summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorjsing <>2017-08-11 21:22:12 +0000
committerjsing <>2017-08-11 21:22:12 +0000
commit2409f88a83fbcade974d9dd7ede30e636737882a (patch)
tree684cdf85f3bc486dfab36f51292a7d1cd9a9da81
parent7ed8ddc54257652c0495d50b2f704c99c40abaf0 (diff)
downloadopenbsd-2409f88a83fbcade974d9dd7ede30e636737882a.tar.gz
openbsd-2409f88a83fbcade974d9dd7ede30e636737882a.tar.bz2
openbsd-2409f88a83fbcade974d9dd7ede30e636737882a.zip
Be consistent with goto labels, failure flag and use of FAIL macro.
Diffstat
-rw-r--r--src/regress/lib/libssl/tlsext/tlsexttest.c233
1 files changed, 105 insertions, 128 deletions
diff --git a/src/regress/lib/libssl/tlsext/tlsexttest.c b/src/regress/lib/libssl/tlsext/tlsexttest.c
index 8ffdcf4443..aa7230c74a 100644
--- a/src/regress/lib/libssl/tlsext/tlsexttest.c
+++ b/src/regress/lib/libssl/tlsext/tlsexttest.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: tlsexttest.c,v 1.7 2017/08/11 21:13:12 jsing Exp $ */ 1/* $OpenBSD: tlsexttest.c,v 1.8 2017/08/11 21:22:12 jsing Exp $ */
2/* 2/*
3 * Copyright (c) 2017 Joel Sing <jsing@openbsd.org> 3 * Copyright (c) 2017 Joel Sing <jsing@openbsd.org>
4 * Copyright (c) 2017 Doug Hogan <doug@openbsd.org> 4 * Copyright (c) 2017 Doug Hogan <doug@openbsd.org>
@@ -866,12 +866,14 @@ test_tlsext_ri_clienthello(void)
866 unsigned char *data = NULL; 866 unsigned char *data = NULL;
867 SSL_CTX *ssl_ctx = NULL; 867 SSL_CTX *ssl_ctx = NULL;
868 SSL *ssl = NULL; 868 SSL *ssl = NULL;
869 int failure = 0; 869 int failure;
870 size_t dlen; 870 size_t dlen;
871 int alert; 871 int alert;
872 CBB cbb; 872 CBB cbb;
873 CBS cbs; 873 CBS cbs;
874 874
875 failure = 1;
876
875 CBB_init(&cbb, 0); 877 CBB_init(&cbb, 0);
876 878
877 if ((ssl_ctx = SSL_CTX_new(TLSv1_2_client_method())) == NULL) 879 if ((ssl_ctx = SSL_CTX_new(TLSv1_2_client_method())) == NULL)
@@ -880,21 +882,18 @@ test_tlsext_ri_clienthello(void)
880 errx(1, "failed to create SSL"); 882 errx(1, "failed to create SSL");
881 883
882 if (tlsext_ri_clienthello_needs(ssl)) { 884 if (tlsext_ri_clienthello_needs(ssl)) {
883 fprintf(stderr, "FAIL: clienthello should not need RI\n"); 885 FAIL("clienthello should not need RI\n");
884 failure = 1; 886 goto err;
885 goto done;
886 } 887 }
887 888
888 if (!SSL_renegotiate(ssl)) { 889 if (!SSL_renegotiate(ssl)) {
889 fprintf(stderr, "FAIL: client failed to set renegotiate\n"); 890 FAIL("client failed to set renegotiate\n");
890 failure = 1; 891 goto err;
891 goto done;
892 } 892 }
893 893
894 if (!tlsext_ri_clienthello_needs(ssl)) { 894 if (!tlsext_ri_clienthello_needs(ssl)) {
895 fprintf(stderr, "FAIL: clienthello should need RI\n"); 895 FAIL("clienthello should need RI\n");
896 failure = 1; 896 goto err;
897 goto done;
898 } 897 }
899 898
