tests: eagain: moved to cmocka and enhanced for TLS1.3

That also makes macros from eagain-common.h functioning under cmocka. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
author: Nikos Mavrogiannopoulos <nmav@redhat.com> 2018-04-17 09:24:29 +0200
committer: Nikos Mavrogiannopoulos <nmav@redhat.com> 2018-04-18 11:21:25 +0200
commit: d821485782334c01a956ac9f5b1da97d4df4c573 (patch)
tree: 565b0b6021b87e0be542a263d460ed801c3a7693
parent: b7829c954784e389e22f96a4f4715c0744cc7381 (diff)
download: gnutls-d821485782334c01a956ac9f5b1da97d4df4c573.tar.gz
5 files changed, 222 insertions, 169 deletions
diff --git a/tests/Makefile.am b/tests/Makefile.am
index 2536d3b8f1..60cebadaec 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -32,7 +32,7 @@ SUBDIRS += suite
 endif
 
 EXTRA_DIST = suppressions.valgrind eagain-common.h cert-common.h test-chains.h \
-	ocsp-common.h \
+	ocsp-common.h cmocka-common.h \
 	certs/ca-cert-ecc.pem  certs/cert-ecc256.pem  certs/cert-ecc521.pem \
 	certs/cert-rsa-2432.pem certs/ecc384.pem certs/ecc.pem hex.h \
 	certs/ca-ecc.pem certs/cert-ecc384.pem certs/cert-ecc.pem certs/ecc256.pem \
@@ -130,7 +130,7 @@ ctests += mini-record-2 simple gnutls_hmac_fast set_pkcs12_cred cert certuniquei
 	 crq_key_id x509sign-verify sign-verify cve-2009-1415 cve-2009-1416		\
 	 tls10-server-kx-neg tls11-server-kx-neg tls12-server-kx-neg ssl30-server-kx-neg \
 	 tls12-cipher-neg tls11-cipher-neg tls10-cipher-neg ssl30-cipher-neg \
-	 crq_apis init_roundtrip pkcs12_s2k_pem dn2 mini-eagain	tls12-rehandshake-cert-3 \
+	 crq_apis init_roundtrip pkcs12_s2k_pem dn2 tls12-rehandshake-cert-3 \
 	 nul-in-x509-names x509_altname pkcs12_encode mini-x509	\
 	 tls12-rehandshake-cert rng-fork mini-eagain-dtls resume-dtls \
 	 tls13-rehandshake-cert gnutls_ext_raw_parse \
@@ -201,7 +201,7 @@ endif
 if HAVE_CMOCKA
 CMOCKA_LDADD = $(COMMON_LDADD) $(CMOCKA_LIBS)
 ctests += dtls-sliding-window ip-utils name-constraints-ip conv-utf8 str-unicode str-idna \
-	tls10-prf tls12-prf gnutls_record_overhead
+	tls10-prf tls12-prf gnutls_record_overhead eagain
 
 gnutls_record_overhead_LDADD = $(CMOCKA_LDADD)
 dtls_sliding_window_LDADD = $(CMOCKA_LDADD)
@@ -212,6 +212,7 @@ str_unicode_LDADD = $(CMOCKA_LDADD)
 str_idna_LDADD = $(CMOCKA_LDADD)
 tls10_prf_LDADD = $(CMOCKA_LDADD)
 tls12_prf_LDADD = $(CMOCKA_LDADD)
+eagain_LDADD = $(CMOCKA_LDADD)
 
 gnutls_record_overhead_CPPFLAGS = $(AM_CPPFLAGS) \
 	-I$(top_srcdir)/gl	\
diff --git a/tests/cmocka-common.h b/tests/cmocka-common.h
new file mode 100644
index 0000000000..2ac0dfbf9c
--- /dev/null
+++ b/tests/cmocka-common.h
@@ -0,0 +1,7 @@
+#include <stddef.h>
+#include <setjmp.h>
+#include <cmocka.h>
+#include <errno.h>
+
+#define USE_CMOCKA
+#include "eagain-common.h"
diff --git a/tests/eagain-common.h b/tests/eagain-common.h
index 80a1fda2ff..19084050b7 100644
--- a/tests/eagain-common.h
+++ b/tests/eagain-common.h
@@ -1,22 +1,36 @@
 #include <errno.h>
+#include <time.h>
+#include <stdio.h>
 
 #define min(x,y) ((x)<(y)?(x):(y))
 
 extern const char *side;
 
