projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Clarify CMS_decrypt behaviour.
[openssl.git] / ssl / ssltest.c
diff --git a/ssl/ssltest.c b/ssl/ssltest.c
index 5e2fed8e727c25de29f5ee1b7cee37ca358efe83..31a033b1a9aaee34b512085473cda6c04005ba1d 100644 (file)
--- a/ssl/ssltest.c
+++ b/ssl/ssltest.c
@@ -564,7 +564,7 @@ static int verify_serverinfo()
 
 static int custom_ext_0_cli_first_cb(SSL *s, unsigned short ext_type,
                                     const unsigned char **out,
-                                    unsigned short *outlen, void *arg)
+                                    unsigned short *outlen, int *al, void *arg)
        {
        if (ext_type != CUSTOM_EXT_TYPE_0)
                custom_ext_error = 1;
@@ -576,13 +576,12 @@ static int custom_ext_0_cli_second_cb(SSL *s, unsigned short ext_type,
                                      unsigned short inlen, int *al,
                                      void *arg)
        {
-       custom_ext_error = 1; /* Shouldn't be called */
-       return 0;
+       return 1;
        }
 
 static int custom_ext_1_cli_first_cb(SSL *s, unsigned short ext_type,
                                     const unsigned char **out,
-                                    unsigned short *outlen, void *arg)
+                                    unsigned short *outlen, int *al, void *arg)
        {
        if (ext_type != CUSTOM_EXT_TYPE_1)
                custom_ext_error = 1;
@@ -596,13 +595,12 @@ static int custom_ext_1_cli_second_cb(SSL *s, unsigned short ext_type,
                                      unsigned short inlen, int *al,
                                      void *arg)
        {
-       custom_ext_error = 1; /* Shouldn't be called */
-       return 0;
+       return 1;
        }
 
 static int custom_ext_2_cli_first_cb(SSL *s, unsigned short ext_type,
                                     const unsigned char **out,
-                                    unsigned short *outlen, void *arg)
+                                    unsigned short *outlen, int *al, void *arg)
        {
        if (ext_type != CUSTOM_EXT_TYPE_2)
                custom_ext_error = 1;
@@ -625,7 +623,7 @@ static int custom_ext_2_cli_second_cb(SSL *s, unsigned short ext_type,
 
 static int custom_ext_3_cli_first_cb(SSL *s, unsigned short ext_type,
                                     const unsigned char **out,
-                                    unsigned short *outlen, void *arg)
+                                    unsigned short *outlen, int *al, void *arg)
        {
        if (ext_type != CUSTOM_EXT_TYPE_3)
                custom_ext_error = 1;
@@ -648,28 +646,27 @@ static int custom_ext_3_cli_second_cb(SSL *s, unsigned short ext_type,
        return 1;
        }
 
-
+/* custom_ext_0_cli_first_cb returns -1 - the server won't receive a callback for this extension */
 static int custom_ext_0_srv_first_cb(SSL *s, unsigned short ext_type,
                                     const unsigned char *in,
                                     unsigned short inlen, int *al,
                                     void *arg)
        {
-       custom_ext_error = 1;
-       return 0; /* Shouldn't be called */
+       return 1;
        }
 
+/* 'generate' callbacks are always called, even if the 'receive' callback isn't called */
 static int custom_ext_0_srv_second_cb(SSL *s, unsigned short ext_type,
                                      const unsigned char **out,
-                                     unsigned short *outlen, void *arg)
+                                     unsigned short *outlen, int *al, void *arg)
        {
-       custom_ext_error = 1;
-       return 0; /* Shouldn't be called */
+        return -1; /* Don't send an extension */
        }
 
 static int custom_ext_1_srv_first_cb(SSL *s, unsigned short ext_type,
-                                    const unsigned char *in,
-                                    unsigned short inlen, int *al,
-                                    void *arg)
+                               const unsigned char *in,
+                               unsigned short inlen, int *al,
+                               void *arg)
        {
        if (ext_type != CUSTOM_EXT_TYPE_1)
                custom_ext_error = 1;           
@@ -683,7 +680,7 @@ static int custom_ext_1_srv_first_cb(SSL *s, unsigned short ext_type,
 
