HANDSHAKE_RESULT *do_handshake(SSL_CTX *server_ctx, SSL_CTX *server2_ctx, SSL_CTX *client_ctx, SSL_CTX *resume_server_ctx, SSL_CTX *resume_client_ctx, const SSL_TEST_CTX *test_ctx) { HANDSHAKE_RESULT *result; SSL_SESSION *session = NULL; result = do_handshake_internal(server_ctx, server2_ctx, client_ctx, test_ctx, NULL, &session); if (test_ctx->handshake_mode == SSL_TEST_HANDSHAKE_SIMPLE) goto end; OPENSSL_assert(test_ctx->handshake_mode == SSL_TEST_HANDSHAKE_RESUME); if (result->result != SSL_TEST_SUCCESS) { result->result = SSL_TEST_FIRST_HANDSHAKE_FAILED; return result; } HANDSHAKE_RESULT_free(result); /* We don't support SNI on second handshake yet, so server2_ctx is NULL. */ result = do_handshake_internal(resume_server_ctx, NULL, resume_client_ctx, test_ctx, session, NULL); end: SSL_SESSION_free(session); return result; }
static int execute_test(SSL_TEST_FIXTURE fixture) { int ret = 0; SSL_CTX *server_ctx = NULL, *server2_ctx = NULL, *client_ctx = NULL, *resume_server_ctx = NULL, *resume_client_ctx = NULL; SSL_TEST_CTX *test_ctx = NULL; HANDSHAKE_RESULT *result = NULL; test_ctx = SSL_TEST_CTX_create(conf, fixture.test_app); if (test_ctx == NULL) goto err; #ifndef OPENSSL_NO_DTLS if (test_ctx->method == SSL_TEST_METHOD_DTLS) { server_ctx = SSL_CTX_new(DTLS_server_method()); if (test_ctx->servername_callback != SSL_TEST_SERVERNAME_CB_NONE) { server2_ctx = SSL_CTX_new(DTLS_server_method()); OPENSSL_assert(server2_ctx != NULL); } client_ctx = SSL_CTX_new(DTLS_client_method()); if (test_ctx->handshake_mode == SSL_TEST_HANDSHAKE_RESUME) { resume_server_ctx = SSL_CTX_new(DTLS_server_method()); resume_client_ctx = SSL_CTX_new(DTLS_client_method()); OPENSSL_assert(resume_server_ctx != NULL); OPENSSL_assert(resume_client_ctx != NULL); } } #endif if (test_ctx->method == SSL_TEST_METHOD_TLS) { server_ctx = SSL_CTX_new(TLS_server_method()); if (test_ctx->servername_callback != SSL_TEST_SERVERNAME_CB_NONE) { server2_ctx = SSL_CTX_new(TLS_server_method()); OPENSSL_assert(server2_ctx != NULL); } client_ctx = SSL_CTX_new(TLS_client_method()); if (test_ctx->handshake_mode == SSL_TEST_HANDSHAKE_RESUME) { resume_server_ctx = SSL_CTX_new(TLS_server_method()); resume_client_ctx = SSL_CTX_new(TLS_client_method()); OPENSSL_assert(resume_server_ctx != NULL); OPENSSL_assert(resume_client_ctx != NULL); } } OPENSSL_assert(server_ctx != NULL); OPENSSL_assert(client_ctx != NULL); OPENSSL_assert(CONF_modules_load(conf, fixture.test_app, 0) > 0); if (!SSL_CTX_config(server_ctx, "server") || !SSL_CTX_config(client_ctx, "client")) { goto err; } if (server2_ctx != NULL && !SSL_CTX_config(server2_ctx, "server2")) goto err; if (resume_server_ctx != NULL && !SSL_CTX_config(resume_server_ctx, "resume-server")) goto err; if (resume_client_ctx != NULL && !SSL_CTX_config(resume_client_ctx, "resume-client")) goto err; result = do_handshake(server_ctx, server2_ctx, client_ctx, resume_server_ctx, resume_client_ctx, test_ctx); ret = check_test(result, test_ctx); err: CONF_modules_unload(0); SSL_CTX_free(server_ctx); SSL_CTX_free(server2_ctx); SSL_CTX_free(client_ctx); SSL_CTX_free(resume_server_ctx); SSL_CTX_free(resume_client_ctx); SSL_TEST_CTX_free(test_ctx); if (ret != 1) ERR_print_errors_fp(stderr); HANDSHAKE_RESULT_free(result); return ret; }
