diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2018-04-18 18:50:16 +0000 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2018-04-18 18:50:16 +0000 |
commit | bd13db8d66e5055f0edef685745845eaa48602fe (patch) | |
tree | be8121c87b8e6e5a98751a9a4b1f837d377ffb18 | |
parent | 121e756afdcc58064e2fc2dfa5e93c1902643200 (diff) | |
parent | 2bc0a7f5cc4c203d3ad11e0b73c77986ffa5bf28 (diff) | |
download | gnutls-bd13db8d66e5055f0edef685745845eaa48602fe.tar.gz |
Merge branch 'tmp-constate-fix' into 'master'
Fix re-handshake failure when interrupted by application data
Closes #426
See merge request gnutls/gnutls!620
30 files changed, 381 insertions, 393 deletions
diff --git a/lib/constate.c b/lib/constate.c index bdafe91b5f..62a1239718 100644 --- a/lib/constate.c +++ b/lib/constate.c @@ -546,7 +546,7 @@ int _gnutls_epoch_dup(gnutls_session_t session) ret = _gnutls_epoch_get(session, EPOCH_NEXT, &next); if (ret < 0) { - ret = _gnutls_epoch_new(session, 0, &next); + ret = _gnutls_epoch_setup_next(session, 0, &next); if (ret < 0) return gnutls_assert_val(ret); } @@ -817,22 +817,33 @@ _gnutls_epoch_get(gnutls_session_t session, unsigned int epoch_rel, return 0; } +/* Ensures that the next epoch is setup. When an epoch will null ciphers + * is to be setup, call with @null_epoch set to true. In that case + * the epoch is fully initialized after call. + */ int -_gnutls_epoch_new(gnutls_session_t session, unsigned null_epoch, record_parameters_st **newp) +_gnutls_epoch_setup_next(gnutls_session_t session, unsigned null_epoch, record_parameters_st **newp) { record_parameters_st **slot; - _gnutls_record_log("REC[%p]: Allocating epoch #%u\n", session, - session->security_parameters.epoch_next); - slot = epoch_get_slot(session, session->security_parameters.epoch_next); /* If slot out of range or not empty. */ if (slot == NULL) return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST); - if (*slot != NULL) - return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST); + if (*slot != NULL) { /* already initialized */ + if (unlikely(null_epoch && !(*slot)->initialized)) + return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); + + if (unlikely((*slot)->epoch != session->security_parameters.epoch_next)) + return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); + + goto finish; + } + + _gnutls_record_log("REC[%p]: Allocating epoch #%u\n", session, + session->security_parameters.epoch_next); *slot = gnutls_calloc(1, sizeof(record_parameters_st)); if (*slot == NULL) @@ -854,6 +865,7 @@ _gnutls_epoch_new(gnutls_session_t session, unsigned null_epoch, record_paramete UINT64DATA((*slot)->write. sequence_number)); + finish: if (newp != NULL) *newp = *slot; diff --git a/lib/constate.h b/lib/constate.h index 934cd3bba5..1d62edccfa 100644 --- a/lib/constate.h +++ b/lib/constate.h @@ -38,7 +38,7 @@ int _gnutls_epoch_dup(gnutls_session_t session); int _gnutls_epoch_get(gnutls_session_t session, unsigned int epoch_rel, record_parameters_st ** params_out); -int _gnutls_epoch_new(gnutls_session_t session, unsigned null_epoch, record_parameters_st **newp); +int _gnutls_epoch_setup_next(gnutls_session_t session, unsigned null_epoch, record_parameters_st **newp); void _gnutls_epoch_gc(gnutls_session_t session); void _gnutls_epoch_free(gnutls_session_t session, record_parameters_st * state); diff --git a/lib/handshake.c b/lib/handshake.c index baae557c63..a530fb9a8c 100644 --- a/lib/handshake.c +++ b/lib/handshake.c @@ -2531,7 +2531,7 @@ int gnutls_handshake(gnutls_session_t session) return gnutls_assert_val(GNUTLS_E_NO_PRIORITIES_WERE_SET); ret = - _gnutls_epoch_new(session, 0, NULL); + _gnutls_epoch_setup_next(session, 0, NULL); if (ret < 0) return gnutls_assert_val(ret); diff --git a/lib/state.c b/lib/state.c index 1062c446bf..a669cf3d6c 100644 --- a/lib/state.c +++ b/lib/state.c @@ -299,7 +299,7 @@ int gnutls_init(gnutls_session_t * session, unsigned int flags) if (*session == NULL) return GNUTLS_E_MEMORY_ERROR; - ret = _gnutls_epoch_new(*session, 1, NULL); + ret = _gnutls_epoch_setup_next(*session, 1, NULL); if (ret < 0) { gnutls_free(*session); return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR); diff --git a/tests/Makefile.am b/tests/Makefile.am index 2536d3b8f1..88f56455c8 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -32,7 +32,7 @@ SUBDIRS += suite endif EXTRA_DIST = suppressions.valgrind eagain-common.h cert-common.h test-chains.h \ - ocsp-common.h \ + ocsp-common.h cmocka-common.h \ certs/ca-cert-ecc.pem certs/cert-ecc256.pem certs/cert-ecc521.pem \ certs/cert-rsa-2432.pem certs/ecc384.pem certs/ecc.pem hex.h \ certs/ca-ecc.pem certs/cert-ecc384.pem certs/cert-ecc.pem certs/ecc256.pem \ @@ -130,9 +130,9 @@ ctests += mini-record-2 simple gnutls_hmac_fast set_pkcs12_cred cert certuniquei crq_key_id x509sign-verify sign-verify cve-2009-1415 cve-2009-1416 \ tls10-server-kx-neg tls11-server-kx-neg tls12-server-kx-neg ssl30-server-kx-neg \ tls12-cipher-neg tls11-cipher-neg tls10-cipher-neg ssl30-cipher-neg \ - crq_apis init_roundtrip pkcs12_s2k_pem dn2 mini-eagain tls12-rehandshake-cert-3 \ + crq_apis init_roundtrip pkcs12_s2k_pem dn2 tls12-rehandshake-cert-3 \ nul-in-x509-names x509_altname pkcs12_encode mini-x509 \ - tls12-rehandshake-cert rng-fork mini-eagain-dtls resume-dtls \ + rng-fork mini-eagain-dtls resume-dtls \ tls13-rehandshake-cert gnutls_ext_raw_parse \ x509cert x509cert-tl infoaccess mini-dtls-hello-verify sign-verify-ed25519-rfc8080 \ trustdb-tofu dtls-rehandshake-anon mini-alpn mini-dtls-large \ @@ -201,7 +201,7 @@ endif if HAVE_CMOCKA CMOCKA_LDADD = $(COMMON_LDADD) $(CMOCKA_LIBS) ctests += dtls-sliding-window ip-utils name-constraints-ip conv-utf8 str-unicode str-idna \ - tls10-prf tls12-prf gnutls_record_overhead + tls10-prf tls12-prf gnutls_record_overhead eagain tls12-rehandshake-cert gnutls_record_overhead_LDADD = $(CMOCKA_LDADD) dtls_sliding_window_LDADD = $(CMOCKA_LDADD) @@ -212,6 +212,8 @@ str_unicode_LDADD = $(CMOCKA_LDADD) str_idna_LDADD = $(CMOCKA_LDADD) tls10_prf_LDADD = $(CMOCKA_LDADD) tls12_prf_LDADD = $(CMOCKA_LDADD) +eagain_LDADD = $(CMOCKA_LDADD) +tls12_rehandshake_cert_LDADD = $(CMOCKA_LDADD) gnutls_record_overhead_CPPFLAGS = $(AM_CPPFLAGS) \ -I$(top_srcdir)/gl \ diff --git a/tests/auto-verify.c b/tests/auto-verify.c index 404a1ea9eb..34cae5ccd2 100644 --- a/tests/auto-verify.c +++ b/tests/auto-verify.c @@ -183,7 +183,6 @@ const gnutls_datum_t server_key = { server_key_pem, static void test_failure(const char *name, const char *prio) { - int exit_code = EXIT_SUCCESS; int ret; /* Server stuff. */ gnutls_certificate_credentials_t serverx509cred; @@ -298,19 +297,11 @@ void test_failure(const char *name, const char *prio) gnutls_certificate_free_credentials(serverx509cred); gnutls_certificate_free_credentials(clientx509cred); - - if (debug > 0) { - if (exit_code == 0) - fprintf(stderr, "%s: Self-test successful", __func__); - else - fprintf(stderr, "%s: Self-test failed", __func__); - } } static void test_success1(const char *name, const char *prio) { - int exit_code = EXIT_SUCCESS; int ret; /* Server stuff. */ gnutls_certificate_credentials_t serverx509cred; @@ -425,19 +416,11 @@ void test_success1(const char *name, const char *prio) gnutls_certificate_free_credentials(serverx509cred); gnutls_certificate_free_credentials(clientx509cred); - - if (debug > 0) { - if (exit_code == 0) - fprintf(stderr, "%s: Self-test successful", __func__); - else - fprintf(stderr, "%s: Self-test failed", __func__); - } } static void test_success2(const char *name, const char *prio) { - int exit_code = EXIT_SUCCESS; int ret; /* Server stuff. */ gnutls_certificate_credentials_t serverx509cred; @@ -542,13 +525,6 @@ void test_success2(const char *name, const char *prio) gnutls_certificate_free_credentials(serverx509cred); gnutls_certificate_free_credentials(clientx509cred); - - if (debug > 0) { - if (exit_code == 0) - fprintf(stderr, "%s: Self-test successful", __func__); - else - fprintf(stderr, "%s: Self-test failed", __func__); - } } void doit(void) diff --git a/tests/cmocka-common.h b/tests/cmocka-common.h new file mode 100644 index 0000000000..2ac0dfbf9c --- /dev/null +++ b/tests/cmocka-common.h @@ -0,0 +1,7 @@ +#include <stddef.h> +#include <setjmp.h> +#include <cmocka.h> +#include <errno.h> + +#define USE_CMOCKA +#include "eagain-common.h" diff --git a/tests/eagain-common.h b/tests/eagain-common.h index 80a1fda2ff..19084050b7 100644 --- a/tests/eagain-common.h +++ b/tests/eagain-common.h @@ -1,22 +1,36 @@ #include <errno.h> +#include <time.h> +#include <stdio.h> #define min(x,y) ((x)<(y)?(x):(y)) extern const char *side; +#ifdef USE_CMOCKA +# define failure() fail() +# define client_transfer_failure(r) {fprintf(stderr, "client transfer failure: %s\n", gnutls_strerror(r)); fail();} +# define server_transfer_failure(r) {fprintf(stderr, "server transfer failure: %s\n", gnutls_strerror(r)); fail();} +# define switch_side(str) +#else +# define failure() fail("Handshake failed\n") +# define client_transfer_failure(r) fail("client transfer failure: %s\n", gnutls_strerror(r)) +# define server_transfer_failure(r) fail("client transfer failure: %s\n", gnutls_strerror(r)) +# define switch_side(str) side = str +#endif + #define HANDSHAKE_EXPECT(c, s, clierr, serverr) \ sret = cret = GNUTLS_E_AGAIN; \ do \ { \ if (cret == GNUTLS_E_AGAIN) \ { \ - side = "client"; \ + switch_side("client"); \ cret = gnutls_handshake (c); \ if (cret == GNUTLS_E_INTERRUPTED) cret = GNUTLS_E_AGAIN; \ } \ if (sret == GNUTLS_E_AGAIN) \ { \ - side = "server"; \ + switch_side("server"); \ sret = gnutls_handshake (s); \ if (sret == GNUTLS_E_INTERRUPTED) sret = GNUTLS_E_AGAIN; \ } \ @@ -26,8 +40,7 @@ extern const char *side; { \ fprintf(stderr, "client[%d]: %s\n", cret, gnutls_strerror(cret)); \ fprintf(stderr, "server[%d]: %s\n", sret, gnutls_strerror(sret)); \ - fail("Handshake failed\n"); \ - exit(1); \ + failure(); \ } #define HANDSHAKE(c, s) \ @@ -44,7 +57,7 @@ extern const char *side; } \ if (cret < 0 && gnutls_error_is_fatal(cret) == 0) \ { \ - side = "client"; \ + switch_side("client"); \ cret = gnutls_handshake (c); \ } \ if (sret == GNUTLS_E_LARGE_PACKET) \ @@ -54,7 +67,7 @@ extern const char *side; } \ if (sret < 0 && gnutls_error_is_fatal(sret) == 0) \ { \ - side = "server"; \ + switch_side("server"); \ sret = gnutls_handshake (s); \ } \ } \ @@ -63,8 +76,7 @@ extern const char *side; { \ fprintf(stderr, "client: %s\n", gnutls_strerror(cret)); \ fprintf(stderr, "server: %s\n", gnutls_strerror(sret)); \ - fail("%s:%d: Handshake failed\n", __func__, __LINE__); \ - exit(1); \ + failure(); \ } #define HANDSHAKE_DTLS(c, s) \ @@ -75,61 +87,51 @@ extern const char *side; #define TRANSFER2(c, s, msg, msglen, buf, buflen, retry_send_with_null) { \ int _ret; \ - side = "client"; \ + switch_side("client"); \ _ret = record_send_loop (c, msg, msglen, retry_send_with_null); \ \ - if (_ret < 0) fail ("client send error: %s\n", gnutls_strerror (_ret)); \ + if (_ret < 0) client_transfer_failure(_ret); \ \ do \ { \ do \ { \ - side = "server"; \ + switch_side("server"); \ _ret = gnutls_record_recv (s, buf, buflen); \ } \ while(_ret == GNUTLS_E_AGAIN); \ - if (_ret == 0) \ - fail ("server: didn't receive any data\n"); \ - else if (_ret < 0) \ + if (_ret <= 0) \ { \ - fail ("server: error: %s\n", gnutls_strerror (_ret)); \ + server_transfer_failure(_ret); \ } \ else \ { \ transferred += _ret; \ } \ - side = "server"; \ + switch_side("server"); \ _ret = record_send_loop (server, msg, msglen, retry_send_with_null); \ - if (_ret < 0) fail ("server send error: %s\n", gnutls_strerror (_ret)); \ + if (_ret < 0) server_transfer_failure(_ret); \ do \ { \ - side = "client"; \ + switch_side("client"); \ _ret = gnutls_record_recv (client, buf, buflen); \ } \ while(_ret == GNUTLS_E_AGAIN); \ - if (_ret == 0) \ + if (_ret <= 0) \ { \ - fail ("client: Peer has closed the TLS connection\n"); \ - } \ - else if (_ret < 0) \ - { \ - if (debug) \ - fputs ("!", stdout); \ - fail ("client: Error: %s\n", gnutls_strerror (_ret)); \ + client_transfer_failure(_ret); \ } \ else \ { \ if (msglen != _ret || memcmp (buf, msg, msglen) != 0) \ { \ - fail ("client: Transmitted data do not match\n"); \ + failure(); \ } \ /* echo back */ \ - side = "client"; \ + switch_side("client"); \ _ret = record_send_loop (client, buf, msglen, retry_send_with_null); \ - if (_ret < 0) fail ("client send error: %s\n", gnutls_strerror (_ret)); \ + if (_ret < 0) client_transfer_failure(_ret); \ transferred += _ret; \ - if (debug) \ - fputs (".", stdout); \ } \ } \ while (transferred < 70000); \ @@ -137,25 +139,25 @@ extern const char *side; #define EMPTY_BUF(s, c, buf, buflen) \ { \ - side = "client"; int _ret = 0; \ + switch_side("client"); int _ret = 0; \ while((_ret == GNUTLS_E_AGAIN && to_server_len > 0) || to_server_len > 0) \ { \ - side = "server"; \ + switch_side("server"); \ _ret = gnutls_record_recv (s, buf, buflen); \ } \ if (_ret < 0 && _ret !=GNUTLS_E_AGAIN) \ { \ - fail ("server: error: %s\n", gnutls_strerror (_ret)); \ + server_transfer_failure(_ret); \ } \ - side = "server"; _ret = 0; \ + switch_side("server"); _ret = 0; \ while((to_client_len > 0 && _ret == GNUTLS_E_AGAIN) || to_client_len > 0) \ { \ - side = "client"; \ + switch_side("client"); \ _ret = gnutls_record_recv (client, buf, buflen); \ } \ if (_ret < 0 && _ret !=GNUTLS_E_AGAIN) \ { \ - fail ("client: Error: %s\n", gnutls_strerror (_ret)); \ + client_transfer_failure(_ret); \ } \ } @@ -169,10 +171,11 @@ static size_t to_server_len = 0; static char to_client[64 * 1024]; static size_t to_client_len = 0; + #ifdef RANDOMIZE #define RETURN_RND_EAGAIN(session) \ - static unsigned char rnd = 0; \ - if (rnd++ % 2 == 0) \ + unsigned int rnd = time(0); \ + if (rnd++ % 3 == 0) \ { \ gnutls_transport_set_errno (session, EAGAIN); \ return -1; \ diff --git a/tests/eagain.c b/tests/eagain.c new file mode 100644 index 0000000000..4eff818e5a --- /dev/null +++ b/tests/eagain.c @@ -0,0 +1,194 @@ +/* + * Copyright (C) 2008-2012 Free Software Foundation, Inc. + * Copyright (C) 2018 Red Hat, Inc. + * + * Author: Simon Josefsson, Nikos Mavrogiannopoulos + * + * This file is part of GnuTLS. + * + * GnuTLS is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * GnuTLS is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/> + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <errno.h> +#include <gnutls/gnutls.h> +#include <gnutls/crypto.h> + +#define RANDOMIZE +#include "cert-common.h" +#include "cmocka-common.h" + +/* This tests operation under non-blocking mode in TLS1.2/TLS1.3 + * as well as operation under TLS1.2 re-handshake. + */ +static void tls_log_func(int level, const char *str) +{ + fprintf(stderr, "<%d>| %s", level, str); +} + +#define MAX_BUF 1024 +#define MSG "Hello TLS, and hi and how are you and more data here... and more... and even more and even more more data..." + +static void async_handshake(void **glob_state, const char *prio, unsigned rehsk) +{ + /* Server stuff. */ + gnutls_certificate_credentials_t serverx509cred; + gnutls_session_t server; + int sret, cret; + /* Client stuff. */ + gnutls_certificate_credentials_t clientx509cred; + gnutls_session_t client; + /* Need to enable anonymous KX specifically. */ + char buffer[MAX_BUF + 1]; + int ret, transferred = 0, msglen; + + /* General