feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Added a suite test use case to cover the new error check. Also fixed and issue with passing a couple flags to the test case runner, and some other changes to support the new test.

Browse Source
This commit is contained in:
John Safranek
2020-07-22 13:20:23 -07:00
parent 5d5aa129ca
commit 98ae3a2352
6 changed files with 75 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
examples/client/client.c
View File

@ -486,7 +486,7 @@ static int ClientBenchmarkConnections(WOLFSSL_CTX* ctx, char* host, word16 port,
/* Measures throughput in kbps. Throughput = number of bytes */ /* Measures throughput in kbps. Throughput = number of bytes */
static int ClientBenchmarkThroughput(WOLFSSL_CTX* ctx, char* host, word16 port, static int ClientBenchmarkThroughput(WOLFSSL_CTX* ctx, char* host, word16 port,
int dtlsUDP, int dtlsSCTP, int block, size_t throughput, int useX25519, int dtlsUDP, int dtlsSCTP, int block, size_t throughput, int useX25519,
int useX448) int useX448, int exitWithRet)
{ {
double start, conn_time = 0, tx_time = 0, rx_time = 0; double start, conn_time = 0, tx_time = 0, rx_time = 0;
SOCKET_T sockfd; SOCKET_T sockfd;
@ -591,7 +591,10 @@ static int ClientBenchmarkThroughput(WOLFSSL_CTX* ctx, char* host, word16 port,
} while (err == WC_PENDING_E); } while (err == WC_PENDING_E);
if (ret != len) { if (ret != len) {
printf("SSL_write bench error %d!\n", err); printf("SSL_write bench error %d!\n", err);
err_sys("SSL_write failed"); if (!exitWithRet)
err_sys("SSL_write failed");
ret = err;
goto doExit;
} }
tx_time += current_time(0) - start; tx_time += current_time(0) - start;
@ -645,6 +648,7 @@ static int ClientBenchmarkThroughput(WOLFSSL_CTX* ctx, char* host, word16 port,
else { else {
err_sys("Client buffer malloc failed"); err_sys("Client buffer malloc failed");
} }
doExit:
if(tx_buffer) XFREE(tx_buffer, NULL, DYNAMIC_TYPE_TMP_BUFFER); if(tx_buffer) XFREE(tx_buffer, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if(rx_buffer) XFREE(rx_buffer, NULL, DYNAMIC_TYPE_TMP_BUFFER); if(rx_buffer) XFREE(rx_buffer, NULL, DYNAMIC_TYPE_TMP_BUFFER);
} }
@ -656,6 +660,9 @@ static int ClientBenchmarkThroughput(WOLFSSL_CTX* ctx, char* host, word16 port,
wolfSSL_free(ssl); ssl = NULL; wolfSSL_free(ssl); ssl = NULL;
CloseSocket(sockfd); CloseSocket(sockfd);
if (exitWithRet)
return err;
#if !defined(__MINGW32__) #if !defined(__MINGW32__)
printf("wolfSSL Client Benchmark %zu bytes\n" printf("wolfSSL Client Benchmark %zu bytes\n"
#else #else
@ -1595,6 +1602,9 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
StackTrap(); StackTrap();
/* Reinitialize the global myVerifyAction. */
myVerifyAction = VERIFY_OVERRIDE_ERROR;
#ifndef WOLFSSL_VXWORKS #ifndef WOLFSSL_VXWORKS
/* Not used: All used */ /* Not used: All used */
while ((ch = mygetopt(argc, argv, "?:" while ((ch = mygetopt(argc, argv, "?:"
@ -2613,9 +2623,13 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
if (throughput) { if (throughput) {
((func_args*)args)->return_code = ((func_args*)args)->return_code =
ClientBenchmarkThroughput(ctx, host, port, dtlsUDP, dtlsSCTP, ClientBenchmarkThroughput(ctx, host, port, dtlsUDP, dtlsSCTP,
block, throughput, useX25519, useX448); block, throughput, useX25519, useX448,
exitWithRet);
wolfSSL_CTX_free(ctx); ctx = NULL; wolfSSL_CTX_free(ctx); ctx = NULL;
XEXIT_T(EXIT_SUCCESS); if (!exitWithRet)
XEXIT_T(EXIT_SUCCESS);
else
goto exit;
} }
#if defined(WOLFSSL_MDK_ARM) #if defined(WOLFSSL_MDK_ARM)

