1*62c56f98SSadaf Ebrahimi /*
2*62c56f98SSadaf Ebrahimi * SSL client for SMTP servers
3*62c56f98SSadaf Ebrahimi *
4*62c56f98SSadaf Ebrahimi * Copyright The Mbed TLS Contributors
5*62c56f98SSadaf Ebrahimi * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
6*62c56f98SSadaf Ebrahimi */
7*62c56f98SSadaf Ebrahimi
8*62c56f98SSadaf Ebrahimi /* Enable definition of gethostname() even when compiling with -std=c99. Must
9*62c56f98SSadaf Ebrahimi * be set before mbedtls_config.h, which pulls in glibc's features.h indirectly.
10*62c56f98SSadaf Ebrahimi * Harmless on other platforms. */
11*62c56f98SSadaf Ebrahimi
12*62c56f98SSadaf Ebrahimi #define _POSIX_C_SOURCE 200112L
13*62c56f98SSadaf Ebrahimi #define _XOPEN_SOURCE 600
14*62c56f98SSadaf Ebrahimi
15*62c56f98SSadaf Ebrahimi #include "mbedtls/build_info.h"
16*62c56f98SSadaf Ebrahimi
17*62c56f98SSadaf Ebrahimi #include "mbedtls/platform.h"
18*62c56f98SSadaf Ebrahimi
19*62c56f98SSadaf Ebrahimi #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_ENTROPY_C) || \
20*62c56f98SSadaf Ebrahimi !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_CLI_C) || \
21*62c56f98SSadaf Ebrahimi !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_RSA_C) || \
22*62c56f98SSadaf Ebrahimi !defined(MBEDTLS_CTR_DRBG_C) || !defined(MBEDTLS_X509_CRT_PARSE_C) || \
23*62c56f98SSadaf Ebrahimi !defined(MBEDTLS_FS_IO)
main(void)24*62c56f98SSadaf Ebrahimi int main(void)
25*62c56f98SSadaf Ebrahimi {
26*62c56f98SSadaf Ebrahimi mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or "
27*62c56f98SSadaf Ebrahimi "MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_CLI_C and/or "
28*62c56f98SSadaf Ebrahimi "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or "
29*62c56f98SSadaf Ebrahimi "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C "
30*62c56f98SSadaf Ebrahimi "not defined.\n");
31*62c56f98SSadaf Ebrahimi mbedtls_exit(0);
32*62c56f98SSadaf Ebrahimi }
33*62c56f98SSadaf Ebrahimi #else
34*62c56f98SSadaf Ebrahimi
35*62c56f98SSadaf Ebrahimi #include "mbedtls/base64.h"
36*62c56f98SSadaf Ebrahimi #include "mbedtls/error.h"
37*62c56f98SSadaf Ebrahimi #include "mbedtls/net_sockets.h"
38*62c56f98SSadaf Ebrahimi #include "mbedtls/ssl.h"
39*62c56f98SSadaf Ebrahimi #include "mbedtls/entropy.h"
40*62c56f98SSadaf Ebrahimi #include "mbedtls/ctr_drbg.h"
41*62c56f98SSadaf Ebrahimi #include "test/certs.h"
42*62c56f98SSadaf Ebrahimi #include "mbedtls/x509.h"
43*62c56f98SSadaf Ebrahimi
44*62c56f98SSadaf Ebrahimi #include <stdlib.h>
45*62c56f98SSadaf Ebrahimi #include <string.h>
46*62c56f98SSadaf Ebrahimi
47*62c56f98SSadaf Ebrahimi #if !defined(_MSC_VER) || defined(EFIX64) || defined(EFI32)
48*62c56f98SSadaf Ebrahimi #include <unistd.h>
49*62c56f98SSadaf Ebrahimi #else
50*62c56f98SSadaf Ebrahimi #include <io.h>
51*62c56f98SSadaf Ebrahimi #endif
52*62c56f98SSadaf Ebrahimi
53*62c56f98SSadaf Ebrahimi #if defined(_WIN32) || defined(_WIN32_WCE)
54*62c56f98SSadaf Ebrahimi #include <winsock2.h>
55*62c56f98SSadaf Ebrahimi #include <windows.h>
56*62c56f98SSadaf Ebrahimi
57*62c56f98SSadaf Ebrahimi #if defined(_MSC_VER)
58*62c56f98SSadaf Ebrahimi #if defined(_WIN32_WCE)
59*62c56f98SSadaf Ebrahimi #pragma comment( lib, "ws2.lib" )
60*62c56f98SSadaf Ebrahimi #else
61*62c56f98SSadaf Ebrahimi #pragma comment( lib, "ws2_32.lib" )
62*62c56f98SSadaf Ebrahimi #endif
63*62c56f98SSadaf Ebrahimi #endif /* _MSC_VER */
64*62c56f98SSadaf Ebrahimi #endif
65*62c56f98SSadaf Ebrahimi
66*62c56f98SSadaf Ebrahimi #define DFL_SERVER_NAME "localhost"
67*62c56f98SSadaf Ebrahimi #define DFL_SERVER_PORT "465"
68*62c56f98SSadaf Ebrahimi #define DFL_USER_NAME "user"
69*62c56f98SSadaf Ebrahimi #define DFL_USER_PWD "password"
70*62c56f98SSadaf Ebrahimi #define DFL_MAIL_FROM ""
71*62c56f98SSadaf Ebrahimi #define DFL_MAIL_TO ""
72*62c56f98SSadaf Ebrahimi #define DFL_DEBUG_LEVEL 0
73*62c56f98SSadaf Ebrahimi #define DFL_CA_FILE ""
74*62c56f98SSadaf Ebrahimi #define DFL_CRT_FILE ""
75*62c56f98SSadaf Ebrahimi #define DFL_KEY_FILE ""
76*62c56f98SSadaf Ebrahimi #define DFL_FORCE_CIPHER 0
77*62c56f98SSadaf Ebrahimi #define DFL_MODE 0
78*62c56f98SSadaf Ebrahimi #define DFL_AUTHENTICATION 0
79*62c56f98SSadaf Ebrahimi
80*62c56f98SSadaf Ebrahimi #define MODE_SSL_TLS 0
81*62c56f98SSadaf Ebrahimi #define MODE_STARTTLS 0
82*62c56f98SSadaf Ebrahimi
83*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_BASE64_C)
84*62c56f98SSadaf Ebrahimi #define USAGE_AUTH \
85*62c56f98SSadaf Ebrahimi " authentication=%%d default: 0 (disabled)\n" \
86*62c56f98SSadaf Ebrahimi " user_name=%%s default: \"" DFL_USER_NAME "\"\n" \
87*62c56f98SSadaf Ebrahimi " user_pwd=%%s default: \"" \
88*62c56f98SSadaf Ebrahimi DFL_USER_PWD "\"\n"
89*62c56f98SSadaf Ebrahimi #else
90*62c56f98SSadaf Ebrahimi #define USAGE_AUTH \
91*62c56f98SSadaf Ebrahimi " authentication options disabled. (Require MBEDTLS_BASE64_C)\n"
92*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_BASE64_C */
93*62c56f98SSadaf Ebrahimi
94*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_FS_IO)
95*62c56f98SSadaf Ebrahimi #define USAGE_IO \
96*62c56f98SSadaf Ebrahimi " ca_file=%%s default: \"\" (pre-loaded)\n" \
97*62c56f98SSadaf Ebrahimi " crt_file=%%s default: \"\" (pre-loaded)\n" \
98*62c56f98SSadaf Ebrahimi " key_file=%%s default: \"\" (pre-loaded)\n"
99*62c56f98SSadaf Ebrahimi #else
100*62c56f98SSadaf Ebrahimi #define USAGE_IO \
101*62c56f98SSadaf Ebrahimi " No file operations available (MBEDTLS_FS_IO not defined)\n"
102*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_FS_IO */
103*62c56f98SSadaf Ebrahimi
104*62c56f98SSadaf Ebrahimi #define USAGE \
105*62c56f98SSadaf Ebrahimi "\n usage: ssl_mail_client param=<>...\n" \
106*62c56f98SSadaf Ebrahimi "\n acceptable parameters:\n" \
107*62c56f98SSadaf Ebrahimi " server_name=%%s default: " DFL_SERVER_NAME "\n" \
108*62c56f98SSadaf Ebrahimi " server_port=%%d default: " \
109*62c56f98SSadaf Ebrahimi DFL_SERVER_PORT "\n" \
