|
Packit |
aea12f |
/*
|
|
Packit |
aea12f |
* Copyright (C) 2004-2016 Free Software Foundation, Inc.
|
|
Packit |
aea12f |
* Copyright (C) 2013 Adam Sampson <ats@offog.org>
|
|
Packit |
aea12f |
* Copyright (C) 2016-2018 Red Hat, Inc.
|
|
Packit |
aea12f |
*
|
|
Packit |
aea12f |
* Author: Simon Josefsson, Nikos Mavrogiannopoulos
|
|
Packit |
aea12f |
*
|
|
Packit |
aea12f |
* This file is part of GnuTLS.
|
|
Packit |
aea12f |
*
|
|
Packit |
aea12f |
* GnuTLS is free software; you can redistribute it and/or modify it
|
|
Packit |
aea12f |
* under the terms of the GNU General Public License as published by
|
|
Packit |
aea12f |
* the Free Software Foundation; either version 3 of the License, or
|
|
Packit |
aea12f |
* (at your option) any later version.
|
|
Packit |
aea12f |
*
|
|
Packit |
aea12f |
* GnuTLS is distributed in the hope that it will be useful, but
|
|
Packit |
aea12f |
* WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
Packit |
aea12f |
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
Packit |
aea12f |
* General Public License for more details.
|
|
Packit |
aea12f |
*
|
|
Packit |
aea12f |
* You should have received a copy of the GNU Lesser General Public License
|
|
Packit |
aea12f |
* along with this program. If not, see <https://www.gnu.org/licenses/>
|
|
Packit |
aea12f |
*/
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
/* Parts copied from GnuTLS example programs. */
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
#ifdef HAVE_CONFIG_H
|
|
Packit |
aea12f |
#include <config.h>
|
|
Packit |
aea12f |
#endif
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
#include <stdio.h>
|
|
Packit |
aea12f |
#include <stdlib.h>
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
#if defined(_WIN32)
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
/* socketpair isn't supported on Win32. */
|
|
Packit |
aea12f |
int main(int argc, char **argv)
|
|
Packit |
aea12f |
{
|
|
Packit |
aea12f |
exit(77);
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
#else
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
#ifndef _GNU_SOURCE
|
|
Packit |
aea12f |
# define _GNU_SOURCE
|
|
Packit |
aea12f |
#endif
|
|
Packit |
aea12f |
#include <string.h>
|
|
Packit |
aea12f |
#include <sys/types.h>
|
|
Packit |
aea12f |
#include <sys/socket.h>
|
|
Packit |
aea12f |
#if !defined(_WIN32)
|
|
Packit |
aea12f |
#include <sys/wait.h>
|
|
Packit |
aea12f |
#endif
|
|
Packit |
aea12f |
#include <unistd.h>
|
|
Packit |
aea12f |
#include <gnutls/gnutls.h>
|
|
Packit |
aea12f |
#include <sys/wait.h>
|
|
Packit |
aea12f |
#include <signal.h>
|
|
Packit |
aea12f |
#include <assert.h>
|
|
Packit |
aea12f |
#include "utils.h"
|
|
Packit |
aea12f |
#include "cert-common.h"
|
|
Packit |
aea12f |
#include "virt-time.h"
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
static void wrap_db_init(void);
|
|
Packit |
aea12f |
static void wrap_db_deinit(void);
|
|
Packit |
aea12f |
static int wrap_db_store(void *dbf, gnutls_datum_t key,
|
|
Packit |
aea12f |
gnutls_datum_t data);
|
|
Packit |
aea12f |
static gnutls_datum_t wrap_db_fetch(void *dbf, gnutls_datum_t key);
|
|
Packit |
aea12f |
static int wrap_db_delete(void *dbf, gnutls_datum_t key);
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
#define TLS_SESSION_CACHE 50
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
struct params_res {
|
|
Packit |
aea12f |
const char *desc;
|
|
Packit |
aea12f |
int enable_db;
|
|
Packit |
aea12f |
int enable_session_ticket_server;
|
|
Packit |
aea12f |
int enable_session_ticket_client;
|
|
Packit |
aea12f |
int expect_resume;
|
|
Packit |
aea12f |
int call_post_client_hello;
|
|
Packit |
aea12f |
int client_cert;
|
|
Packit |
aea12f |
int first_no_ext_master;
|
|
Packit |
aea12f |
int second_no_ext_master;
|
|
Packit |
aea12f |
int try_alpn;
|
|
Packit |
aea12f |
int try_resumed_data;
|
|
Packit |
aea12f |
int try_diff_sni;
|
|
Packit |
aea12f |
int try_sni;
|
|
Packit |
aea12f |
int expire_ticket;
|
|
Packit |
aea12f |
int change_ciphersuite;
|
|
Packit |
aea12f |
int early_start;
|
|
Packit |
aea12f |
int no_early_start;
|
|
Packit |
aea12f |
};
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
pid_t child;
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
struct params_res resume_tests[] = {
|
|
Packit |
aea12f |
#ifndef TLS13
|
|
Packit |
aea12f |
{.desc = "try to resume from db",
|
|
Packit |
aea12f |
.enable_db = 1,
|
|
Packit |
aea12f |
.enable_session_ticket_server = 0,
|
|
Packit |
aea12f |
.enable_session_ticket_client = 0,
|
|
Packit |
aea12f |
.expect_resume = 1},
|
|
Packit |
aea12f |
{.desc = "try to resume from db with post_client_hello",
|
|
Packit |
aea12f |
.enable_db = 1,
|
|
Packit |
aea12f |
.enable_session_ticket_server = 0,
|
|
Packit |
aea12f |
.enable_session_ticket_client = 0,
|
|
Packit |
aea12f |
.call_post_client_hello = 1,
|
|
Packit |
aea12f |
.expect_resume = 1},
|
|
Packit |
aea12f |
{.desc = "try to resume from db using resumed session's data",
|
|
Packit |
aea12f |
.enable_db = 1,
|
|
Packit |
aea12f |
.enable_session_ticket_server = 0,
|
|
Packit |
aea12f |
.enable_session_ticket_client = 0,
|
|
Packit |
aea12f |
.try_resumed_data = 1,
|
|
Packit |
aea12f |
.expect_resume = 1},
|
|
Packit |
aea12f |
{.desc = "try to resume from db and check ALPN",
|
|
Packit |
aea12f |
.enable_db = 1,
|
|
Packit |
aea12f |
.enable_session_ticket_server = 0,
|
|
Packit |
aea12f |
.enable_session_ticket_client = 0,
|
|
Packit |
aea12f |
.try_alpn = 1,
|
|
Packit |
aea12f |
.expect_resume = 1},
|
|
Packit |
aea12f |
{.desc = "try to resume from db (ext master secret -> none)",
|
|
Packit |
aea12f |
.enable_db = 1,
|
|
Packit |
aea12f |
.enable_session_ticket_server = 0,
|
|
Packit |
aea12f |
.enable_session_ticket_client = 0,
|
|
Packit |
aea12f |
.expect_resume = 0,
|
|
Packit |
aea12f |
.first_no_ext_master = 0,
|
|
Packit |
aea12f |
.second_no_ext_master = 1},
|
|
Packit |
aea12f |
{.desc = "try to resume from db (none -> ext master secret)",
|
|
Packit |
aea12f |
.enable_db = 1,
|
|
Packit |
aea12f |
.enable_session_ticket_server = 0,
