基于C语言和Shell脚本的跨平台kawaii-mqtt MQTT客户端设计源码

/* * SSLv3/TLSv1 shared functions * * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved * SPDX-License-Identifier: Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); you may * not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. * * This file is part of mbed TLS (https://tls.mbed.org) */ /* * The SSL 3.0 specification was drafted by Netscape in 1996, * and became an IETF standard in 1999. * * http://wp.netscape.com/eng/ssl3/ * http://www.ietf.org/rfc/rfc2246.txt * http://www.ietf.org/rfc/rfc4346.txt */ #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif #if defined(MBEDTLS_SSL_TLS_C) #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" #else #include <stdlib.h> #define mbedtls_calloc calloc #define mbedtls_free free #endif #include "mbedtls/debug.h" #include "mbedtls/ssl.h" #include "mbedtls/ssl_internal.h" #include "mbedtls/platform_util.h" #include <string.h> #if defined(MBEDTLS_X509_CRT_PARSE_C) #include "mbedtls/oid.h" #endif static void ssl_reset_in_out_pointers( mbedtls_ssl_context *ssl ); static uint32_t ssl_get_hs_total_len( mbedtls_ssl_context const *ssl ); /* Length of the "epoch" field in the record header */ static inline size_t ssl_ep_len( const mbedtls_ssl_context *ssl ) { #if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) return( 2 ); #else ((void) ssl); #endif return( 0 ); } /* * Start a timer. * Passing millisecs = 0 cancels a running timer. */ static void ssl_set_timer( mbedtls_ssl_context *ssl, uint32_t millisecs ) { if( ssl->f_set_timer == NULL ) return; MBEDTLS_SSL_DEBUG_MSG( 3, ( "set_timer to %d ms", (int) millisecs ) ); ssl->f_set_timer( ssl->p_timer, millisecs / 4, millisecs ); } /* * Return -1 is timer is expired, 0 if it isn't. */ static int ssl_check_timer( mbedtls_ssl_context *ssl ) { if( ssl->f_get_timer == NULL ) return( 0 ); if( ssl->f_get_timer( ssl->p_timer ) == 2 ) { MBEDTLS_SSL_DEBUG_MSG( 3, ( "timer expired" ) ); return( -1 ); } return( 0 ); } static void ssl_update_out_pointers( mbedtls_ssl_context *ssl, mbedtls_ssl_transform *transform ); static void ssl_update_in_pointers( mbedtls_ssl_context *ssl, mbedtls_ssl_transform *transform ); #define SSL_DONT_FORCE_FLUSH 0 #define SSL_FORCE_FLUSH 1 #if defined(MBEDTLS_SSL_PROTO_DTLS) /* Forward declarations for functions related to message buffering. */ static void ssl_buffering_free( mbedtls_ssl_context *ssl ); static void ssl_buffering_free_slot( mbedtls_ssl_context *ssl, uint8_t slot ); static void ssl_free_buffered_record( mbedtls_ssl_context *ssl ); static int ssl_load_buffered_message( mbedtls_ssl_context *ssl ); static int ssl_load_buffered_record( mbedtls_ssl_context *ssl ); static int ssl_buffer_message( mbedtls_ssl_context *ssl ); static int ssl_buffer_future_record( mbedtls_ssl_context *ssl ); static int ssl_next_record_is_in_datagram( mbedtls_ssl_context *ssl ); static size_t ssl_get_current_mtu( const mbedtls_ssl_context *ssl ); static size_t ssl_get_maximum_datagram_size( mbedtls_ssl_context const *ssl ) { size_t mtu = ssl_get_current_mtu( ssl ); if( mtu != 0 && mtu < MBEDTLS_SSL_OUT_BUFFER_LEN ) return( mtu ); return( MBEDTLS_SSL_OUT_BUFFER_LEN ); } static int ssl_get_remaining_space_in_datagram( mbedtls_ssl_context const *ssl ) { size_t const bytes_written = ssl->out_left; size_t const mtu = ssl_get_maximum_datagram_size( ssl ); /* Double-check that the write-index hasn't