110*62c56f98SSadaf Ebrahimi " debug_level=%%d default: 0 (disabled)\n" \
111*62c56f98SSadaf Ebrahimi " mode=%%d default: 0 (SSL/TLS) (1 for STARTTLS)\n" \
112*62c56f98SSadaf Ebrahimi USAGE_AUTH \
113*62c56f98SSadaf Ebrahimi " mail_from=%%s default: \"\"\n" \
114*62c56f98SSadaf Ebrahimi " mail_to=%%s default: \"\"\n" \
115*62c56f98SSadaf Ebrahimi USAGE_IO \
116*62c56f98SSadaf Ebrahimi " force_ciphersuite=<name> default: all enabled\n" \
117*62c56f98SSadaf Ebrahimi " acceptable ciphersuite names:\n"
118*62c56f98SSadaf Ebrahimi
119*62c56f98SSadaf Ebrahimi
120*62c56f98SSadaf Ebrahimi /*
121*62c56f98SSadaf Ebrahimi * global options
122*62c56f98SSadaf Ebrahimi */
123*62c56f98SSadaf Ebrahimi struct options {
124*62c56f98SSadaf Ebrahimi const char *server_name; /* hostname of the server (client only) */
125*62c56f98SSadaf Ebrahimi const char *server_port; /* port on which the ssl service runs */
126*62c56f98SSadaf Ebrahimi int debug_level; /* level of debugging */
127*62c56f98SSadaf Ebrahimi int authentication; /* if authentication is required */
128*62c56f98SSadaf Ebrahimi int mode; /* SSL/TLS (0) or STARTTLS (1) */
129*62c56f98SSadaf Ebrahimi const char *user_name; /* username to use for authentication */
130*62c56f98SSadaf Ebrahimi const char *user_pwd; /* password to use for authentication */
131*62c56f98SSadaf Ebrahimi const char *mail_from; /* E-Mail address to use as sender */
132*62c56f98SSadaf Ebrahimi const char *mail_to; /* E-Mail address to use as recipient */
133*62c56f98SSadaf Ebrahimi const char *ca_file; /* the file with the CA certificate(s) */
134*62c56f98SSadaf Ebrahimi const char *crt_file; /* the file with the client certificate */
135*62c56f98SSadaf Ebrahimi const char *key_file; /* the file with the client key */
136*62c56f98SSadaf Ebrahimi int force_ciphersuite[2]; /* protocol/ciphersuite to use, or all */
137*62c56f98SSadaf Ebrahimi } opt;
138*62c56f98SSadaf Ebrahimi
my_debug(void * ctx,int level,const char * file,int line,const char * str)139*62c56f98SSadaf Ebrahimi static void my_debug(void *ctx, int level,
140*62c56f98SSadaf Ebrahimi const char *file, int line,
141*62c56f98SSadaf Ebrahimi const char *str)
142*62c56f98SSadaf Ebrahimi {
143*62c56f98SSadaf Ebrahimi ((void) level);
144*62c56f98SSadaf Ebrahimi
145*62c56f98SSadaf Ebrahimi mbedtls_fprintf((FILE *) ctx, "%s:%04d: %s", file, line, str);
146*62c56f98SSadaf Ebrahimi fflush((FILE *) ctx);
147*62c56f98SSadaf Ebrahimi }
148*62c56f98SSadaf Ebrahimi
do_handshake(mbedtls_ssl_context * ssl)149*62c56f98SSadaf Ebrahimi static int do_handshake(mbedtls_ssl_context *ssl)
150*62c56f98SSadaf Ebrahimi {
151*62c56f98SSadaf Ebrahimi int ret;
152*62c56f98SSadaf Ebrahimi uint32_t flags;
153*62c56f98SSadaf Ebrahimi unsigned char buf[1024];
154*62c56f98SSadaf Ebrahimi memset(buf, 0, 1024);
155*62c56f98SSadaf Ebrahimi
156*62c56f98SSadaf Ebrahimi /*
157*62c56f98SSadaf Ebrahimi * 4. Handshake
158*62c56f98SSadaf Ebrahimi */
159*62c56f98SSadaf Ebrahimi mbedtls_printf(" . Performing the SSL/TLS handshake...");
160*62c56f98SSadaf Ebrahimi fflush(stdout);
161*62c56f98SSadaf Ebrahimi
162*62c56f98SSadaf Ebrahimi while ((ret = mbedtls_ssl_handshake(ssl)) != 0) {
163*62c56f98SSadaf Ebrahimi if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
164*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_ERROR_C)
165*62c56f98SSadaf Ebrahimi mbedtls_strerror(ret, (char *) buf, 1024);
166*62c56f98SSadaf Ebrahimi #endif
167*62c56f98SSadaf Ebrahimi mbedtls_printf(" failed\n ! mbedtls_ssl_handshake returned %d: %s\n\n", ret, buf);
168*62c56f98SSadaf Ebrahimi return -1;
169*62c56f98SSadaf Ebrahimi }
170*62c56f98SSadaf Ebrahimi }
171*62c56f98SSadaf Ebrahimi
172*62c56f98SSadaf Ebrahimi mbedtls_printf(" ok\n [ Ciphersuite is %s ]\n",
173*62c56f98SSadaf Ebrahimi mbedtls_ssl_get_ciphersuite(ssl));
174*62c56f98SSadaf Ebrahimi
175*62c56f98SSadaf Ebrahimi /*
176*62c56f98SSadaf Ebrahimi * 5. Verify the server certificate
177*62c56f98SSadaf Ebrahimi */
178*62c56f98SSadaf Ebrahimi mbedtls_printf(" . Verifying peer X.509 certificate...");
179*62c56f98SSadaf Ebrahimi
180*62c56f98SSadaf Ebrahimi /* In real life, we probably want to bail out when ret != 0 */
181*62c56f98SSadaf Ebrahimi if ((flags = mbedtls_ssl_get_verify_result(ssl)) != 0) {
182*62c56f98SSadaf Ebrahimi #if !defined(MBEDTLS_X509_REMOVE_INFO)
183*62c56f98SSadaf Ebrahimi char vrfy_buf[512];
184*62c56f98SSadaf Ebrahimi #endif
185*62c56f98SSadaf Ebrahimi
186*62c56f98SSadaf Ebrahimi mbedtls_printf(" failed\n");
187*62c56f98SSadaf Ebrahimi
188*62c56f98SSadaf Ebrahimi #if !defined(MBEDTLS_X509_REMOVE_INFO)
189*62c56f98SSadaf Ebrahimi mbedtls_x509_crt_verify_info(vrfy_buf, sizeof(vrfy_buf), " ! ", flags);
190*62c56f98SSadaf Ebrahimi
191*62c56f98SSadaf Ebrahimi mbedtls_printf("%s\n", vrfy_buf);
192*62c56f98SSadaf Ebrahimi #endif
193*62c56f98SSadaf Ebrahimi } else {
194*62c56f98SSadaf Ebrahimi mbedtls_printf(" ok\n");
195*62c56f98SSadaf Ebrahimi }
196*62c56f98SSadaf Ebrahimi
197*62c56f98SSadaf Ebrahimi #if !defined(MBEDTLS_X509_REMOVE_INFO)
198*62c56f98SSadaf Ebrahimi mbedtls_printf(" . Peer certificate information ...\n");
199*62c56f98SSadaf Ebrahimi mbedtls_x509_crt_info((char *) buf, sizeof(buf) - 1, " ",
200*62c56f98SSadaf Ebrahimi mbedtls_ssl_get_peer_cert(ssl));
201*62c56f98SSadaf Ebrahimi mbedtls_printf("%s\n", buf);
202*62c56f98SSadaf Ebrahimi #endif
203*62c56f98SSadaf Ebrahimi
204*62c56f98SSadaf Ebrahimi return 0;
205*62c56f98SSadaf Ebrahimi }
206*62c56f98SSadaf Ebrahimi
write_ssl_data(mbedtls_ssl_context * ssl,unsigned char * buf,size_t len)207*62c56f98SSadaf Ebrahimi static int write_ssl_data(mbedtls_ssl_context *ssl, unsigned char *buf, size_t len)
208*62c56f98SSadaf Ebrahimi {
209*62c56f98SSadaf Ebrahimi int ret;
210*62c56f98SSadaf Ebrahimi
211*62c56f98SSadaf Ebrahimi mbedtls_printf("\n%s", buf);
212*62c56f98SSadaf Ebrahimi while (len && (ret = mbedtls_ssl_write(ssl, buf, len)) <= 0) {
