diff options
Diffstat (limited to 'tests/tls13/post-handshake-with-cert-ticket.c')
-rw-r--r-- | tests/tls13/post-handshake-with-cert-ticket.c | 98 |
1 files changed, 55 insertions, 43 deletions
diff --git a/tests/tls13/post-handshake-with-cert-ticket.c b/tests/tls13/post-handshake-with-cert-ticket.c index 519d44a5b3..2d4f4c3a52 100644 --- a/tests/tls13/post-handshake-with-cert-ticket.c +++ b/tests/tls13/post-handshake-with-cert-ticket.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -#include <config.h> +# include <config.h> #endif #include <stdio.h> @@ -35,21 +35,21 @@ int main(void) #else -#include <string.h> -#include <sys/types.h> -#include <netinet/in.h> -#include <sys/socket.h> -#include <sys/wait.h> -#include <arpa/inet.h> -#include <unistd.h> -#include <gnutls/gnutls.h> -#include <gnutls/dtls.h> -#include <signal.h> -#include <assert.h> - -#include "../lib/handshake-defs.h" -#include "cert-common.h" -#include "utils.h" +# include <string.h> +# include <sys/types.h> +# include <netinet/in.h> +# include <sys/socket.h> +# include <sys/wait.h> +# include <arpa/inet.h> +# include <unistd.h> +# include <gnutls/gnutls.h> +# include <gnutls/dtls.h> +# include <signal.h> +# include <assert.h> + +# include "../lib/handshake-defs.h" +# include "cert-common.h" +# include "utils.h" /* This program tests whether the certificate seen in Post Handshake Auth * is found in a resumed session under TLS 1.3. @@ -67,7 +67,8 @@ static void client_log_func(int level, const char *str) static unsigned tickets_seen = 0; static int ticket_callback(gnutls_session_t session, unsigned int htype, - unsigned post, unsigned int incoming, const gnutls_datum_t *msg) + unsigned post, unsigned int incoming, + const gnutls_datum_t * msg) { gnutls_datum *d; static int counter = 0; @@ -76,7 +77,7 @@ static int ticket_callback(gnutls_session_t session, unsigned int htype, assert(htype == GNUTLS_HANDSHAKE_NEW_SESSION_TICKET); counter++; - if (counter <= TLS13_TICKETS_TO_SEND) /* ignore the default tickets sent */ + if (counter <= TLS13_TICKETS_TO_SEND) /* ignore the default tickets sent */ return 0; d = gnutls_session_get_ptr(session); @@ -102,7 +103,7 @@ static void client(int fd, unsigned tickets) gnutls_session_t session; char buf[64]; unsigned try = 0; - gnutls_datum_t session_data = {NULL, 0}; + gnutls_datum_t session_data = { NULL, 0 }; global_init(); tickets_seen = 0; @@ -112,27 +113,32 @@ static void client(int fd, unsigned tickets) gnutls_global_set_log_level(7); } - assert(gnutls_certificate_allocate_credentials(&x509_cred)>=0); + assert(gnutls_certificate_allocate_credentials(&x509_cred) >= 0); retry: /* Initialize TLS session */ - assert(gnutls_init(&session, GNUTLS_CLIENT|GNUTLS_POST_HANDSHAKE_AUTH)>=0); + assert(gnutls_init(&session, GNUTLS_CLIENT | GNUTLS_POST_HANDSHAKE_AUTH) + >= 0); gnutls_handshake_set_timeout(session, get_timeout()); - ret = gnutls_priority_set_direct(session, "NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+VERS-TLS1.0", NULL); + ret = + gnutls_priority_set_direct(session, + "NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+VERS-TLS1.0", + NULL); if (ret < 0) fail("cannot set TLS 1.3 priorities\n"); - if (try == 0) { gnutls_session_set_ptr(session, &session_data); - gnutls_handshake_set_hook_function(session, GNUTLS_HANDSHAKE_NEW_SESSION_TICKET, + gnutls_handshake_set_hook_function(session, + GNUTLS_HANDSHAKE_NEW_SESSION_TICKET, GNUTLS_HOOK_BOTH, ticket_callback); } else { - assert(gnutls_session_set_data(session, session_data.data, session_data.size) >= 0); + assert(gnutls_session_set_data + (session, session_data.data, session_data.size) >= 0); } gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred); @@ -150,16 +156,17 @@ static void client(int fd, unsigned tickets) fail("handshake failed: %s\n", gnutls_strerror(ret)); if (try == 