static void test_client_CyaSSL_new(void) { #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) CYASSL_CTX *ctx; CYASSL_CTX *ctx_nocert; CYASSL *ssl; AssertNotNull(ctx_nocert = CyaSSL_CTX_new(CyaSSLv23_client_method())); AssertNotNull(ctx = CyaSSL_CTX_new(CyaSSLv23_client_method())); AssertTrue(CyaSSL_CTX_load_verify_locations(ctx, caCert, 0)); /* invalid context */ AssertNull(ssl = CyaSSL_new(NULL)); /* success */ AssertNotNull(ssl = CyaSSL_new(ctx_nocert)); CyaSSL_free(ssl); /* success */ AssertNotNull(ssl = CyaSSL_new(ctx)); CyaSSL_free(ssl); CyaSSL_CTX_free(ctx); CyaSSL_CTX_free(ctx_nocert); #endif }
static void test_CyaSSL_CTX_load_verify_locations(void) { #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) CYASSL_CTX *ctx; AssertNotNull(ctx = CyaSSL_CTX_new(CyaSSLv23_client_method())); /* invalid context */ AssertFalse(CyaSSL_CTX_load_verify_locations(NULL, caCert, 0)); /* invalid ca file */ AssertFalse(CyaSSL_CTX_load_verify_locations(ctx, NULL, 0)); AssertFalse(CyaSSL_CTX_load_verify_locations(ctx, bogusFile, 0)); #ifndef CYASSL_TIRTOS /* invalid path */ /* not working... investigate! */ /* AssertFalse(CyaSSL_CTX_load_verify_locations(ctx, caCert, bogusFile)); */ #endif /* success */ AssertTrue(CyaSSL_CTX_load_verify_locations(ctx, caCert, 0)); CyaSSL_CTX_free(ctx); #endif }
static void test_CyaSSL_UseMaxFragment(void) { #ifdef HAVE_MAX_FRAGMENT CYASSL_CTX *ctx = CyaSSL_CTX_new(CyaSSLv23_client_method()); CYASSL *ssl = CyaSSL_new(ctx); AssertNotNull(ctx); AssertNotNull(ssl); /* error cases */ AssertIntNE(SSL_SUCCESS, CyaSSL_CTX_UseMaxFragment(NULL, CYASSL_MFL_2_9)); AssertIntNE(SSL_SUCCESS, CyaSSL_UseMaxFragment( NULL, CYASSL_MFL_2_9)); AssertIntNE(SSL_SUCCESS, CyaSSL_CTX_UseMaxFragment(ctx, 0)); AssertIntNE(SSL_SUCCESS, CyaSSL_CTX_UseMaxFragment(ctx, 6)); AssertIntNE(SSL_SUCCESS, CyaSSL_UseMaxFragment(ssl, 0)); AssertIntNE(SSL_SUCCESS, CyaSSL_UseMaxFragment(ssl, 6)); /* success case */ AssertIntEQ(SSL_SUCCESS, CyaSSL_CTX_UseMaxFragment(ctx, CYASSL_MFL_2_9)); AssertIntEQ(SSL_SUCCESS, CyaSSL_CTX_UseMaxFragment(ctx, CYASSL_MFL_2_10)); AssertIntEQ(SSL_SUCCESS, CyaSSL_CTX_UseMaxFragment(ctx, CYASSL_MFL_2_11)); AssertIntEQ(SSL_SUCCESS, CyaSSL_CTX_UseMaxFragment(ctx, CYASSL_MFL_2_12)); AssertIntEQ(SSL_SUCCESS, CyaSSL_CTX_UseMaxFragment(ctx, CYASSL_MFL_2_13)); AssertIntEQ(SSL_SUCCESS, CyaSSL_UseMaxFragment( ssl, CYASSL_MFL_2_9)); AssertIntEQ(SSL_SUCCESS, CyaSSL_UseMaxFragment( ssl, CYASSL_MFL_2_10)); AssertIntEQ(SSL_SUCCESS, CyaSSL_UseMaxFragment( ssl, CYASSL_MFL_2_11)); AssertIntEQ(SSL_SUCCESS, CyaSSL_UseMaxFragment( ssl, CYASSL_MFL_2_12)); AssertIntEQ(SSL_SUCCESS, CyaSSL_UseMaxFragment( ssl, CYASSL_MFL_2_13)); CyaSSL_free(ssl); CyaSSL_CTX_free(ctx); #endif }
static void test_CyaSSL_UseSupportedCurve(void) { #ifdef HAVE_SUPPORTED_CURVES CYASSL_CTX *ctx = CyaSSL_CTX_new(CyaSSLv23_client_method()); CYASSL *ssl = CyaSSL_new(ctx); AssertNotNull(ctx); AssertNotNull(ssl); #ifndef NO_CYASSL_CLIENT /* error cases */ AssertIntNE(SSL_SUCCESS, CyaSSL_CTX_UseSupportedCurve(NULL, CYASSL_ECC_SECP160R1)); AssertIntNE(SSL_SUCCESS, CyaSSL_CTX_UseSupportedCurve(ctx, 0)); AssertIntNE(SSL_SUCCESS, CyaSSL_UseSupportedCurve(NULL, CYASSL_ECC_SECP160R1)); AssertIntNE(SSL_SUCCESS, CyaSSL_UseSupportedCurve(ssl, 0)); /* success case */ AssertIntEQ(SSL_SUCCESS, CyaSSL_CTX_UseSupportedCurve(ctx, CYASSL_ECC_SECP160R1)); AssertIntEQ(SSL_SUCCESS, CyaSSL_UseSupportedCurve(ssl, CYASSL_ECC_SECP160R1)); #endif CyaSSL_free(ssl); CyaSSL_CTX_free(ctx); #endif }