213*62c56f98SSadaf Ebrahimi if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
214*62c56f98SSadaf Ebrahimi mbedtls_printf(" failed\n ! mbedtls_ssl_write returned %d\n\n", ret);
215*62c56f98SSadaf Ebrahimi return -1;
216*62c56f98SSadaf Ebrahimi }
217*62c56f98SSadaf Ebrahimi }
218*62c56f98SSadaf Ebrahimi
219*62c56f98SSadaf Ebrahimi return 0;
220*62c56f98SSadaf Ebrahimi }
221*62c56f98SSadaf Ebrahimi
write_ssl_and_get_response(mbedtls_ssl_context * ssl,unsigned char * buf,size_t len)222*62c56f98SSadaf Ebrahimi static int write_ssl_and_get_response(mbedtls_ssl_context *ssl, unsigned char *buf, size_t len)
223*62c56f98SSadaf Ebrahimi {
224*62c56f98SSadaf Ebrahimi int ret;
225*62c56f98SSadaf Ebrahimi unsigned char data[128];
226*62c56f98SSadaf Ebrahimi char code[4];
227*62c56f98SSadaf Ebrahimi size_t i, idx = 0;
228*62c56f98SSadaf Ebrahimi
229*62c56f98SSadaf Ebrahimi mbedtls_printf("\n%s", buf);
230*62c56f98SSadaf Ebrahimi while (len && (ret = mbedtls_ssl_write(ssl, buf, len)) <= 0) {
231*62c56f98SSadaf Ebrahimi if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
232*62c56f98SSadaf Ebrahimi mbedtls_printf(" failed\n ! mbedtls_ssl_write returned %d\n\n", ret);
233*62c56f98SSadaf Ebrahimi return -1;
234*62c56f98SSadaf Ebrahimi }
235*62c56f98SSadaf Ebrahimi }
236*62c56f98SSadaf Ebrahimi
237*62c56f98SSadaf Ebrahimi do {
238*62c56f98SSadaf Ebrahimi len = sizeof(data) - 1;
239*62c56f98SSadaf Ebrahimi memset(data, 0, sizeof(data));
240*62c56f98SSadaf Ebrahimi ret = mbedtls_ssl_read(ssl, data, len);
241*62c56f98SSadaf Ebrahimi
242*62c56f98SSadaf Ebrahimi if (ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE) {
243*62c56f98SSadaf Ebrahimi continue;
244*62c56f98SSadaf Ebrahimi }
245*62c56f98SSadaf Ebrahimi
246*62c56f98SSadaf Ebrahimi if (ret == MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY) {
247*62c56f98SSadaf Ebrahimi return -1;
248*62c56f98SSadaf Ebrahimi }
249*62c56f98SSadaf Ebrahimi
250*62c56f98SSadaf Ebrahimi if (ret <= 0) {
251*62c56f98SSadaf Ebrahimi mbedtls_printf("failed\n ! mbedtls_ssl_read returned %d\n\n", ret);
252*62c56f98SSadaf Ebrahimi return -1;
253*62c56f98SSadaf Ebrahimi }
254*62c56f98SSadaf Ebrahimi
255*62c56f98SSadaf Ebrahimi mbedtls_printf("\n%s", data);
256*62c56f98SSadaf Ebrahimi len = ret;
257*62c56f98SSadaf Ebrahimi for (i = 0; i < len; i++) {
258*62c56f98SSadaf Ebrahimi if (data[i] != '\n') {
259*62c56f98SSadaf Ebrahimi if (idx < 4) {
260*62c56f98SSadaf Ebrahimi code[idx++] = data[i];
261*62c56f98SSadaf Ebrahimi }
262*62c56f98SSadaf Ebrahimi continue;
263*62c56f98SSadaf Ebrahimi }
264*62c56f98SSadaf Ebrahimi
265*62c56f98SSadaf Ebrahimi if (idx == 4 && code[0] >= '0' && code[0] <= '9' && code[3] == ' ') {
266*62c56f98SSadaf Ebrahimi code[3] = '\0';
267*62c56f98SSadaf Ebrahimi return atoi(code);
268*62c56f98SSadaf Ebrahimi }
269*62c56f98SSadaf Ebrahimi
270*62c56f98SSadaf Ebrahimi idx = 0;
271*62c56f98SSadaf Ebrahimi }
272*62c56f98SSadaf Ebrahimi } while (1);
273*62c56f98SSadaf Ebrahimi }
274*62c56f98SSadaf Ebrahimi
write_and_get_response(mbedtls_net_context * sock_fd,unsigned char * buf,size_t len)275*62c56f98SSadaf Ebrahimi static int write_and_get_response(mbedtls_net_context *sock_fd, unsigned char *buf, size_t len)
276*62c56f98SSadaf Ebrahimi {
277*62c56f98SSadaf Ebrahimi int ret;
278*62c56f98SSadaf Ebrahimi unsigned char data[128];
279*62c56f98SSadaf Ebrahimi char code[4];
280*62c56f98SSadaf Ebrahimi size_t i, idx = 0;
281*62c56f98SSadaf Ebrahimi
282*62c56f98SSadaf Ebrahimi mbedtls_printf("\n%s", buf);
283*62c56f98SSadaf Ebrahimi if (len && (ret = mbedtls_net_send(sock_fd, buf, len)) <= 0) {
284*62c56f98SSadaf Ebrahimi mbedtls_printf(" failed\n ! mbedtls_net_send returned %d\n\n", ret);
285*62c56f98SSadaf Ebrahimi return -1;
286*62c56f98SSadaf Ebrahimi }
287*62c56f98SSadaf Ebrahimi
288*62c56f98SSadaf Ebrahimi do {
289*62c56f98SSadaf Ebrahimi len = sizeof(data) - 1;
290*62c56f98SSadaf Ebrahimi memset(data, 0, sizeof(data));
291*62c56f98SSadaf Ebrahimi ret = mbedtls_net_recv(sock_fd, data, len);
292*62c56f98SSadaf Ebrahimi
293*62c56f98SSadaf Ebrahimi if (ret <= 0) {
294*62c56f98SSadaf Ebrahimi mbedtls_printf("failed\n ! mbedtls_net_recv returned %d\n\n", ret);
295*62c56f98SSadaf Ebrahimi return -1;
296*62c56f98SSadaf Ebrahimi }
297*62c56f98SSadaf Ebrahimi
298*62c56f98SSadaf Ebrahimi data[len] = '\0';
299*62c56f98SSadaf Ebrahimi mbedtls_printf("\n%s", data);
300*62c56f98SSadaf Ebrahimi len = ret;
301*62c56f98SSadaf Ebrahimi for (i = 0; i < len; i++) {
302*62c56f98SSadaf Ebrahimi if (data[i] != '\n') {
303*62c56f98SSadaf Ebrahimi if (idx < 4) {
304*62c56f98SSadaf Ebrahimi code[idx++] = data[i];
305*62c56f98SSadaf Ebrahimi }
306*62c56f98SSadaf Ebrahimi continue;
307*62c56f98SSadaf Ebrahimi }
308*62c56f98SSadaf Ebrahimi
309*62c56f98SSadaf Ebrahimi if (idx == 4 && code[0] >= '0' && code[0] <= '9' && code[3] == ' ') {
310*62c56f98SSadaf Ebrahimi code[3] = '\0';
311*62c56f98SSadaf Ebrahimi return atoi(code);
312*62c56f98SSadaf Ebrahimi }
313*62c56f98SSadaf Ebrahimi
314*62c56f98SSadaf Ebrahimi idx = 0;
315*62c56f98SSadaf Ebrahimi }
316*62c56f98SSadaf Ebrahimi } while (1);
317*62c56f98SSadaf Ebrahimi }
318*62c56f98SSadaf Ebrahimi
main(int argc,char * argv[])319*62c56f98SSadaf Ebrahimi int main(int argc, char *argv[])
320*62c56f98SSadaf Ebrahimi {
321*62c56f98SSadaf Ebrahimi int ret = 1, len;
322*62c56f98SSadaf Ebrahimi int exit_code = MBEDTLS_EXIT_FAILURE;
323*62c56f98SSadaf Ebrahimi mbedtls_net_context server_fd;
324*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_BASE64_C)
325*62c56f98SSadaf Ebrahimi unsigned char base[1024];
326*62c56f98SSadaf Ebrahimi /* buf is used as the destination buffer for printing base with the format:
327*62c56f98SSadaf Ebrahimi * "%s\r\n". Hence, the size of buf should be at least the size of base
328*62c56f98SSadaf Ebrahimi * plus 2 bytes for the \r and \n characters.
