summaryrefslogtreecommitdiff
path: root/tests/tls12-rehandshake-cert.c
diff options
context:
space:
mode:
Diffstat (limited to 'tests/tls12-rehandshake-cert.c')
-rw-r--r--tests/tls12-rehandshake-cert.c138
1 files changed, 102 insertions, 36 deletions
diff --git a/tests/tls12-rehandshake-cert.c b/tests/tls12-rehandshake-cert.c
index 998d997363..226ee6e1f3 100644
--- a/tests/tls12-rehandshake-cert.c
+++ b/tests/tls12-rehandshake-cert.c
@@ -1,7 +1,8 @@
/*
* Copyright (C) 2008-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2018 Red Hat, Inc.
*
- * Author: Simon Josefsson
+ * Author: Simon Josefsson, Nikos Mavrogiannopoulos
*
* This file is part of GnuTLS.
*
@@ -15,9 +16,8 @@
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details.
*
- * You should have received a copy of the GNU General Public License
- * along with GnuTLS; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>
*/
#ifdef HAVE_CONFIG_H
@@ -29,22 +29,20 @@
#include <string.h>
#include <errno.h>
#include <gnutls/gnutls.h>
-#include "utils.h"
-#include "eagain-common.h"
+
#include "cert-common.h"
+#include "cmocka-common.h"
/* This program tests server initiated rehandshake */
-const char *side = "";
-
static void tls_log_func(int level, const char *str)
{
- fprintf(stderr, "%s|<%d>| %s", side, level, str);
+ fprintf(stderr, "<%d>| %s", level, str);
}
#define MAX_REHANDSHAKES 16
-void doit(void)
+static void test_rehandshake(void **glob_state, unsigned appdata)
{
/* Server stuff. */
gnutls_certificate_credentials_t serverx509cred;
@@ -54,53 +52,102 @@ void doit(void)
gnutls_certificate_credentials_t clientx509cred;
gnutls_session_t client;
int cret = GNUTLS_E_AGAIN;
+ char buffer[64];
+ int ret;
unsigned i;
/* General init. */
- global_init();
+ reset_buffers();
+ ret = gnutls_global_init();
+ assert_return_code(ret, 0);
+
gnutls_global_set_log_function(tls_log_func);
- if (debug)
- gnutls_global_set_log_level(6);
/* Init server */
- gnutls_certificate_allocate_credentials(&serverx509cred);
- gnutls_certificate_set_x509_key_mem(serverx509cred,
- &server_cert, &server_key,
- GNUTLS_X509_FMT_PEM);
- gnutls_init(&server, GNUTLS_SERVER);
- gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE,
- serverx509cred);
- gnutls_priority_set_direct(server, "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.1:+VERS-TLS1.2", NULL);
+ ret = gnutls_certificate_allocate_credentials(&serverx509cred);
+ assert_return_code(ret, 0);
+
+ ret = gnutls_certificate_set_x509_key_mem(serverx509cred,
+ &server_cert, &server_key,
+ GNUTLS_X509_FMT_PEM);
+ assert_return_code(ret, 0);
+
+ ret = gnutls_init(&server, GNUTLS_SERVER);
+ assert_return_code(ret, 0);
+
+ ret = gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE,
+ serverx509cred);
+ assert_return_code(ret, 0);
+
+ ret = gnutls_priority_set_direct(server, "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.1:+VERS-TLS1.2", NULL);
+ assert_return_code(ret, 0);
+
gnutls_transport_set_push_function(server, server_push);
gnutls_transport_set_pull_function(server, server_pull);
gnutls_transport_set_ptr(server, server);
/* Init client */
- gnutls_certificate_allocate_credentials(&clientx509cred);
- gnutls_init(&client, GNUTLS_CLIENT);
- gnutls_credentials_set(client, GNUTLS_CRD_CERTIFICATE,
- clientx509cred);
- gnutls_priority_set_direct(client, "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.1:+VERS-TLS1.2", NULL);
+ ret = gnutls_certificate_allocate_credentials(&clientx509cred);
+ assert_return_code(ret, 0);
+
+ ret = gnutls_init(&client, GNUTLS_CLIENT);
+ assert_return_code(ret, 0);
+
+ ret = gnutls_credentials_set(client, GNUTLS_CRD_CERTIFICATE,
+ clientx509cred);
+ assert_return_code(ret, 0);
+
+ ret = gnutls_priority_set_direct(client, "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.1:+VERS-TLS1.2", NULL);
+ assert_return_code(ret, 0);
+
gnutls_transport_set_push_function(client, client_push);
gnutls_transport_set_pull_function(client, client_pull);
gnutls_transport_set_ptr(client, client);
HANDSHAKE(client, server);
- for (i=0;i<MAX_REHANDSHAKES;i++) {
- sret = gnutls_rehandshake(server);
- if (debug)
- success("gnutls_rehandshake %d (server)...\n", i);
+ if (appdata) {
+ /* send application data prior to handshake */
+ ssize_t n;
+ char b[1];
- {
- ssize_t n;
- char b[1];
+ do {
+ sret = gnutls_rehandshake(server);
+ } while (sret == GNUTLS_E_AGAIN);
+
+ do {
n = gnutls_record_recv(client, b, 1);
- if (n != GNUTLS_E_REHANDSHAKE)
- fail("client did not receive the expected rehandshake error code\n");
- }
+ } while(n == GNUTLS_E_AGAIN);
+
+ assert_int_equal(n, GNUTLS_E_REHANDSHAKE);
+
+ /* client sends app data and the server ignores them */
+ do {
+ cret = gnutls_record_send(client, "x", 1);
+ } while (cret == GNUTLS_E_AGAIN);
+
+ do {
+ sret = gnutls_handshake(server);
+ } while (sret == GNUTLS_E_AGAIN);
+ assert_int_equal(sret, GNUTLS_E_GOT_APPLICATION_DATA);
+
+ do {
+ n = gnutls_record_recv(server, buffer, sizeof(buffer));
+ } while(n == GNUTLS_E_AGAIN);
HANDSHAKE(client, server);
+ } else {
+ ssize_t n;
+ char b[1];
+
+ for (i=0;i<MAX_REHANDSHAKES;i++) {
+ sret = gnutls_rehandshake(server);
+
+ n = gnutls_record_recv(client, b, 1);
+ assert_int_equal(n, GNUTLS_E_REHANDSHAKE);
+
+ HANDSHAKE(client, server);
+ }
}
gnutls_bye(client, GNUTLS_SHUT_RDWR);
@@ -114,3 +161,22 @@ void doit(void)
gnutls_global_deinit();
}
+
+static void tls12_rehandshake_server(void **glob_state)
+{
+ test_rehandshake(glob_state, 0);
+}
+
+static void tls12_rehandshake_server_appdata(void **glob_state)
+{
+ test_rehandshake(glob_state, 1);
+}
+
+int main(void)
+{
+ const struct CMUnitTest tests[] = {
+ cmocka_unit_test(tls12_rehandshake_server),
+ cmocka_unit_test(tls12_rehandshake_server_appdata),
+ };
+ return cmocka_run_group_tests(tests, NULL, NULL);
+}
View Lorry Controller Status