+#ifdef USE_CMOCKA
+# define failure() fail()
+# define client_transfer_failure(r) {fprintf(stderr, "client transfer failure: %s\n", gnutls_strerror(r)); fail();}
+# define server_transfer_failure(r) {fprintf(stderr, "server transfer failure: %s\n", gnutls_strerror(r)); fail();}
+# define switch_side(str)
+#else
+# define failure() fail("Handshake failed\n")
+# define client_transfer_failure(r) fail("client transfer failure: %s\n", gnutls_strerror(r))
+# define server_transfer_failure(r) fail("client transfer failure: %s\n", gnutls_strerror(r))
+# define switch_side(str) side = str
+#endif
+
 #define HANDSHAKE_EXPECT(c, s, clierr, serverr) \
   sret = cret = GNUTLS_E_AGAIN; \
   do \
     { \
       if (cret == GNUTLS_E_AGAIN) \
 	{ \
-	  side = "client"; \
+	  switch_side("client"); \
 	  cret = gnutls_handshake (c); \
 	  if (cret == GNUTLS_E_INTERRUPTED) cret = GNUTLS_E_AGAIN; \
 	} \
       if (sret == GNUTLS_E_AGAIN) \
 	{ \
-	  side = "server"; \
+	  switch_side("server"); \
 	  sret = gnutls_handshake (s); \
 	  if (sret == GNUTLS_E_INTERRUPTED) sret = GNUTLS_E_AGAIN; \
 	} \
@@ -26,8 +40,7 @@ extern const char *side;
     { \
       fprintf(stderr, "client[%d]: %s\n", cret, gnutls_strerror(cret)); \
       fprintf(stderr, "server[%d]: %s\n", sret, gnutls_strerror(sret)); \
-      fail("Handshake failed\n"); \
-      exit(1); \
+      failure(); \
     }
 
 #define HANDSHAKE(c, s) \
@@ -44,7 +57,7 @@ extern const char *side;
 	} \
       if (cret < 0 && gnutls_error_is_fatal(cret) == 0) \
 	{ \
-	  side = "client"; \
+	  switch_side("client"); \
 	  cret = gnutls_handshake (c); \
 	} \
       if (sret == GNUTLS_E_LARGE_PACKET) \
@@ -54,7 +67,7 @@ extern const char *side;
 	} \
       if (sret < 0 && gnutls_error_is_fatal(sret) == 0) \
 	{ \
-	  side = "server"; \
+	  switch_side("server"); \
 	  sret = gnutls_handshake (s); \
 	} \
     } \
@@ -63,8 +76,7 @@ extern const char *side;
     { \
       fprintf(stderr, "client: %s\n", gnutls_strerror(cret)); \
       fprintf(stderr, "server: %s\n", gnutls_strerror(sret)); \
-      fail("%s:%d: Handshake failed\n", __func__, __LINE__); \
-      exit(1); \
+      failure(); \
     }
 
 #define HANDSHAKE_DTLS(c, s) \
@@ -75,61 +87,51 @@ extern const char *side;
 
 #define TRANSFER2(c, s, msg, msglen, buf, buflen, retry_send_with_null) { \
   int _ret; \
-  side = "client"; \
+  switch_side("client"); \
   _ret = record_send_loop (c, msg, msglen, retry_send_with_null); \
   \
-  if (_ret < 0) fail ("client send error: %s\n", gnutls_strerror (_ret)); \
+  if (_ret < 0) client_transfer_failure(_ret); \
   \
   do \
     { \
       do \
 	{ \
-	  side = "server"; \
+	  switch_side("server"); \
 	  _ret = gnutls_record_recv (s, buf, buflen); \
 	} \
       while(_ret == GNUTLS_E_AGAIN); \
-      if (_ret == 0) \
-	fail ("server: didn't receive any data\n"); \
-      else if (_ret < 0) \
+      if (_ret <= 0) \
 	{ \
-	  fail ("server: error: %s\n", gnutls_strerror (_ret)); \
+	  server_transfer_failure(_ret); \
 	} \
       else \
 	{ \
 	  transferred += _ret; \
 	} \
-      side = "server"; \
+      switch_side("server"); \
       _ret = record_send_loop (server, msg, msglen, retry_send_with_null); \
-      if (_ret < 0) fail ("server send error: %s\n", gnutls_strerror (_ret)); \
+      if (_ret < 0) server_transfer_failure(_ret); \
       do \
 	{ \
-	  side = "client"; \
+	  switch_side("client"); \
 	  _ret = gnutls_record_recv (client, buf, buflen); \
 	} \
       while(_ret == GNUTLS_E_AGAIN); \
-      if (_ret == 0) \
+      if (_ret <= 0) \
 	{ \
-	  fail ("client: Peer has closed the TLS connection\n"); \
-	} \
-      else if (_ret < 0) \
-	{ \
-	  if (debug) \
-	    fputs ("!", stdout); \
-	  fail ("client: Error: %s\n", gnutls_strerror (_ret)); \
+	  client_transfer_failure(_ret); \
 	} \
       else \
 	{ \
 	  if (msglen != _ret || memcmp (buf, msg, msglen) != 0) \
 	    { \
-	      fail ("client: Transmitted data do not match\n"); \
+	      failure(); \
 	    } \
 	  /* echo back */ \
-	  side = "client"; \
+	  switch_side("client"); \
 	  _ret = record_send_loop (client, buf, msglen, retry_send_with_null); \
-	  if (_ret < 0) fail ("client send error: %s\n", gnutls_strerror (_ret)); \
+	  if (_ret < 0) client_transfer_failure(_ret); \
 	  transferred += _ret; \
-	  if (debug) \
-	    fputs (".", stdout); \
 	} \
     } \
   while (transferred < 70000); \
@@ -137,25 +139,25 @@ extern const char *side;
 
 #define EMPTY_BUF(s, c, buf, buflen) \
     { \
-      side = "client"; int _ret = 0; \
+      switch_side("client"); int _ret = 0; \
       while((_ret == GNUTLS_E_AGAIN && to_server_len > 0) || to_server_len > 0) \
 	{ \
-	  side = "server"; \
+	  switch_side("server"); \
 	  _ret = gnutls_record_recv (s, buf, buflen); \
 	} \
       if (_ret < 0 && _ret !=GNUTLS_E_AGAIN) \
 	{ \
-	  fail ("server: error: %s\n", gnutls_strerror (_ret)); \
+	  server_transfer_failure(_ret); \
 	} \
-      side = "server"; _ret = 0; \
+      switch_side("server"); _ret = 0; \
       while((to_client_len > 0 && _ret == GNUTLS_E_AGAIN) || to_client_len > 0) \
 	{ \
-	  side = "client"; \
+	  switch_side("client"); \
 	  _ret = gnutls_record_recv (client, buf, buflen); \
 	} \
       if (_ret < 0 && _ret !=GNUTLS_E_AGAIN) \
 	{ \
-	  fail ("client: Error: %s\n", gnutls_strerror (_ret)); \
+	  client_transfer_failure(_ret); \
 	} \
     }
 
@@ -169,10 +171,11 @@ static size_t to_server_len = 0;
 static char to_client[64 * 1024];
 static size_t to_client_len = 0;
 
+
 #ifdef RANDOMIZE
 #define RETURN_RND_EAGAIN(session) \
-  static unsigned char rnd = 0; \
-  if (rnd++ % 2 == 0) \
+  unsigned int rnd = time(0); \
+  if (rnd++ % 3 == 0) \
     { \
       gnutls_transport_set_errno (session, EAGAIN); \
       return -1; \
diff --git a/tests/eagain.c b/tests/eagain.c
new file mode 100644
index 0000000000..968f99b839
--- /dev/null
+++ b/tests/eagain.c
@@ -0,0 +1,169 @@
+/*
+ * Copyright (C) 2008-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2018 Red Hat, Inc.
+ *
+ * Author: Simon Josefsson, Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * GnuTLS is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuTLS is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <errno.h>
+#include <gnutls/gnutls.h>
+#include <gnutls/crypto.h>
+
+#define RANDOMIZE
+#include "cert-common.h"
+#include "cmocka-common.h"
+
+static void tls_log_func(int level, const char *str)
+{
+	fprintf(stderr, "<%d>| %s", level, str);
+}
+
+#define MAX_BUF 1024
+#define MSG "Hello TLS, and hi and how are you and more data here... and more... and even more and even more more data..."
+
+static void async_handshake(void **glob_state, const char *prio, unsigned rehsk)
+{
+	/* Server stuff. */
+	gnutls_certificate_credentials_t serverx509cred;
+	gnutls_session_t server;
+	int sret, cret;
+	/* Client stuff. */
+	gnutls_certificate_credentials_t clientx509cred;
+	gnutls_session_t client;
+	/* Need to enable anonymous KX specifically. */
+	char buffer[MAX_BUF + 1];
+	int ret, transferred = 0, msglen;
+
+	/* General init. */
+	reset_buffers();
+	gnutls_global_init();
+	gnutls_global_set_log_function(tls_log_func);
+
+	/* Init server */
+	assert_return_code(gnutls_certificate_allocate_credentials(&serverx509cred), 0);
+	assert_return_code(gnutls_certificate_set_x509_key_mem(serverx509cred,
+					    &server_cert, &server_key,
+					    GNUTLS_X509_FMT_PEM), 0);
+	ret = gnutls_init(&server, GNUTLS_SERVER);
+	assert_return_code(ret, 0);
+
+	ret =
+	    gnutls_priority_set_direct(server,
+					prio,
+					NULL);
+	assert_return_code(ret, 0);
+
+	ret = gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE, serverx509cred);
+	assert_return_code(ret, 0);
+
+	gnutls_transport_set_push_function(server, server_push);
+	gnutls_transport_set_pull_function(server, server_pull);
+	gnutls_transport_set_ptr(server, server);
+
+	/* Init client */
+	
+	ret = gnutls_certificate_allocate_credentials(&clientx509cred);
+	assert_return_code(ret, 0);
+
+	ret = gnutls_init(&client, GNUTLS_CLIENT);
+	ret =
+	    gnutls_priority_set_direct(client,
+					prio,
+					NULL);
+	assert_return_code(ret, 0);
+
+	ret = gnutls_credentials_set(client, GNUTLS_CRD_CERTIFICATE, clientx509cred);
+	assert_return_code(ret, 0);
+
+	gnutls_transport_set_push_function(client, client_push);
+	gnutls_transport_set_pull_function(client, client_pull);
+	gnutls_transport_set_ptr(client, client);
+
+	HANDSHAKE(client, server);
+
+	if (rehsk == 1) {
+		ssize_t n;
+		char b[1];
+
+		do {
+			sret = gnutls_rehandshake(server);
+		} while (sret == GNUTLS_E_AGAIN);
+
+		do {
+			n = gnutls_record_recv(client, b, 1);
+		} while(n == GNUTLS_E_AGAIN);
+
+		assert_int_equal(n, GNUTLS_E_REHANDSHAKE);
+
+		HANDSHAKE(client, server);
+	} else if (rehsk == 2) {
+		HANDSHAKE(client, server);
+	}
+
+	msglen = strlen(MSG);
+	TRANSFER(client, server, MSG, msglen, buffer, MAX_BUF);
+
+	gnutls_bye(client, GNUTLS_SHUT_WR);
+	gnutls_bye(server, GNUTLS_SHUT_WR);
+
+	gnutls_deinit(client);
+	gnutls_deinit(server);
+
+	gnutls_certificate_free_credentials(serverx509cred);
+	gnutls_certificate_free_credentials(clientx509cred);
+
+	gnutls_global_deinit();
+}
+
+static void tls12_async_handshake(void **glob_state)
+{
+	async_handshake(glob_state, "NORMAL:-VERS-ALL:+VERS-TLS1.2", 0);
+}
+
+static void tls12_async_rehandshake_client(void **glob_state)
+{
+	async_handshake(glob_state, "NORMAL:-VERS-ALL:+VERS-TLS1.2", 1);
+}
+
+static void tls12_async_rehandshake_server(void **glob_state)
+{
+	async_handshake(glob_state, "NORMAL:-VERS-ALL:+VERS-TLS1.2", 2);
+}
+
+static void tls13_async_handshake(void **glob_state)
+{
+	async_handshake(glob_state, "NORMAL:-VERS-ALL:+VERS-TLS1.3", 0);