329*62c56f98SSadaf Ebrahimi */
330*62c56f98SSadaf Ebrahimi unsigned char buf[sizeof(base) + 2];
331*62c56f98SSadaf Ebrahimi #else
332*62c56f98SSadaf Ebrahimi unsigned char buf[1024];
333*62c56f98SSadaf Ebrahimi #endif
334*62c56f98SSadaf Ebrahimi char hostname[32];
335*62c56f98SSadaf Ebrahimi const char *pers = "ssl_mail_client";
336*62c56f98SSadaf Ebrahimi
337*62c56f98SSadaf Ebrahimi mbedtls_entropy_context entropy;
338*62c56f98SSadaf Ebrahimi mbedtls_ctr_drbg_context ctr_drbg;
339*62c56f98SSadaf Ebrahimi mbedtls_ssl_context ssl;
340*62c56f98SSadaf Ebrahimi mbedtls_ssl_config conf;
341*62c56f98SSadaf Ebrahimi mbedtls_x509_crt cacert;
342*62c56f98SSadaf Ebrahimi mbedtls_x509_crt clicert;
343*62c56f98SSadaf Ebrahimi mbedtls_pk_context pkey;
344*62c56f98SSadaf Ebrahimi int i;
345*62c56f98SSadaf Ebrahimi size_t n;
346*62c56f98SSadaf Ebrahimi char *p, *q;
347*62c56f98SSadaf Ebrahimi const int *list;
348*62c56f98SSadaf Ebrahimi
349*62c56f98SSadaf Ebrahimi /*
350*62c56f98SSadaf Ebrahimi * Make sure memory references are valid in case we exit early.
351*62c56f98SSadaf Ebrahimi */
352*62c56f98SSadaf Ebrahimi mbedtls_net_init(&server_fd);
353*62c56f98SSadaf Ebrahimi mbedtls_ssl_init(&ssl);
354*62c56f98SSadaf Ebrahimi mbedtls_ssl_config_init(&conf);
355*62c56f98SSadaf Ebrahimi memset(&buf, 0, sizeof(buf));
356*62c56f98SSadaf Ebrahimi mbedtls_x509_crt_init(&cacert);
357*62c56f98SSadaf Ebrahimi mbedtls_x509_crt_init(&clicert);
358*62c56f98SSadaf Ebrahimi mbedtls_pk_init(&pkey);
359*62c56f98SSadaf Ebrahimi mbedtls_ctr_drbg_init(&ctr_drbg);
360*62c56f98SSadaf Ebrahimi mbedtls_entropy_init(&entropy);
361*62c56f98SSadaf Ebrahimi
362*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_USE_PSA_CRYPTO)
363*62c56f98SSadaf Ebrahimi psa_status_t status = psa_crypto_init();
364*62c56f98SSadaf Ebrahimi if (status != PSA_SUCCESS) {
365*62c56f98SSadaf Ebrahimi mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n",
366*62c56f98SSadaf Ebrahimi (int) status);
367*62c56f98SSadaf Ebrahimi goto exit;
368*62c56f98SSadaf Ebrahimi }
369*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_USE_PSA_CRYPTO */
370*62c56f98SSadaf Ebrahimi
371*62c56f98SSadaf Ebrahimi if (argc < 2) {
372*62c56f98SSadaf Ebrahimi usage:
373*62c56f98SSadaf Ebrahimi mbedtls_printf(USAGE);
374*62c56f98SSadaf Ebrahimi
375*62c56f98SSadaf Ebrahimi list = mbedtls_ssl_list_ciphersuites();
376*62c56f98SSadaf Ebrahimi while (*list) {
377*62c56f98SSadaf Ebrahimi mbedtls_printf(" %s\n", mbedtls_ssl_get_ciphersuite_name(*list));
378*62c56f98SSadaf Ebrahimi list++;
379*62c56f98SSadaf Ebrahimi }
380*62c56f98SSadaf Ebrahimi mbedtls_printf("\n");
381*62c56f98SSadaf Ebrahimi goto exit;
382*62c56f98SSadaf Ebrahimi }
383*62c56f98SSadaf Ebrahimi
384*62c56f98SSadaf Ebrahimi opt.server_name = DFL_SERVER_NAME;
385*62c56f98SSadaf Ebrahimi opt.server_port = DFL_SERVER_PORT;
386*62c56f98SSadaf Ebrahimi opt.debug_level = DFL_DEBUG_LEVEL;
387*62c56f98SSadaf Ebrahimi opt.authentication = DFL_AUTHENTICATION;
388*62c56f98SSadaf Ebrahimi opt.mode = DFL_MODE;
389*62c56f98SSadaf Ebrahimi opt.user_name = DFL_USER_NAME;
390*62c56f98SSadaf Ebrahimi opt.user_pwd = DFL_USER_PWD;
391*62c56f98SSadaf Ebrahimi opt.mail_from = DFL_MAIL_FROM;
392*62c56f98SSadaf Ebrahimi opt.mail_to = DFL_MAIL_TO;
393*62c56f98SSadaf Ebrahimi opt.ca_file = DFL_CA_FILE;
394*62c56f98SSadaf Ebrahimi opt.crt_file = DFL_CRT_FILE;
395*62c56f98SSadaf Ebrahimi opt.key_file = DFL_KEY_FILE;
396*62c56f98SSadaf Ebrahimi opt.force_ciphersuite[0] = DFL_FORCE_CIPHER;
397*62c56f98SSadaf Ebrahimi
398*62c56f98SSadaf Ebrahimi for (i = 1; i < argc; i++) {
399*62c56f98SSadaf Ebrahimi p = argv[i];
400*62c56f98SSadaf Ebrahimi if ((q = strchr(p, '=')) == NULL) {
401*62c56f98SSadaf Ebrahimi goto usage;
402*62c56f98SSadaf Ebrahimi }
403*62c56f98SSadaf Ebrahimi *q++ = '\0';
404*62c56f98SSadaf Ebrahimi
405*62c56f98SSadaf Ebrahimi if (strcmp(p, "server_name") == 0) {
406*62c56f98SSadaf Ebrahimi opt.server_name = q;
407*62c56f98SSadaf Ebrahimi } else if (strcmp(p, "server_port") == 0) {
408*62c56f98SSadaf Ebrahimi opt.server_port = q;
409*62c56f98SSadaf Ebrahimi } else if (strcmp(p, "debug_level") == 0) {
410*62c56f98SSadaf Ebrahimi opt.debug_level = atoi(q);
411*62c56f98SSadaf Ebrahimi if (opt.debug_level < 0 || opt.debug_level > 65535) {
412*62c56f98SSadaf Ebrahimi goto usage;
413*62c56f98SSadaf Ebrahimi }
414*62c56f98SSadaf Ebrahimi } else if (strcmp(p, "authentication") == 0) {
415*62c56f98SSadaf Ebrahimi opt.authentication = atoi(q);
416*62c56f98SSadaf Ebrahimi if (opt.authentication < 0 || opt.authentication > 1) {
417*62c56f98SSadaf Ebrahimi goto usage;
418*62c56f98SSadaf Ebrahimi }
419*62c56f98SSadaf Ebrahimi } else if (strcmp(p, "mode") == 0) {
420*62c56f98SSadaf Ebrahimi opt.mode = atoi(q);
421*62c56f98SSadaf Ebrahimi if (opt.mode < 0 || opt.mode > 1) {
422*62c56f98SSadaf Ebrahimi goto usage;
423*62c56f98SSadaf Ebrahimi }
424*62c56f98SSadaf Ebrahimi } else if (strcmp(p, "user_name") == 0) {
425*62c56f98SSadaf Ebrahimi opt.user_name = q;
