Skip to content

Commit

Permalink
Merge pull request #7844 from mpg/ssl-progs-usage
Browse files Browse the repository at this point in the history
Fix usage & error reporting in SSL programs
  • Loading branch information
gilles-peskine-arm authored Oct 26, 2023
2 parents d69d3cd + f745e5b commit 5d055f8
Show file tree
Hide file tree
Showing 2 changed files with 100 additions and 52 deletions.
76 changes: 50 additions & 26 deletions programs/ssl/ssl_client2.c
Original file line number Diff line number Diff line change
Expand Up @@ -469,7 +469,7 @@ int main(void)
" otherwise. The expansion of the macro\n" \
" is printed if it is defined\n" \
USAGE_SERIALIZATION \
" acceptable ciphersuite names:\n"
"\n"

/*
* global options
Expand Down Expand Up @@ -864,31 +864,6 @@ int main(int argc, char *argv[])
mbedtls_test_enable_insecure_external_rng();
#endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */

if (argc < 2) {
usage:
if (ret == 0) {
ret = 1;
}

mbedtls_printf(USAGE1);
mbedtls_printf(USAGE2);
mbedtls_printf(USAGE3);
mbedtls_printf(USAGE4);

list = mbedtls_ssl_list_ciphersuites();
while (*list) {
mbedtls_printf(" %-42s", mbedtls_ssl_get_ciphersuite_name(*list));
list++;
if (!*list) {
break;
}
mbedtls_printf(" %s\n", mbedtls_ssl_get_ciphersuite_name(*list));
list++;
}
mbedtls_printf("\n");
goto exit;
}

opt.server_name = DFL_SERVER_NAME;
opt.server_addr = DFL_SERVER_ADDR;
opt.server_port = DFL_SERVER_PORT;
Expand Down Expand Up @@ -973,9 +948,54 @@ int main(int argc, char *argv[])
opt.key_opaque_alg1 = DFL_KEY_OPAQUE_ALG;
opt.key_opaque_alg2 = DFL_KEY_OPAQUE_ALG;

p = q = NULL;
if (argc < 1) {
usage:
if (p != NULL && q != NULL) {
printf("unrecognized value for '%s': '%s'\n", p, q);
} else if (p != NULL && q == NULL) {
printf("unrecognized param: '%s'\n", p);
}

mbedtls_printf("usage: ssl_client2 [param=value] [...]\n");
mbedtls_printf(" ssl_client2 help[_theme]\n");
mbedtls_printf("'help' lists acceptable 'param' and 'value'\n");
mbedtls_printf("'help_ciphersuites' lists available ciphersuites\n");
mbedtls_printf("\n");

if (ret == 0) {
ret = 1;
}
goto exit;
}

for (i = 1; i < argc; i++) {
p = argv[i];

if (strcmp(p, "help") == 0) {
mbedtls_printf(USAGE1);
mbedtls_printf(USAGE2);
mbedtls_printf(USAGE3);
mbedtls_printf(USAGE4);

ret = 0;
goto exit;
}
if (strcmp(p, "help_ciphersuites") == 0) {
mbedtls_printf(" acceptable ciphersuite names:\n");
for (list = mbedtls_ssl_list_ciphersuites();
*list != 0;
list++) {
mbedtls_printf(" %s\n", mbedtls_ssl_get_ciphersuite_name(*list));
}

ret = 0;
goto exit;
}

if ((q = strchr(p, '=')) == NULL) {
mbedtls_printf("param requires a value: '%s'\n", p);
p = NULL; // avoid "unrecnognized param" message
goto usage;
}
*q++ = '\0';
Expand Down Expand Up @@ -1372,9 +1392,13 @@ int main(int argc, char *argv[])
goto usage;
}
} else {
/* This signals that the problem is with p not q */
q = NULL;
goto usage;
}
}
/* This signals that any further errors are not with a single option */
p = q = NULL;

if (opt.nss_keylog != 0 && opt.eap_tls != 0) {
mbedtls_printf("Error: eap_tls and nss_keylog options cannot be used together.\n");
Expand Down
76 changes: 50 additions & 26 deletions programs/ssl/ssl_server2.c
Original file line number Diff line number Diff line change
Expand Up @@ -590,7 +590,7 @@ int main(void)
" otherwise. The expansion of the macro\n" \
" is printed if it is defined\n" \
USAGE_SERIALIZATION \
" acceptable ciphersuite names:\n"
"\n"