900 memcpy(S3I(ssl)->previous_client_finished, tlsext_ri_prev_client, 899 memcpy(S3I(ssl)->previous_client_finished, tlsext_ri_prev_client,
@@ -904,47 +903,41 @@ test_tlsext_ri_clienthello(void)
904 S3I(ssl)->renegotiate_seen = 0; 903 S3I(ssl)->renegotiate_seen = 0;
905 904
906 if (!tlsext_ri_clienthello_build(ssl, &cbb)) { 905 if (!tlsext_ri_clienthello_build(ssl, &cbb)) {
907 fprintf(stderr, "FAIL: clienthello failed to build RI\n"); 906 FAIL("clienthello failed to build RI\n");
908 failure = 1; 907 goto err;
909 goto done;
910 } 908 }
911 909
912 if (!CBB_finish(&cbb, &data, &dlen)) 910 if (!CBB_finish(&cbb, &data, &dlen))
913 errx(1, "failed to finish CBB"); 911 errx(1, "failed to finish CBB");
914 912
915 if (dlen != sizeof(tlsext_ri_clienthello)) { 913 if (dlen != sizeof(tlsext_ri_clienthello)) {
916 fprintf(stderr, "FAIL: got clienthello RI with length %zu, " 914 FAIL("got clienthello RI with length %zu, "
917 "want length %zu\n", dlen, sizeof(tlsext_ri_clienthello)); 915 "want length %zu\n", dlen, sizeof(tlsext_ri_clienthello));
918 failure = 1; 916 goto err;
919 goto done;
920 } 917 }
921 918
922 if (memcmp(data, tlsext_ri_clienthello, dlen) != 0) { 919 if (memcmp(data, tlsext_ri_clienthello, dlen) != 0) {
923 fprintf(stderr, "FAIL: clienthello RI differs:\n"); 920 FAIL("clienthello RI differs:\n");
924 fprintf(stderr, "received:\n"); 921 fprintf(stderr, "received:\n");
925 hexdump(data, dlen); 922 hexdump(data, dlen);
926 fprintf(stderr, "test data:\n"); 923 fprintf(stderr, "test data:\n");
927 hexdump(tlsext_ri_clienthello, sizeof(tlsext_ri_clienthello)); 924 hexdump(tlsext_ri_clienthello, sizeof(tlsext_ri_clienthello));
928 failure = 1; 925 goto err;
929 goto done;
930 } 926 }
931 927
932 CBS_init(&cbs, tlsext_ri_clienthello, sizeof(tlsext_ri_clienthello)); 928 CBS_init(&cbs, tlsext_ri_clienthello, sizeof(tlsext_ri_clienthello));
933 if (!tlsext_ri_clienthello_parse(ssl, &cbs, &alert)) { 929 if (!tlsext_ri_clienthello_parse(ssl, &cbs, &alert)) {
934 fprintf(stderr, "FAIL: failed to parse clienthello RI\n"); 930 FAIL("failed to parse clienthello RI\n");
935 failure = 1; 931 goto err;
936 goto done;
937 } 932 }
938 933
939 if (S3I(ssl)->renegotiate_seen != 1) { 934 if (S3I(ssl)->renegotiate_seen != 1) {
940 fprintf(stderr, "FAIL: renegotiate seen not set\n"); 935 FAIL("renegotiate seen not set\n");
941 failure = 1; 936 goto err;
942 goto done;
943 } 937 }
944 if (S3I(ssl)->send_connection_binding != 1) { 938 if (S3I(ssl)->send_connection_binding != 1) {
945 fprintf(stderr, "FAIL: send connection binding not set\n"); 939 FAIL("send connection binding not set\n");
946 failure = 1; 940 goto err;
947 goto done;
948 } 941 }
949 942
950 memset(S3I(ssl)->previous_client_finished, 0, 943 memset(S3I(ssl)->previous_client_finished, 0,
@@ -954,18 +947,19 @@ test_tlsext_ri_clienthello(void)
954 947