426*62c56f98SSadaf Ebrahimi } else if (strcmp(p, "user_pwd") == 0) {
427*62c56f98SSadaf Ebrahimi opt.user_pwd = q;
428*62c56f98SSadaf Ebrahimi } else if (strcmp(p, "mail_from") == 0) {
429*62c56f98SSadaf Ebrahimi opt.mail_from = q;
430*62c56f98SSadaf Ebrahimi } else if (strcmp(p, "mail_to") == 0) {
431*62c56f98SSadaf Ebrahimi opt.mail_to = q;
432*62c56f98SSadaf Ebrahimi } else if (strcmp(p, "ca_file") == 0) {
433*62c56f98SSadaf Ebrahimi opt.ca_file = q;
434*62c56f98SSadaf Ebrahimi } else if (strcmp(p, "crt_file") == 0) {
435*62c56f98SSadaf Ebrahimi opt.crt_file = q;
436*62c56f98SSadaf Ebrahimi } else if (strcmp(p, "key_file") == 0) {
437*62c56f98SSadaf Ebrahimi opt.key_file = q;
438*62c56f98SSadaf Ebrahimi } else if (strcmp(p, "force_ciphersuite") == 0) {
439*62c56f98SSadaf Ebrahimi opt.force_ciphersuite[0] = -1;
440*62c56f98SSadaf Ebrahimi
441*62c56f98SSadaf Ebrahimi opt.force_ciphersuite[0] = mbedtls_ssl_get_ciphersuite_id(q);
442*62c56f98SSadaf Ebrahimi
443*62c56f98SSadaf Ebrahimi if (opt.force_ciphersuite[0] <= 0) {
444*62c56f98SSadaf Ebrahimi goto usage;
445*62c56f98SSadaf Ebrahimi }
446*62c56f98SSadaf Ebrahimi
447*62c56f98SSadaf Ebrahimi opt.force_ciphersuite[1] = 0;
448*62c56f98SSadaf Ebrahimi } else {
449*62c56f98SSadaf Ebrahimi goto usage;
450*62c56f98SSadaf Ebrahimi }
451*62c56f98SSadaf Ebrahimi }
452*62c56f98SSadaf Ebrahimi
453*62c56f98SSadaf Ebrahimi /*
454*62c56f98SSadaf Ebrahimi * 0. Initialize the RNG and the session data
455*62c56f98SSadaf Ebrahimi */
456*62c56f98SSadaf Ebrahimi mbedtls_printf("\n . Seeding the random number generator...");
457*62c56f98SSadaf Ebrahimi fflush(stdout);
458*62c56f98SSadaf Ebrahimi
459*62c56f98SSadaf Ebrahimi if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy,
460*62c56f98SSadaf Ebrahimi (const unsigned char *) pers,
461*62c56f98SSadaf Ebrahimi strlen(pers))) != 0) {
462*62c56f98SSadaf Ebrahimi mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret);
463*62c56f98SSadaf Ebrahimi goto exit;
464*62c56f98SSadaf Ebrahimi }
465*62c56f98SSadaf Ebrahimi
466*62c56f98SSadaf Ebrahimi mbedtls_printf(" ok\n");
467*62c56f98SSadaf Ebrahimi
468*62c56f98SSadaf Ebrahimi /*
469*62c56f98SSadaf Ebrahimi * 1.1. Load the trusted CA
470*62c56f98SSadaf Ebrahimi */
471*62c56f98SSadaf Ebrahimi mbedtls_printf(" . Loading the CA root certificate ...");
472*62c56f98SSadaf Ebrahimi fflush(stdout);
473*62c56f98SSadaf Ebrahimi
474*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_FS_IO)
475*62c56f98SSadaf Ebrahimi if (strlen(opt.ca_file)) {
476*62c56f98SSadaf Ebrahimi ret = mbedtls_x509_crt_parse_file(&cacert, opt.ca_file);
477*62c56f98SSadaf Ebrahimi } else
478*62c56f98SSadaf Ebrahimi #endif
479*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PEM_PARSE_C)
480*62c56f98SSadaf Ebrahimi ret = mbedtls_x509_crt_parse(&cacert, (const unsigned char *) mbedtls_test_cas_pem,
481*62c56f98SSadaf Ebrahimi mbedtls_test_cas_pem_len);
482*62c56f98SSadaf Ebrahimi #else
483*62c56f98SSadaf Ebrahimi {
484*62c56f98SSadaf Ebrahimi mbedtls_printf("MBEDTLS_PEM_PARSE_C not defined.");
485*62c56f98SSadaf Ebrahimi goto exit;
486*62c56f98SSadaf Ebrahimi }
487*62c56f98SSadaf Ebrahimi #endif
488*62c56f98SSadaf Ebrahimi if (ret < 0) {
489*62c56f98SSadaf Ebrahimi mbedtls_printf(" failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret);
490*62c56f98SSadaf Ebrahimi goto exit;
491*62c56f98SSadaf Ebrahimi }
492*62c56f98SSadaf Ebrahimi
493*62c56f98SSadaf Ebrahimi mbedtls_printf(" ok (%d skipped)\n", ret);
494*62c56f98SSadaf Ebrahimi
495*62c56f98SSadaf Ebrahimi /*
496*62c56f98SSadaf Ebrahimi * 1.2. Load own certificate and private key
497*62c56f98SSadaf Ebrahimi *
498*62c56f98SSadaf Ebrahimi * (can be skipped if client authentication is not required)
499*62c56f98SSadaf Ebrahimi */
500*62c56f98SSadaf Ebrahimi mbedtls_printf(" . Loading the client cert. and key...");
501*62c56f98SSadaf Ebrahimi fflush(stdout);
502*62c56f98SSadaf Ebrahimi
503*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_FS_IO)
504*62c56f98SSadaf Ebrahimi if (strlen(opt.crt_file)) {
505*62c56f98SSadaf Ebrahimi ret = mbedtls_x509_crt_parse_file(&clicert, opt.crt_file);
506*62c56f98SSadaf Ebrahimi } else
507*62c56f98SSadaf Ebrahimi #endif
508*62c56f98SSadaf Ebrahimi ret = mbedtls_x509_crt_parse(&clicert, (const unsigned char *) mbedtls_test_cli_crt,
509*62c56f98SSadaf Ebrahimi mbedtls_test_cli_crt_len);
510*62c56f98SSadaf Ebrahimi if (ret != 0) {
511*62c56f98SSadaf Ebrahimi mbedtls_printf(" failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret);
512*62c56f98SSadaf Ebrahimi goto exit;
513*62c56f98SSadaf Ebrahimi }
514*62c56f98SSadaf Ebrahimi
515*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_FS_IO)
516*62c56f98SSadaf Ebrahimi if (strlen(opt.key_file)) {
517*62c56f98SSadaf Ebrahimi ret = mbedtls_pk_parse_keyfile(&pkey, opt.key_file, "",
518*62c56f98SSadaf Ebrahimi mbedtls_ctr_drbg_random, &ctr_drbg);
519*62c56f98SSadaf Ebrahimi } else
520*62c56f98SSadaf Ebrahimi #endif
521*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PEM_PARSE_C)
