From eb8dd9dca1228af0cd132f515509051ecfabf6f6 Mon Sep 17 00:00:00 2001 From: cvs2svn Date: Mon, 14 Apr 2025 17:32:06 +0000 Subject: This commit was manufactured by cvs2git to create tag 'tb_20250414'. --- src/regress/lib/libssl/server/servertest.c | 209 ----------------------------- 1 file changed, 209 deletions(-) delete mode 100644 src/regress/lib/libssl/server/servertest.c (limited to 'src/regress/lib/libssl/server/servertest.c') diff --git a/src/regress/lib/libssl/server/servertest.c b/src/regress/lib/libssl/server/servertest.c deleted file mode 100644 index d572d14520..0000000000 --- a/src/regress/lib/libssl/server/servertest.c +++ /dev/null @@ -1,209 +0,0 @@ -/* $OpenBSD: servertest.c,v 1.9 2023/07/11 11:52:35 tb Exp $ */ -/* - * Copyright (c) 2015, 2016, 2017 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include - -#include -#include -#include - -#include -#include -#include - -const SSL_METHOD *tls_legacy_method(void); - -char *server_ca_file; -char *server_cert_file; -char *server_key_file; - -static unsigned char sslv2_client_hello_tls10[] = { - 0x80, 0x6a, 0x01, 0x03, 0x01, 0x00, 0x51, 0x00, - 0x00, 0x00, 0x10, 0x00, 0x00, 0x39, 0x00, 0x00, - 0x38, 0x00, 0x00, 0x35, 0x00, 0x00, 0x16, 0x00, - 0x00, 0x13, 0x00, 0x00, 0x0a, 0x00, 0x00, 0x33, - 0x00, 0x00, 0x32, 0x00, 0x00, 0x2f, 0x00, 0x00, - 0x07, 0x00, 0x00, 0x66, 0x00, 0x00, 0x05, 0x00, - 0x00, 0x04, 0x00, 0x00, 0x63, 0x00, 0x00, 0x62, - 0x00, 0x00, 0x61, 0x00, 0x00, 0x15, 0x00, 0x00, - 0x12, 0x00, 0x00, 0x09, 0x00, 0x00, 0x65, 0x00, - 0x00, 0x64, 0x00, 0x00, 0x60, 0x00, 0x00, 0x14, - 0x00, 0x00, 0x11, 0x00, 0x00, 0x08, 0x00, 0x00, - 0x06, 0x00, 0x00, 0x03, 0xdd, 0xb6, 0x59, 0x26, - 0x46, 0xe6, 0x79, 0x77, 0xf4, 0xec, 0x42, 0x76, - 0xc8, 0x73, 0xad, 0x9c, -}; - -static unsigned char sslv2_client_hello_tls12[] = { - 0x80, 0xcb, 0x01, 0x03, 0x03, 0x00, 0xa2, 0x00, - 0x00, 0x00, 0x20, 0x00, 0x00, 0xa5, 0x00, 0x00, - 0xa3, 0x00, 0x00, 0xa1, 0x00, 0x00, 0x9f, 0x00, - 0x00, 0x6b, 0x00, 0x00, 0x6a, 0x00, 0x00, 0x69, - 0x00, 0x00, 0x68, 0x00, 0x00, 0x39, 0x00, 0x00, - 0x38, 0x00, 0x00, 0x37, 0x00, 0x00, 0x36, 0x00, - 0x00, 0x88, 0x00, 0x00, 0x87, 0x00, 0x00, 0x86, - 0x00, 0x00, 0x85, 0x00, 0x00, 0x9d, 0x00, 0x00, - 0x3d, 0x00, 0x00, 0x35, 0x00, 0x00, 0x84, 0x00, - 0x00, 0xa4, 0x00, 0x00, 0xa2, 0x00, 0x00, 0xa0, - 0x00, 0x00, 0x9e, 0x00, 0x00, 0x67, 0x00, 0x00, - 0x40, 0x00, 0x00, 0x3f, 0x00, 0x00, 0x3e, 0x00, - 0x00, 0x33, 0x00, 0x00, 0x32, 0x00, 0x00, 0x31, - 0x00, 0x00, 0x30, 0x00, 0x00, 0x9a, 0x00, 0x00, - 0x99, 0x00, 0x00, 0x98, 0x00, 0x00, 0x97, 0x00, - 0x00, 0x45, 0x00, 0x00, 0x44, 0x00, 0x00, 0x43, - 0x00, 0x00, 0x42, 0x00, 0x00, 0x9c, 0x00, 0x00, - 0x3c, 0x00, 0x00, 0x2f, 0x00, 0x00, 0x96, 0x00, - 0x00, 0x41, 0x00, 0x00, 0x07, 0x00, 0x00, 0x05, - 0x00, 0x00, 0x04, 0x00, 0x00, 0x16, 0x00, 0x00, - 0x13, 0x00, 0x00, 0x10, 0x00, 0x00, 0x0d, 0x00, - 0x00, 0x0a, 0x00, 0x00, 0xff, 0x1d, 0xfd, 0x90, - 0x03, 0x61, 0x3c, 0x5a, 0x22, 0x83, 0xed, 0x11, - 0x85, 0xf4, 0xea, 0x36, 0x59, 0xd9, 0x1b, 0x27, - 0x22, 0x01, 0x14, 0x07, 0x66, 0xb2, 0x24, 0xf5, - 0x4e, 0x7d, 0x9d, 0x9c, 0x52, -}; - -struct