aboutsummaryrefslogtreecommitdiff
path: root/src/testcurl/https/test_tls_extensions.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/testcurl/https/test_tls_extensions.c')
-rw-r--r--src/testcurl/https/test_tls_extensions.c270
1 files changed, 270 insertions, 0 deletions
diff --git a/src/testcurl/https/test_tls_extensions.c b/src/testcurl/https/test_tls_extensions.c
new file mode 100644
index 00000000..5d61c59e
--- /dev/null
+++ b/src/testcurl/https/test_tls_extensions.c
@@ -0,0 +1,270 @@
1/*
2 This file is part of libmicrohttpd
3 (C) 2007 Christian Grothoff
4
5 libmicrohttpd is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published
7 by the Free Software Foundation; either version 2, or (at your
8 option) any later version.
9
10 libmicrohttpd is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 General Public License for more details.
14
15 You should have received a copy of the GNU General Public License
16 along with libmicrohttpd; see the file COPYING. If not, write to the
17 Free Software Foundation, Inc., 59 Temple Place - Suite 330,
18 Boston, MA 02111-1307, USA.
19 */
20
21/**
22 * @file tls_extension_test.c
23 * @brief: test daemon response to TLS client hello requests containing extensions
24 *
25 * @author Sagie Amir
26 */
27
28#include "platform.h"
29#include "microhttpd.h"
30#include "tls_test_common.h"
31#define MAX_EXT_DATA_LENGTH 256
32
33extern const char srv_key_pem[];
34extern const char srv_self_signed_cert_pem[];
35
36/**
37 * Test daemon response to TLS client hello requests containing extensions
38 *
39 * @param session
40 * @param exten_t - the type of extension being appended to client hello request
41 * @param ext_count - the number of consecutive extension replicas inserted into request
42 * @param ext_length - the length of each appended extension
43 * @return 0 on successful test completion, -1 otherwise
44 */
45static int
46test_hello_extension (gnutls_session_t session, extensions_t exten_t,
47 int ext_count, int ext_length)
48{
49 int i, sd, ret = 0, pos = 0;
50 int exten_data_len, ciphersuite_len, datalen;
51 struct sockaddr_in sa;
52 char url[255];
53 opaque *data = NULL;
54 uint8_t session_id_len = 0;
55 opaque rnd[TLS_RANDOM_SIZE];
56 opaque extdata[MAX_EXT_DATA_LENGTH];
57
58 /* single, null compression */
59 unsigned char comp[] = { 0x01, 0x00 };
60 struct CBC cbc;
61
62 sd = -1;
63 memset (&cbc, 0, sizeof (struct CBC));
64 if (NULL == (cbc.buf = malloc (sizeof (char) * 256)))
65 {
66 fprintf (stderr, MHD_E_MEM);
67 ret = -1;
68 goto cleanup;
69 }
70 cbc.size = 256;
71
72 sd = socket (AF_INET, SOCK_STREAM, 0);
73 if (sd == -1)
74 {
75 fprintf(stderr, "Failed to create socket: %s\n", strerror(errno));
76 free (cbc.buf);
77 return -1;
78 }
79 memset (&sa, '\0', sizeof (struct sockaddr_in));
80 sa.sin_family = AF_INET;
81 sa.sin_port = htons (DEAMON_TEST_PORT);
82 inet_pton (AF_INET, "127.0.0.1", &sa.sin_addr);
83
84 enum MHD_GNUTLS_Protocol hver;
85
86 /* init hash functions */
87 session->internals.handshake_mac_handle_md5 =
88 MHD_gtls_hash_init (MHD_GNUTLS_MAC_MD5);
89 session->internals.handshake_mac_handle_sha =
90 MHD_gtls_hash_init (MHD_GNUTLS_MAC_SHA1);
91
92 /* version = 2 , random = [4 for unix time + 28 for random bytes] */
93 datalen = 2 /* version */ + TLS_RANDOM_SIZE + (session_id_len + 1);
94
95 data = MHD_gnutls_malloc (datalen);
96 if (data == NULL)
97 {
98 free (cbc.buf);
99 return -1;
100 }
101 hver = MHD_gtls_version_max (session);
102 data[pos++] = MHD_gtls_version_get_major (hver);
103 data[pos++] = MHD_gtls_version_get_minor (hver);
104
105 /* Set the version we advertise as maximum (RSA uses it). */
106 set_adv_version (session, MHD_gtls_version_get_major (hver),
107 MHD_gtls_version_get_minor (hver));
108
109 session->security_parameters.version = hver;
110 session->security_parameters.timestamp = time (NULL);
111
112 /* generate session client random */
113 memset (session->security_parameters.client_random, 0, TLS_RANDOM_SIZE);
114 gnutls_write_uint32 (time (NULL), rnd);
115 if (GC_OK != MHD_gc_nonce ((char *) &rnd[4], TLS_RANDOM_SIZE - 4)) abort ();
116 memcpy (session->security_parameters.client_random, rnd, TLS_RANDOM_SIZE);