522*62c56f98SSadaf Ebrahimi {
523*62c56f98SSadaf Ebrahimi ret = mbedtls_pk_parse_key(&pkey,
524*62c56f98SSadaf Ebrahimi (const unsigned char *) mbedtls_test_cli_key,
525*62c56f98SSadaf Ebrahimi mbedtls_test_cli_key_len,
526*62c56f98SSadaf Ebrahimi NULL,
527*62c56f98SSadaf Ebrahimi 0,
528*62c56f98SSadaf Ebrahimi mbedtls_ctr_drbg_random,
529*62c56f98SSadaf Ebrahimi &ctr_drbg);
530*62c56f98SSadaf Ebrahimi }
531*62c56f98SSadaf Ebrahimi #else
532*62c56f98SSadaf Ebrahimi {
533*62c56f98SSadaf Ebrahimi mbedtls_printf("MBEDTLS_PEM_PARSE_C not defined.");
534*62c56f98SSadaf Ebrahimi goto exit;
535*62c56f98SSadaf Ebrahimi }
536*62c56f98SSadaf Ebrahimi #endif
537*62c56f98SSadaf Ebrahimi if (ret != 0) {
538*62c56f98SSadaf Ebrahimi mbedtls_printf(" failed\n ! mbedtls_pk_parse_key returned %d\n\n", ret);
539*62c56f98SSadaf Ebrahimi goto exit;
540*62c56f98SSadaf Ebrahimi }
541*62c56f98SSadaf Ebrahimi
542*62c56f98SSadaf Ebrahimi mbedtls_printf(" ok\n");
543*62c56f98SSadaf Ebrahimi
544*62c56f98SSadaf Ebrahimi /*
545*62c56f98SSadaf Ebrahimi * 2. Start the connection
546*62c56f98SSadaf Ebrahimi */
547*62c56f98SSadaf Ebrahimi mbedtls_printf(" . Connecting to tcp/%s/%s...", opt.server_name,
548*62c56f98SSadaf Ebrahimi opt.server_port);
549*62c56f98SSadaf Ebrahimi fflush(stdout);
550*62c56f98SSadaf Ebrahimi
551*62c56f98SSadaf Ebrahimi if ((ret = mbedtls_net_connect(&server_fd, opt.server_name,
552*62c56f98SSadaf Ebrahimi opt.server_port, MBEDTLS_NET_PROTO_TCP)) != 0) {
553*62c56f98SSadaf Ebrahimi mbedtls_printf(" failed\n ! mbedtls_net_connect returned %d\n\n", ret);
554*62c56f98SSadaf Ebrahimi goto exit;
555*62c56f98SSadaf Ebrahimi }
556*62c56f98SSadaf Ebrahimi
557*62c56f98SSadaf Ebrahimi mbedtls_printf(" ok\n");
558*62c56f98SSadaf Ebrahimi
559*62c56f98SSadaf Ebrahimi /*
560*62c56f98SSadaf Ebrahimi * 3. Setup stuff
561*62c56f98SSadaf Ebrahimi */
562*62c56f98SSadaf Ebrahimi mbedtls_printf(" . Setting up the SSL/TLS structure...");
563*62c56f98SSadaf Ebrahimi fflush(stdout);
564*62c56f98SSadaf Ebrahimi
565*62c56f98SSadaf Ebrahimi if ((ret = mbedtls_ssl_config_defaults(&conf,
566*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_IS_CLIENT,
567*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_TRANSPORT_STREAM,
568*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_PRESET_DEFAULT)) != 0) {
569*62c56f98SSadaf Ebrahimi mbedtls_printf(" failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret);
570*62c56f98SSadaf Ebrahimi goto exit;
571*62c56f98SSadaf Ebrahimi }
572*62c56f98SSadaf Ebrahimi
573*62c56f98SSadaf Ebrahimi /* OPTIONAL is not optimal for security,
574*62c56f98SSadaf Ebrahimi * but makes interop easier in this simplified example */
575*62c56f98SSadaf Ebrahimi mbedtls_ssl_conf_authmode(&conf, MBEDTLS_SSL_VERIFY_OPTIONAL);
576*62c56f98SSadaf Ebrahimi
577*62c56f98SSadaf Ebrahimi mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &ctr_drbg);
578*62c56f98SSadaf Ebrahimi mbedtls_ssl_conf_dbg(&conf, my_debug, stdout);
579*62c56f98SSadaf Ebrahimi
580*62c56f98SSadaf Ebrahimi if (opt.force_ciphersuite[0] != DFL_FORCE_CIPHER) {
581*62c56f98SSadaf Ebrahimi mbedtls_ssl_conf_ciphersuites(&conf, opt.force_ciphersuite);
582*62c56f98SSadaf Ebrahimi }
583*62c56f98SSadaf Ebrahimi
584*62c56f98SSadaf Ebrahimi mbedtls_ssl_conf_ca_chain(&conf, &cacert, NULL);
585*62c56f98SSadaf Ebrahimi if ((ret = mbedtls_ssl_conf_own_cert(&conf, &clicert, &pkey)) != 0) {
586*62c56f98SSadaf Ebrahimi mbedtls_printf(" failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret);
587*62c56f98SSadaf Ebrahimi goto exit;
588*62c56f98SSadaf Ebrahimi }
589*62c56f98SSadaf Ebrahimi
590*62c56f98SSadaf Ebrahimi if ((ret = mbedtls_ssl_setup(&ssl, &conf)) != 0) {
591*62c56f98SSadaf Ebrahimi mbedtls_printf(" failed\n ! mbedtls_ssl_setup returned %d\n\n", ret);
592*62c56f98SSadaf Ebrahimi goto exit;
593*62c56f98SSadaf Ebrahimi }
594*62c56f98SSadaf Ebrahimi
595*62c56f98SSadaf Ebrahimi if ((ret = mbedtls_ssl_set_hostname(&ssl, opt.server_name)) != 0) {
596*62c56f98SSadaf Ebrahimi mbedtls_printf(" failed\n ! mbedtls_ssl_set_hostname returned %d\n\n", ret);
597*62c56f98SSadaf Ebrahimi goto exit;
598*62c56f98SSadaf Ebrahimi }
599*62c56f98SSadaf Ebrahimi
600*62c56f98SSadaf Ebrahimi mbedtls_ssl_set_bio(&ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL);
601*62c56f98SSadaf Ebrahimi
602*62c56f98SSadaf Ebrahimi mbedtls_printf(" ok\n");
603*62c56f98SSadaf Ebrahimi
604*62c56f98SSadaf Ebrahimi if (opt.mode == MODE_SSL_TLS) {
605*62c56f98SSadaf Ebrahimi if (do_handshake(&ssl) != 0) {
606*62c56f98SSadaf Ebrahimi goto exit;
607*62c56f98SSadaf Ebrahimi }
608*62c56f98SSadaf Ebrahimi
609*62c56f98SSadaf Ebrahimi mbedtls_printf(" > Get header from server:");
610*62c56f98SSadaf Ebrahimi fflush(stdout);
611*62c56f98SSadaf Ebrahimi
612*62c56f98SSadaf Ebrahimi ret = write_ssl_and_get_response(&ssl, buf, 0);
613*62c56f98SSadaf Ebrahimi if (ret < 200 || ret > 299) {
614*62c56f98SSadaf Ebrahimi mbedtls_printf(" failed\n ! server responded with %d\n\n", ret);
615*62c56f98SSadaf Ebrahimi goto exit;