955 CBS_init(&cbs, tlsext_ri_clienthello, sizeof(tlsext_ri_clienthello)); 948 CBS_init(&cbs, tlsext_ri_clienthello, sizeof(tlsext_ri_clienthello));
956 if (tlsext_ri_clienthello_parse(ssl, &cbs, &alert)) { 949 if (tlsext_ri_clienthello_parse(ssl, &cbs, &alert)) {
957 fprintf(stderr, "FAIL: parsed invalid clienthello RI\n"); 950 FAIL("parsed invalid clienthello RI\n");
958 failure = 1; 951 failure = 1;
959 goto done; 952 goto err;
960 } 953 }
961 954
962 if (S3I(ssl)->renegotiate_seen == 1) { 955 if (S3I(ssl)->renegotiate_seen == 1) {
963 fprintf(stderr, "FAIL: renegotiate seen set\n"); 956 FAIL("renegotiate seen set\n");
964 failure = 1; 957 goto err;
965 goto done;
966 } 958 }
967 959
968 done: 960 failure = 0;
961
962 err:
969 CBB_cleanup(&cbb); 963 CBB_cleanup(&cbb);
970 SSL_CTX_free(ssl_ctx); 964 SSL_CTX_free(ssl_ctx);
971 SSL_free(ssl); 965 SSL_free(ssl);
@@ -980,12 +974,14 @@ test_tlsext_ri_serverhello(void)
980 unsigned char *data = NULL; 974 unsigned char *data = NULL;
981 SSL_CTX *ssl_ctx = NULL; 975 SSL_CTX *ssl_ctx = NULL;
982 SSL *ssl = NULL; 976 SSL *ssl = NULL;
983 int failure = 0; 977 int failure;
984 size_t dlen; 978 size_t dlen;
985 int alert; 979 int alert;
986 CBB cbb; 980 CBB cbb;
987 CBS cbs; 981 CBS cbs;
988 982
983 failure = 1;
984
989 CBB_init(&cbb, 0); 985 CBB_init(&cbb, 0);
990 986
991 if ((ssl_ctx = SSL_CTX_new(TLS_server_method())) == NULL) 987 if ((ssl_ctx = SSL_CTX_new(TLS_server_method())) == NULL)
@@ -994,17 +990,15 @@ test_tlsext_ri_serverhello(void)
994 errx(1, "failed to create SSL"); 990 errx(1, "failed to create SSL");
995 991
996 if (tlsext_ri_serverhello_needs(ssl)) { 992 if (tlsext_ri_serverhello_needs(ssl)) {
997 fprintf(stderr, "FAIL: serverhello should not need RI\n"); 993 FAIL("serverhello should not need RI\n");
998 failure = 1; 994 goto err;
999 goto done;
1000 } 995 }
1001 996
1002 S3I(ssl)->send_connection_binding = 1; 997 S3I(ssl)->send_connection_binding = 1;
1003 998
1004 if (!tlsext_ri_serverhello_needs(ssl)) { 999 if (!tlsext_ri_serverhello_needs(ssl)) {
1005 fprintf(stderr, "FAIL: serverhello should need RI\n"); 1000 FAIL("serverhello should need RI\n");
1006 failure = 1; 1001 goto err;
1007 goto done;
1008 } 1002 }
1009 1003
1010 memcpy(S3I(ssl)->previous_client_finished, tlsext_ri_prev_client, 1004 memcpy(S3I(ssl)->previous_client_finished, tlsext_ri_prev_client,
@@ -1018,47 +1012,41 @@ test_tlsext_ri_serverhello(void)
1018 S3I(ssl)->renegotiate_seen = 0; 1012 S3I(ssl)->renegotiate_seen = 0;
1019 1013
1020 if (!tlsext_ri_serverhello_build(ssl, &cbb)) { 1014 if (!tlsext_ri_serverhello_build(ssl, &cbb)) {
1021 fprintf(stderr, "FAIL: serverhello failed to build RI\n"); 1015 FAIL("serverhello failed to build RI\n");
1022 failure = 1; 1016 goto err;
1023 goto done;
1024 } 1017 }
1025 1018
1026 if (!CBB_finish(&cbb, &data, &dlen)) 1019 if (!CBB_finish(&cbb, &data, &dlen))
