feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Merge pull request #2515 from JacobBarthelmeh/Testing

Browse Source 
Initial pass on test cycle
This commit is contained in:
David Garske
2019-10-17 16:02:17 -07:00
committed by GitHub
parent 7135e9e500 b7d4c9f839
commit 0e73af8b88
9 changed files with 82 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
certs/test-pathlen/include.am
View File

@@ -64,4 +64,25 @@ EXTRA_DIST += \
certs/test-pathlen/chainH-ICA4-pathlen2.pem \
certs/test-pathlen/chainH-assembled.pem \
certs/test-pathlen/chainH-entity-key.pem \
certs/test-pathlen/chainH-entity.pem
certs/test-pathlen/chainH-entity.pem \
certs/test-pathlen/chainI-ICA1-key.pem \
certs/test-pathlen/chainI-ICA1-no_pathlen.pem \
certs/test-pathlen/chainI-ICA2-key.pem \
certs/test-pathlen/chainI-ICA2-no_pathlen.pem \
certs/test-pathlen/chainI-ICA3-key.pem \
certs/test-pathlen/chainI-ICA3-pathlen2.pem \
certs/test-pathlen/chainI-assembled.pem \
certs/test-pathlen/chainI-entity-key.pem \
certs/test-pathlen/chainI-entity.pem \
certs/test-pathlen/chainJ-ICA1-key.pem \
certs/test-pathlen/chainJ-ICA1-no_pathlen.pem \
certs/test-pathlen/chainJ-ICA2-key.pem \
certs/test-pathlen/chainJ-ICA2-no_pathlen.pem \
certs/test-pathlen/chainJ-ICA3-key.pem \
certs/test-pathlen/chainJ-ICA3-no_pathlen.pem \
certs/test-pathlen/chainJ-ICA4-key.pem \
certs/test-pathlen/chainJ-ICA4-pathlen2.pem \
certs/test-pathlen/chainJ-assembled.pem \
certs/test-pathlen/chainJ-entity-key.pem \
certs/test-pathlen/chainJ-entity.pem

6
examples/client/client.c
View File

@@ -2966,12 +2966,12 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
if (sendGET) {
printf("SSL connect ok, sending GET...\n");
msgSz = 28;
strncpy(msg, "GET /index.html HTTP/1.0\r\n\r\n", msgSz);
msgSz = sizeof("GET /index.html HTTP/1.0\r\n\r\n");
XSTRNCPY(msg, "GET /index.html HTTP/1.0\r\n\r\n", msgSz);
msg[msgSz] = '\0';
resumeSz = msgSz;
strncpy(resumeMsg, "GET /index.html HTTP/1.0\r\n\r\n", resumeSz);
XSTRNCPY(resumeMsg, "GET /index.html HTTP/1.0\r\n\r\n", resumeSz);
resumeMsg[resumeSz] = '\0';
}

4
src/internal.c
View File

@@ -1788,7 +1788,7 @@ int InitSSL_Ctx(WOLFSSL_CTX* ctx, WOLFSSL_METHOD* method, void* heap)
/* In case contexts are held in array and don't want to free actual ctx */
void SSL_CtxResourceFree(WOLFSSL_CTX* ctx)
{
#ifdef HAVE_CERTIFICATE_STATUS_REQUEST_V2
#if defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2) && !defined(NO_WOLFSSL_SERVER)
int i;
#endif
@@ -10315,7 +10315,7 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
args->fatal = TLSX_CSR_InitRequest(ssl->extensions,
args->dCert, ssl->heap);
doLookup = 0;
#ifdef WOLFSSL_TLS13
#if defined(WOLFSSL_TLS13) && !defined(NO_WOLFSSL_SERVER)
if (ssl->options.tls1_3) {
TLSX* ext = TLSX_Find(ssl->extensions,
TLSX_STATUS_REQUEST);

