static void start(void)
{
int fd[2];
int ret;
ret = socketpair(AF_UNIX, SOCK_STREAM, 0, fd);
if (ret < 0) {
perror("socketpair");
exit(1);
}
child = fork();
if (child < 0) {
perror("fork");
fail("fork");
exit(1);
}
if (child) {
int status;
/* parent */
close(fd[1]);
server(fd[0]);
wait(&status);
check_wait_status(status);
} else {
close(fd[0]);
client(fd[1]);
exit(0);
}
}
void doit(void)
{
int fd[2];
int ret, status = 0;
signal(SIGCHLD, ch_handler);
signal(SIGPIPE, SIG_IGN);
ret = socketpair(AF_UNIX, SOCK_STREAM, 0, fd);
if (ret < 0) {
perror("socketpair");
exit(1);
}
child = fork();
if (child < 0) {
perror("fork");
fail("fork");
exit(1);
}
if (child) {
/* parent */
close(fd[1]);
server(fd[0]);
waitpid(child, &status, 0);
check_wait_status(status);
} else {
close(fd[0]);
client(fd[1]);
exit(0);
}
return;
}
static void ch_handler(int sig)
{
int status;
wait(&status);
check_wait_status(status);
return;
}
static
void start(const char *prio)
{
int sockets[2];
int err;
err = socketpair(AF_UNIX, SOCK_STREAM, 0, sockets);
if (err == -1) {
perror("socketpair");
fail("socketpair failed\n");
return;
}
child = fork();
if (child < 0) {
perror("fork");
fail("fork");
return;
}
if (child) {
int status;
server(sockets[0], prio);
wait(&status);
check_wait_status(status);
} else {
client(sockets[1], prio);
exit(0);
}
}
static void ch_handler(int sig)
{
int status = 0;
waitpid(-1, &status, 0);
check_wait_status(status);
return;
}
void doit(void)
{
int ret;
struct sockaddr_in saddr;
socklen_t addrlen;
int listener;
int fd;
signal(SIGPIPE, SIG_IGN);
listener = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
if (listener == -1)
fail("error in socket(): %s\n", strerror(errno));
memset(&saddr, 0, sizeof(saddr));
saddr.sin_family = AF_INET;
saddr.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
saddr.sin_port = 0;
ret = bind(listener, (struct sockaddr*)&saddr, sizeof(saddr));
if (ret == -1)
fail("error in bind(): %s\n", strerror(errno));
addrlen = sizeof(saddr);
ret = getsockname(listener, (struct sockaddr*)&saddr, &addrlen);
if (ret == -1)
fail("error in getsockname(): %s\n", strerror(errno));
child = fork();
if (child < 0) {
perror("fork");
fail("fork");
exit(1);
}
if (child) {
int status;
/* parent */
ret = listen(listener, 1);
if (ret == -1)
fail("error in listen(): %s\n", strerror(errno));
fd = accept(listener, NULL, NULL);
if (fd == -1)
fail("error in accept: %s\n", strerror(errno));
server(fd);
wait(&status);
check_wait_status(status);
} else {
fd = socket(AF_INET, SOCK_STREAM, 0);
client(fd, (struct sockaddr*)&saddr, addrlen);
exit(0);
}
}
void doit(void)
{
int i, err;
signal(SIGCHLD, SIG_IGN);
signal(SIGPIPE, SIG_IGN);
generate_dh_params();
for (i = 0; resume_tests[i].desc; i++) {
int client_sds[SESSIONS], server_sds[SESSIONS];
int j;
printf("%s\n", resume_tests[i].desc);
for (j = 0; j < SESSIONS; j++) {
int sockets[2];
err = socketpair(AF_UNIX, SOCK_STREAM, 0, sockets);
if (err == -1) {
perror("socketpair");
fail("socketpair failed\n");
return;
}
server_sds[j] = sockets[0];
client_sds[j] = sockets[1];
}
child = fork();
if (child < 0) {
perror("fork");
fail("fork");
return;
}
if (child) {
int status = 0;
/* parent */
for (j = 0; j < SESSIONS; j++)
close(client_sds[j]);
server(server_sds, &resume_tests[i]);
wait(&status);
check_wait_status(status);
} else {