 static int custom_ext_1_srv_second_cb(SSL *s, unsigned short ext_type,
                                      const unsigned char **out,
-                                     unsigned short *outlen, void *arg)
+                                     unsigned short *outlen, int *al, void *arg)
        {
        return -1; /* Don't send an extension */
        }
@@ -705,7 +702,7 @@ static int custom_ext_2_srv_first_cb(SSL *s, unsigned short ext_type,
 
 static int custom_ext_2_srv_second_cb(SSL *s, unsigned short ext_type,
                                      const unsigned char **out,
-                                     unsigned short *outlen, void *arg)
+                                     unsigned short *outlen, int *al, void *arg)
        {
        *out = NULL;
        *outlen = 0;
@@ -729,7 +726,7 @@ static int custom_ext_3_srv_first_cb(SSL *s, unsigned short ext_type,
 
 static int custom_ext_3_srv_second_cb(SSL *s, unsigned short ext_type,
                                      const unsigned char **out,
-                                     unsigned short *outlen, void *arg)
+                                     unsigned short *outlen, int *al, void *arg)
        {
        *out = (const unsigned char*)custom_ext_srv_string;
        *outlen = strlen(custom_ext_srv_string);
@@ -738,7 +735,7 @@ static int custom_ext_3_srv_second_cb(SSL *s, unsigned short ext_type,
 
 static int supp_data_0_srv_first_cb(SSL *s, unsigned short supp_data_type,
                                    const unsigned char **out,
-                                   unsigned short *outlen, void *arg)
+                                   unsigned short *outlen, int *al, void *arg)
        {
        *out = (const unsigned char*)supp_data_0_string;
        *outlen = strlen(supp_data_0_string);
@@ -765,7 +762,7 @@ static int supp_data_0_srv_second_cb(SSL *s, unsigned short supp_data_type,
 
 static int supp_data_1_srv_first_cb(SSL *s, unsigned short supp_data_type,
                                    const unsigned char **out,
-                                   unsigned short *outlen, void *arg)
+                                   unsigned short *outlen, int *al, void *arg)
        {
        return -1;
        }
@@ -780,9 +777,9 @@ static int supp_data_1_srv_second_cb(SSL *s, unsigned short supp_data_type,
        }
 
 static int supp_data_2_srv_second_cb(SSL *s, unsigned short supp_data_type,
-                                    const unsigned char *in,
-                                    unsigned short inlen, int *al,
-                                    void *arg)
+                               const unsigned char *in,
+                               unsigned short inlen, int *al,
+                               void *arg)
        {
        suppdata_error = 1;
        return 1;
@@ -806,7 +803,7 @@ static int supp_data_0_cli_first_cb(SSL *s, unsigned short supp_data_type,
 
 static int supp_data_0_cli_second_cb(SSL *s, unsigned short supp_data_type,
                                     const unsigned char **out,
-                                    unsigned short *outlen, void *arg)
+                                    unsigned short *outlen, int *al, void *arg)
        {
        *out = (const unsigned char*)supp_data_0_string;
        *outlen = strlen(supp_data_0_string);
@@ -826,7 +823,7 @@ static int supp_data_1_cli_first_cb(SSL *s, unsigned short supp_data_type,
 
 static int supp_data_1_cli_second_cb(SSL *s, unsigned short supp_data_type,
                                     const unsigned char **out,
-                                    unsigned short *outlen, void *arg)
+                                    unsigned short *outlen, int *al, void *arg)
        {
        return -1;
        }
@@ -1510,6 +1507,11 @@ bad:
                ERR_print_errors(bio_err);
                goto end;
                }
+       /* Since we will use low security ciphersuites and keys for
+        * testing set security level to zero.
+        */
+       SSL_CTX_set_security_level(c_ctx, 0);
+       SSL_CTX_set_security_level(s_ctx, 0);
 
        if (cipher != NULL)
                {
Unnamed repository; edit this file 'description' to name the repository.