* See https://www.openssl.org/source/license.html for details
*/
+#ifdef _MSC_VER
+# pragma warning(push, 3)
+# include <openssl/applink.c>
+# pragma warning(pop)
+#endif
#include "e_gost_err.h"
#include "gost_lcl.h"
#include <openssl/evp.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
-#include <err.h>
+#ifdef __GNUC__
/* For X509_NAME_add_entry_by_txt */
-#pragma GCC diagnostic ignored "-Wpointer-sign"
-
-#define T(e) ({ if (!(e)) { \
- ERR_print_errors_fp(stderr); \
- OpenSSLDie(__FILE__, __LINE__, #e); \
- } \
- })
-#define TE(e) ({ if (!(e)) { \
- ERR_print_errors_fp(stderr); \
- fprintf(stderr, "Error at %s:%d %s\n", __FILE__, __LINE__, #e); \
- return -1; \
- } \
- })
+# pragma GCC diagnostic ignored "-Wpointer-sign"
+#endif
+
+#define T(e) \
+ if (!(e)) { \
+ ERR_print_errors_fp(stderr); \
+ OpenSSLDie(__FILE__, __LINE__, #e); \
+ }
+#define TE(e) \
+ if (!(e)) { \
+ ERR_print_errors_fp(stderr); \
+ fprintf(stderr, "Error at %s:%d %s\n", __FILE__, __LINE__, #e); \
+ return -1; \
+ }
#define cRED "\033[1;31m"
#define cDRED "\033[0;31m"
X509 *cert;
};
+static int verbose;
+static const char *cipher_list;
+
/* How much K to transfer between client and server. */
#define KTRANSFER (1 * 1024)
+static void err(int eval, const char *fmt, ...)
+{
+ va_list ap;
+
+ va_start(ap, fmt);
+ vprintf(fmt, ap);
+ va_end(ap);
+ printf(": %s\n", strerror(errno));
+ exit(eval);
+}
+
/*
* Simple TLS Server code is based on
* https://wiki.openssl.org/index.php/Simple_TLS_Server
SSL *ssl;
T(ssl = SSL_new(ctx));
T(SSL_set_fd(ssl, client));
+ if (cipher_list)
+ T(SSL_set_cipher_list(ssl, cipher_list));
T(SSL_accept(ssl) == 1);
/* Receive data from client */
SSL *ssl;
T(BIO_get_ssl(sbio, &ssl));
T(SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY));
+ if (cipher_list)
+ T(SSL_set_cipher_list(ssl, cipher_list));
#if 0
/* Does not work with reneg. */
BIO_set_ssl_renegotiate_bytes(sbio, 100 * 1024);
printf("Protocol: %s\n", SSL_get_version(ssl));
printf("Cipher: %s\n", SSL_get_cipher_name(ssl));
-#if 0
- SSL_SESSION *sess = SSL_get0_session(ssl);
- SSL_SESSION_print_fp(stdout, sess);
-#endif
+ if (verbose) {
+ SSL_SESSION *sess = SSL_get0_session(ssl);
+ SSL_SESSION_print_fp(stdout, sess);
+ }
X509 *cert;
T(cert = SSL_get_peer_certificate(ssl));
ck = certgen(algname, paramset);
int sockfd[2];
- if (socketpair(AF_LOCAL, SOCK_STREAM, 0, sockfd) == -1)
+ if (socketpair(AF_UNIX, SOCK_STREAM, 0, sockfd) == -1)
err(1, "socketpair");
setpgid(0, 0);
ret = (WIFEXITED(status) && WEXITSTATUS(status)) ||
(WIFSIGNALED(status) && WTERMSIG(status));
if (ret) {
- warnx(cRED "%s child %s with %d %s" cNORM,
+ fprintf(stderr, cRED "%s child %s with %d %s" cNORM,
exited_pid == server_pid? "server" : "client",
WIFSIGNALED(status)? "killed" : "exited",
WIFSIGNALED(status)? WTERMSIG(status) : WEXITSTATUS(status),
WIFSIGNALED(status)? strsignal(WTERMSIG(status)) : "");
/* If first child exited with error, kill other. */
- warnx("terminating %s by force",
+ fprintf(stderr, "terminating %s by force",
exited_pid == server_pid? "client" : "server");
kill(exited_pid == server_pid? client_pid : server_pid, SIGTERM);
}
exited_pid = wait(&status);
/* Report error unless we killed it. */
if (!ret && (!WIFEXITED(status) || WEXITSTATUS(status)))
- warnx(cRED "%s child %s with %d %s" cNORM,
+ fprintf(stderr, cRED "%s child %s with %d %s" cNORM,
exited_pid == server_pid? "server" : "client",
WIFSIGNALED(status)? "killed" : "exited",
WIFSIGNALED(status)? WTERMSIG(status) : WEXITSTATUS(status),
{
int ret = 0;
- setenv("OPENSSL_ENGINES", ENGINE_DIR, 0);
OPENSSL_add_all_algorithms_conf();
- ERR_load_crypto_strings();
- ENGINE *eng;
- T(eng = ENGINE_by_id("gost"));
- T(ENGINE_init(eng));
- T(ENGINE_set_default(eng, ENGINE_METHOD_ALL));
- /* ret |= test("rsa", NULL); */
+ char *p;
+ if ((p = getenv("VERBOSE")))
+ verbose = atoi(p);
+
+ ret |= test("rsa", NULL);
+ cipher_list = "LEGACY-GOST2012-GOST8912-GOST8912";
ret |= test("gost2012_256", "A");
ret |= test("gost2012_256", "B");
ret |= test("gost2012_256", "C");
ret |= test("gost2012_512", "B");
ret |= test("gost2012_512", "C");
- ENGINE_finish(eng);
- ENGINE_free(eng);
-
if (ret)
printf(cDRED "= Some tests FAILED!\n" cNORM);
else