aboutsummaryrefslogtreecommitdiff
path: root/src/testcurl/https/test_tls_extensions.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/testcurl/https/test_tls_extensions.c')
-rw-r--r--src/testcurl/https/test_tls_extensions.c144
1 files changed, 74 insertions, 70 deletions
diff --git a/src/testcurl/https/test_tls_extensions.c b/src/testcurl/https/test_tls_extensions.c
index 08cde939..f5095359 100644
--- a/src/testcurl/https/test_tls_extensions.c
+++ b/src/testcurl/https/test_tls_extensions.c
@@ -69,20 +69,20 @@ test_hello_extension (gnutls_session_t session, int port, extensions_t exten_t,
69 sd = -1; 69 sd = -1;
70 memset (&cbc, 0, sizeof (struct CBC)); 70 memset (&cbc, 0, sizeof (struct CBC));
71 if (NULL == (cbc.buf = malloc (sizeof (char) * 256))) 71 if (NULL == (cbc.buf = malloc (sizeof (char) * 256)))
72 { 72 {
73 fprintf (stderr, MHD_E_MEM); 73 fprintf (stderr, MHD_E_MEM);
74 ret = -1; 74 ret = -1;
75 goto cleanup; 75 goto cleanup;
76 } 76 }
77 cbc.size = 256; 77 cbc.size = 256;
78 78
79 sd = socket (AF_INET, SOCK_STREAM, 0); 79 sd = socket (AF_INET, SOCK_STREAM, 0);
80 if (sd == -1) 80 if (sd == -1)
81 { 81 {
82 fprintf(stderr, "Failed to create socket: %s\n", strerror(errno)); 82 fprintf (stderr, "Failed to create socket: %s\n", strerror (errno));
83 free (cbc.buf); 83 free (cbc.buf);
84 return -1; 84 return -1;
85 } 85 }
86 memset (&sa, '\0', sizeof (struct sockaddr_in)); 86 memset (&sa, '\0', sizeof (struct sockaddr_in));
87 sa.sin_family = AF_INET; 87 sa.sin_family = AF_INET;
88 sa.sin_port = htons (port); 88 sa.sin_port = htons (port);
@@ -101,10 +101,10 @@ test_hello_extension (gnutls_session_t session, int port, extensions_t exten_t,
101 101
102 data = MHD_gnutls_malloc (datalen); 102 data = MHD_gnutls_malloc (datalen);
103 if (data == NULL) 103 if (data == NULL)
104 { 104 {
105 free (cbc.buf); 105 free (cbc.buf);
106 return -1; 106 return -1;
107 } 107 }
108 hver = MHD_gtls_version_max (session); 108 hver = MHD_gtls_version_max (session);
109 data[pos++] = MHD_gtls_version_get_major (hver); 109 data[pos++] = MHD_gtls_version_get_major (hver);
110 data[pos++] = MHD_gtls_version_get_minor (hver); 110 data[pos++] = MHD_gtls_version_get_minor (hver);
@@ -119,7 +119,8 @@ test_hello_extension (gnutls_session_t session, int port, extensions_t exten_t,
119 /* generate session client random */ 119 /* generate session client random */
120 memset (session->security_parameters.client_random, 0, TLS_RANDOM_SIZE); 120 memset (session->security_parameters.client_random, 0, TLS_RANDOM_SIZE);
121 gnutls_write_uint32 (time (NULL), rnd); 121 gnutls_write_uint32 (time (NULL), rnd);
122 if (GC_OK != MHD_gc_nonce ((char *) &rnd[4], TLS_RANDOM_SIZE - 4)) abort (); 122 if (GC_OK != MHD_gc_nonce ((char *) &rnd[4], TLS_RANDOM_SIZE - 4))
123 abort ();
123 memcpy (session->security_parameters.client_random, rnd, TLS_RANDOM_SIZE); 124 memcpy (session->security_parameters.client_random, rnd, TLS_RANDOM_SIZE);
124 memcpy (&data[pos], rnd, TLS_RANDOM_SIZE); 125 memcpy (&data[pos], rnd, TLS_RANDOM_SIZE);
