From d1d8158f81bf578b02167176aa70aa6d4515f447 Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos Date: Tue, 3 Oct 2017 15:28:07 +0200 Subject: tests: check certificate callbacks under TLS 1.2 and 1.3 Resolves #278 Signed-off-by: Nikos Mavrogiannopoulos --- tests/x509-cert-callback.c | 41 ++++++++++++++++++++++++++--------------- 1 file changed, 26 insertions(+), 15 deletions(-) diff --git a/tests/x509-cert-callback.c b/tests/x509-cert-callback.c index 6fe3d61406..f23b531f87 100644 --- a/tests/x509-cert-callback.c +++ b/tests/x509-cert-callback.c @@ -15,9 +15,8 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * General Public License for more details. * - * You should have received a copy of the GNU General Public License - * along with GnuTLS; if not, write to the Free Software Foundation, - * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + * You should have received a copy of the GNU Lesser General Public License + * along with this program. If not, see */ #ifdef HAVE_CONFIG_H @@ -28,6 +27,7 @@ #include #include #include +#include #include #include #include @@ -65,11 +65,11 @@ cert_callback(gnutls_session_t session, return -1; } - p = gnutls_malloc(2 * sizeof(*p)); - if (p == NULL) - return -1; - if (g_pkey == NULL) { + p = gnutls_malloc(2 * sizeof(*p)); + if (p == NULL) + return -1; + ret = gnutls_x509_crt_list_import2(&certs, &certs_size, &cli_ca3_cert_chain, GNUTLS_X509_FMT_PEM, 0); @@ -128,11 +128,11 @@ server_cert_callback(gnutls_session_t session, gnutls_x509_crt_t *certs; unsigned certs_size, i; - p = gnutls_malloc(2 * sizeof(*p)); - if (p == NULL) - return -1; - if (server_pkey == NULL) { + p = gnutls_malloc(2 * sizeof(*p)); + if (p == NULL) + return -1; + ret = gnutls_x509_crt_list_import2(&certs, &certs_size, &server_ca3_localhost_cert_chain, GNUTLS_X509_FMT_PEM, 0); @@ -171,7 +171,7 @@ server_cert_callback(gnutls_session_t session, return 0; } -void doit(void) +static void start(const char *prio) { int exit_code = EXIT_SUCCESS; int ret; @@ -184,6 +184,8 @@ void doit(void) gnutls_session_t client; int cret = GNUTLS_E_AGAIN; + success("testing %s\n", prio); + /* General init. */ global_init(); gnutls_global_set_log_function(tls_log_func); @@ -198,8 +200,8 @@ void doit(void) gnutls_init(&server, GNUTLS_SERVER); gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE, serverx509cred); - gnutls_priority_set_direct(server, - "NORMAL:-CIPHER-ALL:+AES-128-GCM", NULL); + assert(gnutls_priority_set_direct(server, + prio, NULL) >= 0); gnutls_transport_set_push_function(server, server_push); gnutls_transport_set_pull_function(server, server_pull); gnutls_transport_set_ptr(server, server); @@ -229,7 +231,7 @@ void doit(void) if (ret < 0) exit(1); - gnutls_priority_set_direct(client, "NORMAL", NULL); + assert(gnutls_priority_set_direct(client, prio, NULL)>=0); gnutls_transport_set_push_function(client, client_push); gnutls_transport_set_pull_function(client, client_pull); gnutls_transport_set_ptr(client, client); @@ -420,4 +422,13 @@ void doit(void) else puts("Self-test failed"); } + + reset_buffers(); +} + +void doit(void) +{ + start("NORMAL:-VERS-TLS-ALL:+VERS-TLS1.3"); + start("NORMAL:-VERS-TLS-ALL:+VERS-TLS1.2"); + start("NORMAL:-VERS-TLS-ALL:+VERS-TLS1.1"); } -- cgit v1.2.1