1027 errx(1, "failed to finish CBB"); 1020 errx(1, "failed to finish CBB");
1028 1021
1029 if (dlen != sizeof(tlsext_ri_serverhello)) { 1022 if (dlen != sizeof(tlsext_ri_serverhello)) {
1030 fprintf(stderr, "FAIL: got serverhello RI with length %zu, " 1023 FAIL("got serverhello RI with length %zu, "
1031 "want length %zu\n", dlen, sizeof(tlsext_ri_serverhello)); 1024 "want length %zu\n", dlen, sizeof(tlsext_ri_serverhello));
1032 failure = 1; 1025 goto err;
1033 goto done;
1034 } 1026 }
1035 1027
1036 if (memcmp(data, tlsext_ri_serverhello, dlen) != 0) { 1028 if (memcmp(data, tlsext_ri_serverhello, dlen) != 0) {
1037 fprintf(stderr, "FAIL: serverhello RI differs:\n"); 1029 FAIL("serverhello RI differs:\n");
1038 fprintf(stderr, "received:\n"); 1030 fprintf(stderr, "received:\n");
1039 hexdump(data, dlen); 1031 hexdump(data, dlen);
1040 fprintf(stderr, "test data:\n"); 1032 fprintf(stderr, "test data:\n");
1041 hexdump(tlsext_ri_serverhello, sizeof(tlsext_ri_serverhello)); 1033 hexdump(tlsext_ri_serverhello, sizeof(tlsext_ri_serverhello));
1042 failure = 1; 1034 goto err;
1043 goto done;
1044 } 1035 }
1045 1036
1046 CBS_init(&cbs, tlsext_ri_serverhello, sizeof(tlsext_ri_serverhello)); 1037 CBS_init(&cbs, tlsext_ri_serverhello, sizeof(tlsext_ri_serverhello));
1047 if (!tlsext_ri_serverhello_parse(ssl, &cbs, &alert)) { 1038 if (!tlsext_ri_serverhello_parse(ssl, &cbs, &alert)) {
1048 fprintf(stderr, "FAIL: failed to parse serverhello RI\n"); 1039 FAIL("failed to parse serverhello RI\n");
1049 failure = 1; 1040 goto err;
1050 goto done;
1051 } 1041 }
1052 1042
1053 if (S3I(ssl)->renegotiate_seen != 1) { 1043 if (S3I(ssl)->renegotiate_seen != 1) {
1054 fprintf(stderr, "FAIL: renegotiate seen not set\n"); 1044 FAIL("renegotiate seen not set\n");
1055 failure = 1; 1045 goto err;
1056 goto done;
1057 } 1046 }
1058 if (S3I(ssl)->send_connection_binding != 1) { 1047 if (S3I(ssl)->send_connection_binding != 1) {
1059 fprintf(stderr, "FAIL: send connection binding not set\n"); 1048 FAIL("send connection binding not set\n");
1060 failure = 1; 1049 goto err;
1061 goto done;
1062 } 1050 }
1063 1051
1064 memset(S3I(ssl)->previous_client_finished, 0, 1052 memset(S3I(ssl)->previous_client_finished, 0,
@@ -1070,18 +1058,18 @@ test_tlsext_ri_serverhello(void)
1070 1058
1071 CBS_init(&cbs, tlsext_ri_serverhello, sizeof(tlsext_ri_serverhello)); 1059 CBS_init(&cbs, tlsext_ri_serverhello, sizeof(tlsext_ri_serverhello));
1072 if (tlsext_ri_serverhello_parse(ssl, &cbs, &alert)) { 1060 if (tlsext_ri_serverhello_parse(ssl, &cbs, &alert)) {
1073 fprintf(stderr, "FAIL: parsed invalid serverhello RI\n"); 1061 FAIL("parsed invalid serverhello RI\n");
1074 failure = 1; 1062 goto err;
1075 goto done;
1076 } 1063 }
1077 1064
