X-Git-Url: http://wagner.pp.ru/gitweb/?a=blobdiff_plain;f=test_tls.c;h=bee503385c018b603e222d5094b06a81806c0cb0;hb=30860f940321eb4762d6449ffef48fc93ad2d2e8;hp=d137602161e14df8dc99f6a64d146426491cba3a;hpb=a9bc743d4982744398275e6d1e67d12b75f33de2;p=openssl-gost%2Fengine.git diff --git a/test_tls.c b/test_tls.c index d137602..bee5033 100644 --- a/test_tls.c +++ b/test_tls.c @@ -25,6 +25,7 @@ #include #include #include +#include #include #include #include @@ -62,6 +63,9 @@ struct certkey { X509 *cert; }; +static int verbose; +static const char *cipher_list; + /* How much K to transfer between client and server. */ #define KTRANSFER (1 * 1024) @@ -80,6 +84,8 @@ static int s_server(EVP_PKEY *pkey, X509 *cert, int client) SSL *ssl; T(ssl = SSL_new(ctx)); T(SSL_set_fd(ssl, client)); + if (cipher_list) + T(SSL_set_cipher_list(ssl, cipher_list)); T(SSL_accept(ssl) == 1); /* Receive data from client */ @@ -120,6 +126,8 @@ static int s_client(int server) SSL *ssl; T(BIO_get_ssl(sbio, &ssl)); T(SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY)); + if (cipher_list) + T(SSL_set_cipher_list(ssl, cipher_list)); #if 0 /* Does not work with reneg. */ BIO_set_ssl_renegotiate_bytes(sbio, 100 * 1024); @@ -129,10 +137,10 @@ static int s_client(int server) printf("Protocol: %s\n", SSL_get_version(ssl)); printf("Cipher: %s\n", SSL_get_cipher_name(ssl)); -#if 0 - SSL_SESSION *sess = SSL_get0_session(ssl); - SSL_SESSION_print_fp(stdout, sess); -#endif + if (verbose) { + SSL_SESSION *sess = SSL_get0_session(ssl); + SSL_SESSION_print_fp(stdout, sess); + } X509 *cert; T(cert = SSL_get_peer_certificate(ssl)); @@ -269,25 +277,67 @@ int test(const char *algname, const char *paramset) if (socketpair(AF_LOCAL, SOCK_STREAM, 0, sockfd) == -1) err(1, "socketpair"); - pid_t pid = fork(); - if (pid < 0) - err(1, "fork"); - - if (pid > 0) { - int status; + setpgid(0, 0); - ret = s_client(sockfd[0]); - wait(&status); - ret |= WIFEXITED(status) && WEXITSTATUS(status); + /* Run server in separate process. */ + pid_t server_pid = fork(); + if (server_pid < 0) + err(1, "fork server"); + if (server_pid == 0) { + ret = s_server(ck.pkey, ck.cert, sockfd[1]); X509_free(ck.cert); EVP_PKEY_free(ck.pkey); - } else if (pid == 0) { - ret = s_server(ck.pkey, ck.cert, sockfd[1]); + exit(ret); + } + + /* Run client in separate process. */ + pid_t client_pid = fork(); + if (client_pid < 0) + err(1, "fork client"); + if (client_pid == 0) { + ret = s_client(sockfd[0]); X509_free(ck.cert); EVP_PKEY_free(ck.pkey); exit(ret); } + /* Wait for first child to exit. */ + int status; + pid_t exited_pid = wait(&status); + ret = (WIFEXITED(status) && WEXITSTATUS(status)) || + (WIFSIGNALED(status) && WTERMSIG(status)); + if (ret) { + warnx(cRED "%s child %s with %d %s" cNORM, + exited_pid == server_pid? "server" : "client", + WIFSIGNALED(status)? "killed" : "exited", + WIFSIGNALED(status)? WTERMSIG(status) : WEXITSTATUS(status), + WIFSIGNALED(status)? strsignal(WTERMSIG(status)) : ""); + + /* If first child exited with error, kill other. */ + warnx("terminating %s by force", + exited_pid == server_pid? "client" : "server"); + kill(exited_pid == server_pid? client_pid : server_pid, SIGTERM); + } + + exited_pid = wait(&status); + /* Report error unless we killed it. */ + if (!ret && (!WIFEXITED(status) || WEXITSTATUS(status))) + warnx(cRED "%s child %s with %d %s" cNORM, + exited_pid == server_pid? "server" : "client", + WIFSIGNALED(status)? "killed" : "exited", + WIFSIGNALED(status)? WTERMSIG(status) : WEXITSTATUS(status), + WIFSIGNALED(status)? strsignal(WTERMSIG(status)) : ""); + ret |= (WIFEXITED(status) && WEXITSTATUS(status)) || + (WIFSIGNALED(status) && WTERMSIG(status)); + + /* Every responsible process should free this. */ + X509_free(ck.cert); + EVP_PKEY_free(ck.pkey); +#ifdef __SANITIZE_ADDRESS__ + /* Abort on the first (hopefully) ASan error. */ + if (ret) + _exit(ret); +#endif return ret; } @@ -303,7 +353,12 @@ int main(int argc, char **argv) T(ENGINE_init(eng)); T(ENGINE_set_default(eng, ENGINE_METHOD_ALL)); + char *p; + if ((p = getenv("VERBOSE"))) + verbose = atoi(p); + ret |= test("rsa", NULL); + cipher_list = "LEGACY-GOST2012-GOST8912-GOST8912"; ret |= test("gost2012_256", "A"); ret |= test("gost2012_256", "B"); ret |= test("gost2012_256", "C");