diff options
Diffstat (limited to 'src/testcurl/https/test_tls_extensions.c')
-rw-r--r-- | src/testcurl/https/test_tls_extensions.c | 144 |
1 files changed, 74 insertions, 70 deletions
diff --git a/src/testcurl/https/test_tls_extensions.c b/src/testcurl/https/test_tls_extensions.c index 08cde939..f5095359 100644 --- a/src/testcurl/https/test_tls_extensions.c +++ b/src/testcurl/https/test_tls_extensions.c | |||
@@ -69,20 +69,20 @@ test_hello_extension (gnutls_session_t session, int port, extensions_t exten_t, | |||
69 | sd = -1; | 69 | sd = -1; |
70 | memset (&cbc, 0, sizeof (struct CBC)); | 70 | memset (&cbc, 0, sizeof (struct CBC)); |
71 | if (NULL == (cbc.buf = malloc (sizeof (char) * 256))) | 71 | if (NULL == (cbc.buf = malloc (sizeof (char) * 256))) |
72 | { | 72 | { |
73 | fprintf (stderr, MHD_E_MEM); | 73 | fprintf (stderr, MHD_E_MEM); |
74 | ret = -1; | 74 | ret = -1; |
75 | goto cleanup; | 75 | goto cleanup; |
76 | } | 76 | } |
77 | cbc.size = 256; | 77 | cbc.size = 256; |
78 | 78 | ||
79 | sd = socket (AF_INET, SOCK_STREAM, 0); | 79 | sd = socket (AF_INET, SOCK_STREAM, 0); |
80 | if (sd == -1) | 80 | if (sd == -1) |
81 | { | 81 | { |
82 | fprintf(stderr, "Failed to create socket: %s\n", strerror(errno)); | 82 | fprintf (stderr, "Failed to create socket: %s\n", strerror (errno)); |
83 | free (cbc.buf); | 83 | free (cbc.buf); |
84 | return -1; | 84 | return -1; |
85 | } | 85 | } |
86 | memset (&sa, '\0', sizeof (struct sockaddr_in)); | 86 | memset (&sa, '\0', sizeof (struct sockaddr_in)); |
87 | sa.sin_family = AF_INET; | 87 | sa.sin_family = AF_INET; |
88 | sa.sin_port = htons (port); | 88 | sa.sin_port = htons (port); |
@@ -101,10 +101,10 @@ test_hello_extension (gnutls_session_t session, int port, extensions_t exten_t, | |||
101 | 101 | ||
102 | data = MHD_gnutls_malloc (datalen); | 102 | data = MHD_gnutls_malloc (datalen); |
103 | if (data == NULL) | 103 | if (data == NULL) |
104 | { | 104 | { |
105 | free (cbc.buf); | 105 | free (cbc.buf); |
106 | return -1; | 106 | return -1; |
107 | } | 107 | } |
108 | hver = MHD_gtls_version_max (session); | 108 | hver = MHD_gtls_version_max (session); |
109 | data[pos++] = MHD_gtls_version_get_major (hver); | 109 | data[pos++] = MHD_gtls_version_get_major (hver); |
110 | data[pos++] = MHD_gtls_version_get_minor (hver); | 110 | data[pos++] = MHD_gtls_version_get_minor (hver); |
@@ -119,7 +119,8 @@ test_hello_extension (gnutls_session_t session, int port, extensions_t exten_t, | |||
119 | /* generate session client random */ | 119 | /* generate session client random */ |
120 | memset (session->security_parameters.client_random, 0, TLS_RANDOM_SIZE); | 120 | memset (session->security_parameters.client_random, 0, TLS_RANDOM_SIZE); |
121 | gnutls_write_uint32 (time (NULL), rnd); | 121 | gnutls_write_uint32 (time (NULL), rnd); |
122 | if (GC_OK != MHD_gc_nonce ((char *) &rnd[4], TLS_RANDOM_SIZE - 4)) abort (); | 122 | if (GC_OK != MHD_gc_nonce ((char *) &rnd[4], TLS_RANDOM_SIZE - 4)) |
123 | abort (); | ||
123 | memcpy (session->security_parameters.client_random, rnd, TLS_RANDOM_SIZE); | 124 | memcpy (session->security_parameters.client_random, rnd, TLS_RANDOM_SIZE); |
124 | memcpy (&data[pos], rnd, TLS_RANDOM_SIZE); | 125 | memcpy (&data[pos], rnd, TLS_RANDOM_SIZE); |
125 | pos += TLS_RANDOM_SIZE; | 126 | pos += TLS_RANDOM_SIZE; |
@@ -148,37 +149,37 @@ test_hello_extension (gnutls_session_t session, int port, extensions_t exten_t, | |||