18
examples/server/server.c
View File

@ -381,6 +381,8 @@ int ServerEchoData(SSL* ssl, int clientfd, int echoData, int block,
err_sys_ex(runWithErrors, "SSL_read failed"); err_sys_ex(runWithErrors, "SSL_read failed");
break; break;
} }
if (err == WOLFSSL_ERROR_ZERO_RETURN)
return WOLFSSL_ERROR_ZERO_RETURN;
} }
else { else {
rx_pos += ret; rx_pos += ret;
@ -438,7 +440,7 @@ int ServerEchoData(SSL* ssl, int clientfd, int echoData, int block,
); );
} }
return EXIT_SUCCESS; return 0;
} }
static void ServerRead(WOLFSSL* ssl, char* input, int inputLen) static void ServerRead(WOLFSSL* ssl, char* input, int inputLen)
@ -1097,6 +1099,10 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
#ifdef WOLFSSL_VXWORKS #ifdef WOLFSSL_VXWORKS
useAnyAddr = 1; useAnyAddr = 1;
#else #else
/* Reinitialize the global myVerifyAction. */
myVerifyAction = VERIFY_OVERRIDE_ERROR;
/* Not Used: h, z, F, T, V, W, X */ /* Not Used: h, z, F, T, V, W, X */
while ((ch = mygetopt(argc, argv, "?:" while ((ch = mygetopt(argc, argv, "?:"
"abc:defgijk:l:mnop:q:rstuv:wxy" "abc:defgijk:l:mnop:q:rstuv:wxy"
@ -2446,7 +2452,15 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
#endif #endif
} }
else if (err == 0 || err == WOLFSSL_ERROR_ZERO_RETURN) { else if (err == 0 || err == WOLFSSL_ERROR_ZERO_RETURN) {
ServerEchoData(ssl, clientfd, echoData, block, throughput); err = ServerEchoData(ssl, clientfd, echoData, block, throughput);
if (err != 0) {
SSL_free(ssl); ssl = NULL;
SSL_CTX_free(ctx); ctx = NULL;
CloseSocket(clientfd);
CloseSocket(sockfd);
((func_args*)args)->return_code = err;
goto exit;
}
} }
#if defined(WOLFSSL_MDK_SHELL) && defined(HAVE_MDK_RTX) #if defined(WOLFSSL_MDK_SHELL) && defined(HAVE_MDK_RTX)

1
tests/include.am
View File

@ -31,6 +31,7 @@ EXTRA_DIST += tests/test.conf \
tests/test-psk-no-id.conf \ tests/test-psk-no-id.conf \
tests/test-psk-no-id-sha2.conf \ tests/test-psk-no-id-sha2.conf \
tests/test-dtls.conf \ tests/test-dtls.conf \
tests/test-dtls-fails.conf \
tests/test-dtls-group.conf \ tests/test-dtls-group.conf \
tests/test-dtls-reneg-client.conf \ tests/test-dtls-reneg-client.conf \
tests/test-dtls-reneg-server.conf \ tests/test-dtls-reneg-server.conf \

