Topic: Could not find c# DTLS client in the wrapper folder so tried it myself

Hi,

I managed to run the `server.c` and `client.c` on Windows 7 PC by defining the HAVE_CSHARP `#Ifdef` constant to use UDP (i.e. -u command line option). I tried  c# DTLS server and it worked. but I could not find any c# DTLS client in the code so I tried to build myself by mixing and matching code from `client.c` and DTLS C# server. But it caused following issues
- It was throwing exception in client at `udp = new UdpClient(11111)`  which meant that `port can't be shared` as server has already bound on that port on same PC, so I stopped server from local PC and ran the `server.c` on some other PC with UDP support (i.e. -u option), now when run the C# client it reaches till `wolfssl.write()` statement but never returns back from it nor the server receives anything though the server responds if I use `client.c`. So I am unable to proceed any further.

Please help me finding the issue, I will be thankful to you.

Here is the code of my C# client:

//CODE BEGINS
   class WolfSSL_DTLS_Client
    {
        public static void standard_log(int lvl, StringBuilder msg)
        {
            Console.WriteLine(msg);
        }

        private static void clean(IntPtr ssl, IntPtr ctx)
        {
            wolfssl.free(ssl);
            wolfssl.CTX_free(ctx);
            wolfssl.Cleanup();
        }

        static void Main(string[] args)
        {
            IntPtr ctx;
            IntPtr ssl;

            /* These paths should be changed for use */
            string fileCert = @"server-cert.pem";
            string fileKey = @"server-key.pem";
            StringBuilder dhparam = new StringBuilder("dh2048.pem");

            StringBuilder buff = new StringBuilder(1024);
            StringBuilder request = new StringBuilder("Hello, this is the wolfSSL C# wrapper client request");

            //example of function used for setting logging
            wolfssl.SetLogging(standard_log);

            wolfssl.Init();
            //IntPtr abc = wolfssl.useDTLSv1_2_client();
            Console.WriteLine("Calling ctx Init from wolfSSL");
            ctx = wolfssl.CTX_dtls_new(wolfssl.useDTLSv1_2_client());
            if (ctx == IntPtr.Zero)
            {
                Console.WriteLine("Error creating ctx structure");
                wolfssl.CTX_free(ctx);
                return;
            }

            Console.WriteLine("Finished init of ctx .... now load in cert and key");
            if (!File.Exists(fileCert) || !File.Exists(fileKey))
            {
                Console.WriteLine("Could not find cert or key file");
                wolfssl.CTX_free(ctx);
                return;
            }

            if (wolfssl.CTX_load_verify_locations(ctx, fileCert, null) != wolfssl.SUCCESS)
            {
                Console.WriteLine("Error setting cert file");
                wolfssl.CTX_free(ctx);
                return;
            }

            short minDhKey = 128;
            wolfssl.CTX_SetMinDhKey_Sz(ctx, minDhKey);
                IPAddress ip = IPAddress.Parse("192.168.1.100");
                UdpClient udp = null;
                try
                {
                    udp = new UdpClient(11111);
                }
                catch (Exception ex)
                {
                    Console.WriteLine(ex.Message);
                }
                IPEndPoint ep = new IPEndPoint(ip, 11111);
                Console.WriteLine("Started UDP");

            ssl = wolfssl.new_ssl(ctx);
            if (ssl == IntPtr.Zero)
            {
                Console.WriteLine("Error creating ssl object");
                wolfssl.CTX_free(ctx);
                return;
            }
            //int tmp = wolfssl.SetTmpDH_file(ssl, dhparam, wolfssl.SSL_FILETYPE_PEM);
            //if (wolfssl.SetTmpDH_file(ssl, dhparam, wolfssl.SSL_FILETYPE_PEM) != wolfssl.SUCCESS)
            //{
            //    Console.WriteLine("Error in setting dhparam");
            //    Console.WriteLine(wolfssl.get_error(ssl));
            //    udp.Close();
            //    clean(ssl, ctx);
            //    return;
            //}

            if (wolfssl.set_dtls_fd(ssl, udp, ep) != wolfssl.SUCCESS)
            {
                Console.WriteLine(wolfssl.get_error(ssl));
                udp.Close();
                clean(ssl, ctx);
                return;
            }
            int writtenBytes = wolfssl.write(ssl, request, request.Length);
            if (writtenBytes != request.Length)
            {
                Console.WriteLine("Error writing message");
                Console.WriteLine(wolfssl.get_error(ssl));
                udp.Close();
                clean(ssl, ctx);
                return;
            }

            if (wolfssl.read(ssl, buff, 1023) < 0)
            {
                Console.WriteLine("Error reading message");
                Console.WriteLine(wolfssl.get_error(ssl));
                udp.Close();
                clean(ssl, ctx);
                return;
            }
            Console.WriteLine(buff);

            Console.WriteLine("At the end freeing stuff");
            udp.Close();
            wolfssl.shutdown(ssl);
            clean(ssl, ctx);

        }
    }

//CODE ENDS

Share

Re: Could not find c# DTLS client in the wrapper folder so tried it myself

Hi again,

Well the above code worked after I started sniffing the data on the wire, as I said it was not returning from `wolfssl.write()`probably that must have been due to listening/sending on wrong port/firewall issue. During sniffing I noticed that packet is reaching destination but the server was not replying, then closely monitoring server params (i.e. server.exe -?), I came to know that it only binds on localhost by default so after binding it on actual ethernet card (i.e. using -b) option while invoking server worked..

May be it help someone else also..
And thanks to wolfssl team for this very good effort..

Share

Re: Could not find c# DTLS client in the wrapper folder so tried it myself

Hi help_seeker,

I see you resolved your issue. Apologies we didn't get to your question sooner, busy week. You are correct the -b option will allow the server to "bind to any interface" rather than just local host.

It may be advantageous in your testing to also use the -d option to disable client authentication. Real world servers rarely do client auth.


Regards,

- Kaleb