gone * past what we can transmit in a single datagram. */ if( bytes_written > mtu ) { /* Should never happen... */ return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } return( (int) ( mtu - bytes_written ) ); } static int ssl_get_remaining_payload_in_datagram( mbedtls_ssl_context const *ssl ) { int ret; size_t remaining, expansion; size_t max_len = MBEDTLS_SSL_OUT_CONTENT_LEN; #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) const size_t mfl = mbedtls_ssl_get_max_frag_len( ssl ); if( max_len > mfl ) max_len = mfl; /* By the standard (RFC 6066 Sect. 4), the MFL extension * only limits the maximum record payload size, so in theory * we would be allowed to pack multiple records of payload size * MFL into a single datagram. However, this would mean that there's * no way to explicitly communicate MTU restrictions to the peer. * * The following reduction of max_len makes sure that we never * write datagrams larger than MFL + Record Expansion Overhead. */ if( max_len <= ssl->out_left ) return( 0 ); max_len -= ssl->out_left; #endif ret = ssl_get_remaining_space_in_datagram( ssl ); if( ret < 0 ) return( ret ); remaining = (size_t) ret; ret = mbedtls_ssl_get_record_expansion( ssl ); if( ret < 0 ) return( ret ); expansion = (size_t) ret; if( remaining <= expansion ) return( 0 ); remaining -= expansion; if( remaining >= max_len ) remaining = max_len; return( (int) remaining ); } /* * Double the retransmit timeout value, within the allowed range, * returning -1 if the maximum value has already been reached. */ static int ssl_double_retransmit_timeout( mbedtls_ssl_context *ssl ) { uint32_t new_timeout; if( ssl->handshake->retransmit_timeout >= ssl->conf->hs_timeout_max ) return( -1 ); /* Implement the final paragraph of RFC 6347 section 4.1.1.1 * in the following way: after the initial transmission and a first * retransmission, back off to a temporary estimated MTU of 508 bytes. * This value is guaranteed to be deliverable (if not guaranteed to be * delivered) of any compliant IPv4 (and IPv6) network, and should work * on most non-IP stacks too. */ if( ssl->handshake->retransmit_timeout != ssl->conf->hs_timeout_min ) { ssl->handshake->mtu = 508; MBEDTLS_SSL_DEBUG_MSG( 2, ( "mtu autoreduction to %d bytes", ssl->handshake->mtu ) ); } new_timeout = 2 * ssl->handshake->retransmit_timeout; /* Avoid arithmetic overflow and range overflow */ if( new_timeout < ssl->handshake->retransmit_timeout || new_timeout > ssl->conf->hs_timeout_max ) { new_timeout = ssl->conf->hs_timeout_max; } ssl->handshake->retransmit_timeout = new_timeout; MBEDTLS_SSL_DEBUG_MSG( 3, ( "update timeout value to %d millisecs", ssl->handshake->retransmit_timeout ) ); return( 0 ); } static void ssl_reset_retransmit_timeout( mbedtls_ssl_context *ssl ) { ssl->handshake->retransmit_timeout = ssl->conf->hs_timeout_min; MBEDTLS_SSL_DEBUG_MSG( 3, ( "update timeout value to %d millisecs", ssl->handshake->retransmit_timeout ) ); } #endif /* MBEDTLS_SSL_PROTO_DTLS */ #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) /* * Convert max_fragment_length codes to length. * RFC 6066 says: * enum{ * 2^9(1), 2^10(2), 2^11(3), 2^12(4), (255) * } MaxFragmentLength; * and we add 0 -> extension unused */ static unsigned int ssl_mfl_code_to_length( int mfl ) { switch( mfl ) { case MBEDTLS_SSL_MAX_FRAG_LEN_NONE: return ( MBEDTLS_TLS_EXT_ADV_CONTENT_LEN ); case MBEDTLS_SSL_MAX_FRAG_LEN_512: