diff options
| author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2016-10-31 10:18:09 +0100 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2016-11-02 13:41:03 +0100 |
| commit | ea319ffc1ae15b2ee31f83cfe00e08fc5b29bc70 (patch) | |
| tree | 71ffee72841efdaefab197346cf487f3a68f6c2f | |
| parent | 45716dfa2e35557583e4bc0346830348b29477a6 (diff) | |
| download | gnutls-tmp-init-random-generator-on-first-call.tar.gz | |
tests: added test to ensure that gnutls_rnd() is not called during initializationtmp-init-random-generator-on-first-call
| -rw-r--r-- | tests/Makefile.am | 3 | ||||
| -rw-r--r-- | tests/rng-no-onload.c | 68 |
2 files changed, 70 insertions, 1 deletions
diff --git a/tests/Makefile.am b/tests/Makefile.am index 45bb8979af..499e8211b7 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -116,7 +116,8 @@ ctests = mini-record-2 simple gc set_pkcs12_cred certder certuniqueid \ client_dsa_key server_ecdsa_key tls-session-ext-register tls-session-supplemental \ multi-alerts naked-alerts pkcs7-cat-parse set_known_dh_params_x509 \ set_known_dh_params_anon set_known_dh_params_psk session-tickets-ok \ - session-tickets-missing set_x509_key_file_legacy status-request-ext + session-tickets-missing set_x509_key_file_legacy status-request-ext \ + rng-no-onload if HAVE_SECCOMP_TESTS ctests += dtls-with-seccomp tls-with-seccomp dtls-client-with-seccomp tls-client-with-seccomp diff --git a/tests/rng-no-onload.c b/tests/rng-no-onload.c new file mode 100644 index 0000000000..726b5fddf4 --- /dev/null +++ b/tests/rng-no-onload.c @@ -0,0 +1,68 @@ +/* + * Copyright (C) 2016 Red Hat, Inc. + * + * Author: Nikos Mavrogiannopoulos + * + * This file is part of GnuTLS. + * + * GnuTLS is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * GnuTLS is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with GnuTLS; if not, write to the Free Software Foundation, + * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif + +#include <stdio.h> +#include <stdlib.h> +#include <stdint.h> +#include <string.h> +#include <gnutls/gnutls.h> +#include <gnutls/crypto.h> +#include "utils.h" + +#if defined(ENABLE_FIPS140) || !defined(__linux__) || !defined(__GNUC__) + +void doit(void) +{ + exit(77); +} + +#else + +static int _rnd_called = 0; + +/* Tests whether gnutls_rnd() is called during gnutls library initialization. + * Normally it shouldn't be called to prevent any blocking due to getrandom() + * calls. + */ +int __attribute__ ((visibility ("protected"))) +gnutls_rnd(gnutls_rnd_level_t level, void *data, size_t len) +{ + _rnd_called = 1; + + memset(data, 0xff, len); + return 0; +} + +void doit(void) +{ + global_init(); + + if (_rnd_called != 0) + fail("gnutls_rnd was called during gnutls_global_init()!\n"); + + gnutls_global_deinit(); +} +#endif /* _WIN32 */ |