int test_CyaSSL_Method_Allocators(void) { #ifndef NO_OLD_TLS test_method(CyaSSLv3_server_method(), "CyaSSLv3_server_method()"); test_method(CyaSSLv3_client_method(), "CyaSSLv3_client_method()"); test_method(CyaTLSv1_server_method(), "CyaTLSv1_server_method()"); test_method(CyaTLSv1_client_method(), "CyaTLSv1_client_method()"); test_method(CyaTLSv1_1_server_method(), "CyaTLSv1_1_server_method()"); test_method(CyaTLSv1_1_client_method(), "CyaTLSv1_1_client_method()"); #endif /* NO_OLD_TLS */ test_method(CyaTLSv1_2_server_method(), "CyaTLSv1_2_server_method()"); test_method(CyaTLSv1_2_client_method(), "CyaTLSv1_2_client_method()"); test_method(CyaSSLv23_client_method(), "CyaSSLv23_client_method()"); #ifdef CYASSL_DTLS test_method(CyaDTLSv1_server_method(), "CyaDTLSv1_server_method()"); test_method(CyaDTLSv1_client_method(), "CyaDTLSv1_client_method()"); #endif /* CYASSL_DTLS */ #ifdef OPENSSL_EXTRA test_method2(CyaSSLv2_server_method(), "CyaSSLv2_server_method()"); test_method2(CyaSSLv2_client_method(), "CyaSSLv2_client_method()"); #endif /* OPENSSL_EXTRA */ return TEST_SUCCESS; }
int test_CyaSSL_CTX_load_verify_locations(void) { CYASSL_METHOD *method; CYASSL_CTX *ctx; method = CyaSSLv23_client_method(); if (method == NULL) { printf("test_CyaSSL_CTX_load_verify_locations() cannot create method\n"); return TEST_FAIL; } ctx = CyaSSL_CTX_new(method); if (ctx == NULL) { printf("test_CyaSSL_CTX_load_verify_locations() cannot create context\n"); free(method); return TEST_FAIL; } test_lvl(NULL, NULL, NULL, SSL_FAILURE, "CyaSSL_CTX_load_verify_locations(NULL, NULL, NULL)"); test_lvl(ctx, NULL, NULL, SSL_FAILURE, "CyaSSL_CTX_load_verify_locations(ctx, NULL, NULL)"); test_lvl(NULL, caCert, NULL, SSL_FAILURE, "CyaSSL_CTX_load_verify_locations(ctx, NULL, NULL)"); test_lvl(ctx, caCert, bogusFile, SSL_FAILURE, "CyaSSL_CTX_load_verify_locations(ctx, caCert, bogusFile)"); /* Add a test for the certs directory path loading. */ /* There is a leak here. If you load a second cert, the first one is lost. */ #ifndef NO_RSA test_lvl(ctx, caCert, 0, SSL_SUCCESS, "CyaSSL_CTX_load_verify_locations(ctx, caCert, 0)"); #else test_lvl(ctx, caCert, 0, SSL_FAILURE, "NO_RSA: CyaSSL_CTX_load_verify_locations(ctx, caCert, 0)"); #endif CyaSSL_CTX_free(ctx); return TEST_SUCCESS; }
static void test_CyaSSL_UseTruncatedHMAC(void) { #ifdef HAVE_TRUNCATED_HMAC CYASSL_CTX *ctx = CyaSSL_CTX_new(CyaSSLv23_client_method()); CYASSL *ssl = CyaSSL_new(ctx); AssertNotNull(ctx); AssertNotNull(ssl); /* error cases */ AssertIntNE(SSL_SUCCESS, CyaSSL_CTX_UseTruncatedHMAC(NULL)); AssertIntNE(SSL_SUCCESS, CyaSSL_UseTruncatedHMAC(NULL)); /* success case */ AssertIntEQ(SSL_SUCCESS, CyaSSL_CTX_UseTruncatedHMAC(ctx)); AssertIntEQ(SSL_SUCCESS, CyaSSL_UseTruncatedHMAC(ssl)); CyaSSL_free(ssl); CyaSSL_CTX_free(ctx); #endif }
void echoclient_test(void* args) { SOCKET_T sockfd = 0; FILE* fin = stdin; FILE* fout = stdout; int inCreated = 0; int outCreated = 0; char msg[1024]; char reply[1024]; SSL_METHOD* method = 0; SSL_CTX* ctx = 0; SSL* ssl = 0; int doDTLS = 0; int doLeanPSK = 0; int sendSz; int argc = 0; char** argv = 0; ((func_args*)args)->return_code = -1; /* error state */ argc = ((func_args*)args)->argc; argv = ((func_args*)args)->argv; if (argc >= 2) { fin = fopen(argv[1], "r"); inCreated = 1; } if (argc >= 3) { fout = fopen(argv[2], "w"); outCreated = 1; } if (!fin) err_sys("can't open input file"); if (!fout) err_sys("can't open output file"); #ifdef CYASSL_DTLS doDTLS = 1; #endif #ifdef CYASSL_LEANPSK doLeanPSK = 1; #endif #if defined(CYASSL_DTLS) method = DTLSv1_client_method(); #elif !defined(NO_TLS) method = CyaSSLv23_client_method(); #else method = SSLv3_client_method(); #endif ctx = SSL_CTX_new(method); #ifndef NO_FILESYSTEM if (SSL_CTX_load_verify_locations(ctx, caCert, 0) != SSL_SUCCESS) err_sys("can't load ca file, Please run from CyaSSL home dir"); #ifdef HAVE_ECC if (SSL_CTX_load_verify_locations(ctx, eccCert, 0) != SSL_SUCCESS) err_sys("can't load ca file, Please run from CyaSSL home dir"); #endif #elif !defined(NO_CERTS) if (!doLeanPSK) load_buffer(ctx, caCert, CYASSL_CA); #endif #if defined(CYASSL_SNIFFER) && !defined(HAVE_NTRU) && !defined(HAVE_ECC) /* don't use EDH, can't sniff tmp keys */ SSL_CTX_set_cipher_list(ctx, "AES256-SHA"); #endif if (doLeanPSK) { #ifdef CYASSL_LEANPSK CyaSSL_CTX_set_psk_client_callback(ctx, my_psk_client_cb); SSL_CTX_set_cipher_list(ctx, "PSK-NULL-SHA"); #endif } #ifdef OPENSSL_EXTRA SSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack); #endif ssl = SSL_new(ctx); if (doDTLS) { SOCKADDR_IN_T addr; build_addr(&addr, yasslIP, yasslPort); CyaSSL_dtls_set_peer(ssl, &addr, sizeof(addr)); tcp_socket(&sockfd, 1); } else { tcp_connect(&sockfd, yasslIP, yasslPort, 0); } SSL_set_fd(ssl, sockfd); #if defined(USE_WINDOWS_API) && defined(CYASSL_DTLS) && defined(NO_MAIN_DRIVER) /* let echoserver bind first, TODO: add Windows signal like pthreads does */ Sleep(100); #endif if (SSL_connect(ssl) != SSL_SUCCESS) err_sys("SSL_connect failed"); while (fgets(msg, sizeof(msg), fin)) { sendSz = (int)strlen(msg); if (SSL_write(ssl, msg, sendSz) != sendSz) err_sys("SSL_write failed"); if (strncmp(msg, "quit", 4) == 0) { fputs("sending server shutdown command: quit!\n", fout); break; } if (strncmp(msg, "break", 5) == 0) { fputs("sending server session close: break!\n", fout); break; } while (sendSz) { int got; if ( (got = SSL_read(ssl, reply, sizeof(reply))) > 0) { reply[got] = 0; fputs(reply, fout); sendSz -= got; } else break; } } #ifdef CYASSL_DTLS strncpy(msg, "break", 6); sendSz = (int)strlen(msg); /* try to tell server done */ SSL_write(ssl, msg, sendSz); #else SSL_shutdown(ssl); #endif SSL_free(ssl); SSL_CTX_free(ctx); fflush(fout); if (inCreated) fclose(fin); if (outCreated) fclose(fout); CloseSocket(sockfd); ((func_args*)args)->return_code = 0; }
/** * \brief Initializes the cyassl library and creates the context * \return 1 if successfull <0 other way */ inline static CYASSL_CTX* init_cyaSSL( void ) { CyaSSL_Init(); return CyaSSL_CTX_new( CyaSSLv23_client_method() ); }
static void test_CyaSSL_UseSNI(void) { #ifdef HAVE_SNI callback_functions client_callbacks = {CyaSSLv23_client_method, 0, 0, 0}; callback_functions server_callbacks = {CyaSSLv23_server_method, 0, 0, 0}; CYASSL_CTX *ctx = CyaSSL_CTX_new(CyaSSLv23_client_method()); CYASSL *ssl = CyaSSL_new(ctx); AssertNotNull(ctx); AssertNotNull(ssl); /* error cases */ AssertIntNE(SSL_SUCCESS, CyaSSL_CTX_UseSNI(NULL, 0, (void *) "ctx", XSTRLEN("ctx"))); AssertIntNE(SSL_SUCCESS, CyaSSL_UseSNI( NULL, 0, (void *) "ssl", XSTRLEN("ssl"))); AssertIntNE(SSL_SUCCESS, CyaSSL_CTX_UseSNI(ctx, -1, (void *) "ctx", XSTRLEN("ctx"))); AssertIntNE(SSL_SUCCESS, CyaSSL_UseSNI( ssl, -1, (void *) "ssl", XSTRLEN("ssl"))); AssertIntNE(SSL_SUCCESS, CyaSSL_CTX_UseSNI(ctx, 0, (void *) NULL, XSTRLEN("ctx"))); AssertIntNE(SSL_SUCCESS, CyaSSL_UseSNI( ssl, 0, (void *) NULL, XSTRLEN("ssl"))); /* success case */ AssertIntEQ(SSL_SUCCESS, CyaSSL_CTX_UseSNI(ctx, 0, (void *) "ctx", XSTRLEN("ctx"))); AssertIntEQ(SSL_SUCCESS, CyaSSL_UseSNI( ssl, 0, (void *) "ssl", XSTRLEN("ssl"))); CyaSSL_free(ssl); CyaSSL_CTX_free(ctx); /* Testing success case at ctx */ client_callbacks.ctx_ready = server_callbacks.ctx_ready = use_SNI_at_ctx; server_callbacks.on_result = verify_SNI_real_matching; test_CyaSSL_client_server(&client_callbacks, &server_callbacks); /* Testing success case at ssl */ client_callbacks.ctx_ready = server_callbacks.ctx_ready = NULL; client_callbacks.ssl_ready = server_callbacks.ssl_ready = use_SNI_at_ssl; test_CyaSSL_client_server(&client_callbacks, &server_callbacks); /* Testing default mismatch behaviour */ client_callbacks.ssl_ready = different_SNI_at_ssl; client_callbacks.on_result = verify_SNI_abort_on_client; server_callbacks.on_result = verify_SNI_abort_on_server; test_CyaSSL_client_server(&client_callbacks, &server_callbacks); client_callbacks.on_result = NULL; /* Testing continue on mismatch */ client_callbacks.ssl_ready = different_SNI_at_ssl; server_callbacks.ssl_ready = use_SNI_WITH_CONTINUE_at_ssl; server_callbacks.on_result = verify_SNI_no_matching; test_CyaSSL_client_server(&client_callbacks, &server_callbacks); /* Testing fake answer on mismatch */ server_callbacks.ssl_ready = use_SNI_WITH_FAKE_ANSWER_at_ssl; server_callbacks.on_result = verify_SNI_fake_matching; test_CyaSSL_client_server(&client_callbacks, &server_callbacks); test_CyaSSL_SNI_GetFromBuffer(); #endif }
static void test_client_nofail(void* args) { SOCKET_T sockfd = 0; CYASSL_METHOD* method = 0; CYASSL_CTX* ctx = 0; CYASSL* ssl = 0; char msg[64] = "hello cyassl!"; char reply[1024]; int input; int msgSz = (int)strlen(msg); #ifdef CYASSL_TIRTOS fdOpenSession(Task_self()); #endif ((func_args*)args)->return_code = TEST_FAIL; method = CyaSSLv23_client_method(); ctx = CyaSSL_CTX_new(method); #ifdef OPENSSL_EXTRA CyaSSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack); #endif if (CyaSSL_CTX_load_verify_locations(ctx, caCert, 