|
|
Packit |
aea12f |
.enable_session_ticket_client = 0,
|
|
Packit |
aea12f |
.expect_resume = 0,
|
|
Packit |
aea12f |
.first_no_ext_master = 1,
|
|
Packit |
aea12f |
.second_no_ext_master = 0},
|
|
Packit |
aea12f |
#endif
|
|
Packit |
aea12f |
#if defined(TLS13)
|
|
Packit |
aea12f |
/* only makes sense under TLS1.3 as negotiation involves a new
|
|
Packit |
aea12f |
* handshake with different parameters */
|
|
Packit |
aea12f |
{.desc = "try to resume from session ticket (different cipher order)",
|
|
Packit |
aea12f |
.enable_db = 0,
|
|
Packit |
aea12f |
.enable_session_ticket_server = 1,
|
|
Packit |
aea12f |
.enable_session_ticket_client = 1,
|
|
Packit |
aea12f |
.change_ciphersuite = 1,
|
|
Packit |
aea12f |
.expect_resume = 1},
|
|
Packit |
aea12f |
{.desc = "try to resume from session ticket with post_client_hello",
|
|
Packit |
aea12f |
.enable_db = 0,
|
|
Packit |
aea12f |
.enable_session_ticket_server = 1,
|
|
Packit |
aea12f |
.enable_session_ticket_client = 1,
|
|
Packit |
aea12f |
.call_post_client_hello = 1,
|
|
Packit |
aea12f |
.expect_resume = 1},
|
|
Packit |
aea12f |
#endif
|
|
Packit |
aea12f |
#if defined(TLS13) && !defined(USE_PSK)
|
|
Packit |
aea12f |
{.desc = "try to resume from session ticket (early start)",
|
|
Packit |
aea12f |
.enable_db = 0,
|
|
Packit |
aea12f |
.enable_session_ticket_server = 1,
|
|
Packit |
aea12f |
.enable_session_ticket_client = 1,
|
|
Packit |
aea12f |
.early_start = 1,
|
|
Packit |
aea12f |
.expect_resume = 1},
|
|
Packit |
aea12f |
#endif
|
|
Packit |
aea12f |
#if defined(TLS13) && defined(USE_PSK)
|
|
Packit |
aea12f |
/* early start should no happen on PSK. */
|
|
Packit |
aea12f |
{.desc = "try to resume from session ticket (early start)",
|
|
Packit |
aea12f |
.enable_db = 0,
|
|
Packit |
aea12f |
.enable_session_ticket_server = 1,
|
|
Packit |
aea12f |
.enable_session_ticket_client = 1,
|
|
Packit |
aea12f |
.no_early_start = 1,
|
|
Packit |
aea12f |
.expect_resume = 1},
|
|
Packit |
aea12f |
#endif
|
|
Packit |
aea12f |
{.desc = "try to resume from session ticket",
|
|
Packit |
aea12f |
.enable_db = 0,
|
|
Packit |
aea12f |
.enable_session_ticket_server = 1,
|
|
Packit |
aea12f |
.enable_session_ticket_client = 1,
|
|
Packit |
aea12f |
.expect_resume = 1},
|
|
Packit |
aea12f |
{.desc = "try to resume from session ticket (client cert)",
|
|
Packit |
aea12f |
.enable_db = 0,
|
|
Packit |
aea12f |
.client_cert = 1,
|
|
Packit |
aea12f |
.enable_session_ticket_server = 1,
|
|
Packit |
aea12f |
.enable_session_ticket_client = 1,
|
|
Packit |
aea12f |
.expect_resume = 1},
|
|
Packit |
aea12f |
{.desc = "try to resume from session ticket (expired)",
|
|
Packit |
aea12f |
.enable_db = 0,
|
|
Packit |
aea12f |
.enable_session_ticket_server = 1,
|
|
Packit |
aea12f |
.enable_session_ticket_client = 1,
|
|
Packit |
aea12f |
.expire_ticket = 1,
|
|
Packit |
aea12f |
.expect_resume = 0},
|
|
Packit |
aea12f |
{.desc = "try to resume from session ticket using resumed session's data",
|
|
Packit |
aea12f |
.enable_db = 0,
|
|
Packit |
aea12f |
.enable_session_ticket_server = 1,
|
|
Packit |
aea12f |
.enable_session_ticket_client = 1,
|
|
Packit |
aea12f |
.try_resumed_data = 1,
|
|
Packit |
aea12f |
.expect_resume = 1},
|
|
Packit |
aea12f |
#ifndef TLS13
|
|
Packit |
aea12f |
{.desc = "try to resume from session ticket (ext master secret -> none)",
|
|
Packit |
aea12f |
.enable_db = 0,
|
|
Packit |
aea12f |
.enable_session_ticket_server = 1,
|
|
Packit |
aea12f |
.enable_session_ticket_client = 1,
|
|
Packit |
aea12f |
.expect_resume = 0,
|
|
Packit |
aea12f |
.first_no_ext_master = 0,
|
|
Packit |
aea12f |
.second_no_ext_master = 1},
|
|
Packit |
aea12f |
{.desc = "try to resume from session ticket (none -> ext master secret)",
|
|
Packit |
aea12f |
.enable_db = 0,
|
|
Packit |
aea12f |
.enable_session_ticket_server = 1,
|
|
Packit |
aea12f |
.enable_session_ticket_client = 1,
|
|
Packit |
aea12f |
.expect_resume = 0,
|
|
Packit |
aea12f |
.first_no_ext_master = 1,
|
|
Packit |
aea12f |
.second_no_ext_master = 0},
|
|
Packit |
aea12f |
{.desc = "try to resume from session ticket (server only)",
|
|
Packit |
aea12f |
.enable_db = 0,
|
|
Packit |
aea12f |
.enable_session_ticket_server = 1,
|
|
Packit |
aea12f |
.enable_session_ticket_client = 0,
|
|
Packit |
aea12f |
.expect_resume = 0},
|
|
Packit |
aea12f |
{.desc = "try to resume from session ticket (client only)",
|
|
Packit |
aea12f |
.enable_db = 0,
|
|
Packit |
aea12f |
.enable_session_ticket_server = 0,
|
|
Packit |
aea12f |
.enable_session_ticket_client = 1,
|
|
Packit |
aea12f |
.expect_resume = 0},
|
|
Packit |
aea12f |
{.desc = "try to resume from db and ticket",
|
|
Packit |
aea12f |
.enable_db = 1,
|
|
Packit |
aea12f |
.enable_session_ticket_server = 1,
|
|
Packit |
aea12f |
.enable_session_ticket_client = 1,
|
|
Packit |
aea12f |
.expect_resume = 1},
|
|
Packit |
aea12f |
{.desc = "try to resume from db and different SNI",
|
|
Packit |
aea12f |
.enable_db = 1,
|
|
Packit |
aea12f |
.try_sni = 1,
|
|
Packit |
aea12f |
.try_diff_sni = 1,
|
|
Packit |
aea12f |
.expect_resume = 0},
|
|
Packit |
aea12f |
{.desc = "try to resume with ticket and different SNI",
|
|
Packit |
aea12f |
.enable_session_ticket_server = 1,
|
|
Packit |
aea12f |
.enable_session_ticket_client = 1,
|
|
Packit |
aea12f |
.try_sni = 1,
|
|
Packit |
aea12f |
.try_diff_sni = 1,
|
|
Packit |
aea12f |
.expect_resume = 0},
|
|
Packit |
aea12f |
{.desc = "try to resume from db and same SNI",
|
|
Packit |
aea12f |
.enable_db = 1,
|
|
Packit |
aea12f |
.try_sni = 1,
|
|
Packit |
aea12f |
.expect_resume = 1},
|
|
Packit |
aea12f |
#endif
|
|
Packit |
aea12f |
{.desc = "try to resume with ticket and same SNI",
|
|
Packit |
aea12f |
.enable_session_ticket_server = 1,
|
|
Packit |
aea12f |
.enable_session_ticket_client = 1,
|
|
Packit |
aea12f |
.try_sni = 1,
|
|
Packit |
aea12f |
.expect_resume = 1},
|
|
Packit |
aea12f |
{NULL, -1}
|
|
Packit |
aea12f |
};
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
/* A very basic TLS client, with anonymous authentication.