0) { - assert(gnutls_certificate_set_x509_key_mem(x509_cred, &cli_ca3_cert, - &cli_ca3_key, - GNUTLS_X509_FMT_PEM)>=0); + assert(gnutls_certificate_set_x509_key_mem + (x509_cred, &cli_ca3_cert, &cli_ca3_key, + GNUTLS_X509_FMT_PEM) >= 0); do { ret = gnutls_record_recv(session, buf, sizeof(buf)); } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); if (ret != GNUTLS_E_REAUTH_REQUEST) { - fail("recv: unexpected error: %s\n", gnutls_strerror(ret)); + fail("recv: unexpected error: %s\n", + gnutls_strerror(ret)); } if (debug) @@ -176,13 +183,13 @@ static void client(int fd, unsigned tickets) do { ret = gnutls_bye(session, GNUTLS_SHUT_RDWR); - } while(ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); + } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); if (ret != 0) { fail("error in recv: %s\n", gnutls_strerror(ret)); } - assert(tickets_seen == tickets+1); + assert(tickets_seen == tickets + 1); gnutls_deinit(session); @@ -199,9 +206,9 @@ static void client(int fd, unsigned tickets) gnutls_global_deinit(); } -static void compare(const gnutls_datum_t *der, const void *ipem) +static void compare(const gnutls_datum_t * der, const void *ipem) { - gnutls_datum_t pem = {(void*)ipem, strlen((char*)ipem)}; + gnutls_datum_t pem = { (void *)ipem, strlen((char *)ipem) }; gnutls_datum_t new_der; int ret; @@ -210,7 +217,8 @@ static void compare(const gnutls_datum_t *der, const void *ipem) fail("error: %s\n", gnutls_strerror(ret)); } - if (der->size != new_der.size || memcmp(der->data, new_der.data, der->size) != 0) { + if (der->size != new_der.size + || memcmp(der->data, new_der.data, der->size) != 0) { fail("error in %d: %s\n", __LINE__, "cert don't match"); exit(1); } @@ -231,7 +239,7 @@ static void server(int fd, unsigned tickets) */ global_init(); - assert(gnutls_session_ticket_key_generate(&skey)>=0); + assert(gnutls_session_ticket_key_generate(&skey) >= 0); if (debug) { gnutls_global_set_log_function(server_log_func); @@ -240,15 +248,16 @@ static void server(int fd, unsigned tickets) gnutls_certificate_allocate_credentials(&x509_cred); gnutls_certificate_set_x509_key_mem(x509_cred, &server_cert, - &server_key, - GNUTLS_X509_FMT_PEM); + &server_key, GNUTLS_X509_FMT_PEM); - assert(gnutls_init(&session, GNUTLS_SERVER|GNUTLS_POST_HANDSHAKE_AUTH)>=0); + assert(gnutls_init(&session, GNUTLS_SERVER | GNUTLS_POST_HANDSHAKE_AUTH) + >= 0); assert(gnutls_session_ticket_enable_server(session, &skey) >= 0); gnutls_handshake_set_timeout(session, get_timeout()); - assert(gnutls_priority_set_direct(session, "NORMAL:+VERS-TLS1.3", NULL)>=0); + assert(gnutls_priority_set_direct(session, "NORMAL:+VERS-TLS1.3", NULL) + >= 0); gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred); @@ -269,7 +278,8 @@ static void server(int fd, unsigned tickets) } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); if (ret != 0) - fail("server: gnutls_reauth did not succeed as expected: %s\n", gnutls_strerror(ret)); + fail("server: gnutls_reauth did not succeed as expected: %s\n", + gnutls_strerror(ret)); if (tickets == 0) { /* test whether the expected error code would be returned */ @@ -284,16 +294,18 @@ static void server(int fd, unsigned tickets) do { ret = gnutls_bye(session, GNUTLS_SHUT_RDWR); - } while(ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); + } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); gnutls_deinit(session); /* resume session */ - assert(gnutls_init(&session, GNUTLS_SERVER|GNUTLS_POST_HANDSHAKE_AUTH)>=0); + assert(gnutls_init(&session, GNUTLS_SERVER | GNUTLS_POST_HANDSHAKE_AUTH) + >= 0); assert(gnutls_session_ticket_enable_server(session, &skey) >= 0); gnutls_handshake_set_timeout(session, get_timeout()); - assert(gnutls_priority_set_direct(session, "NORMAL:+VERS-TLS1.3", NULL)>=0); + assert(gnutls_priority_set_direct(session, "NORMAL:+VERS-TLS1.3", NULL) + >= 0); gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred); |