125 pos += TLS_RANDOM_SIZE; 126 pos += TLS_RANDOM_SIZE;
@@ -148,37 +149,37 @@ test_hello_extension (gnutls_session_t session, int port, extensions_t exten_t,
148 gnutls_write_uint16 (exten_data_len, &data[pos]); 149 gnutls_write_uint16 (exten_data_len, &data[pos]);
149 pos += 2; 150 pos += 2;
150 for (i = 0; i < ext_count; ++i) 151 for (i = 0; i < ext_count; ++i)
151 { 152 {
152 /* write extension type */ 153 /* write extension type */
153 gnutls_write_uint16 (exten_t, &data[pos]); 154 gnutls_write_uint16 (exten_t, &data[pos]);
154 pos += 2; 155 pos += 2;
155 gnutls_write_uint16 (ext_length, &data[pos]); 156 gnutls_write_uint16 (ext_length, &data[pos]);
156 pos += 2; 157 pos += 2;
157 /* we might want to generate random data here */ 158 /* we might want to generate random data here */
158 memset (&data[pos], 0, ext_length); 159 memset (&data[pos], 0, ext_length);
159 pos += ext_length; 160 pos += ext_length;
160 } 161 }
161 162
162 if (connect (sd, &sa, sizeof (struct sockaddr_in)) < 0) 163 if (connect (sd, &sa, sizeof (struct sockaddr_in)) < 0)
163 { 164 {
164 fprintf (stderr, "%s\n", MHD_E_FAILED_TO_CONNECT); 165 fprintf (stderr, "%s\n", MHD_E_FAILED_TO_CONNECT);
165 ret = -1; 166 ret = -1;
166 goto cleanup; 167 goto cleanup;
167 } 168 }
168 169
169 gnutls_transport_set_ptr (session, (MHD_gnutls_transport_ptr_t) (long) sd); 170 gnutls_transport_set_ptr (session, (MHD_gnutls_transport_ptr_t) (long) sd);
170 171
171 if (gen_test_file_url (url, 172 if (gen_test_file_url (url,
172 sizeof (url), 173 sizeof (url),
173 port)) 174 port))
174 { 175 {
175 ret = -1; 176 ret = -1;
176 goto cleanup; 177 goto cleanup;
177 } 178 }
178 179
179 /* this should crash the server */ 180 /* this should crash the server */
180 ret = gnutls_send_handshake (session, data, datalen, 181 ret = gnutls_send_handshake (session, data, datalen,
181 GNUTLS_HANDSHAKE_CLIENT_HELLO); 182 GNUTLS_HANDSHAKE_CLIENT_HELLO);
182 183
183 /* advance to STATE2 */ 184 /* advance to STATE2 */
184 session->internals.handshake_state = STATE2; 185 session->internals.handshake_state = STATE2;
@@ -190,10 +191,10 @@ test_hello_extension (gnutls_session_t session, int port, extensions_t exten_t,
190 /* make sure daemon is still functioning */ 191 /* make sure daemon is still functioning */
191 if (CURLE_OK != send_curl_req (url, &cbc, "AES128-SHA", 192 if (CURLE_OK != send_curl_req (url, &cbc, "AES128-SHA",
192 MHD_GNUTLS_PROTOCOL_TLS1_2)) 193 MHD_GNUTLS_PROTOCOL_TLS1_2))
193 { 194 {
194 ret = -1; 195 ret = -1;
195 goto cleanup; 196 goto cleanup;
196 } 197 }
197 198
198cleanup: 199cleanup:
199 if (-1 != sd) 200 if (-1 != sd)
@@ -233,34 +234,37 @@ main (int argc, char *const *argv)
233 MHD_gtls_global_set_log_level (11); 234 MHD_gtls_global_set_log_level (11);
234 235
235 if ((test_fd = setup_test_file ()) == NULL) 236 if ((test_fd = setup_test_file ()) == NULL)
236 { 237 {
237 fprintf (stderr, MHD_E_TEST_FILE_CREAT); 238 fprintf (stderr, MHD_E_TEST_FILE_CREAT);
238 return -1; 239 return -1;
239 } 240 }
240 241