|
|
Packit |
aea12f |
*/
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
#define SESSIONS 3
|
|
Packit |
aea12f |
#define MAX_BUF 5*1024
|
|
Packit |
aea12f |
#define MSG "Hello TLS"
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
#define HANDSHAKE_SESSION_ID_POS (2+32)
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
static void tls_log_func(int level, const char *str)
|
|
Packit |
aea12f |
{
|
|
Packit |
aea12f |
fprintf(stderr, "%s |<%d>| %s", child ? "server" : "client", level,
|
|
Packit |
aea12f |
str);
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
static int post_client_hello_callback(gnutls_session_t session)
|
|
Packit |
aea12f |
{
|
|
Packit |
aea12f |
/* switches the supported ciphersuites to something compatible */
|
|
Packit |
aea12f |
assert(gnutls_priority_set_direct(session, gnutls_session_get_ptr(session), NULL) >= 0);
|
|
Packit |
aea12f |
return 0;
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
static int hsk_hook_cb(gnutls_session_t session, unsigned int htype, unsigned post,
|
|
Packit |
aea12f |
unsigned int incoming, const gnutls_datum_t *_msg)
|
|
Packit |
aea12f |
{
|
|
Packit |
aea12f |
unsigned size;
|
|
Packit |
aea12f |
gnutls_datum_t msg = {_msg->data, _msg->size};
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
/* skip up to session ID */
|
|
Packit |
aea12f |
if (msg.size <= HANDSHAKE_SESSION_ID_POS+6) {
|
|
Packit |
aea12f |
fail("Cannot parse server hello\n");
|
|
Packit |
aea12f |
return -1;
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
msg.data += HANDSHAKE_SESSION_ID_POS;
|
|
Packit |
aea12f |
msg.size -= HANDSHAKE_SESSION_ID_POS;
|
|
Packit |
aea12f |
size = msg.data[0];
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
if (msg.size <= size) {
|
|
Packit |
aea12f |
fail("Cannot parse server hello 2\n");
|
|
Packit |
aea12f |
return -1;
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
msg.data += size;
|
|
Packit |
aea12f |
msg.size -= size;
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
if (memmem(msg.data, msg.size, "\x00\x17\x00\x00", 4) == 0) {
|
|
Packit |
aea12f |
fail("Extended master secret extension was not found in resumed session hello\n");
|
|
Packit |
aea12f |
exit(1);
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
return 0;
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
static void append_alpn(gnutls_session_t session, struct params_res *params, unsigned alpn_counter)
|
|
Packit |
aea12f |
{
|
|
Packit |
aea12f |
gnutls_datum_t protocol;
|
|
Packit |
aea12f |
int ret;
|
|
Packit |
aea12f |
char str[64];
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
if (!params->try_alpn)
|
|
Packit |
aea12f |
return;
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
snprintf(str, sizeof(str), "myproto-%d", alpn_counter);
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
protocol.data = (void*)str;
|
|
Packit |
aea12f |
protocol.size = strlen(str);
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
ret = gnutls_alpn_set_protocols(session, &protocol, 1, 0);
|
|
Packit |
aea12f |
if (ret < 0) {
|
|
Packit |
aea12f |
gnutls_perror(ret);
|
|
Packit |
aea12f |
exit(1);
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
static void verify_alpn(gnutls_session_t session, struct params_res *params, unsigned alpn_counter)
|
|
Packit |
aea12f |
{
|
|
Packit |
aea12f |
int ret;
|
|
Packit |
aea12f |
gnutls_datum_t selected;
|
|
Packit |
aea12f |
char str[64];
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
if (!params->try_alpn)
|
|
Packit |
aea12f |
return;
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
snprintf(str, sizeof(str), "myproto-%d", alpn_counter);
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
ret = gnutls_alpn_get_selected_protocol(session, &selected);
|
|
Packit |
aea12f |
if (ret < 0) {
|
|
Packit |
aea12f |
gnutls_perror(ret);
|
|
Packit |
aea12f |
exit(1);
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
if (strlen(str) != selected.size || memcmp(str, selected.data, selected.size) != 0) {
|
|
Packit |
aea12f |
fail("expected protocol %s, got %.*s\n", str, selected.size, selected.data);
|
|
Packit |
aea12f |
exit(1);
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
if (debug)
|
|
Packit |
aea12f |
success("ALPN got: %s\n", str);
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
static void verify_group(gnutls_session_t session, gnutls_group_t *group, unsigned counter)
|
|
Packit |
aea12f |
{
|
|
Packit |
aea12f |
if (counter == 0) {
|
|
Packit |
aea12f |
*group = gnutls_group_get(session);
|
|
Packit |
aea12f |
return;
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
if (gnutls_group_get(session) != *group) {
|
|
Packit |
aea12f |
fail("expected group %s, got group %s\n", gnutls_group_get_name(*group),
|
|
Packit |
aea12f |
gnutls_group_get_name(gnutls_group_get(session)));
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
static void verify_server_params(gnutls_session_t session, unsigned counter, struct params_res *params)
|
|
Packit |
aea12f |
{
|
|
Packit |
aea12f |
static char id[GNUTLS_MAX_SESSION_ID];
|
|
Packit |
aea12f |
static size_t id_size = 0;
|
|
Packit |
aea12f |
#if defined(USE_PSK)
|
|
Packit |
aea12f |
const char *username;
|
|
Packit |
aea12f |
username = gnutls_psk_server_get_username(session);
|
|
Packit |
aea12f |
if (counter != 0) {
|
|
Packit |
aea12f |
if (username == NULL)
|
|
Packit |
aea12f |
fail("no username was returned on server side resumption\n");
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
if (strcmp(username, "test") != 0)
|
|
Packit |
aea12f |
fail("wrong username was returned on server side resumption\n");
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
#endif
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
if (counter == 0 && params->early_start) {
|
|
Packit |
aea12f |
if (!(gnutls_session_get_flags(session) & GNUTLS_SFLAGS_EARLY_START)) {
|
|
Packit |
aea12f |
fail("early start did not happen on %d!\n", counter);
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
if (counter > 0) {
|
|
Packit |
aea12f |
if (gnutls_session_resumption_requested(session) == 0) {
|
|
Packit |
aea12f |
fail("client did not request resumption!\n");
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
if (params->no_early_start) {
|
|
Packit |
aea12f |
if (gnutls_session_get_flags(session) & GNUTLS_SFLAGS_EARLY_START) {
|
|
Packit |
aea12f |