#define PUT_UINT64_BE(out_be, in_le, i) \
{ \
Expand Down Expand Up @@ -1642,31 +1642,6 @@ int main(int argc, char *argv[])
signal(SIGINT, term_handler);
#endif

if (argc < 2) {
usage:
if (ret == 0) {
ret = 1;
}

mbedtls_printf(USAGE1);
mbedtls_printf(USAGE2);
mbedtls_printf(USAGE3);
mbedtls_printf(USAGE4);

list = mbedtls_ssl_list_ciphersuites();
while (*list) {
mbedtls_printf(" %-42s", mbedtls_ssl_get_ciphersuite_name(*list));
list++;
if (!*list) {
break;
}
mbedtls_printf(" %s\n", mbedtls_ssl_get_ciphersuite_name(*list));
list++;
}
mbedtls_printf("\n");
goto exit;
}

opt.buffer_size = DFL_IO_BUF_LEN;
opt.server_addr = DFL_SERVER_ADDR;
opt.server_port = DFL_SERVER_PORT;
Expand Down Expand Up @@ -1765,9 +1740,54 @@ int main(int argc, char *argv[])
opt.key2_opaque_alg1 = DFL_KEY_OPAQUE_ALG;
opt.key2_opaque_alg2 = DFL_KEY_OPAQUE_ALG;

p = q = NULL;
if (argc < 1) {
usage:
if (p != NULL && q != NULL) {
printf("unrecognized value for '%s': '%s'\n", p, q);
} else if (p != NULL && q == NULL) {
printf("unrecognized param: '%s'\n", p);
}

mbedtls_printf("usage: ssl_client2 [param=value] [...]\n");
mbedtls_printf(" ssl_client2 help[_theme]\n");
mbedtls_printf("'help' lists acceptable 'param' and 'value'\n");
mbedtls_printf("'help_ciphersuites' lists available ciphersuites\n");
mbedtls_printf("\n");

if (ret == 0) {
ret = 1;
}
goto exit;
}

for (i = 1; i < argc; i++) {
p = argv[i];

if (strcmp(p, "help") == 0) {
mbedtls_printf(USAGE1);
mbedtls_printf(USAGE2);
mbedtls_printf(USAGE3);
mbedtls_printf(USAGE4);

ret = 0;
goto exit;
}
if (strcmp(p, "help_ciphersuites") == 0) {
mbedtls_printf(" acceptable ciphersuite names:\n");
for (list = mbedtls_ssl_list_ciphersuites();
*list != 0;
list++) {
mbedtls_printf(" %s\n", mbedtls_ssl_get_ciphersuite_name(*list));
}

ret = 0;
goto exit;
}

if ((q = strchr(p, '=')) == NULL) {
mbedtls_printf("param requires a value: '%s'\n", p);
p = NULL; // avoid "unrecnognized param" message
goto usage;
}
*q++ = '\0';
Expand Down Expand Up @@ -2232,9 +2252,13 @@ int main(int argc, char *argv[])
goto usage;
}
} else {
/* This signals that the problem is with p not q */
q = NULL;
goto usage;
}
}
/* This signals that any further erorrs are not with a single option */
p = q = NULL;

if (opt.nss_keylog != 0 && opt.eap_tls != 0) {
mbedtls_printf("Error: eap_tls and nss_keylog options cannot be used together.\n");
Expand Down

0 comments on commit 5d055f8

Please sign in to comment.