17
tests/suites.c
View File

@ -455,6 +455,7 @@ static int execute_test_case(int svr_argc, char** svr_argv,
return NOT_BUILT_IN; return NOT_BUILT_IN;
} }
printf("trying client command line[%d]: %s\n", tests, commandLine); printf("trying client command line[%d]: %s\n", tests, commandLine);
tests++;
/* determine based on args if this test is expected to fail */ /* determine based on args if this test is expected to fail */
if (XSTRSTR(commandLine, exitWithRetFlag) != NULL) { if (XSTRSTR(commandLine, exitWithRetFlag) != NULL) {
@ -881,6 +882,20 @@ int SuiteTest(int argc, char** argv)
goto exit; goto exit;
} }
#endif #endif
#ifndef WOLFSSL_NO_DTLS_SIZE_CHECK
/* failure tests */
args.argc = 3;
strcpy(argv0[1], "tests/test-dtls-fails.conf");
strcpy(argv0[2], "expFail"); /* tests are expected to fail */
printf("starting dtls tests that expect failure\n");
test_harness(&args);
if (args.return_code != 0) {
printf("error from script %d\n", args.return_code);
args.return_code = EXIT_FAILURE;
goto exit;
}
strcpy(argv0[2], "");
#endif
#endif #endif
#ifdef WOLFSSL_SCTP #ifdef WOLFSSL_SCTP
/* add dtls-sctp extra suites */ /* add dtls-sctp extra suites */
@ -1038,7 +1053,7 @@ int SuiteTest(int argc, char** argv)
args.argc = 3; args.argc = 3;
strcpy(argv0[1], "tests/test-dhprime.conf"); strcpy(argv0[1], "tests/test-dhprime.conf");
strcpy(argv0[2], "doDH"); /* add DH prime flag */ strcpy(argv0[2], "doDH"); /* add DH prime flag */
printf("starting tests that expect failure\n"); printf("starting dh prime tests\n");
test_harness(&args); test_harness(&args);
if (args.return_code != 0) { if (args.return_code != 0) {
printf("error from script %d\n", args.return_code); printf("error from script %d\n", args.return_code);

16
tests/test-dtls-fails.conf Normal file
View File

@ -0,0 +1,16 @@
# DTLS test
# server DTLSv1.2 too big test
-v 3
-l ECDHE-ECDSA-AES128-SHA256
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
-u
-B 9000
# client DTLSv1.2 too big test
-v 3
-l ECDHE-ECDSA-AES128-SHA256
-A ./certs/ca-ecc-cert.pem
-u
-B 9000

9
tests/test-fails.conf
View File

@ -114,6 +114,7 @@
# server # server
-v 3 -v 3
-l ECDHE-RSA-AES128-GCM-SHA256 -l ECDHE-RSA-AES128-GCM-SHA256
-H verifyFail
# client verify should fail # client verify should fail
-v 3 -v 3
@ -128,10 +129,12 @@
# client # client
-v 3 -v 3
-l ECDHE-RSA-AES128-GCM-SHA256 -l ECDHE-RSA-AES128-GCM-SHA256
-H verifyFail
# server # server
-v 3 -v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256 -l ECDHE-ECDSA-AES128-GCM-SHA256
-H verifyFail
# client verify should fail # client verify should fail
-v 3 -v 3
@ -146,6 +149,7 @@
# client # client
-v 3 -v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256 -l ECDHE-ECDSA-AES128-GCM-SHA256
-H verifyFail
# error going into callback, return error # error going into callback, return error
# server # server
@ -153,6 +157,7 @@
-l ECDHE-RSA-AES128-GCM-SHA256 -l ECDHE-RSA-AES128-GCM-SHA256
-c ./certs/test/server-cert-rsa-badsig.pem -c ./certs/test/server-cert-rsa-badsig.pem
-k ./certs/server-key.pem -k ./certs/server-key.pem
-H verifyFail
# client verify should fail # client verify should fail
-v 3 -v 3
@ -164,6 +169,7 @@
-l ECDHE-ECDSA-AES128-GCM-SHA256 -l ECDHE-ECDSA-AES128-GCM-SHA256
-c ./certs/test/server-cert-ecc-badsig.pem -c ./certs/test/server-cert-ecc-badsig.pem
-k ./certs/ecc-key.pem -k ./certs/ecc-key.pem
-H verifyFail
# client verify should fail # client verify should fail
-v 3 -v 3
@ -173,10 +179,12 @@
# server send alert on no mutual authentication # server send alert on no mutual authentication
-v 3 -v 3
-F -F
-H verifyFail
# client send alert on no mutual authentication # client send alert on no mutual authentication
-v 3 -v 3
-x -x
-H verifyFail
# server TLSv1.3 fail on no client certificate # server TLSv1.3 fail on no client certificate
# server always sets WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT unless using -d # server always sets WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT unless using -d
@ -187,4 +195,3 @@
-v 4 -v 4
-l TLS13-AES128-GCM-SHA256 -l TLS13-AES128-GCM-SHA256
-x -x