diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2016-05-12 11:24:03 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2016-05-12 11:24:07 +0200 |
commit | f2608eb7a84c87b8f2fb4b96d3891391c409085b (patch) | |
tree | bcd8e6c2ec125228d82f3bc6d96d194d245fb2fd | |
parent | 31bb3f8826bf8abf712d43b702204836e3a6d8f4 (diff) | |
download | gnutls-f2608eb7a84c87b8f2fb4b96d3891391c409085b.tar.gz |
tests: enhance SNI checking with invalid UTF8 and embedded NULL case
-rw-r--r-- | tests/mini-server-name.c | 42 |
1 files changed, 30 insertions, 12 deletions
diff --git a/tests/mini-server-name.c b/tests/mini-server-name.c index ecfbdc3963..42927d0130 100644 --- a/tests/mini-server-name.c +++ b/tests/mini-server-name.c @@ -106,8 +106,12 @@ const gnutls_datum_t server_key = { server_key_pem, sizeof(server_key_pem) }; +/* internal function */ +int _gnutls_server_name_set_raw(gnutls_session_t session, + gnutls_server_name_type_t type, + const void *name, size_t name_length); -static void client(int fd, const char *name, unsigned name_len) +static void client(int fd, unsigned raw, const char *name, unsigned name_len) { int ret; gnutls_anon_client_credentials_t anoncred; @@ -138,7 +142,10 @@ static void client(int fd, const char *name, unsigned name_len) gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred); gnutls_transport_set_int(session, fd); - gnutls_server_name_set(session, GNUTLS_NAME_DNS, name, name_len); + if (raw) + _gnutls_server_name_set_raw(session, GNUTLS_NAME_DNS, name, name_len); + else + gnutls_server_name_set(session, GNUTLS_NAME_DNS, name, name_len); /* Perform the TLS handshake */ @@ -244,19 +251,23 @@ static void server(int fd, const char *name, unsigned name_len) buffer_size = sizeof(buffer); ret = gnutls_server_name_get(session, buffer, &buffer_size, &type, 0); - if ((name == NULL || name[0] == 0) && ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) { + if ((name == NULL || name[0] == 0) && (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE || ret == GNUTLS_E_IDNA_ERROR)) { /* expected */ if (debug) success("server: empty name matches\n"); } else if (ret < 0) { - fail("server: server_name: %s\n", gnutls_strerror(ret)); + fail("server: server_name: %s/%d\n", gnutls_strerror(ret), ret); } else { if (name == NULL || name[0] == 0) { fail("server: did not received expected name\n"); exit(1); } + if (buffer_size != strlen(buffer)) { + fail("server: received name '%s/%d/%d', with embedded null\n", buffer, (int)buffer_size, (int)strlen(buffer)); + exit(1); + } if (name_len != buffer_size || memcmp(name, buffer, name_len) != 0) { - fail("server: received name '%s', expected '%s'\n", buffer, name); + fail("server: received name '%s/%d', expected '%s/%d'\n", buffer, (int)buffer_size, name, (int)name_len); exit(1); } if (debug) @@ -280,7 +291,10 @@ static void server(int fd, const char *name, unsigned name_len) success("server: finished\n"); } -static void start(const char *name, unsigned len) +/* name: the name sent by client + * server_exp: the name which should be expected by the server to see + */ +static void start(unsigned raw, const char *name, unsigned len, const char *server_exp, unsigned server_exp_len) { int fd[2]; int ret; @@ -301,11 +315,11 @@ static void start(const char *name, unsigned len) if (child) { /* parent */ close(fd[1]); - server(fd[0], name, len); + server(fd[0], server_exp, server_exp_len); kill(child, SIGTERM); } else { close(fd[0]); - client(fd[1], name, len); + client(fd[1], raw, name, len); exit(0); } } @@ -331,10 +345,14 @@ void doit(void) signal(SIGCHLD, ch_handler); signal(SIGPIPE, SIG_IGN); - start(NULL, 0); - start("", 0); - start("test.example.com", strlen("test.example.com")); - start("longtest.example.com.", strlen("longtest.example.com")); + start(0, NULL, 0, NULL, 0); + start(0, "", 0, "", 0); + start(0, "test.example.com", strlen("test.example.com"), "test.example.com", strlen("test.example.com")); + start(0, "longtest.example.com.", strlen("longtest.example.com"), "longtest.example.com.", strlen("longtest.example.com")); + /* test invalid UTF8 */ + start(1, "invalid\xff.example.com.", sizeof("invalid\xff.example.com")-1, NULL, 0); + /* test embedded NULL */ + start(1, "invalid\x00.example.com.", sizeof("invalid\x00.example.com")-1, NULL, 0); } #endif /* _WIN32 */ |