X-Git-Url: http://wagner.pp.ru/gitweb/?a=blobdiff_plain;f=test_tls.c;h=d016e62ca920a7d8427b46302439a34603b89195;hb=a78aa26906bf544e7771c0af67fa074bd535ade9;hp=37c782441d327d710c7a63e8950c0fefda491dcb;hpb=0402564c47b0143e1a469088b7f822cf01d60da4;p=openssl-gost%2Fengine.git

diff --git a/test_tls.c b/test_tls.c
index 37c7824..d016e62 100644
--- a/test_tls.c
+++ b/test_tls.c
@@ -29,22 +29,23 @@
 #include <sys/socket.h>
 #include <netinet/in.h>
 #include <arpa/inet.h>
-#include <err.h>
 
+#ifdef __GNUC__
 /* For X509_NAME_add_entry_by_txt */
-#pragma GCC diagnostic ignored "-Wpointer-sign"
-
-#define T(e) ({ if (!(e)) { \
-		ERR_print_errors_fp(stderr); \
-		OpenSSLDie(__FILE__, __LINE__, #e); \
-	    } \
-        })
-#define TE(e) ({ if (!(e)) { \
-		ERR_print_errors_fp(stderr); \
-		fprintf(stderr, "Error at %s:%d %s\n", __FILE__, __LINE__, #e); \
-		return -1; \
-	    } \
-        })
+# pragma GCC diagnostic ignored "-Wpointer-sign"
+#endif
+
+#define T(e) \
+    if (!(e)) { \
+        ERR_print_errors_fp(stderr); \
+        OpenSSLDie(__FILE__, __LINE__, #e); \
+    }
+#define TE(e) \
+    if (!(e)) { \
+        ERR_print_errors_fp(stderr); \
+        fprintf(stderr, "Error at %s:%d %s\n", __FILE__, __LINE__, #e); \
+        return -1; \
+    }
 
 #define cRED	"\033[1;31m"
 #define cDRED	"\033[0;31m"
@@ -63,9 +64,23 @@ struct certkey {
     X509 *cert;
 };
 
+static int verbose;
+static const char *cipher_list;
+
 /* How much K to transfer between client and server. */
 #define KTRANSFER (1 * 1024)
 
+static void err(int eval, const char *fmt, ...)
+{
+    va_list ap;
+
+    va_start(ap, fmt);
+    vprintf(fmt, ap);
+    va_end(ap);
+    printf(": %s\n", strerror(errno));
+    exit(eval);
+}
+
 /*
  * Simple TLS Server code is based on
  * https://wiki.openssl.org/index.php/Simple_TLS_Server
@@ -81,6 +96,8 @@ static int s_server(EVP_PKEY *pkey, X509 *cert, int client)
     SSL *ssl;
     T(ssl = SSL_new(ctx));
     T(SSL_set_fd(ssl, client));
+    if (cipher_list)
+	T(SSL_set_cipher_list(ssl, cipher_list));
     T(SSL_accept(ssl) == 1);
 
     /* Receive data from client */
@@ -121,6 +138,8 @@ static int s_client(int server)
     SSL *ssl;
     T(BIO_get_ssl(sbio, &ssl));
     T(SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY));
+    if (cipher_list)
+	T(SSL_set_cipher_list(ssl, cipher_list));
 #if 0
     /* Does not work with reneg. */
     BIO_set_ssl_renegotiate_bytes(sbio, 100 * 1024);
@@ -130,10 +149,10 @@ static int s_client(int server)
 
     printf("Protocol: %s\n", SSL_get_version(ssl));
     printf("Cipher:   %s\n", SSL_get_cipher_name(ssl));
-#if 0
-    SSL_SESSION *sess = SSL_get0_session(ssl);
-    SSL_SESSION_print_fp(stdout, sess);
-#endif
+    if (verbose) {
+	SSL_SESSION *sess = SSL_get0_session(ssl);
+	SSL_SESSION_print_fp(stdout, sess);
+    }
 
     X509 *cert;
     T(cert = SSL_get_peer_certificate(ssl));
@@ -267,7 +286,7 @@ int test(const char *algname, const char *paramset)
     ck = certgen(algname, paramset);
 
     int sockfd[2];
-    if (socketpair(AF_LOCAL, SOCK_STREAM, 0, sockfd) == -1)
+    if (socketpair(AF_UNIX, SOCK_STREAM, 0, sockfd) == -1)
 	err(1, "socketpair");
 
     setpgid(0, 0);
@@ -300,14 +319,14 @@ int test(const char *algname, const char *paramset)
     ret = (WIFEXITED(status) && WEXITSTATUS(status)) ||
 	(WIFSIGNALED(status) && WTERMSIG(status));
     if (ret) {
-	warnx(cRED "%s child %s with %d %s" cNORM,
+	fprintf(stderr, cRED "%s child %s with %d %s" cNORM,
 	    exited_pid == server_pid? "server" : "client",
 	    WIFSIGNALED(status)? "killed" : "exited",
 	    WIFSIGNALED(status)? WTERMSIG(status) : WEXITSTATUS(status),
 	    WIFSIGNALED(status)? strsignal(WTERMSIG(status)) : "");
 
 	/* If first child exited with error, kill other. */
-	warnx("terminating %s by force",
+	fprintf(stderr, "terminating %s by force",
 	    exited_pid == server_pid? "client" : "server");
 	kill(exited_pid == server_pid? client_pid : server_pid, SIGTERM);
     }
@@ -315,7 +334,7 @@ int test(const char *algname, const char *paramset)
     exited_pid = wait(&status);
     /* Report error unless we killed it. */
     if (!ret && (!WIFEXITED(status) || WEXITSTATUS(status)))
-	warnx(cRED "%s child %s with %d %s" cNORM,
+	fprintf(stderr, cRED "%s child %s with %d %s" cNORM,
 	    exited_pid == server_pid? "server" : "client",
 	    WIFSIGNALED(status)? "killed" : "exited",
 	    WIFSIGNALED(status)? WTERMSIG(status) : WEXITSTATUS(status),
@@ -338,15 +357,14 @@ int main(int argc, char **argv)
 {
     int ret = 0;
 
-    setenv("OPENSSL_ENGINES", ENGINE_DIR, 0);
     OPENSSL_add_all_algorithms_conf();
-    ERR_load_crypto_strings();
-    ENGINE *eng;
-    T(eng = ENGINE_by_id("gost"));
-    T(ENGINE_init(eng));
-    T(ENGINE_set_default(eng, ENGINE_METHOD_ALL));
+
+    char *p;
+    if ((p = getenv("VERBOSE")))
+	verbose = atoi(p);
 
     ret |= test("rsa", NULL);
+    cipher_list = "LEGACY-GOST2012-GOST8912-GOST8912";
     ret |= test("gost2012_256", "A");
     ret |= test("gost2012_256", "B");
     ret |= test("gost2012_256", "C");
@@ -355,9 +373,6 @@ int main(int argc, char **argv)
     ret |= test("gost2012_512", "B");
     ret |= test("gost2012_512", "C");
 
-    ENGINE_finish(eng);
-    ENGINE_free(eng);
-
     if (ret)
 	printf(cDRED "= Some tests FAILED!\n" cNORM);
     else