From 4031707886f06d3b6b0b34e008957c3d859d6ac0 Mon Sep 17 00:00:00 2001 From: jsing Date: Sat, 9 Dec 2017 16:43:09 +0000 Subject: [PATCH] Add a regress test for tls_config_parse_protocols(). --- regress/lib/libtls/Makefile | 3 +- regress/lib/libtls/config/Makefile | 10 ++ regress/lib/libtls/config/configtest.c | 171 +++++++++++++++++++++++++ 3 files changed, 183 insertions(+), 1 deletion(-) create mode 100644 regress/lib/libtls/config/Makefile create mode 100644 regress/lib/libtls/config/configtest.c diff --git a/regress/lib/libtls/Makefile b/regress/lib/libtls/Makefile index 22464cd559a..0e8be3791b7 100644 --- a/regress/lib/libtls/Makefile +++ b/regress/lib/libtls/Makefile @@ -1,6 +1,7 @@ -# $OpenBSD: Makefile,v 1.3 2017/01/12 15:50:16 jsing Exp $ +# $OpenBSD: Makefile,v 1.4 2017/12/09 16:43:09 jsing Exp $ SUBDIR= \ + config \ gotls \ tls \ verify diff --git a/regress/lib/libtls/config/Makefile b/regress/lib/libtls/config/Makefile new file mode 100644 index 00000000000..846d1ab0e5b --- /dev/null +++ b/regress/lib/libtls/config/Makefile @@ -0,0 +1,10 @@ +# $OpenBSD: Makefile,v 1.1 2017/12/09 16:43:09 jsing Exp $ + +PROG= configtest +LDADD= -lcrypto -lssl -ltls +DPADD= ${LIBCRYPTO} ${LIBSSL} ${LIBTLS} + +WARNINGS= Yes +CFLAGS+= -Werror + +.include diff --git a/regress/lib/libtls/config/configtest.c b/regress/lib/libtls/config/configtest.c new file mode 100644 index 00000000000..61474aa85c9 --- /dev/null +++ b/regress/lib/libtls/config/configtest.c @@ -0,0 +1,171 @@ +/* $OpenBSD: configtest.c,v 1.1 2017/12/09 16:43:09 jsing Exp $ */ +/* + * Copyright (c) 2017 Joel Sing + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#include +#include +#include + +#include + +struct parse_protocols_test { + const char *protostr; + int want_return; + uint32_t want_protocols; +}; + +struct parse_protocols_test parse_protocols_tests[] = { + { + .protostr = NULL, + .want_return = 0, + .want_protocols = TLS_PROTOCOLS_DEFAULT, + }, + { + .protostr = "default", + .want_return = 0, + .want_protocols = TLS_PROTOCOLS_DEFAULT, + }, + { + .protostr = "secure", + .want_return = 0, + .want_protocols = TLS_PROTOCOLS_DEFAULT, + }, + { + .protostr = "all", + .want_return = 0, + .want_protocols = TLS_PROTOCOLS_ALL, + }, + { + .protostr = "tlsv1", + .want_return = 0, + .want_protocols = TLS_PROTOCOL_TLSv1, + }, + { + .protostr = "tlsv1.2", + .want_return = 0, + .want_protocols = TLS_PROTOCOL_TLSv1_2, + }, + { + .protostr = "", + .want_return = -1, + .want_protocols = 0, + }, + { + .protostr = "tlsv1.0:tlsv1.1:tlsv1.2", + .want_return = 0, + .want_protocols = TLS_PROTOCOL_TLSv1_0 | TLS_PROTOCOL_TLSv1_1 | + TLS_PROTOCOL_TLSv1_2, + }, + { + .protostr = "tlsv1.0,tlsv1.1,tlsv1.2", + .want_return = 0, + .want_protocols = TLS_PROTOCOL_TLSv1_0 | TLS_PROTOCOL_TLSv1_1 | + TLS_PROTOCOL_TLSv1_2, + }, + { + .protostr = "tlsv1.1,tlsv1.2,tlsv1.0", + .want_return = 0, + .want_protocols = TLS_PROTOCOL_TLSv1_0 | TLS_PROTOCOL_TLSv1_1 | + TLS_PROTOCOL_TLSv1_2, + }, + { + .protostr = "tlsv1.1,tlsv1.2,tlsv1.1", + .want_return = 0, + .want_protocols = TLS_PROTOCOL_TLSv1_1 | TLS_PROTOCOL_TLSv1_2, + }, + { + .protostr = "tlsv1.1,tlsv1.2,!tlsv1.1", + .want_return = 0, + .want_protocols = TLS_PROTOCOL_TLSv1_2, + }, + { + .protostr = "unknown", + .want_return = -1, + .want_protocols = 0, + }, + { + .protostr = "all,!unknown", + .want_return = -1, + .want_protocols = 0, + }, + { + .protostr = "sslv3,tlsv1.0,tlsv1.1,tlsv1.2", + .want_return = -1, + .want_protocols = 0, + }, + { + .protostr = "all,!tlsv1.0", + .want_return = 0, + .want_protocols = TLS_PROTOCOL_TLSv1_1 | TLS_PROTOCOL_TLSv1_2, + }, + { + .protostr = "!tlsv1.0", + .want_return = 0, + .want_protocols = TLS_PROTOCOL_TLSv1_1 | TLS_PROTOCOL_TLSv1_2, + }, + { + .protostr = "!tlsv1.0,!tlsv1.1", + .want_return = 0, + .want_protocols = TLS_PROTOCOL_TLSv1_2, + }, + { + .protostr = "!tlsv1.0,!tlsv1.1,tlsv1.2", + .want_return = 0, + .want_protocols = TLS_PROTOCOL_TLSv1_2, + }, +}; + +#define N_PARSE_PROTOCOLS_TESTS \ + (sizeof(parse_protocols_tests) / sizeof(*parse_protocols_tests)) + +static int +do_parse_protocols_test(int test_no, struct parse_protocols_test *ppt) +{ + uint32_t protocols = 0; + int failed = 1; + int rv; + + rv = tls_config_parse_protocols(&protocols, ppt->protostr); + if (rv != ppt->want_return) { + fprintf(stderr, "FAIL: test %i - tls_config_parse_protocols() " + "returned %i, want %i\n", test_no, rv, ppt->want_return); + goto done; + } + if (protocols != ppt->want_protocols) { + fprintf(stderr, "FAIL: test %i - got protocols 0x%x, " + "want 0x%x\n", test_no, protocols, ppt->want_protocols); + goto done; + } + + failed = 0; + + done: + return (failed); +} + +int +main(int argc, char **argv) +{ + int failed = 0; + size_t i; + + tls_init(); + + for (i = 0; i < N_PARSE_PROTOCOLS_TESTS; i++) + failed += do_parse_protocols_test(i, &parse_protocols_tests[i]); + + return (failed); +} -- 2.20.1