X-Git-Url: https://git.openssl.org/gitweb/?a=blobdiff_plain;f=ssl%2Fssltest.c;h=5aadfa51d0748111ddebc9b24ff3b44fe39a5780;hb=27545970134d703ed96027aac9b67eced124eec3;hp=c84c643c2e23e051311d06fdda02332445a59c3f;hpb=90f5a2b6fedaa952d015bb845ca075ef2eeba566;p=openssl.git diff --git a/ssl/ssltest.c b/ssl/ssltest.c index c84c643c2e..5aadfa51d0 100644 --- a/ssl/ssltest.c +++ b/ssl/ssltest.c @@ -114,11 +114,8 @@ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. */ -#define _XOPEN_SOURCE 600 /* Or gethostname won't be declared properly +#define _BSD_SOURCE 1 /* Or gethostname won't be declared properly on Linux and GNU platforms. */ -#define _XOPEN_SOURCE_EXTENDED 1 /* Or gethostname won't be declared properly - on Compaq platforms (at least with DEC C). - */ #include #include @@ -128,6 +125,7 @@ #include #include +#define USE_SOCKETS #include "e_os.h" #include @@ -135,12 +133,20 @@ #include #include #include +#ifndef OPENSSL_NO_ENGINE #include +#endif #include #include + +#define _XOPEN_SOURCE_EXTENDED 1 /* Or gethostname won't be declared properly + on Compaq platforms (at least with DEC C). + Do not try to put it earlier, or IPv6 includes + get screwed... + */ + #ifdef OPENSSL_SYS_WINDOWS #include -#include "../crypto/bio/bss_file.c" #else #include OPENSSL_UNISTD #endif @@ -148,6 +154,9 @@ #ifdef OPENSSL_SYS_VMS # define TEST_SERVER_CERT "SYS$DISK:[-.APPS]SERVER.PEM" # define TEST_CLIENT_CERT "SYS$DISK:[-.APPS]CLIENT.PEM" +#elif defined(OPENSSL_SYS_WINCE) +# define TEST_SERVER_CERT "\\OpenSSL\\server.pem" +# define TEST_CLIENT_CERT "\\OpenSSL\\client.pem" #else # define TEST_SERVER_CERT "../apps/server.pem" # define TEST_CLIENT_CERT "../apps/client.pem" @@ -155,8 +164,8 @@ /* There is really no standard for this, so let's assign some tentative numbers. In any case, these numbers are only for this test */ -#define COMP_RLE 1 -#define COMP_ZLIB 2 +#define COMP_RLE 255 +#define COMP_ZLIB 1 static int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx); #ifndef OPENSSL_NO_RSA @@ -294,7 +303,7 @@ static void lock_dbg_cb(int mode, int type, const char *file, int line) goto err; } - if (type < 0 || type > CRYPTO_NUM_LOCKS) + if (type < 0 || type >= CRYPTO_NUM_LOCKS) { errstr = "type out of bounds"; goto err; @@ -364,7 +373,7 @@ int main(int argc, char *argv[]) SSL_METHOD *meth=NULL; SSL *c_ssl,*s_ssl; int number=1,reuse=0; - long bytes=1L; + long bytes=256L; #ifndef OPENSSL_NO_DH DH *dh; int dhe1024 = 0, dhe1024dsa = 0; @@ -378,11 +387,14 @@ int main(int argc, char *argv[]) clock_t s_time = 0, c_time = 0; int comp = 0; COMP_METHOD *cm = NULL; + STACK_OF(SSL_COMP) *ssl_comp_methods = NULL; verbose = 0; debug = 0; cipher = 0; - + + bio_err=BIO_new_fp(stderr,BIO_NOCLOSE); + CRYPTO_set_locking_callback(lock_dbg_cb); /* enable memory leak checking unless explicitly disabled */ @@ -400,7 +412,6 @@ int main(int argc, char *argv[]) RAND_seed(rnd_seed, sizeof rnd_seed); - bio_err=BIO_new_fp(stderr,BIO_NOCLOSE); bio_stdout=BIO_new_fp(stdout,BIO_NOCLOSE); argc--; @@ -423,7 +434,7 @@ int main(int argc, char *argv[]) #ifndef OPENSSL_NO_DH dhe1024=1; #else - fprintf(stderr,"ignoring -dhe1024, since I'm compiled without DH\n"; + fprintf(stderr,"ignoring -dhe1024, since I'm compiled without DH\n"); #endif } else if (strcmp(*argv,"-dhe1024dsa") == 0) @@ -431,7 +442,7 @@ int main(int argc, char *argv[]) #ifndef OPENSSL_NO_DH dhe1024dsa=1; #else - fprintf(stderr,"ignoring -dhe1024, since I'm compiled without DH\n"; + fprintf(stderr,"ignoring -dhe1024, since I'm compiled without DH\n"); #endif } else if (strcmp(*argv,"-no_dhe") == 0) @@ -530,7 +541,7 @@ int main(int argc, char *argv[]) #ifndef OPENSSL_NO_ECDH named_curve = *(++argv); #else - fprintf(stderr,"ignoring -named_curve, since I'm compiled without ECDH\n" + fprintf(stderr,"ignoring -named_curve, since I'm compiled without ECDH\n"); ++argv; #endif } @@ -560,7 +571,7 @@ bad: "the test anyway (and\n-d to see what happens), " "or add one of -ssl2, -ssl3, -tls1, -reuse\n" "to avoid protocol mismatch.