+}
+
+int main(void)
+{
+	const struct CMUnitTest tests[] = {
+		cmocka_unit_test(tls12_async_handshake),
+		cmocka_unit_test(tls12_async_rehandshake_client),
+		cmocka_unit_test(tls12_async_rehandshake_server),
+		cmocka_unit_test(tls13_async_handshake),
+	};
+	return cmocka_run_group_tests(tests, NULL, NULL);
+}
diff --git a/tests/mini-eagain.c b/tests/mini-eagain.c
deleted file mode 100644
index d240ed6a01..0000000000
--- a/tests/mini-eagain.c
+++ /dev/null
@@ -1,127 +0,0 @@
-/*
- * Copyright (C) 2008-2012 Free Software Foundation, Inc.
- *
- * Author: Simon Josefsson, Nikos Mavrogiannopoulos
- *
- * This file is part of GnuTLS.
- *
- * GnuTLS is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * GnuTLS is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
- * General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with GnuTLS; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-#endif
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <errno.h>
-#include <gnutls/gnutls.h>
-#include <gnutls/crypto.h>
-
-#include "utils.h"
-#define RANDOMIZE
-#include "eagain-common.h"
-
-const char *side = "";
-
-static void tls_log_func(int level, const char *str)
-{
-	fprintf(stderr, "%s|<%d>| %s", side, level, str);
-}
-
-static int handshake = 0;
-
-#define MAX_BUF 1024
-#define MSG "Hello TLS, and hi and how are you and more data here... and more... and even more and even more more data..."
-
-void doit(void)
-{
-	/* Server stuff. */
-	gnutls_anon_server_credentials_t s_anoncred;
-	const gnutls_datum_t p3 =
-	    { (unsigned char *) pkcs3, strlen(pkcs3) };
-	static gnutls_dh_params_t dh_params;
-	gnutls_session_t server;
-	int sret, cret;
-	/* Client stuff. */
-	gnutls_anon_client_credentials_t c_anoncred;
-	gnutls_session_t client;
-	/* Need to enable anonymous KX specifically. */
-	char buffer[MAX_BUF + 1];
-	int ret, transferred = 0, msglen;
-
-	/* General init. */
-	global_init();
-	gnutls_global_set_log_function(tls_log_func);
-	if (debug)
-		gnutls_global_set_log_level(2);
-
-	/* Init server */
-	gnutls_anon_allocate_server_credentials(&s_anoncred);
-	gnutls_dh_params_init(&dh_params);
-	gnutls_dh_params_import_pkcs3(dh_params, &p3, GNUTLS_X509_FMT_PEM);
-	gnutls_anon_set_server_dh_params(s_anoncred, dh_params);
-	gnutls_init(&server, GNUTLS_SERVER);
-	ret =
-	    gnutls_priority_set_direct(server,
-					"NONE:+VERS-TLS1.2:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-DH",
-					NULL);
-	if (ret < 0)
-		exit(1);
-	gnutls_credentials_set(server, GNUTLS_CRD_ANON, s_anoncred);
-	gnutls_transport_set_push_function(server, server_push);
-	gnutls_transport_set_pull_function(server, server_pull);
-	gnutls_transport_set_ptr(server, server);
-
-	/* Init client */
-	gnutls_anon_allocate_client_credentials(&c_anoncred);
-	gnutls_init(&client, GNUTLS_CLIENT);
-	ret =
-	    gnutls_priority_set_direct(client,
-					"NONE:+VERS-TLS1.2:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-DH",
-					NULL);
-	if (ret < 0)
-		exit(1);
-	gnutls_credentials_set(client, GNUTLS_CRD_ANON, c_anoncred);
-	gnutls_transport_set_push_function(client, client_push);
-	gnutls_transport_set_pull_function(client, client_pull);
-	gnutls_transport_set_ptr(client, client);
-
-	handshake = 1;
-	HANDSHAKE(client, server);
-
-	handshake = 0;
-	if (debug)
-		success("Handshake established\n");
-
-	msglen = strlen(MSG);
-	TRANSFER(client, server, MSG, msglen, buffer, MAX_BUF);
-	if (debug)
-		fputs("\n", stdout);
-
-	gnutls_bye(client, GNUTLS_SHUT_WR);
-	gnutls_bye(server, GNUTLS_SHUT_WR);
-
-	gnutls_deinit(client);
-	gnutls_deinit(server);
-
-	gnutls_anon_free_client_credentials(c_anoncred);
-	gnutls_anon_free_server_credentials(s_anoncred);
-
-	gnutls_dh_params_deinit(dh_params);
-
-	gnutls_global_deinit();
-}
author	Nikos Mavrogiannopoulos <nmav@redhat.com>	2018-04-17 09:24:29 +0200
committer	Nikos Mavrogiannopoulos <nmav@redhat.com>	2018-04-18 11:21:25 +0200
commit	d821485782334c01a956ac9f5b1da97d4df4c573 (patch)
tree	565b0b6021b87e0be542a263d460ed801c3a7693
parent	b7829c954784e389e22f96a4f4715c0744cc7381 (diff)
download	gnutls-d821485782334c01a956ac9f5b1da97d4df4c573.tar.gz