616*62c56f98SSadaf Ebrahimi }
617*62c56f98SSadaf Ebrahimi
618*62c56f98SSadaf Ebrahimi mbedtls_printf(" ok\n");
619*62c56f98SSadaf Ebrahimi
620*62c56f98SSadaf Ebrahimi mbedtls_printf(" > Write EHLO to server:");
621*62c56f98SSadaf Ebrahimi fflush(stdout);
622*62c56f98SSadaf Ebrahimi
623*62c56f98SSadaf Ebrahimi gethostname(hostname, 32);
624*62c56f98SSadaf Ebrahimi len = sprintf((char *) buf, "EHLO %s\r\n", hostname);
625*62c56f98SSadaf Ebrahimi ret = write_ssl_and_get_response(&ssl, buf, len);
626*62c56f98SSadaf Ebrahimi if (ret < 200 || ret > 299) {
627*62c56f98SSadaf Ebrahimi mbedtls_printf(" failed\n ! server responded with %d\n\n", ret);
628*62c56f98SSadaf Ebrahimi goto exit;
629*62c56f98SSadaf Ebrahimi }
630*62c56f98SSadaf Ebrahimi } else {
631*62c56f98SSadaf Ebrahimi mbedtls_printf(" > Get header from server:");
632*62c56f98SSadaf Ebrahimi fflush(stdout);
633*62c56f98SSadaf Ebrahimi
634*62c56f98SSadaf Ebrahimi ret = write_and_get_response(&server_fd, buf, 0);
635*62c56f98SSadaf Ebrahimi if (ret < 200 || ret > 299) {
636*62c56f98SSadaf Ebrahimi mbedtls_printf(" failed\n ! server responded with %d\n\n", ret);
637*62c56f98SSadaf Ebrahimi goto exit;
638*62c56f98SSadaf Ebrahimi }
639*62c56f98SSadaf Ebrahimi
640*62c56f98SSadaf Ebrahimi mbedtls_printf(" ok\n");
641*62c56f98SSadaf Ebrahimi
642*62c56f98SSadaf Ebrahimi mbedtls_printf(" > Write EHLO to server:");
643*62c56f98SSadaf Ebrahimi fflush(stdout);
644*62c56f98SSadaf Ebrahimi
645*62c56f98SSadaf Ebrahimi gethostname(hostname, 32);
646*62c56f98SSadaf Ebrahimi len = sprintf((char *) buf, "EHLO %s\r\n", hostname);
647*62c56f98SSadaf Ebrahimi ret = write_and_get_response(&server_fd, buf, len);
648*62c56f98SSadaf Ebrahimi if (ret < 200 || ret > 299) {
649*62c56f98SSadaf Ebrahimi mbedtls_printf(" failed\n ! server responded with %d\n\n", ret);
650*62c56f98SSadaf Ebrahimi goto exit;
651*62c56f98SSadaf Ebrahimi }
652*62c56f98SSadaf Ebrahimi
653*62c56f98SSadaf Ebrahimi mbedtls_printf(" ok\n");
654*62c56f98SSadaf Ebrahimi
655*62c56f98SSadaf Ebrahimi mbedtls_printf(" > Write STARTTLS to server:");
656*62c56f98SSadaf Ebrahimi fflush(stdout);
657*62c56f98SSadaf Ebrahimi
658*62c56f98SSadaf Ebrahimi gethostname(hostname, 32);
659*62c56f98SSadaf Ebrahimi len = sprintf((char *) buf, "STARTTLS\r\n");
660*62c56f98SSadaf Ebrahimi ret = write_and_get_response(&server_fd, buf, len);
661*62c56f98SSadaf Ebrahimi if (ret < 200 || ret > 299) {
662*62c56f98SSadaf Ebrahimi mbedtls_printf(" failed\n ! server responded with %d\n\n", ret);
663*62c56f98SSadaf Ebrahimi goto exit;
664*62c56f98SSadaf Ebrahimi }
665*62c56f98SSadaf Ebrahimi
666*62c56f98SSadaf Ebrahimi mbedtls_printf(" ok\n");
667*62c56f98SSadaf Ebrahimi
668*62c56f98SSadaf Ebrahimi if (do_handshake(&ssl) != 0) {
669*62c56f98SSadaf Ebrahimi goto exit;
670*62c56f98SSadaf Ebrahimi }
671*62c56f98SSadaf Ebrahimi }
672*62c56f98SSadaf Ebrahimi
673*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_BASE64_C)
674*62c56f98SSadaf Ebrahimi if (opt.authentication) {
675*62c56f98SSadaf Ebrahimi mbedtls_printf(" > Write AUTH LOGIN to server:");
676*62c56f98SSadaf Ebrahimi fflush(stdout);
677*62c56f98SSadaf Ebrahimi
678*62c56f98SSadaf Ebrahimi len = sprintf((char *) buf, "AUTH LOGIN\r\n");
679*62c56f98SSadaf Ebrahimi ret = write_ssl_and_get_response(&ssl, buf, len);
680*62c56f98SSadaf Ebrahimi if (ret < 200 || ret > 399) {
681*62c56f98SSadaf Ebrahimi mbedtls_printf(" failed\n ! server responded with %d\n\n", ret);
682*62c56f98SSadaf Ebrahimi goto exit;
683*62c56f98SSadaf Ebrahimi }
684*62c56f98SSadaf Ebrahimi
685*62c56f98SSadaf Ebrahimi mbedtls_printf(" ok\n");
686*62c56f98SSadaf Ebrahimi
687*62c56f98SSadaf Ebrahimi mbedtls_printf(" > Write username to server: %s", opt.user_name);
688*62c56f98SSadaf Ebrahimi fflush(stdout);
689*62c56f98SSadaf Ebrahimi
690*62c56f98SSadaf Ebrahimi ret = mbedtls_base64_encode(base, sizeof(base), &n, (const unsigned char *) opt.user_name,
691*62c56f98SSadaf Ebrahimi strlen(opt.user_name));
692*62c56f98SSadaf Ebrahimi
693*62c56f98SSadaf Ebrahimi if (ret != 0) {
694*62c56f98SSadaf Ebrahimi mbedtls_printf(" failed\n ! mbedtls_base64_encode returned %d\n\n", ret);
695*62c56f98SSadaf Ebrahimi goto exit;
696*62c56f98SSadaf Ebrahimi }
697*62c56f98SSadaf Ebrahimi len = sprintf((char *) buf, "%s\r\n", base);
698*62c56f98SSadaf Ebrahimi ret = write_ssl_and_get_response(&ssl, buf, len);
699*62c56f98SSadaf Ebrahimi if (ret < 300 || ret > 399) {
700*62c56f98SSadaf Ebrahimi mbedtls_printf(" failed\n ! server responded with %d\n\n", ret);
701*62c56f98SSadaf Ebrahimi goto exit;
702*62c56f98SSadaf Ebrahimi }
703*62c56f98SSadaf Ebrahimi
704*62c56f98SSadaf Ebrahimi mbedtls_printf(" ok\n");
705*62c56f98SSadaf Ebrahimi
706*62c56f98SSadaf Ebrahimi mbedtls_printf(" > Write password to server: %s", opt.user_pwd);
707*62c56f98SSadaf Ebrahimi fflush(stdout);
708*62c56f98SSadaf Ebrahimi
709*62c56f98SSadaf Ebrahimi ret = mbedtls_base64_encode(base, sizeof(base), &n, (const unsigned char *) opt.user_pwd,
710*62c56f98SSadaf Ebrahimi strlen(opt.user_pwd));
