summaryrefslogtreecommitdiff
path: root/nss/tests/pkcs11/netscape/suites/security/ssl/sslc.c
diff options
context:
space:
mode:
Diffstat (limited to 'nss/tests/pkcs11/netscape/suites/security/ssl/sslc.c')
-rw-r--r--nss/tests/pkcs11/netscape/suites/security/ssl/sslc.c263
1 files changed, 0 insertions, 263 deletions
diff --git a/nss/tests/pkcs11/netscape/suites/security/ssl/sslc.c b/nss/tests/pkcs11/netscape/suites/security/ssl/sslc.c
deleted file mode 100644
index 3c74124..0000000
--- a/nss/tests/pkcs11/netscape/suites/security/ssl/sslc.c
+++ /dev/null
@@ -1,263 +0,0 @@
-/* This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-
-/* include replacer-generated variables file */
-
-
-#include "ssl.h"
-#include "sslproto.h"
-
-#include "sslt.h"
-#include "sslc.h"
-#include "ssls.h"
-
-#include "pk11func.h"
-
-#define MAX_CIPHERS 100
-
-struct cipherspec cipher_array[MAX_CIPHERS];
-int cipher_array_size=0;
-char *password = "";
-char *nickname = "SSLServer";
-char *client_nick = "SSLClient";
-
-void InitCiphers() {
- int i=0;
-
-/* These ciphers are listed in priority order. */
- DIPHER(2,SSL_ALLOWED,128,40, "RC2-CBC-Export", EN_RC2_128_CBC_EXPORT40_WITH_MD5)
- CIPHER(2,SSL_NOT_ALLOWED,128,128,"RC4", EN_RC4_128_WITH_MD5)
- CIPHER(2,SSL_ALLOWED,128,40, "RC4-Export", EN_RC4_128_EXPORT40_WITH_MD5)
- DIPHER(2,SSL_NOT_ALLOWED,128,128,"RC2-CBC", EN_RC2_128_CBC_WITH_MD5)
- DIPHER(2,SSL_ALLOWED,128,40, "RC2-CBC-40", EN_RC2_128_CBC_EXPORT40_WITH_MD5)
- DIPHER(2,SSL_NOT_ALLOWED,128,128,"IDEA-CBC", EN_IDEA_128_CBC_WITH_MD5)
- DIPHER(2,SSL_NOT_ALLOWED,56,56, "DES-CBC", EN_DES_64_CBC_WITH_MD5)
- CIPHER(2,SSL_NOT_ALLOWED,168,168,"DES-EDE3-CBC", EN_DES_192_EDE3_CBC_WITH_MD5)
- /* SSL 3 suites */
-
- CIPHER(3,SSL_RESTRICTED,128,128, "RC4", RSA_WITH_RC4_128_MD5)
- DIPHER(3,SSL_RESTRICTED,128,128, "RC4", RSA_WITH_RC4_128_SHA)
- CIPHER(3,SSL_RESTRICTED,168,168, "3DES-EDE-CBC", RSA_WITH_3DES_EDE_CBC_SHA)
- CIPHER(3,SSL_NOT_ALLOWED,56,56,"DES-CBC", RSA_WITH_DES_CBC_SHA)
- CIPHER(3,SSL_ALLOWED,128,40, "RC4-40", RSA_EXPORT_WITH_RC4_40_MD5)
- CIPHER(3,SSL_ALLOWED,128,40, "RC2-CBC-40", RSA_EXPORT_WITH_RC2_CBC_40_MD5)
-
- DIPHER(3,SSL_ALLOWED,0,0, "NULL", NULL_WITH_NULL_NULL)
- DIPHER(3,SSL_ALLOWED,0,0, "NULL", RSA_WITH_NULL_MD5)
- DIPHER(3,SSL_ALLOWED,0,0, "NULL", RSA_WITH_NULL_SHA)
-
-#if 0
- DIPHER(3,SSL_NOT_ALLOWED,0,0, "IDEA-CBC", RSA_WITH_IDEA_CBC_SHA)
- DIPHER(3,SSL_ALLOWED,128,40, "DES-CBC-40", RSA_EXPORT_WITH_DES40_CBC_SHA)
-#endif
-
- /*
-
- CIPHER(DH_DSS_EXPORT_WITH_DES40_CBC_SHA),
