diff options
author | Simon Josefsson <simon@josefsson.org> | 2010-06-07 14:58:03 +0200 |
---|---|---|
committer | Simon Josefsson <simon@josefsson.org> | 2010-06-07 14:58:03 +0200 |
commit | dc468cee92c5ae8462bb25f5c129a32a3b178279 (patch) | |
tree | d9f1d3a42449e30c35fef55cbdf7925f35d4d007 | |
parent | ed8a5c018ea46dc1d44785ae0545e60d5c907d84 (diff) | |
download | gnutls-dc468cee92c5ae8462bb25f5c129a32a3b178279.tar.gz |
Rewrite self test srn5.c.
-rw-r--r-- | tests/safe-renegotiation/README | 8 | ||||
-rw-r--r-- | tests/safe-renegotiation/srn5.c | 37 |
2 files changed, 23 insertions, 22 deletions
diff --git a/tests/safe-renegotiation/README b/tests/safe-renegotiation/README index 49867f629b..91a6db9dcb 100644 --- a/tests/safe-renegotiation/README +++ b/tests/safe-renegotiation/README @@ -32,7 +32,7 @@ srn4.c: against clients that do not support the extension. srn5.c: - This tests that clients with support for safe renegotiation is able - to handshake properly against a server with no support for safe - renegotiation, but that the client will not be able to complete a - rehandshake. + + This tests that a client with a permissive policy + (%UNSAFE_RENEGOTIATION) is able to handshake and rehandshake with a + server with no support for the extension. diff --git a/tests/safe-renegotiation/srn5.c b/tests/safe-renegotiation/srn5.c index 477ebb75a0..3da57ada2f 100644 --- a/tests/safe-renegotiation/srn5.c +++ b/tests/safe-renegotiation/srn5.c @@ -20,12 +20,11 @@ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ -/* Code based on srn0.c. +/* Code based on ./srn0.c. * - * This tests that clients with support for safe renegotiation is able - * to handshake properly against a server with no support for safe - * renegotiation, but that the client will not be able to complete a - * rehandshake. + * This tests that a client with a permissive policy + * (%UNSAFE_RENEGOTIATION) is able to handshake and rehandshake with a + * server with no support for the extension. */ #ifdef HAVE_CONFIG_H @@ -194,10 +193,18 @@ main (int argc, char *argv[]) gnutls_certificate_allocate_credentials (&clientx509cred); gnutls_init (&client, GNUTLS_CLIENT); gnutls_credentials_set (client, GNUTLS_CRD_CERTIFICATE, clientx509cred); - gnutls_priority_set_direct (client, "NORMAL", NULL); + gnutls_priority_set_direct (client, "NORMAL:%UNSAFE_RENEGOTIATION", NULL); gnutls_transport_set_push_function (client, client_push); gnutls_transport_set_pull_function (client, client_pull); + /* Check that initially no session use the extension. */ + if (gnutls_safe_renegotiation_status (server) + || gnutls_safe_renegotiation_status (client)) + { + puts ("Client or server using extension before handshake?"); + abort (); + } + do { static int max_iter = 0; @@ -235,15 +242,10 @@ main (int argc, char *argv[]) if (cret != GNUTLS_E_SUCCESS && sret != GNUTLS_E_SUCCESS) exit_code = EXIT_FAILURE; - if (gnutls_safe_renegotiation_status (client)) - { - tls_log_func (0, "Client thinks it is using safe renegotiation!\n"); - exit_code = EXIT_FAILURE; - } - - if (gnutls_safe_renegotiation_status (server)) + if (gnutls_safe_renegotiation_status (client) || + gnutls_safe_renegotiation_status (server)) { - tls_log_func (0, "Server thinks it is using safe renegotiation!\n"); + tls_log_func (0, "Session using safe renegotiation?!\n"); exit_code = EXIT_FAILURE; } @@ -296,18 +298,17 @@ main (int argc, char *argv[]) } while ( /* Not done: */ - !(sret == GNUTLS_E_AGAIN - && cret == GNUTLS_E_UNSAFE_RENEGOTIATION_DENIED) + !(cret == GNUTLS_E_SUCCESS && sret == GNUTLS_E_SUCCESS) /* No error: */ && (cret == GNUTLS_E_AGAIN || sret == GNUTLS_E_AGAIN)); - if (sret != GNUTLS_E_AGAIN && cret != GNUTLS_E_UNSAFE_RENEGOTIATION_DENIED) + if (cret != GNUTLS_E_SUCCESS && sret != GNUTLS_E_SUCCESS) exit_code = 1; if (gnutls_safe_renegotiation_status (client) || gnutls_safe_renegotiation_status (server)) { - tls_log_func (0, "Rehandshaked session not using safe renegotiation!\n"); + tls_log_func (0, "Rehandshaked using safe renegotiation?!\n"); exit_code = EXIT_FAILURE; } |