1078 if (S3I(ssl)->renegotiate_seen == 1) { 1065 if (S3I(ssl)->renegotiate_seen == 1) {
1079 fprintf(stderr, "FAIL: renegotiate seen set\n"); 1066 FAIL("renegotiate seen set\n");
1080 failure = 1; 1067 goto err;
1081 goto done;
1082 } 1068 }
1083 1069
1084 done: 1070 failure = 0;
1071
1072 err:
1085 CBB_cleanup(&cbb); 1073 CBB_cleanup(&cbb);
1086 SSL_CTX_free(ssl_ctx); 1074 SSL_CTX_free(ssl_ctx);
1087 SSL_free(ssl); 1075 SSL_free(ssl);
@@ -1111,12 +1099,14 @@ test_tlsext_sni_clienthello(void)
1111 unsigned char *data = NULL; 1099 unsigned char *data = NULL;
1112 SSL_CTX *ssl_ctx = NULL; 1100 SSL_CTX *ssl_ctx = NULL;
1113 SSL *ssl = NULL; 1101 SSL *ssl = NULL;
1114 int failure = 0; 1102 int failure;
1115 size_t dlen; 1103 size_t dlen;
1116 int alert; 1104 int alert;
1117 CBB cbb; 1105 CBB cbb;
1118 CBS cbs; 1106 CBS cbs;
1119 1107
1108 failure = 1;
1109
1120 CBB_init(&cbb, 0); 1110 CBB_init(&cbb, 0);
1121 1111
1122 if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL) 1112 if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL)
@@ -1125,47 +1115,41 @@ test_tlsext_sni_clienthello(void)
1125 errx(1, "failed to create SSL"); 1115 errx(1, "failed to create SSL");
1126 1116
1127 if (tlsext_sni_clienthello_needs(ssl)) { 1117 if (tlsext_sni_clienthello_needs(ssl)) {
1128 fprintf(stderr, "FAIL: clienthello should not need SNI\n"); 1118 FAIL("clienthello should not need SNI\n");
1129 failure = 1; 1119 goto err;
1130 goto done;
1131 } 1120 }
1132 1121
1133 if (!SSL_set_tlsext_host_name(ssl, TEST_SNI_SERVERNAME)) { 1122 if (!SSL_set_tlsext_host_name(ssl, TEST_SNI_SERVERNAME)) {
1134 fprintf(stderr, "FAIL: client failed to set server name\n"); 1123 FAIL("client failed to set server name\n");
1135 failure = 1; 1124 goto err;
1136 goto done;
1137 } 1125 }
1138 1126
1139 if (!tlsext_sni_clienthello_needs(ssl)) { 1127 if (!tlsext_sni_clienthello_needs(ssl)) {
1140 fprintf(stderr, "FAIL: clienthello should need SNI\n"); 1128 FAIL("clienthello should need SNI\n");
1141 failure = 1; 1129 goto err;
1142 goto done;
1143 } 1130 }
1144 1131
1145 if (!tlsext_sni_clienthello_build(ssl, &cbb)) { 1132 if (!tlsext_sni_clienthello_build(ssl, &cbb)) {
1146 fprintf(stderr, "FAIL: clienthello failed to build SNI\n"); 1133 FAIL("clienthello failed to build SNI\n");
1147 failure = 1; 1134 goto err;
1148 goto done;
1149 } 1135 }
1150 1136
1151 if (!CBB_finish(&cbb, &data, &dlen)) 1137 if (!CBB_finish(&cbb, &data, &dlen))
1152 errx(1, "failed to finish CBB"); 1138 errx(1, "failed to finish CBB");
1153 1139
1154 if (dlen != sizeof(tlsext_sni_clienthello)) { 1140 if (dlen != sizeof(tlsext_sni_clienthello)) {
1155 fprintf(stderr, "FAIL: got clienthello SNI with length %zu, " 1141 FAIL("got clienthello SNI with length %zu, "
1156 "want length %zu\n", dlen, sizeof(tlsext_sni_clienthello)); 1142 "want length %zu\n", dlen, sizeof(tlsext_sni_clienthello));