static int test_handshake(int idx) { int ret = 0; SSL_CTX *server_ctx = NULL, *server2_ctx = NULL, *client_ctx = NULL, *resume_server_ctx = NULL, *resume_client_ctx = NULL; SSL_TEST_CTX *test_ctx = NULL; HANDSHAKE_RESULT *result = NULL; char test_app[MAX_TESTCASE_NAME_LENGTH]; BIO_snprintf(test_app, sizeof(test_app), "test-%d", idx); test_ctx = SSL_TEST_CTX_create(conf, test_app); if (test_ctx == NULL) goto err; #ifndef OPENSSL_NO_DTLS if (test_ctx->method == SSL_TEST_METHOD_DTLS) { server_ctx = SSL_CTX_new(DTLS_server_method()); if (test_ctx->extra.server.servername_callback != SSL_TEST_SERVERNAME_CB_NONE) { server2_ctx = SSL_CTX_new(DTLS_server_method()); TEST_check(server2_ctx != NULL); } client_ctx = SSL_CTX_new(DTLS_client_method()); if (test_ctx->handshake_mode == SSL_TEST_HANDSHAKE_RESUME) { resume_server_ctx = SSL_CTX_new(DTLS_server_method()); resume_client_ctx = SSL_CTX_new(DTLS_client_method()); TEST_check(resume_server_ctx != NULL); TEST_check(resume_client_ctx != NULL); } } #endif if (test_ctx->method == SSL_TEST_METHOD_TLS) { server_ctx = SSL_CTX_new(TLS_server_method()); /* SNI on resumption isn't supported/tested yet. */ if (test_ctx->extra.server.servername_callback != SSL_TEST_SERVERNAME_CB_NONE) { server2_ctx = SSL_CTX_new(TLS_server_method()); TEST_check(server2_ctx != NULL); } client_ctx = SSL_CTX_new(TLS_client_method()); if (test_ctx->handshake_mode == SSL_TEST_HANDSHAKE_RESUME) { resume_server_ctx = SSL_CTX_new(TLS_server_method()); resume_client_ctx = SSL_CTX_new(TLS_client_method()); TEST_check(resume_server_ctx != NULL); TEST_check(resume_client_ctx != NULL); } } TEST_check(server_ctx != NULL); TEST_check(client_ctx != NULL); TEST_check(CONF_modules_load(conf, test_app, 0) > 0); if (!SSL_CTX_config(server_ctx, "server") || !SSL_CTX_config(client_ctx, "client")) { goto err; } if (server2_ctx != NULL && !SSL_CTX_config(server2_ctx, "server2")) goto err; if (resume_server_ctx != NULL && !SSL_CTX_config(resume_server_ctx, "resume-server")) goto err; if (resume_client_ctx != NULL && !SSL_CTX_config(resume_client_ctx, "resume-client")) goto err; result = do_handshake(server_ctx, server2_ctx, client_ctx, resume_server_ctx, resume_client_ctx, test_ctx); ret = check_test(result, test_ctx); err: CONF_modules_unload(0); SSL_CTX_free(server_ctx); SSL_CTX_free(server2_ctx); SSL_CTX_free(client_ctx); SSL_CTX_free(resume_server_ctx); SSL_CTX_free(resume_client_ctx); SSL_TEST_CTX_free(test_ctx); HANDSHAKE_RESULT_free(result); return ret; }