711*62c56f98SSadaf Ebrahimi
712*62c56f98SSadaf Ebrahimi if (ret != 0) {
713*62c56f98SSadaf Ebrahimi mbedtls_printf(" failed\n ! mbedtls_base64_encode returned %d\n\n", ret);
714*62c56f98SSadaf Ebrahimi goto exit;
715*62c56f98SSadaf Ebrahimi }
716*62c56f98SSadaf Ebrahimi len = sprintf((char *) buf, "%s\r\n", base);
717*62c56f98SSadaf Ebrahimi ret = write_ssl_and_get_response(&ssl, buf, len);
718*62c56f98SSadaf Ebrahimi if (ret < 200 || ret > 399) {
719*62c56f98SSadaf Ebrahimi mbedtls_printf(" failed\n ! server responded with %d\n\n", ret);
720*62c56f98SSadaf Ebrahimi goto exit;
721*62c56f98SSadaf Ebrahimi }
722*62c56f98SSadaf Ebrahimi
723*62c56f98SSadaf Ebrahimi mbedtls_printf(" ok\n");
724*62c56f98SSadaf Ebrahimi }
725*62c56f98SSadaf Ebrahimi #endif
726*62c56f98SSadaf Ebrahimi
727*62c56f98SSadaf Ebrahimi mbedtls_printf(" > Write MAIL FROM to server:");
728*62c56f98SSadaf Ebrahimi fflush(stdout);
729*62c56f98SSadaf Ebrahimi
730*62c56f98SSadaf Ebrahimi len = sprintf((char *) buf, "MAIL FROM:<%s>\r\n", opt.mail_from);
731*62c56f98SSadaf Ebrahimi ret = write_ssl_and_get_response(&ssl, buf, len);
732*62c56f98SSadaf Ebrahimi if (ret < 200 || ret > 299) {
733*62c56f98SSadaf Ebrahimi mbedtls_printf(" failed\n ! server responded with %d\n\n", ret);
734*62c56f98SSadaf Ebrahimi goto exit;
735*62c56f98SSadaf Ebrahimi }
736*62c56f98SSadaf Ebrahimi
737*62c56f98SSadaf Ebrahimi mbedtls_printf(" ok\n");
738*62c56f98SSadaf Ebrahimi
739*62c56f98SSadaf Ebrahimi mbedtls_printf(" > Write RCPT TO to server:");
740*62c56f98SSadaf Ebrahimi fflush(stdout);
741*62c56f98SSadaf Ebrahimi
742*62c56f98SSadaf Ebrahimi len = sprintf((char *) buf, "RCPT TO:<%s>\r\n", opt.mail_to);
743*62c56f98SSadaf Ebrahimi ret = write_ssl_and_get_response(&ssl, buf, len);
744*62c56f98SSadaf Ebrahimi if (ret < 200 || ret > 299) {
745*62c56f98SSadaf Ebrahimi mbedtls_printf(" failed\n ! server responded with %d\n\n", ret);
746*62c56f98SSadaf Ebrahimi goto exit;
747*62c56f98SSadaf Ebrahimi }
748*62c56f98SSadaf Ebrahimi
749*62c56f98SSadaf Ebrahimi mbedtls_printf(" ok\n");
750*62c56f98SSadaf Ebrahimi
751*62c56f98SSadaf Ebrahimi mbedtls_printf(" > Write DATA to server:");
752*62c56f98SSadaf Ebrahimi fflush(stdout);
753*62c56f98SSadaf Ebrahimi
754*62c56f98SSadaf Ebrahimi len = sprintf((char *) buf, "DATA\r\n");
755*62c56f98SSadaf Ebrahimi ret = write_ssl_and_get_response(&ssl, buf, len);
756*62c56f98SSadaf Ebrahimi if (ret < 300 || ret > 399) {
757*62c56f98SSadaf Ebrahimi mbedtls_printf(" failed\n ! server responded with %d\n\n", ret);
758*62c56f98SSadaf Ebrahimi goto exit;
759*62c56f98SSadaf Ebrahimi }
760*62c56f98SSadaf Ebrahimi
761*62c56f98SSadaf Ebrahimi mbedtls_printf(" ok\n");
762*62c56f98SSadaf Ebrahimi
763*62c56f98SSadaf Ebrahimi mbedtls_printf(" > Write content to server:");
764*62c56f98SSadaf Ebrahimi fflush(stdout);
765*62c56f98SSadaf Ebrahimi
766*62c56f98SSadaf Ebrahimi len = sprintf((char *) buf, "From: %s\r\nSubject: Mbed TLS Test mail\r\n\r\n"
767*62c56f98SSadaf Ebrahimi "This is a simple test mail from the "
768*62c56f98SSadaf Ebrahimi "Mbed TLS mail client example.\r\n"
769*62c56f98SSadaf Ebrahimi "\r\n"
770*62c56f98SSadaf Ebrahimi "Enjoy!", opt.mail_from);
771*62c56f98SSadaf Ebrahimi ret = write_ssl_data(&ssl, buf, len);
772*62c56f98SSadaf Ebrahimi
773*62c56f98SSadaf Ebrahimi len = sprintf((char *) buf, "\r\n.\r\n");
774*62c56f98SSadaf Ebrahimi ret = write_ssl_and_get_response(&ssl, buf, len);
775*62c56f98SSadaf Ebrahimi if (ret < 200 || ret > 299) {
776*62c56f98SSadaf Ebrahimi mbedtls_printf(" failed\n ! server responded with %d\n\n", ret);
777*62c56f98SSadaf Ebrahimi goto exit;
778*62c56f98SSadaf Ebrahimi }
779*62c56f98SSadaf Ebrahimi
780*62c56f98SSadaf Ebrahimi mbedtls_printf(" ok\n");
781*62c56f98SSadaf Ebrahimi
782*62c56f98SSadaf Ebrahimi mbedtls_ssl_close_notify(&ssl);
783*62c56f98SSadaf Ebrahimi
784*62c56f98SSadaf Ebrahimi exit_code = MBEDTLS_EXIT_SUCCESS;
785*62c56f98SSadaf Ebrahimi
786*62c56f98SSadaf Ebrahimi exit:
787*62c56f98SSadaf Ebrahimi
788*62c56f98SSadaf Ebrahimi mbedtls_net_free(&server_fd);
789*62c56f98SSadaf Ebrahimi mbedtls_x509_crt_free(&clicert);
790*62c56f98SSadaf Ebrahimi mbedtls_x509_crt_free(&cacert);
791*62c56f98SSadaf Ebrahimi mbedtls_pk_free(&pkey);
792*62c56f98SSadaf Ebrahimi mbedtls_ssl_free(&ssl);
793*62c56f98SSadaf Ebrahimi mbedtls_ssl_config_free(&conf);
794*62c56f98SSadaf Ebrahimi mbedtls_ctr_drbg_free(&ctr_drbg);
795*62c56f98SSadaf Ebrahimi mbedtls_entropy_free(&entropy);
796*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_USE_PSA_CRYPTO)
797*62c56f98SSadaf Ebrahimi mbedtls_psa_crypto_free();
798*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_USE_PSA_CRYPTO */
799*62c56f98SSadaf Ebrahimi
800*62c56f98SSadaf Ebrahimi mbedtls_exit(exit_code);
801*62c56f98SSadaf Ebrahimi }
802*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C &&
803*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_CLI_C && MBEDTLS_NET_C && MBEDTLS_RSA_C **
804*62c56f98SSadaf Ebrahimi MBEDTLS_CTR_DRBG_C */
805