fail("early start did happen on %d but was not expected!\n", counter);
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
#if defined(USE_X509)
|
|
Packit |
aea12f |
unsigned int l;
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
if (gnutls_certificate_type_get(session) != GNUTLS_CRT_X509)
|
|
Packit |
aea12f |
fail("did not find the expected X509 certificate type! (%d)\n", gnutls_certificate_type_get(session));
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
if (counter == 0 && gnutls_certificate_get_ours(session) == NULL)
|
|
Packit |
aea12f |
fail("no certificate returned on server side (%s)\n", counter ? "resumed session" : "first session");
|
|
Packit |
aea12f |
else if (counter != 0 && gnutls_certificate_get_ours(session) != NULL)
|
|
Packit |
aea12f |
fail("certificate was returned on server side (%s)\n", counter ? "resumed session" : "first session");
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
if (params->client_cert) {
|
|
Packit |
aea12f |
if (gnutls_certificate_get_peers(session, &l) == NULL || l < 1)
|
|
Packit |
aea12f |
fail("no client certificate returned on server side (%s)\n", counter ? "resumed session" : "first session");
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
#endif
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
/* verify whether the session ID remains the same between sessions */
|
|
Packit |
aea12f |
if (counter == 0) {
|
|
Packit |
aea12f |
id_size = sizeof(id);
|
|
Packit |
aea12f |
assert(gnutls_session_get_id(session, id, &id_size) >= 0);
|
|
Packit |
aea12f |
} else {
|
|
Packit |
aea12f |
char id2[GNUTLS_MAX_SESSION_ID];
|
|
Packit |
aea12f |
size_t id2_size = sizeof(id2);
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
if (id_size == 0)
|
|
Packit |
aea12f |
fail("no session ID was set\n");
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
assert(gnutls_session_get_id(session, id2, &id2_size) >= 0);
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
if (id_size != id2_size || memcmp(id, id2, id_size) != 0) {
|
|
Packit |
aea12f |
hexprint(id, id_size);
|
|
Packit |
aea12f |
printf("\n");
|
|
Packit |
aea12f |
hexprint(id2, id2_size);
|
|
Packit |
aea12f |
fail("resumed session ID does not match original\n");
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
return;
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
static void verify_client_params(gnutls_session_t session, unsigned counter)
|
|
Packit |
aea12f |
{
|
|
Packit |
aea12f |
#if defined(USE_X509)
|
|
Packit |
aea12f |
unsigned int l;
|
|
Packit |
aea12f |
if (gnutls_certificate_get_peers(session, &l) == NULL || l < 1)
|
|
Packit |
aea12f |
fail("no server certificate returned on client side (%s)\n", counter ? "resumed session" : "first session");
|
|
Packit |
aea12f |
#else
|
|
Packit |
aea12f |
return;
|
|
Packit |
aea12f |
#endif
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
#ifdef TLS12
|
|
Packit |
aea12f |
# define VERS_STR "+VERS-TLS1.2"
|
|
Packit |
aea12f |
#endif
|
|
Packit |
aea12f |
#ifdef TLS13
|
|
Packit |
aea12f |
# define VERS_STR "-VERS-ALL:+VERS-TLS1.3"
|
|
Packit |
aea12f |
#endif
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
static void client(int sds[], struct params_res *params)
|
|
Packit |
aea12f |
{
|
|
Packit |
aea12f |
int ret, ii;
|
|
Packit |
aea12f |
gnutls_session_t session;
|
|
Packit |
aea12f |
char buffer[MAX_BUF + 1];
|
|
Packit |
aea12f |
unsigned int ext_master_secret_check = 0;
|
|
Packit |
aea12f |
gnutls_group_t pgroup;
|
|
Packit |
aea12f |
char prio_str[256];
|
|
Packit |
aea12f |
const char *dns_name1 = "example.com";
|
|
Packit |
aea12f |
const char *dns_name2 = "www.example.com";
|
|
Packit |
aea12f |
#ifdef USE_PSK
|
|
Packit |
aea12f |
# define PRIO_STR "NONE:"VERS_STR":+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+PSK:+CURVE-ALL"
|
|
Packit |
aea12f |
const gnutls_datum_t pskkey = { (void *) "DEADBEEF", 8 };
|
|
Packit |
aea12f |
gnutls_psk_client_credentials_t pskcred;
|
|
Packit |
aea12f |
#elif defined(USE_ANON)
|
|
Packit |
aea12f |
# define PRIO_STR "NONE:"VERS_STR":+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+ANON-DH:+CURVE-ALL"
|
|
Packit |
aea12f |
gnutls_anon_client_credentials_t anoncred;
|
|
Packit |
aea12f |
#elif defined(USE_X509)
|
|
Packit |
aea12f |
# define PRIO_STR "NONE:"VERS_STR":+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ECDHE-RSA:+RSA:+CURVE-ALL"
|
|
Packit |
aea12f |
gnutls_certificate_credentials_t clientx509cred;
|
|
Packit |
aea12f |
#endif
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
/* Need to enable anonymous KX specifically. */
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
/* variables used in session resuming
|
|
Packit |
aea12f |
*/
|
|
Packit |
aea12f |
int t;
|
|
Packit |
aea12f |
gnutls_datum_t session_data = {NULL, 0};
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
if (debug) {
|
|
Packit |
aea12f |
gnutls_global_set_log_function(tls_log_func);
|
|
Packit |
aea12f |
gnutls_global_set_log_level(4);
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
#ifdef USE_PSK
|
|
Packit |
aea12f |
gnutls_psk_allocate_client_credentials(&pskcred);
|
|
Packit |
aea12f |
gnutls_psk_set_client_credentials(pskcred, "test", &pskkey, GNUTLS_PSK_KEY_HEX);
|
|
Packit |
aea12f |
#elif defined(USE_ANON)
|
|
Packit |
aea12f |
gnutls_anon_allocate_client_credentials(&anoncred);
|
|
Packit |
aea12f |
#elif defined(USE_X509)
|
|
Packit |
aea12f |
gnutls_certificate_allocate_credentials(&clientx509cred);
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
if (params->client_cert) {
|
|
Packit |
aea12f |
assert(gnutls_certificate_set_x509_key_mem(clientx509cred,
|
|
Packit |
aea12f |
&cli_cert, &cli_key,
|
|
Packit |
aea12f |
GNUTLS_X509_FMT_PEM) >= 0);
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
#endif
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
for (t = 0; t < SESSIONS; t++) {
|
|
Packit |
aea12f |
int sd = sds[t];
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
assert(gnutls_init(&session, GNUTLS_CLIENT)>=0);
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
snprintf(prio_str, sizeof(prio_str), "%s", PRIO_STR);
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
/* Use default priorities */
|
|
Packit |
aea12f |
if (params->enable_session_ticket_client == 0) {
|
|
Packit |
aea12f |
strcat(prio_str, ":%NO_TICKETS");