17
src/ocsp.c
View File

@@ -898,21 +898,26 @@ int wolfSSL_i2d_OCSP_REQUEST_bio(WOLFSSL_BIO* out,
return WOLFSSL_FAILURE;
size = wolfSSL_i2d_OCSP_REQUEST(req, NULL);
if (size > 0)
data = (unsigned char*) XMALLOC(size,NULL,DYNAMIC_TYPE_TMP_BUFFER);
if (data != NULL)
if (size > 0) {
data = (unsigned char*) XMALLOC(size, out->heap,
DYNAMIC_TYPE_TMP_BUFFER);
}
if (data != NULL) {
size = wolfSSL_i2d_OCSP_REQUEST(req, &data);
}
if (size <= 0) {
XFREE(data,NULL,DYNAMIC_TYPE_TMP_BUFFER);
XFREE(data, out->heap, DYNAMIC_TYPE_TMP_BUFFER);
return WOLFSSL_FAILURE;
}
if (wolfSSL_BIO_write(out,data,size) == (int)size) {
XFREE(data,NULL,DYNAMIC_TYPE_TMP_BUFFER);
if (wolfSSL_BIO_write(out, data, size) == (int)size) {
XFREE(data, out->heap, DYNAMIC_TYPE_TMP_BUFFER);
return WOLFSSL_SUCCESS;
}
XFREE(data, out->heap, DYNAMIC_TYPE_TMP_BUFFER);
return WOLFSSL_FAILURE;
}
#endif /* OPENSSL_ALL || APACHE_HTTPD */

22
src/ssl.c
View File

@@ -19765,7 +19765,7 @@ WOLFSSL_EVP_PKEY* wolfSSL_X509_get_pubkey(WOLFSSL_X509* x509)
x509->pubKey.length, x509->heap,
DYNAMIC_TYPE_PUBLIC_KEY);
if (key->pkey.ptr == NULL) {
XFREE(key, x509->heap, DYNAMIC_TYPE_PUBLIC_KEY);
wolfSSL_EVP_PKEY_free(key);
return NULL;
}
XMEMCPY(key->pkey.ptr, x509->pubKey.buffer, x509->pubKey.length);
@@ -19781,16 +19781,14 @@ WOLFSSL_EVP_PKEY* wolfSSL_X509_get_pubkey(WOLFSSL_X509* x509)
key->ownRsa = 1;
key->rsa = wolfSSL_RSA_new();
if (key->rsa == NULL) {
XFREE(key, x509->heap, DYNAMIC_TYPE_PUBLIC_KEY);
wolfSSL_EVP_PKEY_free(key);
return NULL;
}
if (wolfSSL_RSA_LoadDer_ex(key->rsa,
(const unsigned char*)key->pkey.ptr, key->pkey_sz,
WOLFSSL_RSA_LOAD_PUBLIC) != SSL_SUCCESS) {
wolfSSL_RSA_free(key->rsa);
key->rsa = NULL;
XFREE(key, x509->heap, DYNAMIC_TYPE_PUBLIC_KEY);
wolfSSL_EVP_PKEY_free(key);
return NULL;
}
}
@@ -19804,7 +19802,7 @@ WOLFSSL_EVP_PKEY* wolfSSL_X509_get_pubkey(WOLFSSL_X509* x509)
key->ownEcc = 1;
key->ecc = wolfSSL_EC_KEY_new();
if (key->ecc == NULL || key->ecc->internal == NULL) {
XFREE(key, x509->heap, DYNAMIC_TYPE_PUBLIC_KEY);
wolfSSL_EVP_PKEY_free(key);
return NULL;
}
@@ -19813,17 +19811,13 @@ WOLFSSL_EVP_PKEY* wolfSSL_X509_get_pubkey(WOLFSSL_X509* x509)
if (wc_EccPublicKeyDecode((const unsigned char*)key->pkey.ptr,
&idx, (ecc_key*)key->ecc->internal, key->pkey_sz) < 0) {
WOLFSSL_MSG("wc_EccPublicKeyDecode failed");
wolfSSL_EC_KEY_free(key->ecc);
key->ecc = NULL;
XFREE(key, x509->heap, DYNAMIC_TYPE_PUBLIC_KEY);
wolfSSL_EVP_PKEY_free(key);
return NULL;
}
if (SetECKeyExternal(key->ecc) != SSL_SUCCESS) {
WOLFSSL_MSG("SetECKeyExternal failed");
wolfSSL_EC_KEY_free(key->ecc);
key->ecc = NULL;
XFREE(key, x509->heap, DYNAMIC_TYPE_PUBLIC_KEY);
wolfSSL_EVP_PKEY_free(key);
return NULL;
}
@@ -40127,8 +40121,8 @@ int wolfSSL_CTX_set_tlsext_status_cb(WOLFSSL_CTX* ctx,
if (ctx == NULL || ctx->cm == NULL)
return WOLFSSL_FAILURE;
#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
|| defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
#if !defined(NO_WOLFSSL_SERVER) && (defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
|| defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2))
/* Ensure stapling is on for callback to be used. */
wolfSSL_CTX_EnableOCSPStapling(ctx);