init. */ + reset_buffers(); + gnutls_global_init(); + gnutls_global_set_log_function(tls_log_func); + + /* Init server */ + assert_return_code(gnutls_certificate_allocate_credentials(&serverx509cred), 0); + assert_return_code(gnutls_certificate_set_x509_key_mem(serverx509cred, + &server_cert, &server_key, + GNUTLS_X509_FMT_PEM), 0); + ret = gnutls_init(&server, GNUTLS_SERVER); + assert_return_code(ret, 0); + + ret = + gnutls_priority_set_direct(server, + prio, + NULL); + assert_return_code(ret, 0); + + ret = gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE, serverx509cred); + assert_return_code(ret, 0); + + gnutls_transport_set_push_function(server, server_push); + gnutls_transport_set_pull_function(server, server_pull); + gnutls_transport_set_ptr(server, server); + + /* Init client */ + + ret = gnutls_certificate_allocate_credentials(&clientx509cred); + assert_return_code(ret, 0); + + ret = gnutls_init(&client, GNUTLS_CLIENT); + ret = + gnutls_priority_set_direct(client, + prio, + NULL); + assert_return_code(ret, 0); + + ret = gnutls_credentials_set(client, GNUTLS_CRD_CERTIFICATE, clientx509cred); + assert_return_code(ret, 0); + + gnutls_transport_set_push_function(client, client_push); + gnutls_transport_set_pull_function(client, client_pull); + gnutls_transport_set_ptr(client, client); + + HANDSHAKE(client, server); + + if (rehsk == 1 || rehsk == 3) { + ssize_t n; + char b[1]; + + do { + sret = gnutls_rehandshake(server); + } while (sret == GNUTLS_E_AGAIN); + + do { + n = gnutls_record_recv(client, b, 1); + } while(n == GNUTLS_E_AGAIN); + + assert_int_equal(n, GNUTLS_E_REHANDSHAKE); + + if (rehsk == 3) { + /* client sends app data and the server ignores them */ + do { + cret = gnutls_record_send(client, "x", 1); + } while (cret == GNUTLS_E_AGAIN); + + do { + sret = gnutls_handshake(server); + } while (sret == GNUTLS_E_AGAIN); + assert_int_equal(sret, GNUTLS_E_GOT_APPLICATION_DATA); + + do { + n = gnutls_record_recv(server, buffer, sizeof(buffer)); + } while(n == GNUTLS_E_AGAIN); + } + + HANDSHAKE(client, server); + } else if (rehsk == 2) { + HANDSHAKE(client, server); + } + + msglen = strlen(MSG); + TRANSFER(client, server, MSG, msglen, buffer, MAX_BUF); + + gnutls_bye(client, GNUTLS_SHUT_WR); + gnutls_bye(server, GNUTLS_SHUT_WR); + + gnutls_deinit(client); + gnutls_deinit(server); + + gnutls_certificate_free_credentials(serverx509cred); + gnutls_certificate_free_credentials(clientx509cred); + + gnutls_global_deinit(); +} + +static void tls12_async_handshake(void **glob_state) +{ + async_handshake(glob_state, "NORMAL:-VERS-ALL:+VERS-TLS1.2", 0); +} + +static void tls12_async_rehandshake_client(void **glob_state) +{ + async_handshake(glob_state, "NORMAL:-VERS-ALL:+VERS-TLS1.2", 1); +} + +static void tls12_async_rehandshake_server(void **glob_state) +{ + async_handshake(glob_state, "NORMAL:-VERS-ALL:+VERS-TLS1.2", 2); +} + +static void tls12_async_rehandshake_server_appdata(void **glob_state) +{ + async_handshake(glob_state, "NORMAL:-VERS-ALL:+VERS-TLS1.2", 3); +} + +static void tls13_async_handshake(void **glob_state) +{ + async_handshake(glob_state, "NORMAL:-VERS-ALL:+VERS-TLS1.3", 0); +} + +int main(void) +{ + const struct CMUnitTest tests[] = { + cmocka_unit_test(tls12_async_handshake), + cmocka_unit_test(tls12_async_rehandshake_client), + cmocka_unit_test(tls12_async_rehandshake_server), + cmocka_unit_test(tls12_async_rehandshake_server_appdata), + cmocka_unit_test(tls13_async_handshake), + }; + return cmocka_run_group_tests(tests, NULL, NULL); +} diff --git a/tests/key-usage-ecdhe-rsa.c b/tests/key-usage-ecdhe-rsa.c index 976c826026..4926d2be9a 100644 --- a/tests/key-usage-ecdhe-rsa.c +++ b/tests/key-usage-ecdhe-rsa.c @@ -108,7 +108,6 @@ const gnutls_datum_t enc_key = { encryption_key_pem, static void server_check(void) { - int exit_code = EXIT_SUCCESS; int ret; /* Server stuff. */ gnutls_certificate_credentials_t serverx509cred; @@ -176,13 +175,6 @@ void server_check(void) gnutls_certificate_free_credentials(clientx509cred); gnutls_global_deinit(); - - if (debug > 0) { - if (exit_code == 0) - puts("Self-test successful"); - else - puts("Self-test failed"); - } } static gnutls_privkey_t g_pkey = NULL; @@ -233,7 +225,6 @@ cert_callback(gnutls_session_t session, static void client_check(void) { - int exit_code = EXIT_SUCCESS; int ret; /* Server stuff. */ gnutls_certificate_credentials_t serverx509cred; @@ -299,13 +290,6 @@ void client_check(void) gnutls_certificate_free_credentials(clientx509cred); gnutls_global_deinit(); - - if (debug > 0) { - if (exit_code == 0) - puts("Self-test successful"); - else - puts("Self-test failed"); - } } void doit(void) diff --git a/tests/key-usage-rsa.c b/tests/key-usage-rsa.c index 42490df250..5eb2cfef83 100644 --- a/tests/key-usage-rsa.c +++ b/tests/key-usage-rsa.c @@ -147,7 +147,6 @@ const gnutls_datum_t server_key = { server_key_pem, static void server_check(void) { - int exit_code = EXIT_SUCCESS; int ret; /* Server stuff. */ gnutls_certificate_credentials_t serverx509cred; @@ -215,13 +214,6 @@ void server_check(void) gnutls_certificate_free_credentials(clientx509cred); gnutls_global_deinit(); - - if (debug > 0) { - if (exit_code == 0) - puts("Self-test successful"); - else - puts("Self-test failed"); - } } static gnutls_privkey_t g_pkey = NULL; @@ -272,7 +264,6 @@ cert_callback(gnutls_session_t session, static void client_check(void) { - int exit_code = EXIT_SUCCESS; int ret; /* Server stuff. */ gnutls_certificate_credentials_t serverx509cred; @@ -338,13 +329,6 @@ void client_check(void) gnutls_certificate_free_credentials(clientx509cred); gnutls_global_deinit(); - - if (debug > 0) { - if (exit_code == 0) - puts("Self-test successful"); - else - puts("Self-test failed"); - } } void doit(void) diff --git a/tests/mini-eagain.c b/tests/mini-eagain.c deleted file mode 100644 index d240ed6a01..0000000000 --- a/tests/mini-eagain.c +++ /dev/null @@ -1,127 +0,0 @@ -/* - * Copyright (C) 2008-2012 Free Software Foundation, Inc. - * - * Author: Simon Josefsson, Nikos Mavrogiannopoulos - * - * This file is part of GnuTLS. - * - * GnuTLS is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * GnuTLS is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with GnuTLS; if not, write to the Free Software Foundation, - * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA - */ - -#ifdef HAVE_CONFIG_H -#include <config.h> -#endif - -#include <stdio.h> -#include <stdlib.h> -#include <string.h> -#include <errno.h> -#include <gnutls/gnutls.h> -#include <gnutls/crypto.h> - -#include "utils.h" -#define RANDOMIZE -#include "eagain-common.h" - -const char *side = ""; - -static void tls_log_func(int level, const char *str) -{ - fprintf(stderr, "%s|<%d>| %s", side, level, str); -} - -static int handshake = 0; - -#define MAX_BUF 1024 -#define MSG "Hello TLS, and hi and how are you and more data here... and more... and even more and even more more data..." - -void doit(void) -{ - /* Server stuff. */ - gnutls_anon_server_credentials_t s_anoncred; - const gnutls_datum_t p3 = - { (unsigned char *) pkcs3, strlen(pkcs3) }; - static gnutls_dh_params_t dh_params; - gnutls_session_t server; - int sret, cret; - /* Client stuff. */ - gnutls_anon_client_credentials_t c_anoncred; - gnutls_session_t client; - /* Need to enable anonymous KX specifically. */ - char buffer[MAX_BUF + 1]; - int ret, transferred = 0, msglen; - - /* General init. */ - global_init(); - gnutls_global_set_log_function(tls_log_func); - if (debug) - gnutls_global_set_log_level(2); - - /* Init server */ - gnutls_anon_allocate_server_credentials(&s_anoncred); - gnutls_dh_params_init(&dh_params); - gnutls_dh_params_import_pkcs3(dh_params, &p3, GNUTLS_X509_FMT_PEM); - gnutls_anon_set_server_dh_params(s_anoncred, dh_params); - gnutls_init(&server, GNUTLS_SERVER); - ret = - gnutls_priority_set_direct(server, - "NONE:+VERS-TLS1.2:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-DH", - NULL); - if (ret < 0) - exit(1); - gnutls_credentials_set(server, GNUTLS_CRD_ANON, s_anoncred); - gnutls_transport_set_push_function(server, server_push); - gnutls_transport_set_pull_function(server, server_pull); - gnutls_transport_set_ptr(server, server); - - /* Init client */ - gnutls_anon_allocate_client_credentials(&c_anoncred); - gnutls_init(&client, GNUTLS_CLIENT); - ret = - gnutls_priority_set_direct(client, - "NONE:+VERS-TLS1.2:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-DH", - NULL); - if (ret < 0) - exit(1); - gnutls_credentials_set(client, GNUTLS_CRD_ANON, c_anoncred); - gnutls_transport_set_push_function(client, client_push); - gnutls_transport_set_pull_function(client, client_pull); - gnutls_transport_set_ptr(client, client); - - handshake = 1; - HANDSHAKE(client, server); - - handshake = 0; - if (debug) - success("Handshake established\n"); - - msglen = strlen(MSG); - TRANSFER(client, server, MSG, msglen, buffer, MAX_BUF); - if (debug) - fputs("\n", stdout); - - gnutls_bye(client, GNUTLS_SHUT_WR); - gnutls_bye(server, GNUTLS_SHUT_WR); - - gnutls_deinit(client); - gnutls_deinit(server); - - gnutls_anon_free_client_credentials(c_anoncred); - gnutls_anon_free_server_credentials(s_anoncred); - - gnutls_dh_params_deinit(dh_params); - - gnutls_global_deinit(); -} diff --git a/tests/mini-x509-2.c b/tests/mini-x509-2.c index cab8c9ae2b..8badfc1ecb 100644 --- a/tests/mini-x509-2.c +++ b/tests/mini-x509-2.c @@ -182,7 +182,6 @@ const gnutls_datum_t server_key = { server_key_pem, static void start(const char *prio) { - int exit_code = EXIT_SUCCESS; int ret; /* Server stuff. */ gnutls_certificate_credentials_t serverx509cred; diff --git a/tests/mini-x509-cas.c b/tests/mini-x509-cas.c index 6edfd89c38..818d98ec53 100644 --- a/tests/mini-x509-cas.c +++ b/tests/mini-x509-cas.c @@ -47,7 +47,6 @@ static void tls_log_func(int level, const char *str) static void start(const char *prio) { - int exit_code = EXIT_SUCCESS; const char *ca_file; /* Server stuff. */ gnutls_certificate_credentials_t serverx509cred; diff --git a/tests/mini-x509-default-prio.c b/tests/mini-x509-default-prio.c index 62ef5b55ff..7f2308cde4 100644 --- a/tests/mini-x509-default-prio.c +++ b/tests/mini-x509-default-prio.c @@ -142,7 +142,6 @@ const gnutls_datum_t