diff options
| author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2018-09-19 15:03:32 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2018-09-19 17:54:12 +0200 |
| commit | fe6c0ff7b911ff077d7dcf3434e8c4700f6794a4 (patch) | |
| tree | b57c96f1f1967e9c232980b003f28c57f62b80e7 | |
| parent | 553f9aaaa92d8bbc027af7f46bdd5355a2c0abc0 (diff) | |
| download | gnutls-fe6c0ff7b911ff077d7dcf3434e8c4700f6794a4.tar.gz | |
tests: use virt-time.h in resumption tests
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
| -rw-r--r-- | tests/resume-with-previous-stek.c | 15 | ||||
| -rw-r--r-- | tests/resume-with-stek-expiration.c | 8 | ||||
| -rw-r--r-- | tests/resume.c | 12 |
3 files changed, 22 insertions, 13 deletions
diff --git a/tests/resume-with-previous-stek.c b/tests/resume-with-previous-stek.c index ca59f7aa77..2b2a4794a0 100644 --- a/tests/resume-with-previous-stek.c +++ b/tests/resume-with-previous-stek.c @@ -41,6 +41,7 @@ int main(int argc, char **argv) #include <assert.h> #include "utils.h" #include "cert-common.h" +#include "virt-time.h" #define TICKET_EXPIRATION 1 /* seconds */ #define TICKET_ROTATION_PERIOD 3 /* seconds */ @@ -114,8 +115,6 @@ static void client(int fd, int *resume, unsigned rounds, const char *prio) gnutls_transport_set_int(session, fd); gnutls_handshake_set_timeout(session, 20 * 1000); - sec_sleep(TICKET_ROTATION_PERIOD-1); - /* Perform TLS handshake and obtain session ticket */ if (client_handshake(session, &session_data, resume[i]) < 0) @@ -143,6 +142,8 @@ static void server(int fd, unsigned rounds, const char *prio) gnutls_datum_t session_ticket_key = { NULL, 0 }; gnutls_certificate_credentials_t serverx509cred = NULL; + virt_time_init(); + if (gnutls_session_ticket_key_generate(&session_ticket_key) < 0) { fail("server: Could not generate session ticket key\n"); } @@ -151,9 +152,11 @@ static void server(int fd, unsigned rounds, const char *prio) assert(gnutls_init(&session, GNUTLS_SERVER)>=0); assert(gnutls_certificate_allocate_credentials(&serverx509cred)>=0); - assert(gnutls_certificate_set_x509_key_mem(serverx509cred, + retval = gnutls_certificate_set_x509_key_mem(serverx509cred, &server_cert, &server_key, - GNUTLS_X509_FMT_PEM)>=0); + GNUTLS_X509_FMT_PEM); + if (retval < 0) + fail("error setting key: %s\n", gnutls_strerror(retval)); assert(gnutls_priority_set_direct(session, prio, NULL)>=0); gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, serverx509cred); @@ -170,6 +173,8 @@ static void server(int fd, unsigned rounds, const char *prio) gnutls_transport_set_int(session, fd); gnutls_handshake_set_timeout(session, 20 * 1000); + virt_sec_sleep(TICKET_ROTATION_PERIOD-1); + do { retval = gnutls_handshake(session); } while (retval == GNUTLS_E_AGAIN || retval == GNUTLS_E_INTERRUPTED); @@ -225,11 +230,9 @@ static void run(const char *name, const char *prio, int resume[], int rounds) server(sockets[0], rounds, prio); waitpid(child, &status, 0); check_wait_status(status); - gnutls_global_deinit(); } else { /* We are the child */ client(sockets[1], resume, rounds, prio); - gnutls_global_deinit(); exit(0); } } diff --git a/tests/resume-with-stek-expiration.c b/tests/resume-with-stek-expiration.c index fa30b8d397..7a6b532d63 100644 --- a/tests/resume-with-stek-expiration.c +++ b/tests/resume-with-stek-expiration.c @@ -41,6 +41,7 @@ int main(int argc, char **argv) #include <assert.h> #include "utils.h" #include "cert-common.h" +#include "virt-time.h" /* * This will set the following values: @@ -189,8 +190,6 @@ static void client(int fd, int *resumption_should_succeed, unsigned num_sessions if (resume_and_close(session, &session_data, resumption_should_succeed[i]) < 0) return; - sec_sleep(TICKET_EXPIRATION); - if (clientx509cred) gnutls_certificate_free_credentials(clientx509cred); gnutls_deinit(session); @@ -204,6 +203,8 @@ static void server(int fd, int *resumption_should_succeed, unsigned num_sessions gnutls_certificate_credentials_t serverx509cred; gnutls_datum_t session_ticket_key = { NULL, 0 }; + virt_time_init(); + if (gnutls_session_ticket_key_generate(&session_ticket_key) < 0) fail("server: Could not generate session ticket key\n"); @@ -262,6 +263,9 @@ static void server(int fd, int *resumption_should_succeed, unsigned num_sessions gnutls_deinit(session); gnutls_certificate_free_credentials(serverx509cred); serverx509cred = NULL; + + if (i != 0) + virt_sec_sleep(TICKET_EXPIRATION); } if (num_stek_rotations != 4) diff --git a/tests/resume.c b/tests/resume.c index 953c017388..84314b836c 100644 --- a/tests/resume.c +++ b/tests/resume.c @@ -56,6 +56,7 @@ int main(int argc, char **argv) #include <assert.h> #include "utils.h" #include "cert-common.h" +#include "virt-time.h" static void wrap_db_init(void); static void wrap_db_deinit(void); @@ -528,8 +529,6 @@ static void client(int sds[], struct params_res *params) else if (params->try_sni) gnutls_server_name_set(session, GNUTLS_NAME_DNS, dns_name2, strlen(dns_name2)); - if (params->expire_ticket) - sleep(2); } else { if (params->try_sni) gnutls_server_name_set(session, GNUTLS_NAME_DNS, dns_name2, strlen(dns_name2)); @@ -722,6 +721,8 @@ static void server(int sds[], struct params_res *params) gnutls_group_t pgroup; unsigned iflags = GNUTLS_SERVER; + virt_time_init(); + if (params->early_start || params->no_early_start) iflags |= GNUTLS_ENABLE_EARLY_START; @@ -794,9 +795,10 @@ static void server(int sds[], struct params_res *params) append_alpn(session, params, t); - if (params->expire_ticket) - gnutls_db_set_cache_expiration(session, 1); - + if (params->expire_ticket) { + gnutls_db_set_cache_expiration(session, 45); + virt_sec_sleep(60); + } #ifdef USE_PSK gnutls_credentials_set(session, GNUTLS_CRD_PSK, pskcred); #elif defined(USE_ANON) |