1157 failure = 1; 1143 goto err;
1158 goto done;
1159 } 1144 }
1160 1145
1161 if (memcmp(data, tlsext_sni_clienthello, dlen) != 0) { 1146 if (memcmp(data, tlsext_sni_clienthello, dlen) != 0) {
1162 fprintf(stderr, "FAIL: clienthello SNI differs:\n"); 1147 FAIL("clienthello SNI differs:\n");
1163 fprintf(stderr, "received:\n"); 1148 fprintf(stderr, "received:\n");
1164 hexdump(data, dlen); 1149 hexdump(data, dlen);
1165 fprintf(stderr, "test data:\n"); 1150 fprintf(stderr, "test data:\n");
1166 hexdump(tlsext_sni_clienthello, sizeof(tlsext_sni_clienthello)); 1151 hexdump(tlsext_sni_clienthello, sizeof(tlsext_sni_clienthello));
1167 failure = 1; 1152 goto err;
1168 goto done;
1169 } 1153 }
1170 1154
1171 if ((ssl->session = SSL_SESSION_new()) == NULL) 1155 if ((ssl->session = SSL_SESSION_new()) == NULL)
@@ -1175,24 +1159,21 @@ test_tlsext_sni_clienthello(void)
1175 1159
1176 CBS_init(&cbs, tlsext_sni_clienthello, sizeof(tlsext_sni_clienthello)); 1160 CBS_init(&cbs, tlsext_sni_clienthello, sizeof(tlsext_sni_clienthello));
1177 if (!tlsext_sni_clienthello_parse(ssl, &cbs, &alert)) { 1161 if (!tlsext_sni_clienthello_parse(ssl, &cbs, &alert)) {
1178 fprintf(stderr, "FAIL: failed to parse clienthello SNI\n"); 1162 FAIL("failed to parse clienthello SNI\n");
1179 failure = 1; 1163 goto err;
1180 goto done;
1181 } 1164 }
1182 1165
1183 if (ssl->session->tlsext_hostname == NULL) { 1166 if (ssl->session->tlsext_hostname == NULL) {
1184 fprintf(stderr, "FAIL: no tlsext_hostname from clienthello SNI\n"); 1167 FAIL("no tlsext_hostname from clienthello SNI\n");
1185 failure = 1; 1168 goto err;
1186 goto done;
1187 } 1169 }
1188 1170
1189 if (strlen(ssl->session->tlsext_hostname) != strlen(TEST_SNI_SERVERNAME) || 1171 if (strlen(ssl->session->tlsext_hostname) != strlen(TEST_SNI_SERVERNAME) ||
1190 strncmp(ssl->session->tlsext_hostname, TEST_SNI_SERVERNAME, 1172 strncmp(ssl->session->tlsext_hostname, TEST_SNI_SERVERNAME,
1191 strlen(TEST_SNI_SERVERNAME)) != 0) { 1173 strlen(TEST_SNI_SERVERNAME)) != 0) {
1192 fprintf(stderr, "FAIL: got tlsext_hostname `%s', want `%s'\n", 1174 FAIL("got tlsext_hostname `%s', want `%s'\n",
1193 ssl->session->tlsext_hostname, TEST_SNI_SERVERNAME); 1175 ssl->session->tlsext_hostname, TEST_SNI_SERVERNAME);
1194 failure = 1; 1176 goto err;
1195 goto done;
1196 } 1177 }
1197 1178
1198 ssl->internal->hit = 1; 1179 ssl->internal->hit = 1;
@@ -1203,12 +1184,13 @@ test_tlsext_sni_clienthello(void)
1203 1184
1204 CBS_init(&cbs, tlsext_sni_clienthello, sizeof(tlsext_sni_clienthello)); 1185 CBS_init(&cbs, tlsext_sni_clienthello, sizeof(tlsext_sni_clienthello));
1205 if (tlsext_sni_clienthello_parse(ssl, &cbs, &alert)) { 1186 if (tlsext_sni_clienthello_parse(ssl, &cbs, &alert)) {
1206 fprintf(stderr, "FAIL: parsed clienthello with mismatched SNI\n"); 1187 FAIL("parsed clienthello with mismatched SNI\n");