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
if (params->first_no_ext_master && t == 0) {
|
|
Packit |
aea12f |
strcat(prio_str, ":%NO_SESSION_HASH");
|
|
Packit |
aea12f |
ext_master_secret_check = 0;
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
if (params->second_no_ext_master && t > 0) {
|
|
Packit |
aea12f |
strcat(prio_str, ":%NO_SESSION_HASH");
|
|
Packit |
aea12f |
ext_master_secret_check = 0;
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
if (params->change_ciphersuite) {
|
|
Packit |
aea12f |
if (t > 0)
|
|
Packit |
aea12f |
strcat(prio_str, ":-CIPHER-ALL:+AES-256-GCM:+AES-128-GCM");
|
|
Packit |
aea12f |
else
|
|
Packit |
aea12f |
strcat(prio_str, ":-CIPHER-ALL:+AES-128-GCM");
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
append_alpn(session, params, t);
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
ret = gnutls_priority_set_direct(session, prio_str, NULL);
|
|
Packit |
aea12f |
if (ret < 0) {
|
|
Packit |
aea12f |
fail("prio: %s\n", gnutls_strerror(ret));
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
/* put the anonymous credentials to the current session
|
|
Packit |
aea12f |
*/
|
|
Packit |
aea12f |
#ifdef USE_PSK
|
|
Packit |
aea12f |
gnutls_credentials_set(session, GNUTLS_CRD_PSK, pskcred);
|
|
Packit |
aea12f |
#elif defined(USE_ANON)
|
|
Packit |
aea12f |
gnutls_credentials_set(session, GNUTLS_CRD_ANON, anoncred);
|
|
Packit |
aea12f |
#elif defined(USE_X509)
|
|
Packit |
aea12f |
gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, clientx509cred);
|
|
Packit |
aea12f |
#endif
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
if (t > 0) {
|
|
Packit |
aea12f |
/* if this is not the first time we connect */
|
|
Packit |
aea12f |
gnutls_session_set_data(session, session_data.data,
|
|
Packit |
aea12f |
session_data.size);
|
|
Packit |
aea12f |
if (params->try_diff_sni)
|
|
Packit |
aea12f |
gnutls_server_name_set(session, GNUTLS_NAME_DNS, dns_name1, strlen(dns_name1));
|
|
Packit |
aea12f |
else if (params->try_sni)
|
|
Packit |
aea12f |
gnutls_server_name_set(session, GNUTLS_NAME_DNS, dns_name2, strlen(dns_name2));
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
} else {
|
|
Packit |
aea12f |
if (params->try_sni)
|
|
Packit |
aea12f |
gnutls_server_name_set(session, GNUTLS_NAME_DNS, dns_name2, strlen(dns_name2));
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
if (ext_master_secret_check)
|
|
Packit |
aea12f |
gnutls_handshake_set_hook_function(session, GNUTLS_HANDSHAKE_SERVER_HELLO, GNUTLS_HOOK_PRE, hsk_hook_cb);
|
|
Packit |
aea12f |
gnutls_transport_set_int(session, sd);
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
/* Perform the TLS handshake
|
|
Packit |
aea12f |
*/
|
|
Packit |
aea12f |
gnutls_handshake_set_timeout(session, 20 * 1000);
|
|
Packit |
aea12f |
do {
|
|
Packit |
aea12f |
ret = gnutls_handshake(session);
|
|
Packit |
aea12f |
} while (ret < 0 && gnutls_error_is_fatal(ret) == 0);
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
if (ret < 0) {
|
|
Packit |
aea12f |
fail("client: Handshake failed\n");
|
|
Packit |
aea12f |
gnutls_perror(ret);
|
|
Packit |
aea12f |
goto end;
|
|
Packit |
aea12f |
} else {
|
|
Packit |
aea12f |
if (debug)
|
|
Packit |
aea12f |
success
|
|
Packit |
aea12f |
("client: Handshake was completed\n");
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
ext_master_secret_check = 0;
|
|
Packit |
aea12f |
if (t == 0) {
|
|
Packit |
aea12f |
ext_master_secret_check = gnutls_session_ext_master_secret_status(session);
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
/* get the session data size */
|
|
Packit |
aea12f |
ret =
|
|
Packit |
aea12f |
gnutls_session_get_data2(session,
|
|
Packit |
aea12f |
&session_data);
|
|
Packit |
aea12f |
if (ret < 0)
|
|
Packit |
aea12f |
fail("Getting resume data failed\n");
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
} else { /* the second time we connect */
|
|
Packit |
aea12f |
if (params->try_resumed_data) {
|
|
Packit |
aea12f |
gnutls_free(session_data.data);
|
|
Packit |
aea12f |
ret =
|
|
Packit |
aea12f |
gnutls_session_get_data2(session,
|
|
Packit |
aea12f |
&session_data);
|
|
Packit |
aea12f |
if (ret < 0)
|
|
Packit |
aea12f |
fail("Getting resume data failed\n");
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
/* check if we actually resumed the previous session */
|
|
Packit |
aea12f |
if (gnutls_session_is_resumed(session) != 0) {
|
|
Packit |
aea12f |
if (params->expect_resume) {
|
|
Packit |
aea12f |
if (debug)
|
|
Packit |
aea12f |
success
|
|
Packit |
aea12f |
("- Previous session was resumed\n");
|
|
Packit |
aea12f |
} else
|
|
Packit |
aea12f |
fail("- Previous session was resumed but NOT expected\n");
|
|
Packit |
aea12f |
} else {
|
|
Packit |
aea12f |
if (params->expect_resume) {
|
|
Packit |
aea12f |
fail("*** Previous session was NOT resumed\n");
|
|
Packit |
aea12f |
} else {
|
|
Packit |
aea12f |
if (debug)
|
|
Packit |
aea12f |
success
|
|
Packit |
aea12f |
("*** Previous session was NOT resumed (expected)\n");
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
if (params->change_ciphersuite) {
|
|
Packit |
aea12f |
/* check if the expected cipher was negotiated */
|
|
Packit |
aea12f |
if (gnutls_cipher_get(session) != GNUTLS_CIPHER_AES_128_GCM) {
|
|
Packit |
aea12f |
fail("negotiated different cipher: %s\n",
|
|
Packit |
aea12f |
gnutls_cipher_get_name(gnutls_cipher_get(session)));
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
verify_alpn(session, params, t);
|
|
Packit |
aea12f |
verify_group(session, &pgroup, t);
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
if (params->expect_resume)
|
|
Packit |
aea12f |
verify_client_params(session, t);
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
gnutls_record_send(session, MSG, strlen(MSG));
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
do {
|
|
Packit |
aea12f |
ret = gnutls_record_recv(session, buffer, MAX_BUF);
|
|
Packit |
aea12f |
} while (ret == GNUTLS_E_AGAIN);
|
|
Packit |
aea12f |
if (ret == 0) {
|
|
Packit |
aea12f |
if (debug)
|
|
Packit |
aea12f |
success
|
|
Packit |
aea12f |
("client: Peer has closed the TLS connection\n");
|
|
Packit |
aea12f |
goto end;
|
|
Packit |
aea12f |
} else if (ret < 0) {
|
|
Packit |
aea12f |
fail("client: Error: %s\n", gnutls_strerror(ret));
|
|
Packit |
aea12f |
goto end;
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
if (debug) {
|
|
