO_MAIN_DRIVER
4240
4241    int main(int argc, char** argv)
4242    {
4243        func_args args;
4244        tcp_ready ready;
4245
4246        StartTCP();
4247
4248        args.argc = argc;
4249        args.argv = argv;
4250        args.signal = &ready;
4251        args.return_code = 0;
4252#if defined(WOLFSSL_SRTP) && defined(WOLFSSL_COND)
4253        args.srtp_helper = NULL;
4254#endif
4255        InitTcpReady(&ready);
4256
4257#if defined(DEBUG_WOLFSSL) && !defined(WOLFSSL_MDK_SHELL)
4258        wolfSSL_Debugging_ON();
4259#endif
4260        wolfSSL_Init();
4261#ifdef WC_RNG_SEED_CB
4262        wc_SetSeed_Cb(WC_GENERATE_SEED_DEFAULT);
4263#endif
4264#ifdef WOLFSSL_SWDEV
4265        if (wc_SwDev_Init() != 0) {
4266            fprintf(stderr, "wc_SwDev_Init failed\n");
4267            return EXIT_FAILURE;
4268        }
4269#endif
4270        ChangeToWolfRoot();
4271
4272#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_TLS)
4273#ifdef HAVE_STACK_SIZE
4274        StackSizeCheck(&args, server_test);
4275#else
4276        server_test(&args);
4277#endif
4278#else
4279        fprintf(stderr, "Server not compiled in!\n");
4280#endif
4281
4282#ifdef WOLFSSL_SWDEV
4283        wc_SwDev_Cleanup();
4284#endif
4285        wolfSSL_Cleanup();
4286        FreeTcpReady(&ready);
4287
4288#ifdef HAVE_WNR
4289    if (wc_FreeNetRandom() < 0)
4290        err_sys_ex(runWithErrors, "Failed to free netRandom context");
4291#endif /* HAVE_WNR */
4292
4293        return args.return_code;
4294    }
4295
4296    int myoptind = 0;
4297    char* myoptarg = NULL;
4298
4299#endif /* NO_MAIN_DRIVER */