148 | gnutls_write_uint16 (exten_data_len, &data[pos]); | 149 | gnutls_write_uint16 (exten_data_len, &data[pos]); |
149 | pos += 2; | 150 | pos += 2; |
150 | for (i = 0; i < ext_count; ++i) | 151 | for (i = 0; i < ext_count; ++i) |
151 | { | 152 | { |
152 | /* write extension type */ | 153 | /* write extension type */ |
153 | gnutls_write_uint16 (exten_t, &data[pos]); | 154 | gnutls_write_uint16 (exten_t, &data[pos]); |
154 | pos += 2; | 155 | pos += 2; |
155 | gnutls_write_uint16 (ext_length, &data[pos]); | 156 | gnutls_write_uint16 (ext_length, &data[pos]); |
156 | pos += 2; | 157 | pos += 2; |
157 | /* we might want to generate random data here */ | 158 | /* we might want to generate random data here */ |
158 | memset (&data[pos], 0, ext_length); | 159 | memset (&data[pos], 0, ext_length); |
159 | pos += ext_length; | 160 | pos += ext_length; |
160 | } | 161 | } |
161 | 162 | ||
162 | if (connect (sd, &sa, sizeof (struct sockaddr_in)) < 0) | 163 | if (connect (sd, &sa, sizeof (struct sockaddr_in)) < 0) |
163 | { | 164 | { |
164 | fprintf (stderr, "%s\n", MHD_E_FAILED_TO_CONNECT); | 165 | fprintf (stderr, "%s\n", MHD_E_FAILED_TO_CONNECT); |
165 | ret = -1; | 166 | ret = -1; |
166 | goto cleanup; | 167 | goto cleanup; |
167 | } | 168 | } |
168 | 169 | ||
169 | gnutls_transport_set_ptr (session, (MHD_gnutls_transport_ptr_t) (long) sd); | 170 | gnutls_transport_set_ptr (session, (MHD_gnutls_transport_ptr_t) (long) sd); |
170 | 171 | ||
171 | if (gen_test_file_url (url, | 172 | if (gen_test_file_url (url, |
172 | sizeof (url), | 173 | sizeof (url), |
173 | port)) | 174 | port)) |
174 | { | 175 | { |
175 | ret = -1; | 176 | ret = -1; |
176 | goto cleanup; | 177 | goto cleanup; |
177 | } | 178 | } |
178 | 179 | ||
179 | /* this should crash the server */ | 180 | /* this should crash the server */ |
180 | ret = gnutls_send_handshake (session, data, datalen, | 181 | ret = gnutls_send_handshake (session, data, datalen, |
181 | GNUTLS_HANDSHAKE_CLIENT_HELLO); | 182 | GNUTLS_HANDSHAKE_CLIENT_HELLO); |
182 | 183 | ||
183 | /* advance to STATE2 */ | 184 | /* advance to STATE2 */ |
184 | session->internals.handshake_state = STATE2; | 185 | session->internals.handshake_state = STATE2; |
@@ -190,10 +191,10 @@ test_hello_extension (gnutls_session_t session, int port, extensions_t exten_t, | |||
190 | /* make sure daemon is still functioning */ | 191 | /* make sure daemon is still functioning */ |
191 | if (CURLE_OK != send_curl_req (url, &cbc, "AES128-SHA", | 192 | if (CURLE_OK != send_curl_req (url, &cbc, "AES128-SHA", |
192 | MHD_GNUTLS_PROTOCOL_TLS1_2)) | 193 | MHD_GNUTLS_PROTOCOL_TLS1_2)) |
193 | { | 194 | { |
194 | ret = -1; | 195 | ret = -1; |
195 | goto cleanup; | 196 | goto cleanup; |
196 | } | 197 | } |
197 | 198 | ||
198 | cleanup: | 199 | cleanup: |
199 | if (-1 != sd) | 200 | if (-1 != sd) |
@@ -233,34 +234,37 @@ main (int argc, char *const *argv) | |||
233 | MHD_gtls_global_set_log_level (11); | 234 | MHD_gtls_global_set_log_level (11); |
234 | 235 | ||
235 | if ((test_fd = setup_test_file ()) == NULL) | 236 | if ((test_fd = setup_test_file ()) == NULL) |
236 | { | 237 | { |
237 | fprintf (stderr, MHD_E_TEST_FILE_CREAT); | 238 | fprintf (stderr, MHD_E_TEST_FILE_CREAT); |
238 | return -1; | 239 | return -1; |
239 | } | 240 | } |
240 | 241 | ||
241 | if (!testsuite_curl_global_init ()) | 242 | if (! testsuite_curl_global_init ()) |