Packit |
aea12f |
printf("- Received %d bytes: ", ret);
|
|
Packit |
aea12f |
for (ii = 0; ii < ret; ii++) {
|
|
Packit |
aea12f |
fputc(buffer[ii], stdout);
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
fputs("\n", stdout);
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
gnutls_bye(session, GNUTLS_SHUT_RDWR);
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
close(sd);
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
gnutls_deinit(session);
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
gnutls_free(session_data.data);
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
end:
|
|
Packit |
aea12f |
#ifdef USE_PSK
|
|
Packit |
aea12f |
gnutls_psk_free_client_credentials(pskcred);
|
|
Packit |
aea12f |
#elif defined(USE_ANON)
|
|
Packit |
aea12f |
gnutls_anon_free_client_credentials(anoncred);
|
|
Packit |
aea12f |
#elif defined(USE_X509)
|
|
Packit |
aea12f |
gnutls_certificate_free_credentials(clientx509cred);
|
|
Packit |
aea12f |
#endif
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
#define DH_BITS 1024
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
/* These are global */
|
|
Packit |
aea12f |
static gnutls_datum_t session_ticket_key = { NULL, 0 };
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
static gnutls_dh_params_t dh_params;
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
#ifdef USE_PSK
|
|
Packit |
aea12f |
gnutls_psk_server_credentials_t pskcred;
|
|
Packit |
aea12f |
#elif defined(USE_ANON)
|
|
Packit |
aea12f |
gnutls_anon_server_credentials_t anoncred;
|
|
Packit |
aea12f |
#elif defined(USE_X509)
|
|
Packit |
aea12f |
gnutls_certificate_credentials_t serverx509cred;
|
|
Packit |
aea12f |
#endif
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
static int generate_dh_params(void)
|
|
Packit |
aea12f |
{
|
|
Packit |
aea12f |
const gnutls_datum_t p3 = { (void *) pkcs3, strlen(pkcs3) };
|
|
Packit |
aea12f |
/* Generate Diffie-Hellman parameters - for use with DHE
|
|
Packit |
aea12f |
* kx algorithms. These should be discarded and regenerated
|
|
Packit |
aea12f |
* once a day, once a week or once a month. Depending on the
|
|
Packit |
aea12f |
* security requirements.
|
|
Packit |
aea12f |
*/
|
|
Packit |
aea12f |
gnutls_dh_params_init(&dh_params);
|
|
Packit |
aea12f |
return gnutls_dh_params_import_pkcs3(dh_params, &p3,
|
|
Packit |
aea12f |
GNUTLS_X509_FMT_PEM);
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
static void global_stop(void)
|
|
Packit |
aea12f |
{
|
|
Packit |
aea12f |
if (debug)
|
|
Packit |
aea12f |
success("global stop\n");
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
#ifdef USE_PSK
|
|
Packit |
aea12f |
gnutls_psk_free_server_credentials(pskcred);
|
|
Packit |
aea12f |
#elif defined(USE_ANON)
|
|
Packit |
aea12f |
gnutls_anon_free_server_credentials(anoncred);
|
|
Packit |
aea12f |
#elif defined(USE_X509)
|
|
Packit |
aea12f |
gnutls_certificate_free_credentials(serverx509cred);
|
|
Packit |
aea12f |
#endif
|
|
Packit |
aea12f |
gnutls_dh_params_deinit(dh_params);
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
#ifdef USE_PSK
|
|
Packit |
aea12f |
static int
|
|
Packit |
aea12f |
pskfunc(gnutls_session_t session, const char *username,
|
|
Packit |
aea12f |
gnutls_datum_t * key)
|
|
Packit |
aea12f |
{
|
|
Packit |
aea12f |
if (debug)
|
|
Packit |
aea12f |
printf("psk: username %s\n", username);
|
|
Packit |
aea12f |
key->data = gnutls_malloc(4);
|
|
Packit |
aea12f |
key->data[0] = 0xDE;
|
|
Packit |
aea12f |
key->data[1] = 0xAD;
|
|
Packit |
aea12f |
key->data[2] = 0xBE;
|
|
Packit |
aea12f |
key->data[3] = 0xEF;
|
|
Packit |
aea12f |
key->size = 4;
|
|
Packit |
aea12f |
return 0;
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
#endif
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
static void server(int sds[], struct params_res *params)
|
|
Packit |
aea12f |
{
|
|
Packit |
aea12f |
int t;
|
|
Packit |
aea12f |
int ret;
|
|
Packit |
aea12f |
gnutls_session_t session;
|
|
Packit |
aea12f |
char buffer[MAX_BUF + 1];
|
|
Packit |
aea12f |
gnutls_group_t pgroup;
|
|
Packit |
aea12f |
unsigned iflags = GNUTLS_SERVER;
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
virt_time_init();
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
if (params->early_start || params->no_early_start)
|
|
Packit |
aea12f |
iflags |= GNUTLS_ENABLE_EARLY_START;
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
/* this must be called once in the program, it is mostly for the server.
|
|
Packit |
aea12f |
*/
|
|
Packit |
aea12f |
if (debug) {
|
|
Packit |
aea12f |
gnutls_global_set_log_function(tls_log_func);
|
|
Packit |
aea12f |
gnutls_global_set_log_level(4);
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
#ifdef USE_PSK
|
|
Packit |
aea12f |
gnutls_psk_allocate_server_credentials(&pskcred);
|
|
Packit |
aea12f |
gnutls_psk_set_server_credentials_function(pskcred, pskfunc);
|
|
Packit |
aea12f |
#elif defined(USE_ANON)
|
|
Packit |
aea12f |
gnutls_anon_allocate_server_credentials(&anoncred);
|
|
Packit |
aea12f |
#elif defined(USE_X509)
|
|
Packit |
aea12f |
gnutls_certificate_allocate_credentials(&serverx509cred);
|
|
Packit |
aea12f |
assert(gnutls_certificate_set_x509_key_mem(serverx509cred,
|
|
Packit |
aea12f |
&server_cert, &server_key, GNUTLS_X509_FMT_PEM) >= 0);
|
|
Packit |
aea12f |
#endif
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
if (debug)
|
|
Packit |
aea12f |
success("Launched, generating DH parameters...\n");
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
generate_dh_params();
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
#if USE_ANON
|
|
Packit |
aea12f |
gnutls_anon_set_server_dh_params(anoncred, dh_params);
|
|
Packit |
aea12f |
#endif
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
if (params->enable_db) {
|
|
Packit |
aea12f |
wrap_db_init();
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
if (params->enable_session_ticket_server)
|
|
Packit |
aea12f |
gnutls_session_ticket_key_generate(&session_ticket_key);
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
for (t = 0; t < SESSIONS; t++) {
|
|
Packit |
aea12f |
int sd = sds[t];
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
assert(gnutls_init(&session, iflags) >= 0);
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
/* avoid calling all the priority functions, since the defaults
|
|
Packit |
aea12f |
* are adequate.