server_key = { server_key_pem, void doit(void) { - int exit_code = EXIT_SUCCESS; int ret; /* Server stuff. */ gnutls_certificate_credentials_t serverx509cred; @@ -283,11 +282,4 @@ void doit(void) gnutls_certificate_free_credentials(clientx509cred); gnutls_global_deinit(); - - if (debug > 0) { - if (exit_code == 0) - puts("Self-test successful"); - else - puts("Self-test failed"); - } } diff --git a/tests/mini-x509-ipaddr.c b/tests/mini-x509-ipaddr.c index 63d6fecd5c..81ce0525cc 100644 --- a/tests/mini-x509-ipaddr.c +++ b/tests/mini-x509-ipaddr.c @@ -58,7 +58,6 @@ static time_t mytime(time_t * t) void doit(void) { - int exit_code = EXIT_SUCCESS; int ret; /* Server stuff. */ gnutls_certificate_credentials_t serverx509cred; @@ -267,11 +266,4 @@ void doit(void) gnutls_certificate_free_credentials(clientx509cred); gnutls_global_deinit(); - - if (debug > 0) { - if (exit_code == 0) - puts("Self-test successful"); - else - puts("Self-test failed"); - } } diff --git a/tests/mini-x509.c b/tests/mini-x509.c index 280ffcbc49..4e9d27b639 100644 --- a/tests/mini-x509.c +++ b/tests/mini-x509.c @@ -54,7 +54,6 @@ static time_t mytime(time_t * t) static void start(const char *prio) { - int exit_code = EXIT_SUCCESS; int ret; /* Server stuff. */ gnutls_certificate_credentials_t serverx509cred; diff --git a/tests/priority-mix.c b/tests/priority-mix.c index ff9393738e..55053ae768 100644 --- a/tests/priority-mix.c +++ b/tests/priority-mix.c @@ -57,7 +57,6 @@ static time_t mytime(time_t * t) void doit(void) { - int exit_code = EXIT_SUCCESS; int ret; /* Server stuff. */ gnutls_certificate_credentials_t serverx509cred; @@ -162,11 +161,4 @@ void doit(void) gnutls_certificate_free_credentials(clientx509cred); gnutls_global_deinit(); - - if (debug > 0) { - if (exit_code == 0) - puts("Self-test successful"); - else - puts("Self-test failed"); - } } diff --git a/tests/priority-set.c b/tests/priority-set.c index 63f61dd01d..1834d800a1 100644 --- a/tests/priority-set.c +++ b/tests/priority-set.c @@ -57,7 +57,6 @@ static time_t mytime(time_t * t) void doit(void) { - int exit_code = EXIT_SUCCESS; int ret; /* Server stuff. */ gnutls_certificate_credentials_t serverx509cred; @@ -125,11 +124,4 @@ void doit(void) gnutls_certificate_free_credentials(clientx509cred); gnutls_global_deinit(); - - if (debug > 0) { - if (exit_code == 0) - puts("Self-test successful"); - else - puts("Self-test failed"); - } } diff --git a/tests/priority-set2.c b/tests/priority-set2.c index e1187e75a3..18b03d86ee 100644 --- a/tests/priority-set2.c +++ b/tests/priority-set2.c @@ -57,7 +57,6 @@ static time_t mytime(time_t * t) void doit(void) { - int exit_code = EXIT_SUCCESS; int ret; /* Server stuff. */ gnutls_certificate_credentials_t serverx509cred; @@ -126,11 +125,4 @@ void doit(void) gnutls_priority_deinit(cache); gnutls_global_deinit(); - - if (debug > 0) { - if (exit_code == 0) - puts("Self-test successful"); - else - puts("Self-test failed"); - } } diff --git a/tests/rehandshake-ext-secret.c b/tests/rehandshake-ext-secret.c index 4532f306bf..94279f0322 100644 --- a/tests/rehandshake-ext-secret.c +++ b/tests/rehandshake-ext-secret.c @@ -49,7 +49,6 @@ static void tls_log_func(int level, const char *str) static void try(unsigned onclient) { - int exit_code = EXIT_SUCCESS; /* Server stuff. */ gnutls_certificate_credentials_t serverx509cred; gnutls_session_t server; @@ -139,13 +138,6 @@ static void try(unsigned onclient) gnutls_certificate_free_credentials(clientx509cred); gnutls_global_deinit(); - - if (debug) { - if (exit_code == 0) - puts("Self-test successful"); - else - puts("Self-test failed"); - } } void doit(void) diff --git a/tests/resume-with-false-start.c b/tests/resume-with-false-start.c index b0093b09e0..26f374c841 100644 --- a/tests/resume-with-false-start.c +++ b/tests/resume-with-false-start.c @@ -52,7 +52,6 @@ static time_t mytime(time_t * t) void doit(void) { - int exit_code = EXIT_SUCCESS; int ret; /* Server stuff. */ gnutls_certificate_credentials_t serverx509cred; @@ -146,11 +145,4 @@ void doit(void) gnutls_certificate_free_credentials(clientx509cred); gnutls_global_deinit(); - - if (debug > 0) { - if (exit_code == 0) - puts("Self-test successful"); - else - puts("Self-test failed"); - } } diff --git a/tests/session-rdn-read.c b/tests/session-rdn-read.c index c308508596..19cbfb057c 100644 --- a/tests/session-rdn-read.c +++ b/tests/session-rdn-read.c @@ -86,7 +86,6 @@ cert_callback(gnutls_session_t session, static void start(const char *prio) { - int exit_code = EXIT_SUCCESS; int ret; /* Server stuff. */ gnutls_certificate_credentials_t serverx509cred; @@ -164,13 +163,6 @@ static void start(const char *prio) gnutls_global_deinit(); - if (debug > 0) { - if (exit_code == 0) - puts("Self-test successful"); - else - puts("Self-test failed"); - } - reset_buffers(); } diff --git a/tests/tls12-rehandshake-cert-2.c b/tests/tls12-rehandshake-cert-2.c index ab48556110..f21f2cbd33 100644 --- a/tests/tls12-rehandshake-cert-2.c +++ b/tests/tls12-rehandshake-cert-2.c @@ -52,7 +52,8 @@ int main() static void terminate(void); -/* This program tests client and