diff options
Diffstat (limited to 'tests/tls13/compress-cert.c')
-rw-r--r-- | tests/tls13/compress-cert.c | 98 |
1 files changed, 61 insertions, 37 deletions
diff --git a/tests/tls13/compress-cert.c b/tests/tls13/compress-cert.c index 6b867caaf5..6f7b4a9152 100644 --- a/tests/tls13/compress-cert.c +++ b/tests/tls13/compress-cert.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -#include <config.h> +# include <config.h> #endif #include <stdio.h> @@ -36,18 +36,18 @@ int main(int argc, char **argv) #else -#include <sys/socket.h> -#include <sys/wait.h> -#include <unistd.h> -#include <gnutls/gnutls.h> +# include <sys/socket.h> +# include <sys/wait.h> +# include <unistd.h> +# include <gnutls/gnutls.h> -#include "cert-common.h" -#include "utils.h" +# include "cert-common.h" +# include "utils.h" /* This program tests whether the compress_certificate extensions works as expected */ -#define PRIO "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.3" -#define CHECK(X) assert((X)>=0) +# define PRIO "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.3" +# define CHECK(X) assert((X)>=0) static pid_t child; int client_ok; @@ -75,7 +75,8 @@ static void server_log_func(int level, const char *str) } static int client_callback(gnutls_session_t session, unsigned htype, - unsigned post, unsigned incoming, const gnutls_datum_t *msg) + unsigned post, unsigned incoming, + const gnutls_datum_t * msg) { if (incoming == 0) return 0; @@ -88,7 +89,8 @@ static int client_callback(gnutls_session_t session, unsigned htype, } static int server_callback(gnutls_session_t session, unsigned htype, - unsigned post, unsigned incoming, const gnutls_datum_t *msg) + unsigned post, unsigned incoming, + const gnutls_datum_t * msg) { if (incoming == 0) return 0; @@ -107,8 +109,10 @@ static void client(int fd) gnutls_session_t session; gnutls_certificate_credentials_t x509_cred; gnutls_compression_method_t method; - gnutls_compression_method_t methods[] = { GNUTLS_COMP_ZLIB, GNUTLS_COMP_BROTLI }; - size_t methods_len = sizeof(methods) / sizeof(gnutls_compression_method_t); + gnutls_compression_method_t methods[] = + { GNUTLS_COMP_ZLIB, GNUTLS_COMP_BROTLI }; + size_t methods_len = + sizeof(methods) / sizeof(gnutls_compression_method_t); global_init(); @@ -118,20 +122,27 @@ static void client(int fd) } CHECK(gnutls_certificate_allocate_credentials(&x509_cred)); - CHECK(gnutls_certificate_set_x509_trust_mem(x509_cred, &ca3_cert, GNUTLS_X509_FMT_PEM)); - CHECK(gnutls_certificate_set_x509_key_mem(x509_cred, &cli_ca3_cert_chain, - &cli_ca3_key, GNUTLS_X509_FMT_PEM)); + CHECK(gnutls_certificate_set_x509_trust_mem + (x509_cred, &ca3_cert, GNUTLS_X509_FMT_PEM)); + CHECK(gnutls_certificate_set_x509_key_mem + (x509_cred, &cli_ca3_cert_chain, &cli_ca3_key, + GNUTLS_X509_FMT_PEM)); CHECK(gnutls_init(&session, GNUTLS_CLIENT)); - CHECK(gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred)); + CHECK(gnutls_credentials_set + (session, GNUTLS_CRD_CERTIFICATE, x509_cred)); CHECK(gnutls_priority_set_direct(session, PRIO, NULL)); - ret = gnutls_compress_certificate_set_methods(session, methods, methods_len); + ret = + gnutls_compress_certificate_set_methods(session, methods, + methods_len); if (ret < 0) { - fail("client: setting compression method failed (%s)\n\n", gnutls_strerror(ret)); + fail("client: setting compression method failed (%s)\n\n", + gnutls_strerror(ret)); terminate(); } - gnutls_handshake_set_hook_function(session, GNUTLS_HANDSHAKE_COMPRESSED_CERTIFICATE_PKT, + gnutls_handshake_set_hook_function(session, + GNUTLS_HANDSHAKE_COMPRESSED_CERTIFICATE_PKT, GNUTLS_HOOK_PRE, client_callback); gnutls_transport_set_int(session, fd); @@ -159,7 +170,8 @@ static void client(int fd) ret = gnutls_certificate_verify_peers2(session, &status); if (ret < 0) - fail("client: could not verify server certificate: %s\n", gnutls_strerror(ret)); + fail("client: could not verify server certificate: %s\n", + gnutls_strerror(ret)); if (status) fail("client: certificate verification failed\n"); @@ -168,7 +180,7 @@ static void client(int fd) if (debug) success("client: finished\n"); -cleanup: + cleanup: close(fd); gnutls_deinit(session); gnutls_certificate_free_credentials(x509_cred); @@ -182,8 +194,10 @@ static void server(int fd) gnutls_session_t session; gnutls_certificate_credentials_t x509_cred; gnutls_compression_method_t method; - gnutls_compression_method_t methods[] = { GNUTLS_COMP_ZSTD, GNUTLS_COMP_BROTLI, GNUTLS_COMP_ZLIB }; - size_t methods_len = sizeof(methods) / sizeof(gnutls_compression_method_t); + gnutls_compression_method_t methods[] = + { GNUTLS_COMP_ZSTD, GNUTLS_COMP_BROTLI, GNUTLS_COMP_ZLIB }; + size_t methods_len = + sizeof(methods) / sizeof(gnutls_compression_method_t); global_init(); @@ -193,20 +207,27 @@ static void server(int fd) } CHECK(gnutls_certificate_allocate_credentials(&x509_cred)); - CHECK(gnutls_certificate_set_x509_trust_mem(x509_cred, &ca3_cert, GNUTLS_X509_FMT_PEM)); - CHECK(gnutls_certificate_set_x509_key_mem(x509_cred, &server_ca3_localhost_cert_chain, - &server_ca3_key, GNUTLS_X509_FMT_PEM)); + CHECK(gnutls_certificate_set_x509_trust_mem + (x509_cred, &ca3_cert, GNUTLS_X509_FMT_PEM)); + CHECK(gnutls_certificate_set_x509_key_mem + (x509_cred, &server_ca3_localhost_cert_chain, &server_ca3_key, + GNUTLS_X509_FMT_PEM)); CHECK(gnutls_init(&session, GNUTLS_SERVER)); - CHECK(gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred)); + CHECK(gnutls_credentials_set + (session, GNUTLS_CRD_CERTIFICATE, x509_cred)); CHECK(gnutls_priority_set_direct(session, PRIO, NULL)); - ret = gnutls_compress_certificate_set_methods(session, methods, methods_len); + ret = + gnutls_compress_certificate_set_methods(session, methods, + methods_len); if (ret < 0) { - fail("server: setting compression method failed (%s)\n\n", gnutls_strerror(ret)); + fail("server: setting compression method failed (%s)\n\n", + gnutls_strerror(ret)); terminate(); } - gnutls_handshake_set_hook_function(session, GNUTLS_HANDSHAKE_COMPRESSED_CERTIFICATE_PKT, + gnutls_handshake_set_hook_function(session, + GNUTLS_HANDSHAKE_COMPRESSED_CERTIFICATE_PKT, GNUTLS_HOOK_PRE, server_callback); gnutls_certificate_server_set_request(session, GNUTLS_CERT_REQUEST); gnutls_transport_set_int(session, fd); @@ -216,14 +237,16 @@ static void server(int fd) } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { - fail("server: Handshake has failed (%s)\n\n", gnutls_strerror(ret)); + fail("server: Handshake has failed (%s)\n\n", + gnutls_strerror(ret)); goto cleanup; } if (debug) success("server: Handshake was completed\n"); if (debug) - success("server: TLS version is: %s\n", gnutls_protocol_get_name( - gnutls_protocol_get_version(session))); + success("server: TLS version is: %s\n", + gnutls_protocol_get_name(gnutls_protocol_get_version + (session))); method = gnutls_compress_certificate_get_selected_method(session); if (method != GNUTLS_COMP_ZLIB) @@ -234,7 +257,8 @@ static void server(int fd) ret = gnutls_certificate_verify_peers2(session, &status); if (ret < 0) - fail("server: could not verify client certificate: %s\n", gnutls_strerror(ret)); + fail("server: could not verify client certificate: %s\n", + gnutls_strerror(ret)); if (status) fail("server: certificate verification failed\n"); @@ -243,7 +267,7 @@ static void server(int fd) if (debug) success("server: finished\n"); -cleanup: + cleanup: close(fd); gnutls_deinit(session); gnutls_certificate_free_credentials(x509_cred); @@ -283,4 +307,4 @@ void doit(void) } } -#endif /* _WIN32 */ +#endif /* _WIN32 */ |