Remove bloat

mattia-moffa · mattia-moffa · commit 2f1d2dfeb09a · 2025-09-25T20:08:10.000+02:00
diff --git a/tls/client-tls13-certauth-c2s.c b/tls/client-tls13-certauth-c2s.c
@@ -49,75 +49,6 @@
 #define KEY_FILE  "../certs/client-key.pem"
 #define CA_FILE   "../certs/ca-cert.pem"
 
-#if defined(WOLFSSL_TLS13) && defined(HAVE_SECRET_CALLBACK)
-
-#ifndef WOLFSSL_SSLKEYLOGFILE_OUTPUT
-    #define WOLFSSL_SSLKEYLOGFILE_OUTPUT "sslkeylog.log"
-#endif
-
-/* Callback function for TLS v1.3 secrets for use with Wireshark */
-static int Tls13SecretCallback(WOLFSSL* ssl, int id, const unsigned char* secret,
-    int secretSz, void* ctx)
-{
-    int i;
-    const char* str = NULL;
-    unsigned char clientRandom[32];
-    int clientRandomSz;
-    XFILE fp = stderr;
-    if (ctx) {
-        fp = XFOPEN((const char*)ctx, "ab");
-        if (fp == XBADFILE) {
-            return BAD_FUNC_ARG;
-        }
-    }
-
-    clientRandomSz = (int)wolfSSL_get_client_random(ssl, clientRandom,
-        sizeof(clientRandom));
-
-    if (clientRandomSz <= 0) {
-        printf("Error getting client random %d\n", clientRandomSz);
-    }
-
-#if 0
-    printf("TLS Client Secret CB: Rand %d, Secret %d\n",
-        clientRandomSz, secretSz);
-#endif
-
-    switch (id) {
-        case CLIENT_EARLY_TRAFFIC_SECRET:
-            str = "CLIENT_EARLY_TRAFFIC_SECRET"; break;
-        case EARLY_EXPORTER_SECRET:
-            str = "EARLY_EXPORTER_SECRET"; break;
-        case CLIENT_HANDSHAKE_TRAFFIC_SECRET:
-            str = "CLIENT_HANDSHAKE_TRAFFIC_SECRET"; break;
-        case SERVER_HANDSHAKE_TRAFFIC_SECRET:
-            str = "SERVER_HANDSHAKE_TRAFFIC_SECRET"; break;
-        case CLIENT_TRAFFIC_SECRET:
-            str = "CLIENT_TRAFFIC_SECRET_0"; break;
-        case SERVER_TRAFFIC_SECRET:
-            str = "SERVER_TRAFFIC_SECRET_0"; break;
-        case EXPORTER_SECRET:
-            str = "EXPORTER_SECRET"; break;
-    }
-
-    fprintf(fp, "%s ", str);
-    for (i = 0; i < clientRandomSz; i++) {
-        fprintf(fp, "%02x", clientRandom[i]);
-    }
-    fprintf(fp, " ");
-    for (i = 0; i < secretSz; i++) {
-        fprintf(fp, "%02x", secret[i]);
-    }
-    fprintf(fp, "\n");
-
-    if (fp != stderr) {
-        XFCLOSE(fp);
-    }
-
-    return 0;
-}
-#endif /* WOLFSSL_TLS13 && HAVE_SECRET_CALLBACK */
-
 int main(int argc, char** argv)
 {
     int ret = 0;
@@ -171,9 +102,6 @@ int main(int argc, char** argv)
     /*---------------------------------*/
     /* Start of wolfSSL initialization and configuration */
     /*---------------------------------*/
-#if 0
-    wolfSSL_Debugging_ON();
-#endif
 
     /* Initialize wolfSSL */
     if ((ret = wolfSSL_Init()) != WOLFSSL_SUCCESS) {
@@ -234,25 +162,12 @@ int main(int argc, char** argv)
         goto exit;
     }
 
-#ifdef HAVE_SECRET_CALLBACK
-    /* required for getting random used */
-    wolfSSL_KeepArrays(ssl);
-
-    /* optional logging for wireshark */
-    wolfSSL_set_tls13_secret_cb(ssl, Tls13SecretCallback,
-        (void*)WOLFSSL_SSLKEYLOGFILE_OUTPUT);
-#endif
-
     /* Connect to wolfSSL on the server side */
     if ((ret = wolfSSL_connect(ssl)) != WOLFSSL_SUCCESS) {
         fprintf(stderr, "ERROR: failed to connect to wolfSSL\n");
         goto exit;
     }
 
-#ifdef HAVE_SECRET_CALLBACK
-    wolfSSL_FreeArrays(ssl);
-#endif
-
     /* Get a message for the server from stdin */
     printf("Message for server: ");
     memset(buff, 0, sizeof(buff));
diff --git a/tls/server-tls13-certauth-c2s.c b/tls/server-tls13-certauth-c2s.c
@@ -55,78 +55,9 @@
 #define CA_FILE   "../certs/client-cert.pem"
 