server initiated rehandshake. +/* This program tests client and server initiated rehandshake + * behavior when they are refused by the peer. */ static void server_log_func(int level, const char *str) @@ -395,7 +396,7 @@ void doit(void) signal(SIGCHLD, ch_handler); signal(SIGPIPE, SIG_IGN); -// start(0); + start(0); start(1); } diff --git a/tests/tls12-rehandshake-cert-3.c b/tests/tls12-rehandshake-cert-3.c index 94ab1126a0..5d609d882f 100644 --- a/tests/tls12-rehandshake-cert-3.c +++ b/tests/tls12-rehandshake-cert-3.c @@ -53,7 +53,7 @@ int main() static void terminate(void); -/* This program tests client and server initiated rehandshake. +/* This program tests client initiated rehandshake. * On the initial handshake a certificate is requested from the * client, while on the following up not. */ @@ -69,7 +69,7 @@ static void client_log_func(int level, const char *str) } #define MAX_BUF 1024 -#define MAX_REHANDSHAKES 32 +#define MAX_REHANDSHAKES 16 static void client(int fd) { diff --git a/tests/tls12-rehandshake-cert.c b/tests/tls12-rehandshake-cert.c index 00a7d381c5..226ee6e1f3 100644 --- a/tests/tls12-rehandshake-cert.c +++ b/tests/tls12-rehandshake-cert.c @@ -1,7 +1,8 @@ /* * Copyright (C) 2008-2012 Free Software Foundation, Inc. + * Copyright (C) 2018 Red Hat, Inc. * - * Author: Simon Josefsson + * Author: Simon Josefsson, Nikos Mavrogiannopoulos * * This file is part of GnuTLS. * @@ -15,9 +16,8 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * General Public License for more details. * - * You should have received a copy of the GNU General Public License - * along with GnuTLS; if not, write to the Free Software Foundation, - * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + * You should have received a copy of the GNU Lesser General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/> */ #ifdef HAVE_CONFIG_H @@ -29,22 +29,21 @@ #include <string.h> #include <errno.h> #include <gnutls/gnutls.h> -#include "utils.h" -#include "eagain-common.h" + #include "cert-common.h" +#include "cmocka-common.h" /* This program tests server initiated rehandshake */ -const char *side = ""; - static void tls_log_func(int level, const char *str) { - fprintf(stderr, "%s|<%d>| %s", side, level, str); + fprintf(stderr, "<%d>| %s", level, str); } -void doit(void) +#define MAX_REHANDSHAKES 16 + +static void test_rehandshake(void **glob_state, unsigned appdata) { - int exit_code = EXIT_SUCCESS; /* Server stuff. */ gnutls_certificate_credentials_t serverx509cred; gnutls_session_t server; @@ -53,54 +52,103 @@ void doit(void) gnutls_certificate_credentials_t clientx509cred; gnutls_session_t client; int cret = GNUTLS_E_AGAIN; + char buffer[64]; + int ret; + unsigned i; /* General init. */ - global_init(); + reset_buffers(); + ret = gnutls_global_init(); + assert_return_code(ret, 0); + gnutls_global_set_log_function(tls_log_func); - if (debug) - gnutls_global_set_log_level(2); /* Init server */ - gnutls_certificate_allocate_credentials(&serverx509cred); - gnutls_certificate_set_x509_key_mem(serverx509cred, - &server_cert, &server_key, - GNUTLS_X509_FMT_PEM); - gnutls_init(&server, GNUTLS_SERVER); - gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE, - serverx509cred); - gnutls_priority_set_direct(server, "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.1:+VERS-TLS1.2", NULL); + ret = gnutls_certificate_allocate_credentials(&serverx509cred); + assert_return_code(ret, 0); + + ret = gnutls_certificate_set_x509_key_mem(serverx509cred, + &server_cert, &server_key, + GNUTLS_X509_FMT_PEM); + assert_return_code(ret, 0); + + ret = gnutls_init(&server, GNUTLS_SERVER); + assert_return_code(ret, 0); + + ret = gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE, + serverx509cred); + assert_return_code(ret, 0); + + ret = gnutls_priority_set_direct(server, "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.1:+VERS-TLS1.2", NULL); + assert_return_code(ret, 0); + gnutls_transport_set_push_function(server, server_push); gnutls_transport_set_pull_function(server, server_pull); gnutls_transport_set_ptr(server, server); /* Init client */ - gnutls_certificate_allocate_credentials(&clientx509cred); - gnutls_init(&client, GNUTLS_CLIENT); - gnutls_credentials_set(client, GNUTLS_CRD_CERTIFICATE, - clientx509cred); - gnutls_priority_set_direct(client, "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.1:+VERS-TLS1.2", NULL); + ret = gnutls_certificate_allocate_credentials(&clientx509cred); + assert_return_code(ret, 0); + + ret = gnutls_init(&client, GNUTLS_CLIENT); + assert_return_code(ret, 0); + + ret = gnutls_credentials_set(client, GNUTLS_CRD_CERTIFICATE, + clientx509cred); + assert_return_code(ret, 0); + + ret = gnutls_priority_set_direct(client, "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.1:+VERS-TLS1.2", NULL); + assert_return_code(ret, 0); + gnutls_transport_set_push_function(client, client_push); gnutls_transport_set_pull_function(client, client_pull); gnutls_transport_set_ptr(client, client); HANDSHAKE(client, server); - sret = gnutls_rehandshake(server); - if (debug) { - tls_log_func(0, "gnutls_rehandshake (server)...