0) != SSL_SUCCESS) { /* err_sys("can't load ca file, Please run from CyaSSL home dir");*/ goto done2; } if (CyaSSL_CTX_use_certificate_file(ctx, cliCert, SSL_FILETYPE_PEM) != SSL_SUCCESS) { /*err_sys("can't load client cert file, " "Please run from CyaSSL home dir");*/ goto done2; } if (CyaSSL_CTX_use_PrivateKey_file(ctx, cliKey, SSL_FILETYPE_PEM) != SSL_SUCCESS) { /*err_sys("can't load client key file, " "Please run from CyaSSL home dir");*/ goto done2; } tcp_connect(&sockfd, yasslIP, ((func_args*)args)->signal->port, 0); ssl = CyaSSL_new(ctx); CyaSSL_set_fd(ssl, sockfd); if (CyaSSL_connect(ssl) != SSL_SUCCESS) { int err = CyaSSL_get_error(ssl, 0); char buffer[CYASSL_MAX_ERROR_SZ]; printf("err = %d, %s\n", err, CyaSSL_ERR_error_string(err, buffer)); /*printf("SSL_connect failed");*/ goto done2; } if (CyaSSL_write(ssl, msg, msgSz) != msgSz) { /*err_sys("SSL_write failed");*/ goto done2; } input = CyaSSL_read(ssl, reply, sizeof(reply)-1); if (input > 0) { reply[input] = 0; printf("Server response: %s\n", reply); } done2: CyaSSL_free(ssl); CyaSSL_CTX_free(ctx); CloseSocket(sockfd); ((func_args*)args)->return_code = TEST_SUCCESS; #ifdef CYASSL_TIRTOS fdCloseSession(Task_self()); #endif return; }
void echoclient_test(void* args) { SOCKET_T sockfd = 0; FILE* fin = stdin ; FILE* fout = stdout; int inCreated = 0; int outCreated = 0; char msg[1024]; char reply[1024+1]; SSL_METHOD* method = 0; SSL_CTX* ctx = 0; SSL* ssl = 0; int doDTLS = 0; int doPSK = 0; int sendSz; int argc = 0; char** argv = 0; word16 port = yasslPort; ((func_args*)args)->return_code = -1; /* error state */ #ifndef WOLFSSL_MDK_SHELL argc = ((func_args*)args)->argc; argv = ((func_args*)args)->argv; #endif if (argc >= 2) { fin = fopen(argv[1], "r"); inCreated = 1; } if (argc >= 3) { fout = fopen(argv[2], "w"); outCreated = 1; } if (!fin) err_sys("can't open input file"); if (!fout) err_sys("can't open output file"); #ifdef CYASSL_DTLS doDTLS = 1; #endif #ifdef CYASSL_LEANPSK doPSK = 1; #endif #if defined(NO_RSA) && !defined(HAVE_ECC) doPSK = 1; #endif #if defined(NO_MAIN_DRIVER) && !defined(USE_WINDOWS_API) && !defined(WOLFSSL_MDK_SHELL) port = ((func_args*)args)->signal->port; #endif #if defined(CYASSL_DTLS) method = DTLSv1_2_client_method(); #elif !defined(NO_TLS) method = CyaSSLv23_client_method(); #elif defined(WOLFSSL_ALLOW_SSLV3) method = SSLv3_client_method(); #else #error "no valid client method type" #endif ctx = SSL_CTX_new(method); #ifndef NO_FILESYSTEM #ifndef NO_RSA if (SSL_CTX_load_verify_locations(ctx, caCert, 0) != SSL_SUCCESS) err_sys("can't load ca file, Please run from wolfSSL home dir"); #endif #ifdef HAVE_ECC if (SSL_CTX_load_verify_locations(ctx, eccCert, 0) != SSL_SUCCESS) err_sys("can't load ca file, Please run from wolfSSL home dir"); #endif #elif !defined(NO_CERTS) if (!doPSK) load_buffer(ctx, caCert, CYASSL_CA); #endif #if defined(CYASSL_SNIFFER) /* don't use EDH, can't sniff tmp keys */ SSL_CTX_set_cipher_list(ctx, "AES256-SHA"); #endif if (doPSK) { #ifndef NO_PSK const char *defaultCipherList; CyaSSL_CTX_set_psk_client_callback(ctx, my_psk_client_cb); #ifdef HAVE_NULL_CIPHER defaultCipherList = "PSK-NULL-SHA256"; #elif defined(HAVE_AESGCM) && !defined(NO_DH) defaultCipherList = "DHE-PSK-AES128-GCM-SHA256"; #else defaultCipherList = "PSK-AES128-CBC-SHA256"; #endif if (CyaSSL_CTX_set_cipher_list(ctx,defaultCipherList) !