241 if (!testsuite_curl_global_init ()) 242 if (! testsuite_curl_global_init ())
242 return 99; 243 return 99;
243 244
244 d = MHD_start_daemon (MHD_USE_THREAD_PER_CONNECTION | MHD_USE_INTERNAL_POLLING_THREAD | MHD_USE_TLS | 245 d = MHD_start_daemon (MHD_USE_THREAD_PER_CONNECTION
245 MHD_USE_ERROR_LOG, port, 246 | MHD_USE_INTERNAL_POLLING_THREAD | MHD_USE_TLS
247 | MHD_USE_ERROR_LOG, port,
246 NULL, NULL, &http_ahc, NULL, 248 NULL, NULL, &http_ahc, NULL,
247 MHD_OPTION_HTTPS_MEM_KEY, srv_key_pem, 249 MHD_OPTION_HTTPS_MEM_KEY, srv_key_pem,
248 MHD_OPTION_HTTPS_MEM_CERT, srv_self_signed_cert_pem, 250 MHD_OPTION_HTTPS_MEM_CERT, srv_self_signed_cert_pem,
249 MHD_OPTION_END); 251 MHD_OPTION_END);
250 252
251 if (d == NULL) 253 if (d == NULL)
252 { 254 {
253 fprintf (stderr, "%s\n", MHD_E_SERVER_INIT); 255 fprintf (stderr, "%s\n", MHD_E_SERVER_INIT);
254 return -1; 256 return -1;
255 } 257 }
256 if (0 == port) 258 if (0 == port)
259 {
260 const union MHD_DaemonInfo *dinfo;
261 dinfo = MHD_get_daemon_info (d, MHD_DAEMON_INFO_BIND_PORT);
262 if ((NULL == dinfo) ||(0 == dinfo->port) )
257 { 263 {
258 const union MHD_DaemonInfo *dinfo; 264 MHD_stop_daemon (d); return -1;
259 dinfo = MHD_get_daemon_info (d, MHD_DAEMON_INFO_BIND_PORT);
260 if (NULL == dinfo || 0 == dinfo->port)
261 { MHD_stop_daemon (d); return -1; }
262 port = (int)dinfo->port;
263 } 265 }
266 port = (int) dinfo->port;
267 }
264 268
265 i = 0; 269 i = 0;
266 setup_session (&session, &key, &cert, &xcred); 270 setup_session (&session, &key, &cert, &xcred);
@@ -269,21 +273,21 @@ main (int argc, char *const *argv)
269#if 1 273#if 1
270 i = 0; 274 i = 0;
271 while (ext_arr[i] != -1) 275 while (ext_arr[i] != -1)
272 { 276 {
273 setup_session (&session, &key, &cert, &xcred); 277 setup_session (&session, &key, &cert, &xcred);
274 errorCount += test_hello_extension (session, port, ext_arr[i], 1, 16); 278 errorCount += test_hello_extension (session, port, ext_arr[i], 1, 16);
275 teardown_session (session, &key, &cert, xcred); 279 teardown_session (session, &key, &cert, xcred);
276 280
277 setup_session (&session, &key, &cert, &xcred); 281 setup_session (&session, &key, &cert, &xcred);
278 errorCount += test_hello_extension (session, port, ext_arr[i], 3, 8); 282 errorCount += test_hello_extension (session, port, ext_arr[i], 3, 8);
279 teardown_session (session, &key, &cert, xcred); 283 teardown_session (session, &key, &cert, xcred);
280 284
281 /* this test specifically tests the issue raised in CVE-2008-1948 */ 285 /* this test specifically tests the issue raised in CVE-2008-1948 */
282 setup_session (&session, &key, &cert, &xcred); 286 setup_session (&session, &key, &cert, &xcred);
283 errorCount += test_hello_extension (session, port, ext_arr[i], 6, 0); 287 errorCount += test_hello_extension (session, port, ext_arr[i], 6, 0);
284 teardown_session (session, &key, &cert, xcred); 288 teardown_session (session, &key, &cert, xcred);
285 i++; 289 i++;
286 } 290 }
287#endif 291#endif
288 292
289 print_test_result (errorCount, argv[0]); 293 print_test_result (errorCount, argv[0]);