summaryrefslogtreecommitdiff
path: root/tests/psk-file.c
diff options
context:
space:
mode:
Diffstat (limited to 'tests/psk-file.c')
-rw-r--r--tests/psk-file.c37
1 files changed, 26 insertions, 11 deletions
diff --git a/tests/psk-file.c b/tests/psk-file.c
index 3defa28275..28d45560b1 100644
--- a/tests/psk-file.c
+++ b/tests/psk-file.c
@@ -27,6 +27,7 @@
#include <config.h>
#endif
+#include <stdbool.h>
#include <stdio.h>
#include <stdlib.h>
@@ -171,7 +172,8 @@ static void client(int sd, const char *prio, const char *user, const gnutls_datu
#define MAX_BUF 1024
-static void server(int sd, const char *prio, const char *user, int expect_fail, int exp_kx)
+static void server(int sd, const char *prio, const char *user, bool no_cred,
+ int expect_fail, int exp_kx)
{
gnutls_psk_server_credentials_t server_pskcred;
int ret, kx;
@@ -206,7 +208,8 @@ static void server(int sd, const char *prio, const char *user, int expect_fail,
assert(gnutls_priority_set_direct(session, prio, NULL)>=0);
- gnutls_credentials_set(session, GNUTLS_CRD_PSK, server_pskcred);
+ if (!no_cred)
+ gnutls_credentials_set(session, GNUTLS_CRD_PSK, server_pskcred);
gnutls_transport_set_int(session, sd);
ret = gnutls_handshake(session);
@@ -267,10 +270,12 @@ static void server(int sd, const char *prio, const char *user, int expect_fail,
if (expect_fail)
fail("server: expected failure but connection succeeded!\n");
- pskid = gnutls_psk_server_get_username(session);
- if (pskid == NULL || strcmp(pskid, user) != 0) {
- fail("server: username (%s), does not match expected (%s)\n",
- pskid, user);
+ if (!no_cred) {
+ pskid = gnutls_psk_server_get_username(session);
+ if (pskid == NULL || strcmp(pskid, user) != 0) {
+ fail("server: username (%s), does not match expected (%s)\n",
+ pskid, user);
+ }
}
if (exp_kx && kx != exp_kx) {
@@ -292,7 +297,7 @@ static void server(int sd, const char *prio, const char *user, int expect_fail,
}
static
-void run_test2(const char *prio, const char *sprio, const char *user, const gnutls_datum_t *key,
+void run_test3(const char *prio, const char *sprio, const char *user, const gnutls_datum_t *key, bool no_cred,
unsigned expect_hint, int exp_kx, int expect_fail_cli, int expect_fail_serv)
{
pid_t child;
@@ -323,7 +328,7 @@ void run_test2(const char *prio, const char *sprio, const char *user, const gnut
close(sockets[1]);
int status;
/* parent */
- server(sockets[0], sprio?sprio:prio, user, expect_fail_serv, exp_kx);
+ server(sockets[0], sprio?sprio:prio, user, no_cred, expect_fail_serv, exp_kx);
wait(&status);
check_wait_status(status);
} else {
@@ -334,21 +339,28 @@ void run_test2(const char *prio, const char *sprio, const char *user, const gnut
}
static
+void run_test2(const char *prio, const char *sprio, const char *user, const gnutls_datum_t *key,
+ unsigned expect_hint, int exp_kx, int expect_fail_cli, int expect_fail_serv)
+{
+ run_test3(prio, sprio, user, key, 0, expect_hint, exp_kx, expect_fail_cli, expect_fail_serv);
+}
+
+static
void run_test_ok(const char *prio, const char *user, const gnutls_datum_t *key, unsigned expect_hint, int expect_fail)
{
- return run_test2(prio, NULL, user, key, expect_hint, GNUTLS_KX_PSK, expect_fail, expect_fail);
+ run_test2(prio, NULL, user, key, expect_hint, GNUTLS_KX_PSK, expect_fail, expect_fail);
}
static
void run_ectest_ok(const char *prio, const char *user, const gnutls_datum_t *key, unsigned expect_hint, int expect_fail)
{
- return run_test2(prio, NULL, user, key, expect_hint, GNUTLS_KX_ECDHE_PSK, expect_fail, expect_fail);
+ run_test2(prio, NULL, user, key, expect_hint, GNUTLS_KX_ECDHE_PSK, expect_fail, expect_fail);
}
static
void run_dhtest_ok(const char *prio, const char *user, const gnutls_datum_t *key, unsigned expect_hint, int expect_fail)
{
- return run_test2(prio, NULL, user, key, expect_hint, GNUTLS_KX_DHE_PSK, expect_fail, expect_fail);
+ run_test2(prio, NULL, user, key, expect_hint, GNUTLS_KX_DHE_PSK, expect_fail, expect_fail);
}
void doit(void)
@@ -398,6 +410,9 @@ void doit(void)
/* try with HelloRetryRequest and PSK */
run_test2("NORMAL:-VERS-ALL:+VERS-TLS1.3:+DHE-PSK:-GROUP-ALL:+GROUP-FFDHE2048:+GROUP-FFDHE4096", "NORMAL:-VERS-ALL:+VERS-TLS1.3:+DHE-PSK:-GROUP-ALL:+GROUP-FFDHE4096", "jas", &key, 0, GNUTLS_KX_DHE_PSK, 0, 0);
+
+ /* try without server credentials */
+ run_test3("NORMAL:-VERS-ALL:+VERS-TLS1.3:+PSK:+DHE-PSK", NULL, "jas", &key, 1, 0, 0, GNUTLS_E_FATAL_ALERT_RECEIVED, GNUTLS_E_INSUFFICIENT_CREDENTIALS);
}
#endif /* _WIN32 */
View Lorry Controller Status