server_hello_test { - const unsigned char *desc; - unsigned char *client_hello; - const size_t client_hello_len; - const SSL_METHOD *(*ssl_method)(void); - const long ssl_clear_options; - const long ssl_set_options; - int accept_fails; -}; - -static struct server_hello_test server_hello_tests[] = { - { - .desc = "TLSv1.0 in SSLv2 record", - .client_hello = sslv2_client_hello_tls10, - .client_hello_len = sizeof(sslv2_client_hello_tls10), - .ssl_method = tls_legacy_method, - .ssl_clear_options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1, - .ssl_set_options = 0, - .accept_fails = 1, - }, - { - .desc = "TLSv1.2 in SSLv2 record", - .client_hello = sslv2_client_hello_tls12, - .client_hello_len = sizeof(sslv2_client_hello_tls12), - .ssl_method = tls_legacy_method, - .ssl_clear_options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1, - .ssl_set_options = 0, - .accept_fails = 1, - }, -}; - -#define N_SERVER_HELLO_TESTS \ - (sizeof(server_hello_tests) / sizeof(*server_hello_tests)) - -static int -server_hello_test(int testno, struct server_hello_test *sht) -{ - BIO *rbio = NULL, *wbio = NULL; - SSL_CTX *ssl_ctx = NULL; - SSL *ssl = NULL; - int ret = 1; - - fprintf(stderr, "Test %d - %s\n", testno, sht->desc); - - if ((rbio = BIO_new_mem_buf(sht->client_hello, - sht->client_hello_len)) == NULL) { - fprintf(stderr, "Failed to setup rbio\n"); - goto failure; - } - if ((wbio = BIO_new(BIO_s_mem())) == NULL) { - fprintf(stderr, "Failed to setup wbio\n"); - goto failure; - } - - if ((ssl_ctx = SSL_CTX_new(sht->ssl_method())) == NULL) { - fprintf(stderr, "SSL_CTX_new() returned NULL\n"); - goto failure; - } - - if (SSL_CTX_use_certificate_file(ssl_ctx, server_cert_file, - SSL_FILETYPE_PEM) != 1) { - fprintf(stderr, "Failed to load server certificate"); - goto failure; - } - if (SSL_CTX_use_PrivateKey_file(ssl_ctx, server_key_file, - SSL_FILETYPE_PEM) != 1) { - fprintf(stderr, "Failed to load server private key"); - goto failure; - } - - SSL_CTX_set_dh_auto(ssl_ctx, 1); - SSL_CTX_set_ecdh_auto(ssl_ctx, 1); - - SSL_CTX_clear_options(ssl_ctx, sht->ssl_clear_options); - SSL_CTX_set_options(ssl_ctx, sht->ssl_set_options); - - if ((ssl = SSL_new(ssl_ctx)) == NULL) { - fprintf(stderr, "SSL_new() returned NULL\n"); - goto failure; - } - - BIO_up_ref(rbio); - BIO_up_ref(wbio); - SSL_set_bio(ssl, rbio, wbio); - - if (SSL_accept(ssl) != 0) { - if (sht->accept_fails) - goto done; - fprintf(stderr, "SSL_accept() returned non-zero\n"); - ERR_print_errors_fp(stderr); - goto failure; - } - - done: - ret = 0; - - failure: - SSL_CTX_free(ssl_ctx); - SSL_free(ssl); - - BIO_free(rbio); - BIO_free(wbio); - - return (ret); -} - -int -main(int argc, char **argv) -{ - int failed = 0; - size_t i; - - if (argc != 4) { - fprintf(stderr, "usage: %s keyfile certfile cafile\n", - argv[0]); - exit(1); - } - - server_key_file = argv[1]; - server_cert_file = argv[2]; - server_ca_file = argv[3]; - - SSL_library_init(); - SSL_load_error_strings(); - - for (i = 0; i < N_SERVER_HELLO_TESTS; i++) - failed |= server_hello_test(i, &server_hello_tests[i]); - - return (failed); -} -- cgit v1.2.3-55-g6feb