static BIO *bio_err=NULL;
static BIO *bio_stdout=NULL;
-#ifndef OPENSSL_NO_NPN
+#ifndef OPENSSL_NO_NEXTPROTONEG
/* Note that this code assumes that this is only a one element list: */
static const char NEXT_PROTO_STRING[] = "\x09testproto";
int npn_client = 0;
/* This set based on extension callbacks */
int custom_ext_error = 0;
-/*Not IETF assigned supplemental data types*/
+/* Not IETF assigned supplemental data types */
#define CUSTOM_SUPP_DATA_TYPE_0 100
#define CUSTOM_SUPP_DATA_TYPE_1 101
#define CUSTOM_SUPP_DATA_TYPE_2 102
static int custom_ext_0_cli_first_cb(SSL *s, unsigned short ext_type,
const unsigned char **out,
- unsigned short *outlen, void *arg)
+ unsigned short *outlen, int *al, void *arg)
{
if (ext_type != CUSTOM_EXT_TYPE_0)
custom_ext_error = 1;
unsigned short inlen, int *al,
void *arg)
{
- custom_ext_error = 1; /* Shouldn't be called */
- return 0;
+ return 1;
}
static int custom_ext_1_cli_first_cb(SSL *s, unsigned short ext_type,
const unsigned char **out,
- unsigned short *outlen, void *arg)
+ unsigned short *outlen, int *al, void *arg)
{
if (ext_type != CUSTOM_EXT_TYPE_1)
custom_ext_error = 1;
unsigned short inlen, int *al,
void *arg)
{
- custom_ext_error = 1; /* Shouldn't be called */
- return 0;
+ return 1;
}
static int custom_ext_2_cli_first_cb(SSL *s, unsigned short ext_type,
const unsigned char **out,
- unsigned short *outlen, void *arg)
+ unsigned short *outlen, int *al, void *arg)
{
if (ext_type != CUSTOM_EXT_TYPE_2)
custom_ext_error = 1;
static int custom_ext_3_cli_first_cb(SSL *s, unsigned short ext_type,
const unsigned char **out,
- unsigned short *outlen, void *arg)
+ unsigned short *outlen, int *al, void *arg)
{
if (ext_type != CUSTOM_EXT_TYPE_3)
custom_ext_error = 1;
return 1;
}
-
+/* custom_ext_0_cli_first_cb returns -1 - the server won't receive a callback for this extension */
static int custom_ext_0_srv_first_cb(SSL *s, unsigned short ext_type,
const unsigned char *in,
unsigned short inlen, int *al,
void *arg)
{
- custom_ext_error = 1;
- return 0; /* Shouldn't be called */
+ return 1;
}
+/* 'generate' callbacks are always called, even if the 'receive' callback isn't called */
static int custom_ext_0_srv_second_cb(SSL *s, unsigned short ext_type,
const unsigned char **out,
- unsigned short *outlen, void *arg)
+ unsigned short *outlen, int *al, void *arg)
{
- custom_ext_error = 1;
- return 0; /* Shouldn't be called */
+ return -1; /* Don't send an extension */
}
static int custom_ext_1_srv_first_cb(SSL *s, unsigned short ext_type,
- const unsigned char *in,
- unsigned short inlen, int *al,
- void *arg)
+ const unsigned char *in,
+ unsigned short inlen, int *al,
+ void *arg)
{
if (ext_type != CUSTOM_EXT_TYPE_1)
custom_ext_error = 1;
static int custom_ext_1_srv_second_cb(SSL *s, unsigned short ext_type,
const unsigned char **out,
- unsigned short *outlen, void *arg)
+ unsigned short *outlen, int *al, void *arg)
{
return -1; /* Don't send an extension */
}
static int custom_ext_2_srv_second_cb(SSL *s, unsigned short ext_type,
const unsigned char **out,
- unsigned short *outlen, void *arg)
+ unsigned short *outlen, int *al, void *arg)
{
*out = NULL;
*outlen = 0;
static int custom_ext_3_srv_second_cb(SSL *s, unsigned short ext_type,
const unsigned char **out,
- unsigned short *outlen, void *arg)
+ unsigned short *outlen, int *al, void *arg)
{
*out = (const unsigned char*)custom_ext_srv_string;
*outlen = strlen(custom_ext_srv_string);
static int supp_data_0_srv_first_cb(SSL *s, unsigned short supp_data_type,
const unsigned char **out,
- unsigned short *outlen, void *arg)
+ unsigned short *outlen, int *al, void *arg)
{
*out = (const unsigned char*)supp_data_0_string;
*outlen = strlen(supp_data_0_string);
static int supp_data_1_srv_first_cb(SSL *s, unsigned short supp_data_type,
const unsigned char **out,
- unsigned short *outlen, void *arg)
+ unsigned short *outlen, int *al, void *arg)
{
return -1;
}
}
static int supp_data_2_srv_second_cb(SSL *s, unsigned short supp_data_type,
- const unsigned char *in,
- unsigned short inlen, int *al,
- void *arg)
+ const unsigned char *in,
+ unsigned short inlen, int *al,
+ void *arg)
{
suppdata_error = 1;
return 1;
static int supp_data_0_cli_second_cb(SSL *s, unsigned short supp_data_type,
const unsigned char **out,
- unsigned short *outlen, void *arg)
+ unsigned short *outlen, int *al, void *arg)
{
*out = (const unsigned char*)supp_data_0_string;
*outlen = strlen(supp_data_0_string);
static int supp_data_1_cli_second_cb(SSL *s, unsigned short supp_data_type,
const unsigned char **out,
- unsigned short *outlen, void *arg)
+ unsigned short *outlen, int *al, void *arg)
{
return -1;
}
" (default is sect163r2).\n");
#endif
fprintf(stderr," -test_cipherlist - verifies the order of the ssl cipher lists\n");
-#ifndef OPENSSL_NO_NPN
+#ifndef OPENSSL_NO_NEXTPROTONEG
fprintf(stderr," -npn_client - have client side offer NPN\n");
fprintf(stderr," -npn_server - have server side offer NPN\n");
fprintf(stderr," -npn_server_reject - have server reject NPN\n");
{
test_cipherlist = 1;
}
-#ifndef OPENSSL_NO_NPN
+#ifndef OPENSSL_NO_NEXTPROTONEG
else if (strcmp(*argv,"-npn_client") == 0)
{
npn_client = 1;
ERR_print_errors(bio_err);
goto end;
}
+ /* Since we will use low security ciphersuites and keys for
+ * testing set security level to zero.