1207 failure = 1; 1188 goto err;
1208 goto done;
1209 } 1189 }
1210 1190
1211 done: 1191 failure = 0;
1192
1193 err:
1212 CBB_cleanup(&cbb); 1194 CBB_cleanup(&cbb);
1213 SSL_CTX_free(ssl_ctx); 1195 SSL_CTX_free(ssl_ctx);
1214 SSL_free(ssl); 1196 SSL_free(ssl);
@@ -1223,12 +1205,14 @@ test_tlsext_sni_serverhello(void)
1223 unsigned char *data = NULL; 1205 unsigned char *data = NULL;
1224 SSL_CTX *ssl_ctx = NULL; 1206 SSL_CTX *ssl_ctx = NULL;
1225 SSL *ssl = NULL; 1207 SSL *ssl = NULL;
1226 int failure = 0; 1208 int failure;
1227 size_t dlen; 1209 size_t dlen;
1228 int alert; 1210 int alert;
1229 CBB cbb; 1211 CBB cbb;
1230 CBS cbs; 1212 CBS cbs;
1231 1213
1214 failure = 1;
1215
1232 CBB_init(&cbb, 0); 1216 CBB_init(&cbb, 0);
1233 1217
1234 if ((ssl_ctx = SSL_CTX_new(TLS_server_method())) == NULL) 1218 if ((ssl_ctx = SSL_CTX_new(TLS_server_method())) == NULL)
@@ -1240,15 +1224,13 @@ test_tlsext_sni_serverhello(void)
1240 errx(1, "failed to create session"); 1224 errx(1, "failed to create session");
1241 1225
1242 if (tlsext_sni_serverhello_needs(ssl)) { 1226 if (tlsext_sni_serverhello_needs(ssl)) {
1243 fprintf(stderr, "FAIL: serverhello should not need SNI\n"); 1227 FAIL("serverhello should not need SNI\n");
1244 failure = 1; 1228 goto err;
1245 goto done;
1246 } 1229 }
1247 1230
1248 if (!SSL_set_tlsext_host_name(ssl, TEST_SNI_SERVERNAME)) { 1231 if (!SSL_set_tlsext_host_name(ssl, TEST_SNI_SERVERNAME)) {
1249 fprintf(stderr, "FAIL: client failed to set server name\n"); 1232 FAIL("client failed to set server name\n");
1250 failure = 1; 1233 goto err;
1251 goto done;
1252 } 1234 }
1253 1235
1254 if ((ssl->session->tlsext_hostname = strdup(TEST_SNI_SERVERNAME)) == 1236 if ((ssl->session->tlsext_hostname = strdup(TEST_SNI_SERVERNAME)) ==
@@ -1256,35 +1238,31 @@ test_tlsext_sni_serverhello(void)
1256 errx(1, "failed to strdup tlsext_hostname"); 1238 errx(1, "failed to strdup tlsext_hostname");
1257 1239
1258 if (!tlsext_sni_serverhello_needs(ssl)) { 1240 if (!tlsext_sni_serverhello_needs(ssl)) {
1259 fprintf(stderr, "FAIL: serverhello should need SNI\n"); 1241 FAIL("serverhello should need SNI\n");
1260 failure = 1; 1242 goto err;
1261 goto done;
1262 } 1243 }
1263 1244
1264 if (!tlsext_sni_serverhello_build(ssl, &cbb)) { 1245 if (!tlsext_sni_serverhello_build(ssl, &cbb)) {
1265 fprintf(stderr, "FAIL: serverhello failed to build SNI\n"); 1246 FAIL("serverhello failed to build SNI\n");
1266 failure = 1; 1247 goto err;
1267 goto done;
1268 } 1248 }
1269 1249
1270 if (!CBB_finish(&cbb, &data, &dlen)) 1250 if (!CBB_finish(&cbb, &data, &dlen))
1271 errx(1, "failed to finish CBB"); 1251 errx(1, "failed to finish CBB");
1272 1252
1273 if (dlen != sizeof(tlsext_sni_serverhello)) { 1253 if (dlen != sizeof(tlsext_sni_serverhello)) {