4
src/tls.c
View File

@@ -2526,6 +2526,7 @@ static word16 TLSX_TCA_Write(TCA* list, byte* output)
return offset;
}
#ifndef NO_WOLFSSL_SERVER
static TCA* TLSX_TCA_Find(TCA *list, byte type, const byte* id, word16 idSz)
{
TCA* tca = list;
@@ -2536,6 +2537,7 @@ static TCA* TLSX_TCA_Find(TCA *list, byte type, const byte* id, word16 idSz)
return tca;
}
#endif /* NO_WOLFSSL_SERVER */
/** Parses a buffer of TCA extensions. */
static int TLSX_TCA_Parse(WOLFSSL* ssl, const byte* input, word16 length,
@@ -3015,10 +3017,12 @@ static int TLSX_CSR_Parse(WOLFSSL* ssl, byte* input, word16 length,
if (offset + resp_length != length)
ret = BUFFER_ERROR;
}
#if !defined(NO_WOLFSSL_SERVER)
if (ret == 0) {
csr->response.buffer = input + offset;
csr->response.length = resp_length;
}
#endif
return ret;
}

34
tests/api.c
View File

@@ -516,12 +516,20 @@ static void test_wolfSSL_Method_Allocators(void)
#ifndef NO_OLD_TLS
#ifdef WOLFSSL_ALLOW_SSLV3
#ifndef NO_WOLFSSL_SERVER
TEST_VALID_METHOD_ALLOCATOR(wolfSSLv3_server_method);
#endif
#ifndef NO_WOLFSSL_CLIENT
TEST_VALID_METHOD_ALLOCATOR(wolfSSLv3_client_method);
#endif
#endif
#ifdef WOLFSL_ALLOW_TLSV10
#ifndef NO_WOLFSSL_SERVER
TEST_VALID_METHOD_ALLOCATOR(wolfTLSv1_server_method);
#endif
#ifndef NO_WOLFSSL_CLIENT
TEST_VALID_METHOD_ALLOCATOR(wolfTLSv1_client_method);
#endif
#endif
#ifndef NO_WOLFSSL_SERVER
TEST_VALID_METHOD_ALLOCATOR(wolfTLSv1_1_server_method);
@@ -558,12 +566,20 @@ static void test_wolfSSL_Method_Allocators(void)
#ifdef WOLFSSL_DTLS
#ifndef NO_OLD_TLS
#ifndef NO_WOLFSSL_SERVER
TEST_VALID_METHOD_ALLOCATOR(wolfDTLSv1_server_method);
#endif
#ifndef NO_WOLFSSL_CLIENT
TEST_VALID_METHOD_ALLOCATOR(wolfDTLSv1_client_method);
#endif
#endif
#ifndef WOLFSSL_NO_TLS12
#ifndef NO_WOLFSSL_SERVER
TEST_VALID_METHOD_ALLOCATOR(wolfDTLSv1_2_server_method);
#endif
#ifndef NO_WOLFSSL_CLIENT
TEST_VALID_METHOD_ALLOCATOR(wolfDTLSv1_2_client_method);
#endif
#endif
#endif /* WOLFSSL_DTLS */
@@ -3936,7 +3952,7 @@ static void test_wolfSSL_UseSupportedCurve(void)
#endif
}
#ifdef HAVE_ALPN
#if defined(HAVE_ALPN) && !defined(NO_WOLFSSL_SERVER)
static void verify_ALPN_FATAL_ERROR_on_client(WOLFSSL* ssl)
{
@@ -4192,7 +4208,7 @@ static void test_wolfSSL_UseALPN_params(void)
static void test_wolfSSL_UseALPN(void)
{
#ifdef HAVE_ALPN
#if defined(HAVE_ALPN) && !defined(NO_WOLFSSL_SERVER)
test_wolfSSL_UseALPN_connection();
test_wolfSSL_UseALPN_params();
#endif
@@ -4547,7 +4563,7 @@ static void test_wolfSSL_PKCS12(void)
#if !defined(NO_FILESYSTEM) && !defined(NO_ASN) && defined(HAVE_PKCS8) && \
defined(WOLFSSL_ENCRYPTED_KEYS) && !defined(NO_DES3) && !defined(NO_PWDBASED) && \
(!defined(NO_RSA) || defined(HAVE_ECC))
(!defined(NO_RSA) || defined(HAVE_ECC)) && !defined(NO_MD5)
#define TEST_PKCS8_ENC
#endif
@@ -19232,7 +19248,7 @@ static void test_wolfSSL_PEM_PrivateKey(void)
/* key is DES encrypted */
#if !defined(NO_DES3) && defined(WOLFSSL_ENCRYPTED_KEYS) && \
!defined(NO_RSA) && !defined(NO_FILESYSTEM)
!defined(NO_RSA) && !defined(NO_FILESYSTEM) && !defined(NO_MD5)
{
XFILE f;
pem_password_cb* passwd_cb;
@@ -19447,7 +19463,11 @@ static void test_wolfSSL_tmp_dh(void)
AssertNotNull(dh);
AssertIntEQ((int)SSL_CTX_set_tmp_dh(ctx, dh), WOLFSSL_SUCCESS);
#ifndef NO_WOLFSSL_SERVER
AssertIntEQ((int)SSL_set_tmp_dh(ssl, dh), WOLFSSL_SUCCESS);
#else
AssertIntEQ((int)SSL_set_tmp_dh(ssl, dh), SIDE_ERROR);
#endif
BIO_free(bio);
DSA_free(dsa);
@@ -20181,7 +20201,7 @@ static void test_wolfSSL_X509_STORE_CTX(void)
for (i = 0; i < MAX_EX_DATA; i++) {
AssertIntEQ(X509_STORE_CTX_set_ex_data(ctx, i, &tmpData),
WOLFSSL_SUCCESS);
tmpDataRet = X509_STORE_CTX_get_ex_data(ctx, i);
tmpDataRet = (int*)X509_STORE_CTX_get_ex_data(ctx, i);
AssertNotNull(tmpDataRet);
AssertIntEQ(tmpData, *tmpDataRet);
}
@@ -21167,7 +21187,7 @@ static void test_wolfSSL_sk_SSL_CIPHER(void)
*/
static void test_wolfSSL_set_tlsext_status_type(void){
#if defined(OPENSSL_EXTRA) && defined(HAVE_CERTIFICATE_STATUS_REQUEST) && \
!defined(NO_RSA)
!defined(NO_RSA) && !defined(NO_WOLFSSL_SERVER)
SSL* ssl;
SSL_CTX* ctx;
@@ -27177,7 +27197,7 @@ static void test_wolfSSL_PEM_read(void)
AssertIntEQ(PEM_do_header(&cipher, data, &len, NULL,
(void*)"yassl123"), WOLFSSL_FAILURE);
#ifndef NO_DES3
#if !defined(NO_DES3) && !defined(NO_MD5)
AssertIntEQ(PEM_do_header(&cipher, data, &len, PasswordCallBack,
(void*)"yassl123"), WOLFSSL_SUCCESS);
#endif