+ */
+ SSL_CTX_set_security_level(c_ctx, 0);
+ SSL_CTX_set_security_level(s_ctx, 0);
if (cipher != NULL)
{
}
#endif
-#ifndef OPENSSL_NO_NPN
+#ifndef OPENSSL_NO_NEXTPROTONEG
if (npn_client)
{
SSL_CTX_set_next_proto_select_cb(c_ctx, cb_client_npn, NULL);
if (suppdata)
{
- //TEST CASES
- //client and server both send and receive, verify additional arg passed back
- SSL_CTX_set_srv_supp_data(s_ctx, CUSTOM_SUPP_DATA_TYPE_0, supp_data_0_srv_first_cb, supp_data_0_srv_second_cb, s_ssl);
- SSL_CTX_set_cli_supp_data(c_ctx, CUSTOM_SUPP_DATA_TYPE_0, supp_data_0_cli_first_cb, supp_data_0_cli_second_cb, c_ssl);
-
- //-1 response from sending server/client doesn't receive, -1 response from sending client/server doesn't receive
- SSL_CTX_set_srv_supp_data(s_ctx, CUSTOM_SUPP_DATA_TYPE_1, supp_data_1_srv_first_cb, supp_data_1_srv_second_cb, NULL);
- SSL_CTX_set_cli_supp_data(c_ctx, CUSTOM_SUPP_DATA_TYPE_1, supp_data_1_cli_first_cb, supp_data_1_cli_second_cb, NULL);
-
- //null sending server/client doesn't receive, null sending client/server doesn't receive
- SSL_CTX_set_srv_supp_data(s_ctx, CUSTOM_SUPP_DATA_TYPE_2, /*supp_data_2_srv_first_cb*/NULL, supp_data_2_srv_second_cb, NULL);
- SSL_CTX_set_cli_supp_data(c_ctx, CUSTOM_SUPP_DATA_TYPE_2, supp_data_2_cli_first_cb, /*supp_data_2_cli_second_cb*/NULL, NULL);
-
- //alerts set to non-zero and zero return values not tested
+ /* TEST CASES */
+ /* client and server both send and receive, verify
+ * additional arg passed back */
+ SSL_CTX_set_srv_supp_data(s_ctx, CUSTOM_SUPP_DATA_TYPE_0,
+ supp_data_0_srv_first_cb,
+ supp_data_0_srv_second_cb, s_ssl);
+ SSL_CTX_set_cli_supp_data(c_ctx, CUSTOM_SUPP_DATA_TYPE_0,
+ supp_data_0_cli_first_cb,
+ supp_data_0_cli_second_cb, c_ssl);
+
+ /* -1 response from sending server/client doesn't
+ * receive, -1 response from sending client/server
+ * doesn't receive */
+ SSL_CTX_set_srv_supp_data(s_ctx, CUSTOM_SUPP_DATA_TYPE_1,
+ supp_data_1_srv_first_cb,
+ supp_data_1_srv_second_cb, NULL);
+ SSL_CTX_set_cli_supp_data(c_ctx, CUSTOM_SUPP_DATA_TYPE_1,
+ supp_data_1_cli_first_cb,
+ supp_data_1_cli_second_cb, NULL);
+
+ /* null sending server/client doesn't receive, null
+ sending client/server doesn't receive */
+ SSL_CTX_set_srv_supp_data(s_ctx, CUSTOM_SUPP_DATA_TYPE_2,
+ /*supp_data_2_srv_first_cb*/NULL,
+ supp_data_2_srv_second_cb, NULL);
+ SSL_CTX_set_cli_supp_data(c_ctx, CUSTOM_SUPP_DATA_TYPE_2,
+ supp_data_2_cli_first_cb,
+ /*supp_data_2_cli_second_cb*/NULL,
+ NULL);
+
+ /* alerts set to non-zero and zero return values not tested */
}
#ifndef OPENSSL_NO_KRB5
if (c_ssl && c_ssl->kssl_ctx)
if (verbose)
print_details(c_ssl, "DONE via BIO pair: ");
-#ifndef OPENSSL_NO_NPN
+#ifndef OPENSSL_NO_NEXTPROTONEG
if (verify_npn(c_ssl, s_ssl) < 0)
{
ret = 1;
if (verbose)
print_details(c_ssl, "DONE: ");
-#ifndef OPENSSL_NO_NPN
+#ifndef OPENSSL_NO_NEXTPROTONEG
if (verify_npn(c_ssl, s_ssl) < 0)
{
ret = 1;