diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2013-06-19 18:24:37 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2013-06-19 18:29:27 +0200 |
commit | c897f87a0d14ba871e36665994c8843ca59ba326 (patch) | |
tree | f0b15332ed433b90d7958f13ef16e898b515f0c4 | |
parent | 7bb495ef002f189653729fe1c3982013d1a5665f (diff) | |
download | gnutls-c897f87a0d14ba871e36665994c8843ca59ba326.tar.gz |
Added test to verify whether DTLS layer will send GNUTLS_E_LARGE_PACKET on large packets
-rw-r--r-- | tests/Makefile.am | 2 | ||||
-rw-r--r-- | tests/mini-dtls-large.c | 345 |
2 files changed, 346 insertions, 1 deletions
diff --git a/tests/Makefile.am b/tests/Makefile.am index 60c8251d9e..ad1f837822 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -67,7 +67,7 @@ ctests = mini-deflate simple gc set_pkcs12_cred certder certuniqueid \ nul-in-x509-names x509_altname pkcs12_encode mini-x509 \ mini-rehandshake rng-fork mini-eagain-dtls resume-dtls \ x509cert x509cert-tl infoaccess mini-dtls-hello-verify \ - mini-tdb mini-dtls-rehandshake mini-alpn \ + mini-tdb mini-dtls-rehandshake mini-alpn mini-dtls-large \ mini-termination mini-x509-cas mini-x509-2 pkcs12_simple \ mini-emsgsize-dtls chainverify-unsorted mini-overhead \ mini-dtls-heartbeat mini-x509-callbacks key-openssl \ diff --git a/tests/mini-dtls-large.c b/tests/mini-dtls-large.c new file mode 100644 index 0000000000..d94670aeca --- /dev/null +++ b/tests/mini-dtls-large.c @@ -0,0 +1,345 @@ +/* + * Copyright (C) 2013 Nikos Mavrogiannopoulos + * + * This file is part of GnuTLS. + * + * GnuTLS is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * GnuTLS is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with GnuTLS; if not, write to the Free Software Foundation, + * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif + +#include <stdio.h> +#include <stdlib.h> + +#if defined(_WIN32) || !defined(ENABLE_HEARTBEAT) + +int +main () +{ + exit (77); +} + +#else + +#include <string.h> +#include <sys/types.h> +#include <netinet/in.h> +#include <sys/socket.h> +#include <sys/wait.h> +#include <arpa/inet.h> +#include <unistd.h> +#include <gnutls/gnutls.h> +#include <gnutls/dtls.h> + +#include "utils.h" + +static void terminate (void); + +/* This program tests the rehandshake in DTLS + */ + +static void +server_log_func (int level, const char *str) +{ + fprintf (stderr, "server|<%d>| %s", level, str); +} + +static void +client_log_func (int level, const char *str) +{ + fprintf (stderr, "client|<%d>| %s", level, str); +} + +/* These are global */ +static pid_t child; + +/* A very basic DTLS client, with anonymous authentication, that exchanges heartbeats. + */ + +#define MAX_BUF 17*1024 + + +static void +client (int fd) +{ + gnutls_session_t session; + int ret; + char buffer[MAX_BUF + 1]; + gnutls_anon_client_credentials_t anoncred; + /* Need to enable anonymous KX specifically. */ + + global_init (); + + if (debug) + { + gnutls_global_set_log_function (client_log_func); + gnutls_global_set_log_level (4711); + } + + gnutls_anon_allocate_client_credentials (&anoncred); + + /* Initialize TLS session + */ + gnutls_init (&session, GNUTLS_CLIENT | GNUTLS_DATAGRAM); + gnutls_heartbeat_enable (session, GNUTLS_HB_PEER_ALLOWED_TO_SEND); + gnutls_dtls_set_mtu (session, 1500); + + /* Use default priorities */ + gnutls_priority_set_direct (session, + "NONE:+VERS-DTLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL", + NULL); + + /* put the anonymous credentials to the current session + */ + gnutls_credentials_set (session, GNUTLS_CRD_ANON, anoncred); + + gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) fd); + + /* Perform the TLS handshake + */ + do + { + ret = gnutls_handshake (session); + } + while (ret < 0 && gnutls_error_is_fatal (ret) == 0); + + if (ret < 0) + { + fail ("client: Handshake failed\n"); + gnutls_perror (ret); + exit (1); + } + else + { + if (debug) + success ("client: Handshake was completed\n"); + } + + if (debug) + success ("client: DTLS version is: %s\n", + gnutls_protocol_get_name (gnutls_protocol_get_version + (session))); + + do + { + ret = + gnutls_record_recv (session, buffer, sizeof (buffer)); + } + while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); + + if (ret < 0) + { + fail ("recv: %s\n", gnutls_strerror (ret)); + terminate(); + } + + do + { + ret = + gnutls_record_recv (session, buffer, sizeof (buffer)); + } + while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); + + if (ret < 0) + { + fail ("recv: %s\n", gnutls_strerror (ret)); + terminate(); + } + + gnutls_bye (session, GNUTLS_SHUT_WR); + + close (fd); + + gnutls_deinit (session); + + gnutls_anon_free_client_credentials (anoncred); + + gnutls_global_deinit (); +} + + +static void +terminate (void) +{ + int status; + + kill (child, SIGTERM); + wait (&status); + exit (1); +} + +static void +server (int fd) +{ + int ret; + char buffer[MAX_BUF + 1]; + gnutls_session_t session; + gnutls_anon_server_credentials_t anoncred; + /* this must be called once in the program + */ + global_init (); + + if (debug) + { + gnutls_global_set_log_function (server_log_func); + gnutls_global_set_log_level (4711); + } + + gnutls_anon_allocate_server_credentials (&anoncred); + + gnutls_init (&session, GNUTLS_SERVER | GNUTLS_DATAGRAM); + gnutls_dtls_set_mtu (session, 1500); + + /* avoid calling all the priority functions, since the defaults + * are adequate. + */ + gnutls_priority_set_direct (session, + "NONE:+VERS-DTLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL", + NULL); + + gnutls_credentials_set (session, GNUTLS_CRD_ANON, anoncred); + + gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) fd); + + do + { + ret = gnutls_handshake (session); + } + while (ret < 0 && gnutls_error_is_fatal (ret) == 0); + if (ret < 0) + { + close (fd); + gnutls_deinit (session); + fail ("server: Handshake has failed (%s)\n\n", + gnutls_strerror (ret)); + terminate (); + } + if (debug) + success ("server: Handshake was completed\n"); + + if (debug) + success ("server: TLS version is: %s\n", + gnutls_protocol_get_name (gnutls_protocol_get_version + (session))); + + /* see the Getting peer's information example */ + /* print_info(session); */ + + ret = gnutls_record_send(session, buffer, gnutls_dtls_get_data_mtu(session)+12); + if (ret != GNUTLS_E_LARGE_PACKET) + { + fail ("send: %s\n", gnutls_strerror (ret)); + terminate (); + } + + ret = gnutls_record_send(session, buffer, gnutls_dtls_get_data_mtu(session)+5048); + if (ret != GNUTLS_E_LARGE_PACKET) + { + fail ("send: %s\n", gnutls_strerror (ret)); + terminate (); + } + + ret = gnutls_record_send(session, buffer, gnutls_dtls_get_data_mtu(session)); + if (ret < 0) + { + fail ("send: %s\n", gnutls_strerror (ret)); + terminate (); + } + + gnutls_dtls_set_mtu (session, 16*1024); + ret = gnutls_record_send(session, buffer, gnutls_dtls_get_data_mtu(session)+12); + if (ret != GNUTLS_E_LARGE_PACKET) + { + fail ("send: %s\n", gnutls_strerror (ret)); + terminate (); + } + + ret = gnutls_record_send(session, buffer, gnutls_dtls_get_data_mtu(session)+5048); + if (ret != GNUTLS_E_LARGE_PACKET) + { + fail ("send: %s\n", gnutls_strerror (ret)); + terminate (); + } + + ret = gnutls_record_send(session, buffer, gnutls_dtls_get_data_mtu(session)); + if (ret < 0) + { + fail ("send: %s\n", gnutls_strerror (ret)); + terminate (); + } + + /* do not wait for the peer to close the connection. + */ + gnutls_bye (session, GNUTLS_SHUT_WR); + + close (fd); + gnutls_deinit (session); + + gnutls_anon_free_server_credentials (anoncred); + + gnutls_global_deinit (); + + if (debug) + success ("server: finished\n"); +} + +static void +start (void) +{ + int fd[2]; + int ret; + + ret = socketpair (AF_UNIX, SOCK_DGRAM, 0, fd); + if (ret < 0) + { + perror ("socketpair"); + exit (1); + } + + child = fork (); + if (child < 0) + { + perror ("fork"); + fail ("fork"); + exit (1); + } + + if (child) + { + int status; + /* parent */ + + server (fd[0]); + wait (&status); + if (WEXITSTATUS (status) != 0) + fail ("Child died with status %d\n", WEXITSTATUS (status)); + } + else + { + close (fd[0]); + client (fd[1]); + exit (0); + } +} + +void +doit (void) +{ + start (); +} + +#endif /* _WIN32 */ |