- CIPHER(DH_DSS_WITH_DES_CBC_SHA),
- CIPHER(DH_DSS_WITH_3DES_EDE_CBC_SHA),
- CIPHER(DH_RSA_EXPORT_WITH_DES40_CBC_SHA),
- CIPHER(DH_RSA_WITH_DES_CBC_SHA),
- CIPHER(DH_RSA_WITH_3DES_EDE_CBC_SHA),
- CIPHER(DHE_DSS_EXPORT_WITH_DES40_CBC_SHA),
- CIPHER(DHE_DSS_WITH_DES_CBC_SHA),
- CIPHER(DHE_DSS_WITH_3DES_EDE_CBC_SHA),
- CIPHER(DHE_RSA_EXPORT_WITH_DES40_CBC_SHA),
- CIPHER(DHE_RSA_WITH_DES_CBC_SHA),
- CIPHER(DHE_RSA_WITH_3DES_EDE_CBC_SHA),
-
- CIPHER(DH_ANON_EXPORT_WITH_RC4_40_MD5),
- CIPHER(DH_ANON_WITH_RC4_128_MD5),
- CIPHER(DH_ANON_WITH_DES_CBC_SHA),
- CIPHER(DH_ANON_WITH_3DES_EDE_CBC_SHA),
-
- CIPHER(3,SSL_NOT_ALLOWED,0,0,"Fortezza", FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA),
- CIPHER(3,SSL_NOT_ALLOWED,0,0,"Fortezza", FORTEZZA_DMS_WITH_RC4_128_SHA),
-
- */
-
- DIPHER(3,SSL_NOT_ALLOWED,192,192,"3DES-EDE-CBC",RSA_FIPS_WITH_3DES_EDE_CBC_SHA)
- DIPHER(3,SSL_NOT_ALLOWED,64,64, "DES-CBC", RSA_FIPS_WITH_DES_CBC_SHA)
-
- cipher_array_size =i;
-}
-
-
-
-/* ClearCiphers()
- * Clear out all ciphers */
-
-void ClearCiphers(struct ThreadData *td) {
-int i;
-
-for (i=0;i<cipher_array_size;i++) {
-SSL_EnableCipher(cipher_array[i].enableid,0);
-}
-}
-
-
-/* EnableCiphers
- * enable only those ciphers set for this test */
-
-void EnableCiphers(struct ThreadData *td) {
- int i;
-
- for (i=0;i<cipher_array_size;i++) {
- if (cipher_array[i].on) {
- SSL_EnableCipher(cipher_array[i].enableid,1);
- }
- }
-}
-
-/* SetPolicy */
-
-void SetPolicy() {
- int i;
-
- for (i=0;i<cipher_array_size;i++) {
- if (REP_Policy == POLICY_DOMESTIC) {
- SSL_SetPolicy(cipher_array[i].enableid,SSL_ALLOWED);
- }
- else {
- SSL_SetPolicy(cipher_array[i].enableid,cipher_array[i].exportable);
- }
- }
-}
-
-char *MyPWFunc(PK11SlotInfo *slot, PRBool retry, void *arg)
-{
- static PRBool called=PR_FALSE;
- if(called) {
- return NULL;
- } else {
- called = PR_TRUE;
- return PL_strdup(password);
- }
-}
-
-/*
- * VersionEnables
- * errors (40-49)
- */
-
-int Version2Enable(PRFileDesc *s, int v) {
- if (SSL_Enable(s, SSL_ENABLE_SSL2, 1) <0) return Error(43);
- else return 0;
-}
-
-int Version3Enable(PRFileDesc *s) {
- if (SSL_Enable(s, SSL_ENABLE_SSL3, 1) <0) return Error(42);
- else return 0;
-}
-
-int Version23Clear(PRFileDesc *s) {
- if (SSL_Enable(s,SSL_ENABLE_SSL2,0) <0) return Error(40);
- if (SSL_Enable(s,SSL_ENABLE_SSL3,0) <0) return Error(41);
- return 0;
-}
-
-
-
-char *nicknames[MAX_NICKNAME];
-
-void SetupNickNames() {
- nicknames[CLIENT_CERT_VERISIGN] = "CLIENT_CERT_VERISIGN";