1274 fprintf(stderr, "FAIL: got serverhello SNI with length %zu, " 1254 FAIL("got serverhello SNI with length %zu, "
1275 "want length %zu\n", dlen, sizeof(tlsext_sni_serverhello)); 1255 "want length %zu\n", dlen, sizeof(tlsext_sni_serverhello));
1276 failure = 1; 1256 goto err;
1277 goto done;
1278 } 1257 }
1279 1258
1280 if (memcmp(data, tlsext_sni_serverhello, dlen) != 0) { 1259 if (memcmp(data, tlsext_sni_serverhello, dlen) != 0) {
1281 fprintf(stderr, "FAIL: serverhello SNI differs:\n"); 1260 FAIL("serverhello SNI differs:\n");
1282 fprintf(stderr, "received:\n"); 1261 fprintf(stderr, "received:\n");
1283 hexdump(data, dlen); 1262 hexdump(data, dlen);
1284 fprintf(stderr, "test data:\n"); 1263 fprintf(stderr, "test data:\n");
1285 hexdump(tlsext_sni_serverhello, sizeof(tlsext_sni_serverhello)); 1264 hexdump(tlsext_sni_serverhello, sizeof(tlsext_sni_serverhello));
1286 failure = 1; 1265 goto err;
1287 goto done;
1288 } 1266 }
1289 1267
1290 free(ssl->session->tlsext_hostname); 1268 free(ssl->session->tlsext_hostname);
@@ -1292,27 +1270,26 @@ test_tlsext_sni_serverhello(void)
1292 1270
1293 CBS_init(&cbs, tlsext_sni_serverhello, sizeof(tlsext_sni_serverhello)); 1271 CBS_init(&cbs, tlsext_sni_serverhello, sizeof(tlsext_sni_serverhello));
1294 if (!tlsext_sni_serverhello_parse(ssl, &cbs, &alert)) { 1272 if (!tlsext_sni_serverhello_parse(ssl, &cbs, &alert)) {
1295 fprintf(stderr, "FAIL: failed to parse serverhello SNI\n"); 1273 FAIL("failed to parse serverhello SNI\n");
1296 failure = 1; 1274 goto err;
1297 goto done;
1298 } 1275 }
1299 1276
1300 if (ssl->session->tlsext_hostname == NULL) { 1277 if (ssl->session->tlsext_hostname == NULL) {
1301 fprintf(stderr, "FAIL: no tlsext_hostname after serverhello SNI\n"); 1278 FAIL("no tlsext_hostname after serverhello SNI\n");
1302 failure = 1; 1279 goto err;
1303 goto done;
1304 } 1280 }
1305 1281
1306 if (strlen(ssl->session->tlsext_hostname) != strlen(TEST_SNI_SERVERNAME) || 1282 if (strlen(ssl->session->tlsext_hostname) != strlen(TEST_SNI_SERVERNAME) ||
1307 strncmp(ssl->session->tlsext_hostname, TEST_SNI_SERVERNAME, 1283 strncmp(ssl->session->tlsext_hostname, TEST_SNI_SERVERNAME,
1308 strlen(TEST_SNI_SERVERNAME)) != 0) { 1284 strlen(TEST_SNI_SERVERNAME)) != 0) {
1309 fprintf(stderr, "FAIL: got tlsext_hostname `%s', want `%s'\n", 1285 FAIL("got tlsext_hostname `%s', want `%s'\n",
1310 ssl->session->tlsext_hostname, TEST_SNI_SERVERNAME); 1286 ssl->session->tlsext_hostname, TEST_SNI_SERVERNAME);
1311 failure = 1; 1287 goto err;
1312 goto done;
1313 } 1288 }
1314 1289
1315 done: 1290 failure = 0;
1291
1292 err:
1316 CBB_cleanup(&cbb); 1293 CBB_cleanup(&cbb);
1317 SSL_CTX_free(ssl_ctx); 1294 SSL_CTX_free(ssl_ctx);
1318 SSL_free(ssl); 1295 SSL_free(ssl);
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-25 12:24:35 +0000