|
|
Packit |
aea12f |
*/
|
|
Packit |
aea12f |
assert(gnutls_priority_set_direct(session,
|
|
Packit |
aea12f |
PRIO_STR,
|
|
Packit |
aea12f |
NULL) >= 0);
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
#if defined(USE_X509)
|
|
Packit |
aea12f |
if (params->client_cert) {
|
|
Packit |
aea12f |
gnutls_certificate_server_set_request(session,
|
|
Packit |
aea12f |
GNUTLS_CERT_REQUIRE);
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
#endif
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
gnutls_dh_set_prime_bits(session, DH_BITS);
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
if (params->enable_db) {
|
|
Packit |
aea12f |
gnutls_db_set_retrieve_function(session, wrap_db_fetch);
|
|
Packit |
aea12f |
gnutls_db_set_remove_function(session, wrap_db_delete);
|
|
Packit |
aea12f |
gnutls_db_set_store_function(session, wrap_db_store);
|
|
Packit |
aea12f |
gnutls_db_set_ptr(session, NULL);
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
if (params->enable_session_ticket_server)
|
|
Packit |
aea12f |
gnutls_session_ticket_enable_server(session,
|
|
Packit |
aea12f |
&session_ticket_key);
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
append_alpn(session, params, t);
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
if (params->expire_ticket) {
|
|
Packit |
aea12f |
gnutls_db_set_cache_expiration(session, 45);
|
|
Packit |
aea12f |
virt_sec_sleep(60);
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
#ifdef USE_PSK
|
|
Packit |
aea12f |
gnutls_credentials_set(session, GNUTLS_CRD_PSK, pskcred);
|
|
Packit |
aea12f |
#elif defined(USE_ANON)
|
|
Packit |
aea12f |
gnutls_credentials_set(session, GNUTLS_CRD_ANON, anoncred);
|
|
Packit |
aea12f |
#elif defined(USE_X509)
|
|
Packit |
aea12f |
gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, serverx509cred);
|
|
Packit |
aea12f |
#endif
|
|
Packit |
aea12f |
gnutls_transport_set_int(session, sd);
|
|
Packit |
aea12f |
gnutls_handshake_set_timeout(session, 20 * 1000);
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
if (params->call_post_client_hello) {
|
|
Packit |
aea12f |
gnutls_session_set_ptr(session, PRIO_STR);
|
|
Packit |
aea12f |
gnutls_handshake_set_post_client_hello_function(session,
|
|
Packit |
aea12f |
post_client_hello_callback);
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
do {
|
|
Packit |
aea12f |
ret = gnutls_handshake(session);
|
|
Packit |
aea12f |
} while (ret < 0 && gnutls_error_is_fatal(ret) == 0);
|
|
Packit |
aea12f |
if (ret < 0) {
|
|
Packit |
aea12f |
close(sd);
|
|
Packit |
aea12f |
gnutls_deinit(session);
|
|
Packit |
aea12f |
kill(child, SIGTERM);
|
|
Packit |
aea12f |
fail("server: Handshake has failed (%s)\n\n",
|
|
Packit |
aea12f |
gnutls_strerror(ret));
|
|
Packit |
aea12f |
return;
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
if (debug)
|
|
Packit |
aea12f |
success("server: Handshake was completed\n");
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
if (t > 0 && params->expect_resume) {
|
|
Packit |
aea12f |
ret = gnutls_session_is_resumed(session);
|
|
Packit |
aea12f |
if (ret == 0) {
|
|
Packit |
aea12f |
fail("server: session_is_resumed error (%d)\n", t);
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
verify_alpn(session, params, t);
|
|
Packit |
aea12f |
verify_group(session, &pgroup, t);
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
if (params->expect_resume)
|
|
Packit |
aea12f |
verify_server_params(session, t, params);
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
/* see the Getting peer's information example */
|
|
Packit |
aea12f |
/* print_info(session); */
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
for (;;) {
|
|
Packit |
aea12f |
memset(buffer, 0, MAX_BUF + 1);
|
|
Packit |
aea12f |
ret = gnutls_record_recv(session, buffer, MAX_BUF);
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
if (ret == 0) {
|
|
Packit |
aea12f |
if (debug)
|
|
Packit |
aea12f |
success
|
|
Packit |
aea12f |
("server: Peer has closed the GnuTLS connection\n");
|
|
Packit |
aea12f |
break;
|
|
Packit |
aea12f |
} else if (ret < 0) {
|
|
Packit |
aea12f |
kill(child, SIGTERM);
|
|
Packit |
aea12f |
fail("server: Received corrupted data(%d). Closing...\n", ret);
|
|
Packit |
aea12f |
break;
|
|
Packit |
aea12f |
} else if (ret > 0) {
|
|
Packit |
aea12f |
/* echo data back to the client
|
|
Packit |
aea12f |
*/
|
|
Packit |
aea12f |
gnutls_record_send(session, buffer,
|
|
Packit |
aea12f |
strlen(buffer));
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
/* do not wait for the peer to close the connection.
|
|
Packit |
aea12f |
*/
|
|
Packit |
aea12f |
gnutls_bye(session, GNUTLS_SHUT_WR);
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
close(sd);
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
gnutls_deinit(session);
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
if (params->enable_db) {
|
|
Packit |
aea12f |
wrap_db_deinit();
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
gnutls_free(session_ticket_key.data);
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
if (debug)
|
|
Packit |
aea12f |
success("server: finished\n");
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
void doit(void)
|
|
Packit |
aea12f |
{
|
|
Packit |
aea12f |
int i, err;
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
signal(SIGCHLD, SIG_IGN);
|
|
Packit |
aea12f |
signal(SIGPIPE, SIG_IGN);
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
for (i = 0; resume_tests[i].desc; i++) {
|
|
Packit |
aea12f |
int client_sds[SESSIONS], server_sds[SESSIONS];
|
|
Packit |
aea12f |
int j;
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
printf("%s\n", resume_tests[i].desc);
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
for (j = 0; j < SESSIONS; j++) {
|
|
Packit |
aea12f |
int sockets[2];
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
err = socketpair(AF_UNIX, SOCK_STREAM, 0, sockets);
|
|
Packit |
aea12f |
if (err == -1) {
|
|
Packit |
aea12f |
perror("socketpair");
|
|
Packit |
aea12f |
fail("socketpair failed\n");
|
|
Packit |
aea12f |
return;
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
server_sds[j] = sockets[0];
|
|
Packit |
aea12f |
client_sds[j] = sockets[1];
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
child = fork();
|
|
Packit |
aea12f |
if (child < 0) {
|
|
Packit |
aea12f |
perror("fork");
|
|
Packit |
aea12f |
fail("fork");
|
|
Packit |
aea12f |
return;
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
if (child) {
|
|
Packit |
aea12f |
int status = 0;
|
|
Packit |
aea12f |
/* parent */
|
|
Packit |
aea12f |
for (j = 0; j < SESSIONS; j++)
|
|
Packit |
aea12f |
close(client_sds[j]);
|
|
Packit |
aea12f |
server(server_sds, &resume_tests[i]);
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
waitpid(child, &status, 0);
|
|
Packit |
aea12f |
check_wait_status(status);
|
|
Packit |
aea12f |
global_stop();
|
|
Packit |
aea12f |
} else {
|
|
Packit |
aea12f |
for (j = 0; j < SESSIONS; j++)
|
|
Packit |
aea12f |
close(server_sds[j]);
|
|
Packit |
aea12f |
client(client_sds, &resume_tests[i]);
|
|
Packit |
aea12f |
exit(0);
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
/* Functions and other stuff needed for session resuming.
