/*
- * Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
#include <string.h>
#include "internal/nelem.h"
+#include "internal/cryptlib.h" /* for ossl_sleep() */
#include "ssltestlib.h"
#include "testutil.h"
#include "e_os.h"
#ifdef OPENSSL_SYS_UNIX
# include <unistd.h>
-#ifndef OPENSSL_NO_KTLS
-# include <netinet/in.h>
-# include <netinet/in.h>
-# include <arpa/inet.h>
-# include <sys/socket.h>
-# include <unistd.h>
-# include <fcntl.h>
-#endif
-
-static ossl_inline void ossl_sleep(unsigned int millis)
-{
-# ifdef OPENSSL_SYS_VXWORKS
- struct timespec ts;
- ts.tv_sec = (long int) (millis / 1000);
- ts.tv_nsec = (long int) (millis % 1000) * 1000000ul;
- nanosleep(&ts, NULL);
-# else
- usleep(millis * 1000);
+# ifndef OPENSSL_NO_KTLS
+# include <netinet/in.h>
+# include <netinet/in.h>
+# include <arpa/inet.h>
+# include <sys/socket.h>
+# include <unistd.h>
+# include <fcntl.h>
# endif
-}
-#elif defined(_WIN32)
-# include <windows.h>
-
-static ossl_inline void ossl_sleep(unsigned int millis)
-{
- Sleep(millis);
-}
-#else
-/* Fallback to a busy wait */
-static ossl_inline void ossl_sleep(unsigned int millis)
-{
- struct timeval start, now;
- unsigned int elapsedms;
-
- gettimeofday(&start, NULL);
- do {
- gettimeofday(&now, NULL);
- elapsedms = (((now.tv_sec - start.tv_sec) * 1000000)
- + now.tv_usec - start.tv_usec) / 1000;
- } while (elapsedms < millis);
-}
#endif
static int tls_dump_new(BIO *bi);
return -1;
}
-int create_ssl_ctx_pair(const SSL_METHOD *sm, const SSL_METHOD *cm,
+int create_ssl_ctx_pair(OSSL_LIB_CTX *libctx, const SSL_METHOD *sm,
+const SSL_METHOD *cm,
int min_proto_version, int max_proto_version,
SSL_CTX **sctx, SSL_CTX **cctx, char *certfile,
char *privkeyfile)
if (*sctx != NULL)
serverctx = *sctx;
- else if (!TEST_ptr(serverctx = SSL_CTX_new(sm)))
+ else if (!TEST_ptr(serverctx = SSL_CTX_new_ex(libctx, NULL, sm)))
goto err;
if (cctx != NULL) {
if (*cctx != NULL)
clientctx = *cctx;
- else if (!TEST_ptr(clientctx = SSL_CTX_new(cm)))
+ else if (!TEST_ptr(clientctx = SSL_CTX_new_ex(libctx, NULL, cm)))
goto err;
}
return 1;
err:
- SSL_CTX_free(serverctx);
- SSL_CTX_free(clientctx);
+ if (*sctx == NULL)
+ SSL_CTX_free(serverctx);
+ if (cctx != NULL && *cctx == NULL)
+ SSL_CTX_free(clientctx);
return 0;
}
}
/*
- * Create an SSL connection, but does not ready any post-handshake
+ * Create an SSL connection, but does not read any post-handshake
* NewSessionTicket messages.
* If |read| is set and we're using DTLS then we will attempt to SSL_read on
* the connection once we've completed one half of it, to ensure any retransmits
* get triggered.
+ * We stop the connection attempt (and return a failure value) if either peer
+ * has SSL_get_error() return the value in the |want| parameter. The connection
+ * attempt could be restarted by a subsequent call to this function.
*/
int create_bare_ssl_connection(SSL *serverssl, SSL *clientssl, int want,
int read)
if (!clienterr && retc <= 0 && err != SSL_ERROR_WANT_READ) {
TEST_info("SSL_connect() failed %d, %d", retc, err);
+ if (want != SSL_ERROR_SSL)
+ TEST_openssl_errors();
clienterr = 1;
}
if (want != SSL_ERROR_NONE && err == want)
&& err != SSL_ERROR_WANT_READ
&& err != SSL_ERROR_WANT_X509_LOOKUP) {
TEST_info("SSL_accept() failed %d, %d", rets, err);
+ if (want != SSL_ERROR_SSL)
+ TEST_openssl_errors();
servererr = 1;
}
if (want != SSL_ERROR_NONE && err == want)