=SSL_SUCCESS) err_sys("client can't set cipher list 2"); #endif } #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) SSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack); #endif #if defined(WOLFSSL_MDK_ARM) CyaSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0); #endif ssl = SSL_new(ctx); tcp_connect(&sockfd, yasslIP, port, doDTLS, ssl); SSL_set_fd(ssl, sockfd); #if defined(USE_WINDOWS_API) && defined(CYASSL_DTLS) && defined(NO_MAIN_DRIVER) /* let echoserver bind first, TODO: add Windows signal like pthreads does */ Sleep(100); #endif if (SSL_connect(ssl) != SSL_SUCCESS) err_sys("SSL_connect failed"); while (fgets(msg, sizeof(msg), fin) != 0) { sendSz = (int)strlen(msg); if (SSL_write(ssl, msg, sendSz) != sendSz) err_sys("SSL_write failed"); if (strncmp(msg, "quit", 4) == 0) { fputs("sending server shutdown command: quit!\n", fout); break; } if (strncmp(msg, "break", 5) == 0) { fputs("sending server session close: break!\n", fout); break; } #ifndef WOLFSSL_MDK_SHELL while (sendSz) { int got; if ( (got = SSL_read(ssl, reply, sizeof(reply)-1)) > 0) { reply[got] = 0; fputs(reply, fout); fflush(fout) ; sendSz -= got; } else break; } #else { int got; if ( (got = SSL_read(ssl, reply, sizeof(reply)-1)) > 0) { reply[got] = 0; fputs(reply, fout); fflush(fout) ; sendSz -= got; } } #endif } #ifdef CYASSL_DTLS strncpy(msg, "break", 6); sendSz = (int)strlen(msg); /* try to tell server done */ SSL_write(ssl, msg, sendSz); #else SSL_shutdown(ssl); #endif SSL_free(ssl); SSL_CTX_free(ctx); fflush(fout); if (inCreated) fclose(fin); if (outCreated) fclose(fout); CloseSocket(sockfd); ((func_args*)args)->return_code = 0; }
int test_client_CyaSSL_new(void) { int result; CYASSL_CTX *ctx; CYASSL_CTX *ctx_nocert; CYASSL *ssl; ctx = CyaSSL_CTX_new(CyaSSLv23_client_method()); if (ctx == NULL) { printf("test_client_CyaSSL_new() cannot create context\n"); return TEST_FAIL; } result = CyaSSL_CTX_load_verify_locations(ctx, caCert, 0); if (result == SSL_FAILURE) { printf("test_client_CyaSSL_new() cannot obtain certificate\n"); CyaSSL_CTX_free(ctx); return TEST_FAIL; } ctx_nocert = CyaSSL_CTX_new(CyaSSLv23_client_method()); if (ctx_nocert == NULL) { printf("test_client_CyaSSL_new() cannot create bogus context\n"); CyaSSL_CTX_free(ctx); return TEST_FAIL; } printf(testingFmt, "CyaSSL_new(NULL) client"); ssl = CyaSSL_new(NULL); if (ssl != NULL) { printf(resultFmt, failed); CyaSSL_free(ssl); } else printf(resultFmt, passed); printf(testingFmt, "CyaSSL_new(ctx_nocert) client"); ssl = CyaSSL_new(ctx_nocert); if (ssl == NULL) printf(resultFmt, failed); else { printf(resultFmt, passed); CyaSSL_free(ssl); } printf(testingFmt, "CyaSSL_new(ctx) client"); ssl = CyaSSL_new(ctx); if (ssl == NULL) printf(resultFmt, failed); else { printf(resultFmt, passed); CyaSSL_free(ssl); } CyaSSL_CTX_free(ctx_nocert); CyaSSL_CTX_free(ctx); return TEST_SUCCESS; }