2
tests/suites.c
View File

@@ -899,7 +899,7 @@ int SuiteTest(int argc, char** argv)
}
#endif
#endif
#if defined(WOLFSSL_ENCRYPTED_KEYS) && !defined(NO_DES3)
#if defined(WOLFSSL_ENCRYPTED_KEYS) && !defined(NO_DES3) && !defined(NO_MD5)
/* test encrypted keys */
strcpy(argv0[1], "tests/test-enckeys.conf");
printf("starting encrypted keys extra cipher suite tests\n");

7
wolfcrypt/src/wc_pkcs11.c
View File

@@ -1326,7 +1326,7 @@ static int Pkcs11GetEccPublicKey(ecc_key* key, Pkcs11Session* session,
CK_OBJECT_HANDLE pubKey)
{
int ret = 0;
int i = 0;
word32 i = 0;
int curveIdx;
unsigned char* point = NULL;
int pointSz;
@@ -1670,6 +1670,7 @@ static int Pkcs11ECDSASig_Decode(const byte* in, word32 inSz, byte* sig,
{
int ret = 0;
word32 i = 0;
byte tag;
int len, seqLen = 2;
/* Make sure zeros in place when decoding short integers. */
@@ -1695,7 +1696,7 @@ static int Pkcs11ECDSASig_Decode(const byte* in, word32 inSz, byte* sig,
/* Check INT */
if (ret == 0 && GetASNTag(in, &i, &tag, inSz) != 0)
ret = ASN_PARSE_E;
if (ret == 0 && tag != ASN_INTGER)
if (ret == 0 && tag != ASN_INTEGER)
ret = ASN_PARSE_E;
if (ret == 0 && (len = in[i++]) > sz + 1)
ret = ASN_PARSE_E;
@@ -1719,7 +1720,7 @@ static int Pkcs11ECDSASig_Decode(const byte* in, word32 inSz, byte* sig,
/* Check INT */
if (ret == 0 && GetASNTag(in, &i, &tag, inSz) != 0)
ret = ASN_PARSE_E;
if (ret == 0 && tag != ASN_INTGER)
if (ret == 0 && tag != ASN_INTEGER)
ret = ASN_PARSE_E;
if (ret == 0 && (len = in[i++]) > sz + 1)
ret = ASN_PARSE_E;