\n"); - exit(1); + EXIT(1); } if (print_time) @@ -584,7 +595,14 @@ bad: if (cm != NULL) { if (cm->type != NID_undef) - SSL_COMP_add_compression_method(comp, cm); + { + if (SSL_COMP_add_compression_method(comp, cm) != 0) + { + fprintf(stderr, + "Failed to add compression method\n"); + ERR_print_errors_fp(stderr); + } + } else { fprintf(stderr, @@ -595,6 +613,19 @@ bad: ERR_print_errors_fp(stderr); } } + ssl_comp_methods = SSL_COMP_get_compression_methods(); + fprintf(stderr, "Available compression methods:\n"); + { + int j, n = sk_SSL_COMP_num(ssl_comp_methods); + if (n == 0) + fprintf(stderr, " NONE\n"); + else + for (j = 0; j < n; j++) + { + SSL_COMP *c = sk_SSL_COMP_value(ssl_comp_methods, j); + fprintf(stderr, " %d: %s\n", c->id, c->name); + } + } #if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3) if (ssl2) @@ -754,10 +785,16 @@ bad: #ifndef OPENSSL_NO_KRB5 if (c_ssl && c_ssl->kssl_ctx) { - char localhost[257]; + char localhost[MAXHOSTNAMELEN+2]; - if (gethostname(localhost, 256) == 0) + if (gethostname(localhost, sizeof localhost-1) == 0) { + localhost[sizeof localhost-1]='\0'; + if(strlen(localhost) == sizeof localhost-1) + { + BIO_printf(bio_err,"localhost name too long\n"); + goto end; + } kssl_ctx_setstring(c_ssl->kssl_ctx, KSSL_SERVER, localhost); } @@ -813,7 +850,9 @@ end: #ifndef OPENSSL_NO_RSA free_tmp_rsa(); #endif +#ifndef OPENSSL_NO_ENGINE ENGINE_cleanup(); +#endif CRYPTO_cleanup_all_ex_data(); ERR_free_strings(); ERR_remove_state(0); @@ -903,6 +942,8 @@ int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count, int i, r; clock_t c_clock = clock(); + memset(cbuf, 0, sizeof(cbuf)); + if (debug) if (SSL_in_init(c_ssl)) printf("client waiting in SSL_connect - %s\n", @@ -987,6 +1028,8 @@ int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count, int i, r; clock_t s_clock = clock(); + memset(sbuf, 0, sizeof(sbuf)); + if (debug) if (SSL_in_init(s_ssl)) printf("server waiting in SSL_accept - %s\n", @@ -1230,6 +1273,9 @@ int doit(SSL *s_ssl, SSL *c_ssl, long count) int c_write,s_write; int do_server=0,do_client=0; + memset(cbuf,0,sizeof(cbuf)); + memset(sbuf,0,sizeof(sbuf)); + c_to_s=BIO_new(BIO_s_mem()); s_to_c=BIO_new(BIO_s_mem()); if ((s_to_c == NULL) || (c_to_s == NULL)) @@ -1304,8 +1350,8 @@ int doit(SSL *s_ssl, SSL *c_ssl, long count) { if (c_write) { - j=(cw_num > (long)sizeof(cbuf)) - ?sizeof(cbuf):(int)cw_num; + j = (cw_num > (long)sizeof(cbuf)) ? + (int)sizeof(cbuf) : (int)cw_num; i=BIO_write(c_bio,cbuf,j); if (i < 0) { @@ -1435,8 +1481,8 @@ int doit(SSL *s_ssl, SSL *c_ssl, long count) } else { - j=(sw_num > (long)sizeof(sbuf))? - sizeof(sbuf):(int)sw_num; + j = (sw_num > (long)sizeof(sbuf)) ? + (int)sizeof(sbuf) : (int)sw_num; i=BIO_write(s_bio,sbuf,j); if (i < 0) { @@ -1511,7 +1557,8 @@ static int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx) { char *s,buf[256]; - s=X509_NAME_oneline(X509_get_subject_name(ctx->current_cert),buf,256); + s=X509_NAME_oneline(X509_get_subject_name(ctx->current_cert),buf, + sizeof buf); if (s != NULL) { if (ok) @@ -1561,9 +1608,21 @@ static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength) { if (rsa_tmp == NULL) { + rsa_tmp = RSA_new(); + if(!rsa_tmp) + { + BIO_printf(bio_err, "Memory error..."); + goto end; + } BIO_printf(bio_err,"Generating temp (%d bit) RSA key...",keylength); (void)BIO_flush(bio_err); - rsa_tmp=RSA_generate_key(keylength,RSA_F4,NULL,NULL); + if(!RSA_generate_key_ex(rsa_tmp,keylength,RSA_F4,NULL)) + { + BIO_printf(bio_err, "Error generating key."); + RSA_free(rsa_tmp); + rsa_tmp = NULL; + } +end: BIO_printf(bio_err,"\n"); (void)BIO_flush(bio_err); }