summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/s_client.c48
1 files changed, 18 insertions, 30 deletions
diff --git a/src/s_client.c b/src/s_client.c
index 51f0adb..b2a0f06 100644
--- a/src/s_client.c
+++ b/src/s_client.c
@@ -278,11 +278,11 @@ s_client(int argc, char **argv)
char *host = NULL;
char *port = NULL;
const char *servername = NULL;
- int ret = EXIT_SUCCESS;
+ int ret = EXIT_FAILURE;
WOLFSSL_METHOD *method;
- WOLFSSL_CTX *ctx;
- WOLFSSL *ssl;
- int sfd;
+ WOLFSSL_CTX *ctx = NULL;
+ WOLFSSL *ssl = NULL;
+ int sfd = -1;
int err;
char buf[WOLFSSL_MAX_ERROR_SZ];
#ifdef OPENSSL_EXTRA
@@ -310,30 +310,27 @@ s_client(int argc, char **argv)
method = wolfTLSv1_2_client_method();
if (method == NULL) {
fputs("Out of memory\n", stderr);
- ret = EXIT_FAILURE;
- goto cleanup;
+ goto error;
}
ctx = wolfSSL_CTX_new(method);
if (ctx == NULL) {
fputs("Out of memory\n", stderr);
- ret = EXIT_FAILURE;
- goto cleanup;
+ goto error;
}
if (wolfSSL_CTX_load_verify_locations_ex(ctx, NULL, CA_CERTS,
WOLFSSL_LOAD_FLAG_IGNORE_ERR) !=
WOLFSSL_SUCCESS) {
fputs("Failed to load CA certificates\n", stderr);
- ret = EXIT_FAILURE;
- goto ctx_free;
+ goto error;
}
#ifdef HAVE_OCSP
if (wolfSSL_CTX_EnableOCSP(ctx, WOLFSSL_OCSP_CHECKALL) !=
WOLFSSL_SUCCESS) {
fputs("Failed to enable OCSP\n", stderr);
- goto ctx_free;
+ goto error;
}
#endif
#ifdef HAVE_SNI
@@ -341,8 +338,7 @@ s_client(int argc, char **argv)
if (wolfSSL_CTX_UseSNI(ctx, WOLFSSL_SNI_HOST_NAME, servername,
strlen(servername)) != WOLFSSL_SUCCESS){
fputs("Out of memory\n", stderr);
- ret = EXIT_FAILURE;
- goto ctx_free;
+ goto error;
}
}
#else
@@ -351,22 +347,19 @@ s_client(int argc, char **argv)
#ifdef HAVE_SUPPORTED_CURVES
if (use_curves(ctx) == false) {
fputs("Out of memory\n", stderr);
- ret = EXIT_FAILURE;
- goto ctx_free;
+ goto error;
}
#endif
ssl = wolfSSL_new(ctx);
if (ssl == NULL) {
fputs("Out of memory\n", stderr);
- ret = EXIT_FAILURE;
- goto ctx_free;
+ goto error;
}
sfd = connect_socket(host, port);
if (sfd == -1) {
- ret = EXIT_FAILURE;
- goto ssl_free;
+ goto error;
}
wolfSSL_set_fd(ssl, sfd);
@@ -374,36 +367,31 @@ s_client(int argc, char **argv)
err = wolfSSL_get_error(ssl, err);
wolfSSL_ERR_error_string(err, buf);
fprintf(stderr, "Handshake error: %s\n", buf);
- ret = EXIT_FAILURE;
- goto ssl_free;
+ goto error;
}
#ifdef OPENSSL_EXTRA
cert = wolfSSL_get_peer_certificate(ssl);
if (cert == NULL) {
fputs("Failed to get certificate\n", stderr);
- ret = EXIT_FAILURE;
- goto ssl_free;
+ goto error;
}
if (wolfSSL_X509_check_host(cert, host, strlen(host), 0, NULL) !=
WOLFSSL_SUCCESS) {
fputs("Domain name mismatch\n", stderr);
- ret = EXIT_FAILURE;
- goto ssl_free;
+ goto error;
}
#endif /* OPENSSL_EXTRA */
if (poll_fds(sfd, ssl) == false) {
- ret = EXIT_FAILURE;
+ goto error;
}
+ ret = EXIT_SUCCESS;
+error:
close(sfd);
-
-ssl_free:
wolfSSL_free(ssl);
-ctx_free:
wolfSSL_CTX_free(ctx);
-cleanup:
wolfSSL_Cleanup();
return ret;