242 | return 99; | 243 | return 99; |
243 | 244 | ||
244 | d = MHD_start_daemon (MHD_USE_THREAD_PER_CONNECTION | MHD_USE_INTERNAL_POLLING_THREAD | MHD_USE_TLS | | 245 | d = MHD_start_daemon (MHD_USE_THREAD_PER_CONNECTION |
245 | MHD_USE_ERROR_LOG, port, | 246 | | MHD_USE_INTERNAL_POLLING_THREAD | MHD_USE_TLS |
247 | | MHD_USE_ERROR_LOG, port, | ||
246 | NULL, NULL, &http_ahc, NULL, | 248 | NULL, NULL, &http_ahc, NULL, |
247 | MHD_OPTION_HTTPS_MEM_KEY, srv_key_pem, | 249 | MHD_OPTION_HTTPS_MEM_KEY, srv_key_pem, |
248 | MHD_OPTION_HTTPS_MEM_CERT, srv_self_signed_cert_pem, | 250 | MHD_OPTION_HTTPS_MEM_CERT, srv_self_signed_cert_pem, |
249 | MHD_OPTION_END); | 251 | MHD_OPTION_END); |
250 | 252 | ||
251 | if (d == NULL) | 253 | if (d == NULL) |
252 | { | 254 | { |
253 | fprintf (stderr, "%s\n", MHD_E_SERVER_INIT); | 255 | fprintf (stderr, "%s\n", MHD_E_SERVER_INIT); |
254 | return -1; | 256 | return -1; |
255 | } | 257 | } |
256 | if (0 == port) | 258 | if (0 == port) |
259 | { | ||
260 | const union MHD_DaemonInfo *dinfo; | ||
261 | dinfo = MHD_get_daemon_info (d, MHD_DAEMON_INFO_BIND_PORT); | ||
262 | if ((NULL == dinfo) ||(0 == dinfo->port) ) | ||
257 | { | 263 | { |
258 | const union MHD_DaemonInfo *dinfo; | 264 | MHD_stop_daemon (d); return -1; |
259 | dinfo = MHD_get_daemon_info (d, MHD_DAEMON_INFO_BIND_PORT); | ||
260 | if (NULL == dinfo || 0 == dinfo->port) | ||
261 | { MHD_stop_daemon (d); return -1; } | ||
262 | port = (int)dinfo->port; | ||
263 | } | 265 | } |
266 | port = (int) dinfo->port; | ||
267 | } | ||
264 | 268 | ||
265 | i = 0; | 269 | i = 0; |
266 | setup_session (&session, &key, &cert, &xcred); | 270 | setup_session (&session, &key, &cert, &xcred); |
@@ -269,21 +273,21 @@ main (int argc, char *const *argv) | |||
269 | #if 1 | 273 | #if 1 |
270 | i = 0; | 274 | i = 0; |
271 | while (ext_arr[i] != -1) | 275 | while (ext_arr[i] != -1) |
272 | { | 276 | { |
273 | setup_session (&session, &key, &cert, &xcred); | 277 | setup_session (&session, &key, &cert, &xcred); |
274 | errorCount += test_hello_extension (session, port, ext_arr[i], 1, 16); | 278 | errorCount += test_hello_extension (session, port, ext_arr[i], 1, 16); |
275 | teardown_session (session, &key, &cert, xcred); | 279 | teardown_session (session, &key, &cert, xcred); |
276 | 280 | ||
277 | setup_session (&session, &key, &cert, &xcred); | 281 | setup_session (&session, &key, &cert, &xcred); |
278 | errorCount += test_hello_extension (session, port, ext_arr[i], 3, 8); | 282 | errorCount += test_hello_extension (session, port, ext_arr[i], 3, 8); |
279 | teardown_session (session, &key, &cert, xcred); | 283 | teardown_session (session, &key, &cert, xcred); |
280 | 284 | ||
281 | /* this test specifically tests the issue raised in CVE-2008-1948 */ | 285 | /* this test specifically tests the issue raised in CVE-2008-1948 */ |
282 | setup_session (&session, &key, &cert, &xcred); | 286 | setup_session (&session, &key, &cert, &xcred); |
283 | errorCount += test_hello_extension (session, port, ext_arr[i], 6, 0); | 287 | errorCount += test_hello_extension (session, port, ext_arr[i], 6, 0); |
284 | teardown_session (session, &key, &cert, xcred); | 288 | teardown_session (session, &key, &cert, xcred); |
285 | i++; | 289 | i++; |
286 | } | 290 | } |
287 | #endif | 291 | #endif |
288 | 292 | ||
289 | print_test_result (errorCount, argv[0]); | 293 | print_test_result (errorCount, argv[0]); |