for (j = 0; j < SESSIONS; j++)
close(server_sds[j]);
client(client_sds, &resume_tests[i]);
gnutls_global_deinit();
exit(0);
}
}
global_stop();
}
void doit(void)
{
int ret, status;
const char *lib;
gnutls_privkey_t pkey;
pid_t pid;
signal(SIGPIPE, SIG_IGN);
gnutls_pkcs11_set_pin_function(pin_func, NULL);
gnutls_global_set_log_function(tls_log_func);
if (debug)
gnutls_global_set_log_level(4711);
lib = getenv("P11MOCKLIB1");
if (lib == NULL)
lib = P11LIB;
ret = gnutls_pkcs11_init(GNUTLS_PKCS11_FLAG_MANUAL, NULL);
if (ret != 0) {
fail("%d: %s\n", ret, gnutls_strerror(ret));
exit(1);
}
ret = gnutls_pkcs11_add_provider(lib, NULL);
if (ret != 0) {
fail("%d: %s\n", ret, gnutls_strerror(ret));
exit(1);
}
assert(gnutls_privkey_init(&pkey) == 0);
ret = gnutls_privkey_import_url(pkey, "pkcs11:object=test", GNUTLS_PKCS11_OBJ_FLAG_LOGIN);
if (ret < 0) {
fprintf(stderr, "error in %d: %s\n", __LINE__, gnutls_strerror(ret));
exit(1);
}
/* fork to force PKCS#11 reinitialization */
pid = fork();
if (pid == -1) {
exit(1);
} else if (pid) {
waitpid(pid, &status, 0);
check_wait_status(status);
goto cleanup;
}
do_thread_stuff(pkey);
cleanup:
gnutls_privkey_deinit(pkey);
}
int get_child_exit(int pid)
{
return (check_wait_status(pid));
}
void doit(void)
{
int err, i;
int sockets[2];
const char *srcdir;
pid_t child;
char pub_key_path[512], priv_key_path[512];
global_init();
srcdir = getenv("srcdir") ? getenv("srcdir") : ".";
for (i = 0; i < 5; i++) {
if (i <= 1)
key_id = NULL; /* try using the master key */
else if (i == 2)
key_id = "auto"; /* test auto */
else if (i >= 3)
key_id = "f30fd423c143e7ba";
if (debug) {
gnutls_global_set_log_level(5);
gnutls_global_set_log_function(log_message);
}
err = socketpair(AF_UNIX, SOCK_STREAM, 0, sockets);
if (err != 0)
fail("socketpair %s\n", strerror(errno));
if (sizeof(pub_key_path) <
strlen(srcdir) + strlen(pub_key_file) + 2)
abort();
strcpy(pub_key_path, srcdir);
strcat(pub_key_path, "/");
strcat(pub_key_path, pub_key_file);
if (sizeof(priv_key_path) <
strlen(srcdir) + strlen(priv_key_file) + 2)
abort();
strcpy(priv_key_path, srcdir);
strcat(priv_key_path, "/");
strcat(priv_key_path, priv_key_file);
child = fork();
if (child == -1)
fail("fork %s\n", strerror(errno));
if (child == 0) {
/* Child process (client). */
gnutls_session_t session;
gnutls_certificate_credentials_t cred;
ssize_t sent;
if (debug)
printf("client process %i\n", getpid());
err = gnutls_init(&session, GNUTLS_CLIENT);
if (err != 0)
fail("client session %d\n", err);
if (i == 0) /* we use the primary key which is RSA. Test the RSA ciphersuite */
gnutls_priority_set_direct(session,
"NONE:+VERS-TLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+RSA:+CTYPE-OPENPGP",
NULL);
else
gnutls_priority_set_direct(session,
"NONE:+VERS-TLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+DHE-DSS:+DHE-RSA:+CTYPE-OPENPGP",
NULL);
gnutls_transport_set_int(session, sockets[0]);
err =
gnutls_certificate_allocate_credentials(&cred);
if (err != 0)
fail("client credentials %d\n", err);
err =
gnutls_certificate_set_openpgp_key_file2(cred,
pub_key_path,
priv_key_path,
key_id,
GNUTLS_OPENPGP_FMT_BASE64);
if (err != 0)
fail("client openpgp keys %s\n",
gnutls_strerror(err));
check_loaded_key(cred);
err =
gnutls_credentials_set(session,
GNUTLS_CRD_CERTIFICATE,
cred);
if (err != 0)
fail("client credential_set %d\n", err);
