X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=test%2Fssltest.c;h=01b6058648a67ffee1a1690203bf2a44561ccc0c;hp=adf13680204b7f37e75df998f363f485cfabebc4;hb=a470fdab6d04e4da68840e5324c1ac1d334f425f;hpb=b51bce942023325e727ca4225252d06c49d8f2b7 diff --git a/test/ssltest.c b/test/ssltest.c index adf1368020..01b6058648 100644 --- a/test/ssltest.c +++ b/test/ssltest.c @@ -142,6 +142,7 @@ /* Or gethostname won't be declared properly on Linux and GNU platforms. */ #define _BSD_SOURCE 1 +#define _DEFAULT_SOURCE 1 #include #include @@ -211,10 +212,6 @@ #define COMP_ZLIB 1 static int verify_callback(int ok, X509_STORE_CTX *ctx); -#ifndef OPENSSL_NO_RSA -static RSA *tmp_rsa_cb(SSL *s, int is_export, int keylength); -static void free_tmp_rsa(void); -#endif static int app_verify_callback(X509_STORE_CTX *ctx, void *arg); #define APP_CALLBACK_STRING "Test Callback Argument" struct app_verify_arg { @@ -256,7 +253,7 @@ typedef struct srp_client_arg_st { static char *ssl_give_srp_client_pwd_cb(SSL *s, void *arg) { SRP_CLIENT_ARG *srp_client_arg = (SRP_CLIENT_ARG *)arg; - return BUF_strdup((char *)srp_client_arg->srppassin); + return OPENSSL_strdup((char *)srp_client_arg->srppassin); } /* SRP server */ @@ -288,9 +285,9 @@ static BIO *bio_stdout = NULL; #ifndef OPENSSL_NO_NEXTPROTONEG /* Note that this code assumes that this is only a one element list: */ static const char NEXT_PROTO_STRING[] = "\x09testproto"; -int npn_client = 0; -int npn_server = 0; -int npn_server_reject = 0; +static int npn_client = 0; +static int npn_server = 0; +static int npn_server_reject = 0; static int cb_client_npn(SSL *s, unsigned char **out, unsigned char *outlen, const unsigned char *in, unsigned int inlen, @@ -454,7 +451,12 @@ static int verify_alpn(SSL *client, SSL *server) OPENSSL_free(alpn_selected); alpn_selected = NULL; - if (client_proto_len != server_proto_len || + if (client_proto_len != server_proto_len) { + BIO_printf(bio_stdout, "ALPN selected protocols differ!\n"); + goto err; + } + + if (client_proto != NULL && memcmp(client_proto, server_proto, client_proto_len) != 0) { BIO_printf(bio_stdout, "ALPN selected protocols differ!\n"); goto err; @@ -500,24 +502,24 @@ static int verify_alpn(SSL *client, SSL *server) #define CUSTOM_EXT_TYPE_2 1002 #define CUSTOM_EXT_TYPE_3 1003 -const char custom_ext_cli_string[] = "abc"; -const char custom_ext_srv_string[] = "defg"; +static const char custom_ext_cli_string[] = "abc"; +static const char custom_ext_srv_string[] = "defg"; /* These set from cmdline */ -char *serverinfo_file = NULL; -int serverinfo_sct = 0; -int serverinfo_tack = 0; +static char *serverinfo_file = NULL; +static int serverinfo_sct = 0; +static int serverinfo_tack = 0; /* These set based on extension callbacks */ -int serverinfo_sct_seen = 0; -int serverinfo_tack_seen = 0; -int serverinfo_other_seen = 0; +static int serverinfo_sct_seen = 0; +static int serverinfo_tack_seen = 0; +static int serverinfo_other_seen = 0; /* This set from cmdline */ -int custom_ext = 0; +static int custom_ext = 0; /* This set based on extension callbacks */ -int custom_ext_error = 0; +static int custom_ext_error = 0; static int serverinfo_cli_parse_cb(SSL *s, unsigned int ext_type, const unsigned char *in, size_t inlen, @@ -1310,7 +1312,7 @@ int main(int argc, char *argv[]) if (fips_mode) { if (!FIPS_mode_set(1)) { ERR_load_crypto_strings(); - ERR_print_errors(BIO_new_fp(stderr, BIO_NOCLOSE)); + ERR_print_errors(bio_err); EXIT(1); } else fprintf(stderr, "*** IN FIPS MODE ***\n"); @@ -1477,10 +1479,6 @@ int main(int argc, char *argv[]) (void)no_ecdhe; #endif -#ifndef OPENSSL_NO_RSA - SSL_CTX_set_tmp_rsa_callback(s_ctx, tmp_rsa_cb); -#endif - if ((!SSL_CTX_load_verify_locations(s_ctx, CAfile, CApath)) || (!SSL_CTX_set_default_verify_paths(s_ctx)) || (!SSL_CTX_load_verify_locations(c_ctx, CAfile, CApath)) || @@ -1710,12 +1708,10 @@ int main(int argc, char *argv[]) BIO_free(bio_stdout); -#ifndef OPENSSL_NO_RSA - free_tmp_rsa(); -#endif #ifndef OPENSSL_NO_ENGINE ENGINE_cleanup(); #endif + CONF_modules_unload(1); CRYPTO_cleanup_all_ex_data(); ERR_free_strings(); ERR_remove_thread_state(NULL); @@ -2422,7 +2418,7 @@ static int verify_callback(int ok, X509_STORE_CTX *ctx) if (ok == 1) { X509 *xs = ctx->current_cert; - if (xs->ex_flags & EXFLAG_PROXY) { + if (X509_get_extension_flags(xs) & EXFLAG_PROXY) { unsigned int *letters = X509_STORE_CTX_get_ex_data(ctx, get_proxy_auth_ex_data_idx ()); @@ -2828,39 +2824,6 @@ static int app_verify_callback(X509_STORE_CTX *ctx, void *arg) return (ok); } -#ifndef OPENSSL_NO_RSA -static RSA *rsa_tmp = NULL; - -static RSA *tmp_rsa_cb(SSL *s, int is_export, int keylength) -{ - BIGNUM *bn = NULL; - if (rsa_tmp == NULL) { - bn = BN_new(); - rsa_tmp = RSA_new(); - if (!bn || !rsa_tmp || !BN_set_word(bn, RSA_F4)) { - BIO_printf(bio_err, "Memory error..."); - goto end; - } - printf("Generating temp (%d bit) RSA key...", keylength); - if (!RSA_generate_key_ex(rsa_tmp, keylength, bn, NULL)) { - BIO_printf(bio_err, "Error generating key."); - RSA_free(rsa_tmp); - rsa_tmp = NULL; - } - end: - printf("\n"); - } - BN_free(bn); - return (rsa_tmp); -} - -static void free_tmp_rsa(void) -{ - RSA_free(rsa_tmp); - rsa_tmp = NULL; -} -#endif - #ifndef OPENSSL_NO_DH /*- * These DH parameters have been generated as follows: @@ -3082,7 +3045,7 @@ static int do_test_cipherlist(void) if (tci != NULL) if (ci->id >= tci->id) { fprintf(stderr, "testing SSLv3 cipher list order: "); - fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id); + fprintf(stderr, "failed %x vs. %x\n", ci->id, tci->id); return 0; } tci = ci; @@ -3094,7 +3057,7 @@ static int do_test_cipherlist(void) if (tci != NULL) if (ci->id >= tci->id) { fprintf(stderr, "testing TLSv1 cipher list order: "); - fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id); + fprintf(stderr, "failed %x vs. %x\n", ci->id, tci->id); return 0; } tci = ci;