|
|
Packit |
aea12f |
* This is done using a very simple list which holds session ids
|
|
Packit |
aea12f |
* and session data.
|
|
Packit |
aea12f |
*/
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
#define MAX_SESSION_ID_SIZE 32
|
|
Packit |
aea12f |
#define MAX_SESSION_DATA_SIZE 1024
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
typedef struct {
|
|
Packit |
aea12f |
unsigned char session_id[MAX_SESSION_ID_SIZE];
|
|
Packit |
aea12f |
unsigned int session_id_size;
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
char session_data[MAX_SESSION_DATA_SIZE];
|
|
Packit |
aea12f |
int session_data_size;
|
|
Packit |
aea12f |
} CACHE;
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
static CACHE *cache_db;
|
|
Packit |
aea12f |
static int cache_db_ptr = 0;
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
static void wrap_db_init(void)
|
|
Packit |
aea12f |
{
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
/* allocate cache_db */
|
|
Packit |
aea12f |
cache_db = calloc(1, TLS_SESSION_CACHE * sizeof(CACHE));
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
static void wrap_db_deinit(void)
|
|
Packit |
aea12f |
{
|
|
Packit |
aea12f |
free(cache_db);
|
|
Packit |
aea12f |
cache_db = NULL;
|
|
Packit |
aea12f |
return;
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
static int
|
|
Packit |
aea12f |
wrap_db_store(void *dbf, gnutls_datum_t key, gnutls_datum_t data)
|
|
Packit |
aea12f |
{
|
|
Packit |
aea12f |
time_t t, e, now = time(0);
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
#ifdef DEBUG_CACHE
|
|
Packit |
aea12f |
if (debug) {
|
|
Packit |
aea12f |
unsigned int i;
|
|
Packit |
aea12f |
fprintf(stderr, "resume db storing (%d-%d): ", key.size,
|
|
Packit |
aea12f |
data.size);
|
|
Packit |
aea12f |
for (i = 0; i < key.size; i++) {
|
|
Packit |
aea12f |
fprintf(stderr, "%02x", key.data[i] & 0xFF);
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
fprintf(stderr, "\n");
|
|
Packit |
aea12f |
fprintf(stderr, "data: ");
|
|
Packit |
aea12f |
for (i = 0; i < data.size; i++) {
|
|
Packit |
aea12f |
fprintf(stderr, "%02x", data.data[i] & 0xFF);
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
fprintf(stderr, "\n");
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
#endif
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
/* check the correctness of gnutls_db_check_entry_time() */
|
|
Packit |
aea12f |
t = gnutls_db_check_entry_time(&data);
|
|
Packit |
aea12f |
if (t < now - 10 || t > now + 10) {
|
|
Packit |
aea12f |
fail("Time returned by gnutls_db_check_entry_time is bogus\n");
|
|
Packit |
aea12f |
exit(1);
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
/* check the correctness of gnutls_db_check_entry_expire_time() */
|
|
Packit |
aea12f |
e = gnutls_db_check_entry_expire_time(&data);
|
|
Packit |
aea12f |
if (e < t) {
|
|
Packit |
aea12f |
fail("Time returned by gnutls_db_check_entry_expire_time is bogus\n");
|
|
Packit |
aea12f |
exit(1);
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
if (cache_db == NULL)
|
|
Packit |
aea12f |
return -1;
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
if (key.size > MAX_SESSION_ID_SIZE) {
|
|
Packit |
aea12f |
fail("Key size is too large\n");
|
|
Packit |
aea12f |
return -1;
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
if (data.size > MAX_SESSION_DATA_SIZE) {
|
|
Packit |
aea12f |
fail("Data size is too large\n");
|
|
Packit |
aea12f |
return -1;
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
memcpy(cache_db[cache_db_ptr].session_id, key.data, key.size);
|
|
Packit |
aea12f |
cache_db[cache_db_ptr].session_id_size = key.size;
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
memcpy(cache_db[cache_db_ptr].session_data, data.data, data.size);
|
|
Packit |
aea12f |
cache_db[cache_db_ptr].session_data_size = data.size;
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
cache_db_ptr++;
|
|
Packit |
aea12f |
cache_db_ptr %= TLS_SESSION_CACHE;
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
return 0;
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
static gnutls_datum_t wrap_db_fetch(void *dbf, gnutls_datum_t key)
|
|
Packit |
aea12f |
{
|
|
Packit |
aea12f |
gnutls_datum_t res = { NULL, 0 };
|
|
Packit |
aea12f |
unsigned i;
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
if (debug) {
|
|
Packit |
aea12f |
fprintf(stderr, "resume db looking for (%d): ", key.size);
|
|
Packit |
aea12f |
for (i = 0; i < key.size; i++) {
|
|
Packit |
aea12f |
fprintf(stderr, "%02x", key.data[i] & 0xFF);
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
fprintf(stderr, "\n");
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
if (cache_db == NULL)
|
|
Packit |
aea12f |
return res;
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
for (i = 0; i < TLS_SESSION_CACHE; i++) {
|
|
Packit |
aea12f |
if (key.size == cache_db[i].session_id_size &&
|
|
Packit |
aea12f |
memcmp(key.data, cache_db[i].session_id,
|
|
Packit |
aea12f |
key.size) == 0) {
|
|
Packit |
aea12f |
if (debug)
|
|
Packit |
aea12f |
success
|
|
Packit |
aea12f |
("resume db fetch... return info\n");
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
res.size = cache_db[i].session_data_size;
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
res.data = gnutls_malloc(res.size);
|
|
Packit |
aea12f |
if (res.data == NULL)
|
|
Packit |
aea12f |
return res;
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
memcpy(res.data, cache_db[i].session_data,
|
|
Packit |
aea12f |
res.size);
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
#ifdef DEBUG_CACHE
|
|
Packit |
aea12f |
if (debug) {
|
|
Packit |
aea12f |
unsigned int j;
|
|
Packit |
aea12f |
printf("data:\n");
|
|
Packit |
aea12f |
for (j = 0; j < res.size; j++) {
|
|
Packit |
aea12f |
printf("%02x ",
|
|
Packit |
aea12f |
res.data[j] & 0xFF);
|
|
Packit |
aea12f |
if ((j + 1) % 16 == 0)
|
|
Packit |
aea12f |
printf("\n");
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
printf("\n");
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
#endif
|
|
Packit |
aea12f |
return res;
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
if (debug)
|
|
Packit |
aea12f |
success("resume db fetch... NOT FOUND\n");
|
|
Packit |
aea12f |
return res;
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
static int wrap_db_delete(void *dbf, gnutls_datum_t key)
|
|
Packit |
aea12f |
{
|
|
Packit |
aea12f |
int i;
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
if (cache_db == NULL)
|
|
Packit |
aea12f |
return -1;
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
for (i = 0; i < TLS_SESSION_CACHE; i++) {
|
|
Packit |
aea12f |
if (key.size == cache_db[i].session_id_size &&
|
|
Packit |
aea12f |
memcmp(key.data, cache_db[i].session_id,
|
|
Packit |
aea12f |
key.size) == 0) {
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
cache_db[i].session_id_size = 0;
|
|
Packit |
aea12f |
cache_db[i].session_data_size = 0;
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
return 0;
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
return -1;
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
#endif /* _WIN32 */
|