diff options
| author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2016-10-31 10:18:09 +0100 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2016-11-04 02:56:27 +0100 |
| commit | 74266797e3f1e675693e542942a87d0c513a7df4 (patch) | |
| tree | 60592036cf770b3cf551577284642ff89ca60c1f | |
| parent | a57ff585661bcef9b6a8ce1a59ea10834ff92f91 (diff) | |
| download | gnutls-74266797e3f1e675693e542942a87d0c513a7df4.tar.gz | |
tests: added test to ensure that gnutls_rnd() is not called during initialization
| -rw-r--r-- | tests/Makefile.am | 3 | ||||
| -rw-r--r-- | tests/rng-no-onload.c | 68 |
2 files changed, 70 insertions, 1 deletions
diff --git a/tests/Makefile.am b/tests/Makefile.am index 45bb8979af..499e8211b7 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -116,7 +116,8 @@ ctests = mini-record-2 simple gc set_pkcs12_cred certder certuniqueid \ client_dsa_key server_ecdsa_key tls-session-ext-register tls-session-supplemental \ multi-alerts naked-alerts pkcs7-cat-parse set_known_dh_params_x509 \ set_known_dh_params_anon set_known_dh_params_psk session-tickets-ok \ - session-tickets-missing set_x509_key_file_legacy status-request-ext + session-tickets-missing set_x509_key_file_legacy status-request-ext \ + rng-no-onload if HAVE_SECCOMP_TESTS ctests += dtls-with-seccomp tls-with-seccomp dtls-client-with-seccomp tls-client-with-seccomp diff --git a/tests/rng-no-onload.c b/tests/rng-no-onload.c new file mode 100644 index 0000000000..726b5fddf4 --- /dev/null +++ b/tests/rng-no-onload.c @@ -0,0 +1,68 @@ +/* + * Copyright (C) 2016 Red Hat, Inc. + * + * Author: Nikos Mavrogiannopoulos + * + * This file is part of GnuTLS. + * + * GnuTLS is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * GnuTLS is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with GnuTLS; if not, write to the Free Software Foundation, + * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif + +#include <stdio.h> +#include <stdlib.h> +#include <stdint.h> +#include <string.h> +#include <gnutls/gnutls.h> +#include <gnutls/crypto.h> +#include "utils.h" + +#if defined(ENABLE_FIPS140) || !defined(__linux__) || !defined(__GNUC__) + +void doit(void) +{ + exit(77); +} + +#else + +static int _rnd_called = 0; + +/* Tests whether gnutls_rnd() is called during gnutls library initialization. + * Normally it shouldn't be called to prevent any blocking due to getrandom() + * calls. + */ +int __attribute__ ((visibility ("protected"))) +gnutls_rnd(gnutls_rnd_level_t level, void *data, size_t len) +{ + _rnd_called = 1; + + memset(data, 0xff, len); + return 0; +} + +void doit(void) +{ + global_init(); + + if (_rnd_called != 0) + fail("gnutls_rnd was called during gnutls_global_init()!\n"); + + gnutls_global_deinit(); +} +#endif /* _WIN32 */ |