diff options
| author | Emilia Kasper <emilia@openssl.org> | 2016-07-21 16:29:48 +0200 |
|---|---|---|
| committer | Emilia Kasper <emilia@openssl.org> | 2016-08-08 12:06:26 +0200 |
| commit | 9f48bbacd8cac8d08dff146db438ab3e19908a7a (patch) | |
| tree | 7650dbd3d696d895c53b153a3d2b8c3881bade88 /test/handshake_helper.c | |
| parent | a4a18b2f891c59fd78ad520da79146af13063892 (diff) | |
Reorganize SSL test structures
Move custom server and client options from the test dictionary to an
"extra" section of each server/client. Rename test expectations to say
"Expected".
This is a big but straightforward change. Primarily, this allows us to
specify multiple server and client contexts without redefining the
custom options for each of them. For example, instead of
"ServerNPNProtocols", "Server2NPNProtocols", "ResumeServerNPNProtocols",
we now have, "NPNProtocols".
This simplifies writing resumption and SNI tests. The first application
will be resumption tests for NPN and ALPN.
Regrouping the options also makes it clearer which options apply to the
server, which apply to the client, which configure the test, and which
are test expectations.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Diffstat (limited to 'test/handshake_helper.c')
| -rw-r--r-- | test/handshake_helper.c | 48 |
1 files changed, 24 insertions, 24 deletions
diff --git a/test/handshake_helper.c b/test/handshake_helper.c index c7023fe0f2..0da8c544ea 100644 --- a/test/handshake_helper.c +++ b/test/handshake_helper.c @@ -269,7 +269,7 @@ static int server_alpn_cb(SSL *s, const unsigned char **out, */ static void configure_handshake_ctx(SSL_CTX *server_ctx, SSL_CTX *server2_ctx, SSL_CTX *client_ctx, - const SSL_TEST_CTX *test_ctx, + const SSL_TEST_EXTRA_CONF *extra, CTX_DATA *server_ctx_data, CTX_DATA *server2_ctx_data, CTX_DATA *client_ctx_data) @@ -277,7 +277,7 @@ static void configure_handshake_ctx(SSL_CTX *server_ctx, SSL_CTX *server2_ctx, unsigned char *ticket_keys; size_t ticket_key_len; - switch (test_ctx->client_verify_callback) { + switch (extra->client.verify_callback) { case SSL_TEST_VERIFY_ACCEPT_ALL: SSL_CTX_set_cert_verify_callback(client_ctx, &verify_accept_cb, NULL); @@ -291,7 +291,7 @@ static void configure_handshake_ctx(SSL_CTX *server_ctx, SSL_CTX *server2_ctx, } /* link the two contexts for SNI purposes */ - switch (test_ctx->servername_callback) { + switch (extra->server.servername_callback) { case SSL_TEST_SERVERNAME_IGNORE_MISMATCH: SSL_CTX_set_tlsext_servername_callback(server_ctx, servername_ignore_cb); SSL_CTX_set_tlsext_servername_arg(server_ctx, server2_ctx); @@ -313,49 +313,49 @@ static void configure_handshake_ctx(SSL_CTX *server_ctx, SSL_CTX *server2_ctx, SSL_CTX_set_tlsext_ticket_key_cb(server2_ctx, do_not_call_session_ticket_cb); - if (test_ctx->session_ticket_expected == SSL_TEST_SESSION_TICKET_BROKEN) { + if (extra->server.broken_session_ticket) { SSL_CTX_set_tlsext_ticket_key_cb(server_ctx, broken_session_ticket_cb); } #ifndef OPENSSL_NO_NEXTPROTONEG - if (test_ctx->server_npn_protocols != NULL) { - parse_protos(test_ctx->server_npn_protocols, + if (extra->server.npn_protocols != NULL) { + parse_protos(extra->server.npn_protocols, &server_ctx_data->npn_protocols, &server_ctx_data->npn_protocols_len); SSL_CTX_set_next_protos_advertised_cb(server_ctx, server_npn_cb, server_ctx_data); } - if (test_ctx->server2_npn_protocols != NULL) { - parse_protos(test_ctx->server2_npn_protocols, + if (extra->server2.npn_protocols != NULL) { + parse_protos(extra->server2.npn_protocols, &server2_ctx_data->npn_protocols, &server2_ctx_data->npn_protocols_len); OPENSSL_assert(server2_ctx != NULL); SSL_CTX_set_next_protos_advertised_cb(server2_ctx, server_npn_cb, server2_ctx_data); } - if (test_ctx->client_npn_protocols != NULL) { - parse_protos(test_ctx->client_npn_protocols, + if (extra->client.npn_protocols != NULL) { + parse_protos(extra->client.npn_protocols, &client_ctx_data->npn_protocols, &client_ctx_data->npn_protocols_len); SSL_CTX_set_next_proto_select_cb(client_ctx, client_npn_cb, client_ctx_data); } - if (test_ctx->server_alpn_protocols != NULL) { - parse_protos(test_ctx->server_alpn_protocols, + if (extra->server.alpn_protocols != NULL) { + parse_protos(extra->server.alpn_protocols, &server_ctx_data->alpn_protocols, &server_ctx_data->alpn_protocols_len); SSL_CTX_set_alpn_select_cb(server_ctx, server_alpn_cb, server_ctx_data); } - if (test_ctx->server2_alpn_protocols != NULL) { + if (extra->server2.alpn_protocols != NULL) { OPENSSL_assert(server2_ctx != NULL); - parse_protos(test_ctx->server2_alpn_protocols, + parse_protos(extra->server2.alpn_protocols, &server2_ctx_data->alpn_protocols, &server2_ctx_data->alpn_protocols_len); SSL_CTX_set_alpn_select_cb(server2_ctx, server_alpn_cb, server2_ctx_data); } - if (test_ctx->client_alpn_protocols != NULL) { + if (extra->client.alpn_protocols != NULL) { unsigned char *alpn_protos = NULL; size_t alpn_protos_len; - parse_protos(test_ctx->client_alpn_protocols, + parse_protos(extra->client.alpn_protocols, &alpn_protos, &alpn_protos_len); /* Reversed return value convention... */ OPENSSL_assert(SSL_CTX_set_alpn_protos(client_ctx, alpn_protos, @@ -377,11 +377,11 @@ static void configure_handshake_ctx(SSL_CTX *server_ctx, SSL_CTX *server2_ctx, /* Configure per-SSL callbacks and other properties. */ static void configure_handshake_ssl(SSL *server, SSL *client, - const SSL_TEST_CTX *test_ctx) + const SSL_TEST_EXTRA_CONF *extra) { - if (test_ctx->servername != SSL_TEST_SERVERNAME_NONE) + if (extra->client.servername != SSL_TEST_SERVERNAME_NONE) SSL_set_tlsext_host_name(client, - ssl_servername_name(test_ctx->servername)); + ssl_servername_name(extra->client.servername)); } @@ -518,7 +518,7 @@ static char *dup_str(const unsigned char *in, size_t len) static HANDSHAKE_RESULT *do_handshake_internal( SSL_CTX *server_ctx, SSL_CTX *server2_ctx, SSL_CTX *client_ctx, - const SSL_TEST_CTX *test_ctx, SSL_SESSION *session_in, + const SSL_TEST_EXTRA_CONF *extra, SSL_SESSION *session_in, SSL_SESSION **session_out) { SSL *server, *client; @@ -542,14 +542,14 @@ static HANDSHAKE_RESULT *do_handshake_internal( memset(&server2_ctx_data, 0, sizeof(server2_ctx_data)); memset(&client_ctx_data, 0, sizeof(client_ctx_data)); - configure_handshake_ctx(server_ctx, server2_ctx, client_ctx, test_ctx, + configure_handshake_ctx(server_ctx, server2_ctx, client_ctx, extra, &server_ctx_data, &server2_ctx_data, &client_ctx_data); server = SSL_new(server_ctx); client = SSL_new(client_ctx); OPENSSL_assert(server != NULL && client != NULL); - configure_handshake_ssl(server, client, test_ctx); + configure_handshake_ssl(server, client, extra); if (session_in != NULL) { /* In case we're testing resumption without tickets. */ OPENSSL_assert(SSL_CTX_add_session(server_ctx, session_in)); @@ -689,7 +689,7 @@ HANDSHAKE_RESULT *do_handshake(SSL_CTX *server_ctx, SSL_CTX *server2_ctx, SSL_SESSION *session = NULL; result = do_handshake_internal(server_ctx, server2_ctx, client_ctx, - test_ctx, NULL, &session); + &test_ctx->extra, NULL, &session); if (test_ctx->handshake_mode == SSL_TEST_HANDSHAKE_SIMPLE) goto end; @@ -703,7 +703,7 @@ HANDSHAKE_RESULT *do_handshake(SSL_CTX *server_ctx, SSL_CTX *server2_ctx, HANDSHAKE_RESULT_free(result); /* We don't support SNI on second handshake yet, so server2_ctx is NULL. */ result = do_handshake_internal(resume_server_ctx, NULL, resume_client_ctx, - test_ctx, session, NULL); + &test_ctx->resume_extra, session, NULL); end: SSL_SESSION_free(session); return result; |