gnutls_dh_set_prime_bits(session, 1024);
if (i == 4)
gnutls_openpgp_send_cert(session,
GNUTLS_OPENPGP_CERT_FINGERPRINT);
err = gnutls_handshake(session);
if (err != 0)
fail("client handshake %s (%d) \n",
gnutls_strerror(err), err);
else if (debug)
printf("client handshake successful\n");
sent =
gnutls_record_send(session, message,
sizeof(message));
if (sent != sizeof(message))
fail("client sent %li vs. %li\n",
(long) sent, (long) sizeof(message));
err = gnutls_bye(session, GNUTLS_SHUT_RDWR);
if (err != 0)
fail("client bye %d\n", err);
if (debug)
printf("client done\n");
gnutls_deinit(session);
gnutls_certificate_free_credentials(cred);
gnutls_free(stored_cli_cert.data);
gnutls_global_deinit();
return;
} else {
/* Parent process (server). */
gnutls_session_t session;
gnutls_dh_params_t dh_params;
gnutls_certificate_credentials_t cred;
char greetings[sizeof(message) * 2];
ssize_t received;
pid_t done;
int status;
const gnutls_datum_t p3 =
{ (void *) pkcs3, strlen(pkcs3) };
if (debug)
printf("server process %i (child %i)\n",
getpid(), child);
err = gnutls_init(&session, GNUTLS_SERVER);
if (err != 0)
fail("server session %d\n", err);
gnutls_priority_set_direct(session,
"NONE:+VERS-TLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+DHE-DSS:+DHE-RSA:+RSA:+CTYPE-OPENPGP",
NULL);
gnutls_transport_set_int(session, sockets[1]);
err =
gnutls_certificate_allocate_credentials(&cred);
if (err != 0)
fail("server credentials %d\n", err);
err =
gnutls_certificate_set_openpgp_key_file2(cred,
pub_key_path,
priv_key_path,
key_id,
GNUTLS_OPENPGP_FMT_BASE64);
if (err != 0)
fail("server openpgp keys %s\n",
gnutls_strerror(err));
check_loaded_key(cred);
err = gnutls_dh_params_init(&dh_params);
if (err)
fail("server DH params init %d\n", err);
err =
gnutls_dh_params_import_pkcs3(dh_params, &p3,
GNUTLS_X509_FMT_PEM);
if (err)
fail("server DH params generate %d\n",
err);
gnutls_certificate_set_dh_params(cred, dh_params);
err =
gnutls_credentials_set(session,
GNUTLS_CRD_CERTIFICATE,
cred);
if (err != 0)
fail("server credential_set %d\n", err);
gnutls_certificate_server_set_request(session,
GNUTLS_CERT_REQUIRE);
if (i == 4)
gnutls_openpgp_set_recv_key_function
(session, key_recv_func);
err = gnutls_handshake(session);
if (err != 0)
fail("server handshake %s (%d) \n",
gnutls_strerror(err), err);
if (stored_cli_cert.data == NULL) {
const gnutls_datum_t *d;
unsigned int d_size;
d = gnutls_certificate_get_peers(session,
&d_size);
if (d != NULL) {
stored_cli_cert.data =
gnutls_malloc(d[0].size);
memcpy(stored_cli_cert.data,
d[0].data, d[0].size);
stored_cli_cert.size = d[0].size;
}
}
received =
gnutls_record_recv(session, greetings,
sizeof(greetings));
if (received != sizeof(message)
|| memcmp(greetings, message, sizeof(message)))
fail("server received %li vs. %li\n",
(long) received,
(long) sizeof(message));
err = gnutls_bye(session, GNUTLS_SHUT_RDWR);
if (err != 0)
fail("server bye %s (%d) \n",
gnutls_strerror(err), err);
if (debug)
printf("server done\n");
gnutls_deinit(session);
gnutls_certificate_free_credentials(cred);
gnutls_dh_params_deinit(dh_params);
done = wait(&status);
if (done < 0)
fail("wait %s\n", strerror(errno));
if (done != child)
fail("who's that?! %d\n", done);
check_wait_status(status);
}
}
gnutls_free(stored_cli_cert.data);
gnutls_global_deinit();
}