\n"); - tls_log_func(0, gnutls_strerror(sret)); - tls_log_func(0, "\n"); - } + if (appdata) { + /* send application data prior to handshake */ + ssize_t n; + char b[1]; + + do { + sret = gnutls_rehandshake(server); + } while (sret == GNUTLS_E_AGAIN); + + do { + n = gnutls_record_recv(client, b, 1); + } while(n == GNUTLS_E_AGAIN); - { + assert_int_equal(n, GNUTLS_E_REHANDSHAKE); + + /* client sends app data and the server ignores them */ + do { + cret = gnutls_record_send(client, "x", 1); + } while (cret == GNUTLS_E_AGAIN); + + do { + sret = gnutls_handshake(server); + } while (sret == GNUTLS_E_AGAIN); + assert_int_equal(sret, GNUTLS_E_GOT_APPLICATION_DATA); + + do { + n = gnutls_record_recv(server, buffer, sizeof(buffer)); + } while(n == GNUTLS_E_AGAIN); + + HANDSHAKE(client, server); + } else { ssize_t n; char b[1]; - n = gnutls_record_recv(client, b, 1); - if (n != GNUTLS_E_REHANDSHAKE) - abort(); - } - HANDSHAKE(client, server); + for (i=0;i<MAX_REHANDSHAKES;i++) { + sret = gnutls_rehandshake(server); + + n = gnutls_record_recv(client, b, 1); + assert_int_equal(n, GNUTLS_E_REHANDSHAKE); + + HANDSHAKE(client, server); + } + } gnutls_bye(client, GNUTLS_SHUT_RDWR); gnutls_bye(server, GNUTLS_SHUT_RDWR); @@ -112,11 +160,23 @@ void doit(void) gnutls_certificate_free_credentials(clientx509cred); gnutls_global_deinit(); +} - if (debug) { - if (exit_code == 0) - puts("Self-test successful"); - else - puts("Self-test failed"); - } +static void tls12_rehandshake_server(void **glob_state) +{ + test_rehandshake(glob_state, 0); +} + +static void tls12_rehandshake_server_appdata(void **glob_state) +{ + test_rehandshake(glob_state, 1); +} + +int main(void) +{ + const struct CMUnitTest tests[] = { + cmocka_unit_test(tls12_rehandshake_server), + cmocka_unit_test(tls12_rehandshake_server_appdata), + }; + return cmocka_run_group_tests(tests, NULL, NULL); } diff --git a/tests/utils-adv.c b/tests/utils-adv.c index a084136646..8291e182ab 100644 --- a/tests/utils-adv.c +++ b/tests/utils-adv.c @@ -53,7 +53,6 @@ _test_cli_serv(gnutls_certificate_credentials_t server_cred, int serv_err, int cli_err) { - int exit_code = EXIT_SUCCESS; int ret; /* Server stuff. */ gnutls_session_t server; @@ -178,13 +177,6 @@ _test_cli_serv(gnutls_certificate_credentials_t server_cred, gnutls_deinit(client); gnutls_deinit(server); - if (debug > 0) { - if (exit_code == 0) - puts("Self-test successful"); - else - puts("Self-test failed"); - } - return ret; } @@ -203,7 +195,6 @@ test_cli_serv_anon(gnutls_anon_server_credentials_t server_cred, gnutls_anon_client_credentials_t client_cred, const char *prio) { - int exit_code = EXIT_SUCCESS; int ret; /* Server stuff. */ gnutls_session_t server; @@ -248,13 +239,6 @@ test_cli_serv_anon(gnutls_anon_server_credentials_t server_cred, gnutls_deinit(client); gnutls_deinit(server); - if (debug > 0) { - if (exit_code == 0) - puts("Self-test successful"); - else - puts("Self-test failed"); - } - return ret; } @@ -263,7 +247,6 @@ test_cli_serv_psk(gnutls_psk_server_credentials_t server_cred, gnutls_psk_client_credentials_t client_cred, const char *prio) { - int exit_code = EXIT_SUCCESS; int ret; /* Server stuff. */ gnutls_session_t server; @@ -308,13 +291,6 @@ test_cli_serv_psk(gnutls_psk_server_credentials_t server_cred, gnutls_deinit(client); gnutls_deinit(server); - if (debug > 0) { - if (exit_code == 0) - puts("Self-test successful"); - else - puts("Self-test failed"); - } - return ret; } diff --git a/tests/x509-cert-callback-legacy.c b/tests/x509-cert-callback-legacy.c index 98ae7dbd9c..2f7912bd89 100644 --- a/tests/x509-cert-callback-legacy.c +++ b/tests/x509-cert-callback-legacy.c @@ -136,7 +136,6 @@ server_cert_callback(gnutls_session_t session, static void start(const char *prio) { - int exit_code = EXIT_SUCCESS; int ret; /* Server stuff. */ gnutls_certificate_credentials_t serverx509cred; diff --git a/tests/x509-cert-callback-ocsp.c b/tests/x509-cert-callback-ocsp.c index 771b3c3b96..31325d1817 100644 --- a/tests/x509-cert-callback-ocsp.c +++ b/tests/x509-cert-callback-ocsp.c @@ -124,7 +124,6 @@ server_cert_callback(gnutls_session_t session, static void start(const char *prio) { - int exit_code = EXIT_SUCCESS; int ret; /* Server stuff. */ gnutls_certificate_credentials_t scred; @@ -220,13 +219,6 @@ static void start(const char *prio) gnutls_global_deinit(); - if (debug > 0) { - if (exit_code == 0) - puts("Self-test successful"); - else - puts("Self-test failed"); - } - reset_buffers(); } diff --git a/tests/x509-cert-callback.c b/tests/x509-cert-callback.c index e673096195..2901208c12 100644 --- a/tests/x509-cert-callback.c +++ b/tests/x509-cert-callback.c @@ -173,7 +173,6 @@ server_cert_callback(gnutls_session_t session, static void start(const char *prio) { - int exit_code = EXIT_SUCCESS; int ret; /* Server stuff. */ gnutls_certificate_credentials_t serverx509cred; @@ -416,13 +415,6 @@ static void start(const char *prio) gnutls_global_deinit(); - if (debug > 0) { - if (exit_code == 0) - puts("Self-test successful"); - else - puts("Self-test failed"); - } - reset_buffers(); } |