feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

add some test cases and use allocator

Browse Source
This commit is contained in:
Jacob Barthelmeh
2021-09-29 12:02:26 -06:00
parent 9ee96c484b
commit 5f9f6fd9fa
2 changed files with 127 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
src/ssl.c
View File

@ -10635,8 +10635,7 @@ int wolfSSL_X509_add_altname_ex(WOLFSSL_X509* x509, const char* name,
if ((name == NULL) || (nameSz == 0))
return WOLFSSL_SUCCESS;
newAltName = (DNS_entry*)XMALLOC(sizeof(DNS_entry),
x509->heap, DYNAMIC_TYPE_ALTNAME);
newAltName = AltNameNew(x509->heap);
if (newAltName == NULL)
return WOLFSSL_FAILURE;
@ -26905,7 +26904,7 @@ int wolfSSL_ERR_GET_REASON(unsigned long err)
if (err == ((ERR_LIB_PEM << 24) | PEM_R_NO_START_LINE))
return PEM_R_NO_START_LINE;
#endif
#if defined(OPENSLL_ALL) && defined(WOLFSSL_PYTHON)
#if defined(OPENSSL_ALL) && defined(WOLFSSL_PYTHON)
if (err == ((ERR_LIB_ASN1 << 24) | ASN1_R_HEADER_TOO_LONG))
return ASN1_R_HEADER_TOO_LONG;
#endif
@ -44189,12 +44188,13 @@ unsigned long wolfSSL_ERR_peek_last_error_line(const char **file, int *line)
WOLFSSL_MSG("Issue peeking at error node in queue");
return 0;
}
printf("ret from peek error node = %d\n", ret);
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX)
if (ret == -ASN_NO_PEM_HEADER)
return (ERR_LIB_PEM << 24) | PEM_R_NO_START_LINE;
#endif
#if defined(OPENSLL_ALL) && defined(WOLFSSL_PYTHON)
if (ret == -ASN1_R_HEADER_TOO_LONG) {
#if defined(OPENSSL_ALL) && defined(WOLFSSL_PYTHON)
if (ret == ASN1_R_HEADER_TOO_LONG) {
return (ERR_LIB_ASN1 << 24) | ASN1_R_HEADER_TOO_LONG;
}
#endif
@ -46746,7 +46746,7 @@ unsigned long wolfSSL_ERR_peek_last_error(void)
if (ret == -ASN_NO_PEM_HEADER)
return (ERR_LIB_PEM << 24) | PEM_R_NO_START_LINE;
#if defined(WOLFSSL_PYTHON)
if (ret == -ASN1_R_HEADER_TOO_LONG)
if (ret == ASN1_R_HEADER_TOO_LONG)
return (ERR_LIB_ASN1 << 24) | ASN1_R_HEADER_TOO_LONG;
#endif
return (unsigned long)ret;
@ -47832,6 +47832,11 @@ unsigned long wolfSSL_ERR_peek_error_line_data(const char **file, int *line,
if (ret == -ASN_NO_PEM_HEADER)
return (ERR_LIB_PEM << 24) | PEM_R_NO_START_LINE;
#if defined(OPENSSL_ALL) && defined(WOLFSSL_PYTHON)
if (ret == ASN1_R_HEADER_TOO_LONG) {
return (ERR_LIB_ASN1 << 24) | ASN1_R_HEADER_TOO_LONG;
}
#endif
if (ret != -WANT_READ && ret != -WANT_WRITE &&
ret != -ZERO_RETURN && ret != -WOLFSSL_ERROR_ZERO_RETURN &&
ret != -SOCKET_PEER_CLOSED_E && ret != -SOCKET_ERROR_E)
@ -57883,7 +57888,8 @@ int wolfSSL_RAND_pseudo_bytes(unsigned char* buf, int num)
/* get secret value from source of entropy */
ret = wolfSSL_RAND_bytes(secret, DRBG_SEED_LEN);
/* uses input buffer to seed fro pseudo random number generation */
/* uses input buffer to seed for pseudo random number generation, each
* thread will potentially have different results this way */
if (ret == WOLFSSL_SUCCESS) {
ret = wc_PRF(buf, num, secret, DRBG_SEED_LEN, (const byte*)buf, num,
hash, NULL, INVALID_DEVID);