 
-#if defined(WOLFSSL_TLS13) && defined(HAVE_SECRET_CALLBACK)
-
-#ifndef WOLFSSL_SSLKEYLOGFILE_OUTPUT
-    #define WOLFSSL_SSLKEYLOGFILE_OUTPUT "sslkeylog.log"
-#endif
-
-/* Callback function for TLS v1.3 secrets for use with Wireshark */
-static int Tls13SecretCallback(WOLFSSL* ssl, int id, const unsigned char* secret,
-    int secretSz, void* ctx)
-{
-    int i;
-    const char* str = NULL;
-    unsigned char serverRandom[32];
-    int serverRandomSz;
-    XFILE fp = stderr;
-    if (ctx) {
-        fp = XFOPEN((const char*)ctx, "ab");
-        if (fp == XBADFILE) {
-            return BAD_FUNC_ARG;
-        }
-    }
-
-    serverRandomSz = (int)wolfSSL_get_server_random(ssl, serverRandom,
-        sizeof(serverRandom));
-
-    if (serverRandomSz <= 0) {
-        printf("Error getting server random %d\n", serverRandomSz);
-    }
-
-#if 0
-    printf("TLS Server Secret CB: Rand %d, Secret %d\n",
-        serverRandomSz, secretSz);
-#endif
-
-    switch (id) {
-        case CLIENT_EARLY_TRAFFIC_SECRET:
-            str = "CLIENT_EARLY_TRAFFIC_SECRET"; break;
-        case EARLY_EXPORTER_SECRET:
-            str = "EARLY_EXPORTER_SECRET"; break;
-        case CLIENT_HANDSHAKE_TRAFFIC_SECRET:
-            str = "CLIENT_HANDSHAKE_TRAFFIC_SECRET"; break;
-        case SERVER_HANDSHAKE_TRAFFIC_SECRET:
-            str = "SERVER_HANDSHAKE_TRAFFIC_SECRET"; break;
-        case CLIENT_TRAFFIC_SECRET:
-            str = "CLIENT_TRAFFIC_SECRET_0"; break;
-        case SERVER_TRAFFIC_SECRET:
-            str = "SERVER_TRAFFIC_SECRET_0"; break;
-        case EXPORTER_SECRET:
-            str = "EXPORTER_SECRET"; break;
-    }
-
-    fprintf(fp, "%s ", str);
-    for (i = 0; i < (int)serverRandomSz; i++) {
-        fprintf(fp, "%02x", serverRandom[i]);
-    }
-    fprintf(fp, " ");
-    for (i = 0; i < secretSz; i++) {
-        fprintf(fp, "%02x", secret[i]);
-    }
-    fprintf(fp, "\n");
-
-    if (fp != stderr) {
-        XFCLOSE(fp);
-    }
-
-    return 0;
-}
-#endif /* WOLFSSL_TLS13 && HAVE_SECRET_CALLBACK */
-
 static int mSockfd = SOCKET_INVALID;
 static int mConnd = SOCKET_INVALID;
-static int mShutdown = 0;
+static volatile int mShutdown = 0;
 
 #ifdef HAVE_SIGNAL
 static void sig_handler(const int sig)
@@ -269,9 +200,6 @@ int main(int argc, char** argv)
     /*---------------------------------*/
     /* Start of wolfSSL initialization and configuration */
     /*---------------------------------*/
-#if 0
-    wolfSSL_Debugging_ON();
-#endif
 
     /* Initialize wolfSSL */
     if ((ret = wolfSSL_Init()) != WOLFSSL_SUCCESS) {
@@ -324,15 +252,6 @@ int main(int argc, char** argv)
         /* Attach wolfSSL to the socket */
         wolfSSL_set_fd(ssl, mConnd);
 
-    #ifdef HAVE_SECRET_CALLBACK
-        /* required for getting random used */
-        wolfSSL_KeepArrays(ssl);
-
-        /* optional logging for wireshark */
-        wolfSSL_set_tls13_secret_cb(ssl, Tls13SecretCallback,
-            (void*)WOLFSSL_SSLKEYLOGFILE_OUTPUT);
-    #endif
-
         /* Establish TLS connection */
         if ((ret = wolfSSL_accept(ssl)) != WOLFSSL_SUCCESS) {
             fprintf(stderr, "wolfSSL_accept error = %d\n",
@@ -342,10 +261,6 @@ int main(int argc, char** argv)
 
         printf("Client connected successfully\n");
 
-    #ifdef HAVE_SECRET_CALLBACK
-        wolfSSL_FreeArrays(ssl);
-    #endif
-
         /* Read the client data into our buff array */
         memset(buff, 0, sizeof(buff));
         if ((ret = wolfSSL_read(ssl, buff, sizeof(buff)-1)) < 0) {