- nicknames[CLIENT_CERT_HARDCOREII_1024] = "CLIENT_CERT_HARDCOREII_1024";
- nicknames[CLIENT_CERT_HARDCOREII_512] = "CLIENT_CERT_HARDCOREII_512";
- nicknames[CLIENT_CERT_SPARK] = "CLIENT_CERT_SPARK";
- nicknames[SERVER_CERT_HARDCOREII_512] = nickname;
- /* nicknames[SERVER_CERT_HARDCOREII_512] = "SERVER_CERT_HARDCOREII_512"; */
- nicknames[SERVER_CERT_VERISIGN_REGULAR]= "SERVER_CERT_VERISIGN_REGULAR";
- nicknames[SERVER_CERT_VERISIGN_STEPUP] = "SERVER_CERT_VERISIGN_STEPUP";
- nicknames[SERVER_CERT_SPARK] = "SERVER_CERT_SPARK";
-}
-
-
-
-
-
-
-
-/*
- * SetServerSecParms
- * errors(10-19)
- */
-
-int SetServerSecParms(struct ThreadData *td) {
- int rv;
- SECKEYPrivateKey *privKey;
- PRFileDesc *s;
-
- s = td->r;
-
- rv = SSL_Enable(s, SSL_SECURITY, 1); /* Enable security on this socket */
- if (rv < 0) return Error(10);
-
- if (SSLT_CLIENTAUTH_INITIAL == REP_ServerDoClientAuth) {
- rv = SSL_Enable(s, SSL_REQUEST_CERTIFICATE, 1);
- if (rv < 0) return Error(11);
- }
-
- ClearCiphers(td);
- EnableCiphers(td);
-
- PK11_SetPasswordFunc(MyPWFunc);
- SSL_SetPKCS11PinArg(s,(void*) MyPWFunc);
-
-
- /* Find the certificates we are going to use from the database */
-
-
- /* Test for dummy certificate, which shouldn't exist */
- td->cert = PK11_FindCertFromNickname("XXXXXX_CERT_HARDCOREII_1024",NULL);
- if (td->cert != NULL) return Error(16);
-
-
- td->cert = NULL;
- if (NO_CERT != REP_ServerCert) {
- td->cert = PK11_FindCertFromNickname(nicknames[REP_ServerCert],NULL);
- }
-
-
- /* Note: if we're set to use NO_CERT as the server cert, then we'll
- * just essentially skip the rest of this (except for session ID cache setup)
- */
-
-
- if ( (NULL == td->cert) && ( NO_CERT != REP_ServerCert )) {
- PR_fprintf(PR_STDERR, "Can't find certificate %s\n", nicknames[REP_ServerCert]);
- PR_fprintf(PR_STDERR, "Server: Seclib error: %s\n", SECU_Strerror(PR_GetError()));
- return Error(12);
- }
-
-
- if ((NO_CERT != REP_ServerCert)) {
- privKey = PK11_FindKeyByAnyCert(td->cert, NULL);
- if (privKey == NULL) {
- dbmsg((PR_STDERR, "Can't find key for this certificate\n"));
- return Error(13);
- }
-
- rv = SSL_ConfigSecureServer(s,td->cert,privKey, kt_rsa);
- if (rv != PR_SUCCESS) {
- dbmsg((PR_STDERR, "Can't config server error(%d) \n",rv));
- return Error(14);
- }
- }
-
- rv = SSL_ConfigServerSessionIDCache(10, 0, 0, ".");
- if (rv != 0) {
- dbmsg((PR_STDERR, "Can't config server session ID cache (%d) \n",rv));
- return Error(15);
- }
-
- return 0;
-}
-
-
-
-
-
-
-
View Lorry Controller Status