114
tests/api.c
View File

@ -4020,6 +4020,7 @@ static THREAD_RETURN WOLFSSL_THREAD test_server_nofail(void* args)
msg_len = wolfSSL_get_finished(ssl, server_side_msg1, MD_MAX_SIZE);
AssertIntGE(msg_len, 0);
#endif
idx = wolfSSL_read(ssl, input, sizeof(input)-1);
if (idx > 0) {
input[idx] = '\0';
@ -4035,6 +4036,9 @@ static THREAD_RETURN WOLFSSL_THREAD test_server_nofail(void* args)
#endif
}
if (cbf != NULL && cbf->on_result != NULL)
cbf->on_result(ssl);
#ifdef WOLFSSL_TIRTOS
Task_yield();
#endif
@ -32374,6 +32378,104 @@ static void test_wolfSSL_Tls13_Key_Logging_test(void)
#endif /* OPENSSL_EXTRA && HAVE_SECRET_CALLBACK && WOLFSSL_TLS13 */
}
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_POST_HANDSHAKE_AUTH)
static void post_auth_version_cb(WOLFSSL* ssl)
{
/* do handshake and then test version error */
AssertIntEQ(wolfSSL_accept(ssl), WOLFSSL_SUCCESS);
AssertStrEQ("TLSv1.2", wolfSSL_get_version(ssl));
AssertIntEQ(wolfSSL_verify_client_post_handshake(ssl), WOLFSSL_FAILURE);
#ifdef OPENSSL_ALL
/* check was added to error queue */
AssertIntEQ(wolfSSL_ERR_get_error(), -UNSUPPORTED_PROTO_VERSION);
/* check the string matches expected string */
AssertStrEQ(wolfSSL_ERR_error_string(-UNSUPPORTED_PROTO_VERSION, NULL),
"WRONG_SSL_VERSION");
#endif
}
static void post_auth_cb(WOLFSSL* ssl)
{
/* do handshake and then test version error */
AssertIntEQ(wolfSSL_accept(ssl), WOLFSSL_SUCCESS);
AssertStrEQ("TLSv1.3", wolfSSL_get_version(ssl));
AssertNull(wolfSSL_get_peer_certificate(ssl));
AssertIntEQ(wolfSSL_verify_client_post_handshake(ssl), WOLFSSL_SUCCESS);
}
static void set_post_auth_cb(WOLFSSL* ssl)
{
if (!wolfSSL_is_server(ssl)) {
AssertIntEQ(wolfSSL_allow_post_handshake_auth(ssl), 0);
}
else {
wolfSSL_set_verify(ssl, WOLFSSL_VERIFY_POST_HANDSHAKE, NULL);
}
}
#endif
static void test_wolfSSL_Tls13_postauth(void)
{
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_POST_HANDSHAKE_AUTH)
tcp_ready ready;
func_args client_args;
func_args server_args;
callback_functions server_cbf;
callback_functions client_cbf;
THREAD_TYPE serverThread;
printf(testingFmt, "wolfSSL_Tls13_postauth()");
XMEMSET(&client_args, 0, sizeof(func_args));
XMEMSET(&server_args, 0, sizeof(func_args));
StartTCP();
InitTcpReady(&ready);
#if defined(USE_WINDOWS_API)
/* use RNG to get random port if using windows */
ready.port = GetRandomPort();
#endif
server_args.signal = &ready;
client_args.signal = &ready;
/* test version failure doing post auth with TLS 1.2 connection */
XMEMSET(&server_cbf, 0, sizeof(callback_functions));
XMEMSET(&client_cbf, 0, sizeof(callback_functions));
server_cbf.method = wolfTLSv1_2_server_method;
server_cbf.ssl_ready = set_post_auth_cb;
client_cbf.ssl_ready = set_post_auth_cb;
server_cbf.on_result = post_auth_version_cb;
server_args.callbacks = &server_cbf;
client_args.callbacks = &client_cbf;
start_thread(test_server_nofail, &server_args, &serverThread);
wait_tcp_ready(&server_args);
test_client_nofail(&client_args, NULL);
join_thread(serverThread);
/* tests on post auth with TLS 1.3 */
XMEMSET(&server_cbf, 0, sizeof(callback_functions));
XMEMSET(&client_cbf, 0, sizeof(callback_functions));
server_cbf.method = wolfTLSv1_3_server_method;
server_cbf.ssl_ready = set_post_auth_cb;
client_cbf.ssl_ready = set_post_auth_cb;
server_cbf.on_result = post_auth_cb;
server_args.callbacks = &server_cbf;
client_args.callbacks = &client_cbf;
start_thread(test_server_nofail, &server_args, &serverThread);
wait_tcp_ready(&server_args);
test_client_nofail(&client_args, NULL);
join_thread(serverThread);
FreeTcpReady(&ready);
printf(resultFmt, passed);
#endif
}
static void test_wolfSSL_X509_NID(void)
{
#if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \
@ -35450,6 +35552,17 @@ static void test_wolfSSL_ERR_put_error(void)
ERR_put_error(0,SYS_F_SOCKET, 15, "this file", 15);
AssertIntEQ(ERR_get_error_line(&file, &line), 15);
#ifdef WOLFSSL_PYTHON
ERR_put_error(ERR_LIB_ASN1, SYS_F_ACCEPT, ASN1_R_HEADER_TOO_LONG,
"this file", 100);
AssertIntEQ(wolfSSL_ERR_peek_last_error_line(&file, &line),
(ERR_LIB_ASN1 << 24) | ASN1_R_HEADER_TOO_LONG);
AssertIntEQ(line, 100);
AssertIntEQ(wolfSSL_ERR_peek_error(),
(ERR_LIB_ASN1 << 24) | ASN1_R_HEADER_TOO_LONG);
AssertIntEQ(ERR_get_error_line(&file, &line), ASN1_R_HEADER_TOO_LONG);
#endif
/* try reading past end of error queue */
file = NULL;
AssertIntEQ(ERR_get_error_line(&file, &line), 0);
@ -49064,6 +49177,7 @@ void ApiTest(void)
test_wolfSSL_CTX_get_keylog_callback();
test_wolfSSL_Tls12_Key_Logging_test();
test_wolfSSL_Tls13_Key_Logging_test();
test_wolfSSL_Tls13_postauth();
test_wolfSSL_CTX_set_ecdh_auto();
test_wolfSSL_THREADID_hash();
test_wolfSSL_RAND_set_rand_method();