117 memcpy (&data[pos], rnd, TLS_RANDOM_SIZE);
118 pos += TLS_RANDOM_SIZE;
119
120 /* Copy the Session ID */
121 data[pos++] = session_id_len;
122
123 /*
124 * len = ciphersuite data + 2 bytes ciphersuite length \
125 * 1 byte compression length + 1 byte compression data + \
126 * 2 bytes extension length, extensions data
127 */
128 ciphersuite_len = MHD__gnutls_copy_ciphersuites (session, extdata,
129 sizeof (extdata));
130 exten_data_len = ext_count * (2 + 2 + ext_length);
131 datalen += ciphersuite_len + 2 + 2 + exten_data_len;
132 data = MHD_gtls_realloc_fast (data, datalen);
133 memcpy (&data[pos], extdata, sizeof (ciphersuite_len));
134 pos += ciphersuite_len;
135
136 /* set compression */
137 memcpy (&data[pos], comp, sizeof (comp));
138 pos += 2;
139
140 /* set extensions length = 2 type bytes + 2 length bytes + extension length */
141 gnutls_write_uint16 (exten_data_len, &data[pos]);
142 pos += 2;
143 for (i = 0; i < ext_count; ++i)
144 {
145 /* write extension type */
146 gnutls_write_uint16 (exten_t, &data[pos]);
147 pos += 2;
148 gnutls_write_uint16 (ext_length, &data[pos]);
149 pos += 2;
150 /* we might want to generate random data here */
151 memset (&data[pos], 0, ext_length);
152 pos += ext_length;
153 }
154
155 if (connect (sd, &sa, sizeof (struct sockaddr_in)) < 0)
156 {
157 fprintf (stderr, "%s\n", MHD_E_FAILED_TO_CONNECT);
158 ret = -1;
159 goto cleanup;
160 }
161
162 gnutls_transport_set_ptr (session, (MHD_gnutls_transport_ptr_t) (long) sd);
163
164 if (gen_test_file_url (url, DEAMON_TEST_PORT))
165 {
166 ret = -1;
167 goto cleanup;
168 }
169
170 /* this should crash the server */
171 ret = gnutls_send_handshake (session, data, datalen,
172 GNUTLS_HANDSHAKE_CLIENT_HELLO);
173
174 /* advance to STATE2 */
175 session->internals.handshake_state = STATE2;
176 ret = gnutls_handshake (session);
177 ret = gnutls_bye (session, GNUTLS_SHUT_WR);
178
179 gnutls_free (data);
180
181 /* make sure daemon is still functioning */
182 if (CURLE_OK != send_curl_req (url, &cbc, "AES128-SHA",
183 MHD_GNUTLS_PROTOCOL_TLS1_2))
184 {
185 ret = -1;
186 goto cleanup;
187 }
188
189cleanup:
190 if (sd != -1)
191 close (sd);
192 gnutls_free (cbc.buf);
193 return ret;
194}
195
196int
197main (int argc, char *const *argv)
198{
199 int i, errorCount = 0;
200 FILE *test_fd;
201 struct MHD_Daemon *d;
202 gnutls_session_t session;
203 gnutls_datum_t key;
204 gnutls_datum_t cert;
205 gnutls_certificate_credentials_t xcred;
206
207 int ext_arr[] = { GNUTLS_EXTENSION_SERVER_NAME,
208 -1
209 };
210
211 MHD_gtls_global_set_log_level (11);
212
213 if ((test_fd = setup_test_file ()) == NULL)
214 {
215 fprintf (stderr, MHD_E_TEST_FILE_CREAT);
216 return -1;
217 }
218
219 if (0 != curl_global_init (CURL_GLOBAL_ALL))
220 {
221 fprintf (stderr, "Error: %s\n", strerror (errno));
222 return -1;
223 }
224
225 d = MHD_start_daemon (MHD_USE_THREAD_PER_CONNECTION | MHD_USE_SSL |
226 MHD_USE_DEBUG, DEAMON_TEST_PORT,
227 NULL, NULL, &http_ahc, NULL,
228 MHD_OPTION_HTTPS_MEM_KEY, srv_key_pem,
229 MHD_OPTION_HTTPS_MEM_CERT, srv_self_signed_cert_pem,
230 MHD_OPTION_END);
231
232 if (d == NULL)
233 {
234 fprintf (stderr, "%s\n", MHD_E_SERVER_INIT);
235 return -1;
236 }
237
238 i = 0;
239 setup_session (&session, &key, &cert, &xcred);
240 errorCount += test_hello_extension (session, ext_arr[i], 1, 16);
241 teardown_session (session, &key, &cert, xcred);
242#if 1
243 i = 0;
244 while (ext_arr[i] != -1)
245 {
246 setup_session (&session, &key, &cert, &xcred);
247 errorCount += test_hello_extension (session, ext_arr[i], 1, 16);
248 teardown_session (session, &key, &cert, xcred);
249
250 setup_session (&session, &key, &cert, &xcred);
251 errorCount += test_hello_extension (session, ext_arr[i], 3, 8);
252 teardown_session (session, &key, &cert, xcred);
253
254 /* this test specifically tests the issue raised in CVE-2008-1948 */
255 setup_session (&session, &key, &cert, &xcred);
256 errorCount += test_hello_extension (session, ext_arr[i], 6, 0);
257 teardown_session (session, &key, &cert, xcred);
258 i++;
259 }
260#endif
261
262 print_test_result (errorCount, argv[0]);
263
264 MHD_stop_daemon (d);
265
266 curl_global_cleanup ();
267 fclose (test_fd);
268
269 return errorCount;
270}