[tor-commits] [tor/master] Merge remote-tracking branch 'public/ticket11150_client_only'
nickm at torproject.org
nickm at torproject.org
Fri Nov 13 15:18:46 UTC 2015
commit d4672273233d539889f85cad1676395e46e48ef7
Merge: accb726 9d019a7
Author: Nick Mathewson <nickm at torproject.org>
Date: Fri Nov 13 09:58:16 2015 -0500
Merge remote-tracking branch 'public/ticket11150_client_only'
changes/11150 | 6 ++
src/common/tortls.c | 213 +----------------------------------------------
src/common/tortls.h | 3 -
src/or/connection_or.c | 70 ++++------------
src/test/test_tortls.c | 216 ------------------------------------------------
5 files changed, 28 insertions(+), 480 deletions(-)
diff --cc src/test/test_tortls.c
index dceecf4,5f20269..b1d91a6
--- a/src/test/test_tortls.c
+++ b/src/test/test_tortls.c
@@@ -2309,66 -2104,64 +2168,8 @@@ test_tortls_write(void *ignored
teardown_capture_of_logs(previous_log);
tor_free(tls->ssl);
tor_free(tls);
-}
-
-static int fixed_ssl_renegotiate_result;
-
-static int
-fixed_ssl_renegotiate(SSL *s)
-{
- (void) s;
- return fixed_ssl_renegotiate_result;
-}
-
-static void
-test_tortls_renegotiate(void *ignored)
-{
- (void)ignored;
- int ret;
- tor_tls_t *tls;
- SSL_CTX *ctx;
- SSL_METHOD *method = give_me_a_test_method();
- int previous_log = setup_capture_of_logs(LOG_WARN);
-
- SSL_library_init();
- SSL_load_error_strings();
-
- ctx = SSL_CTX_new(TLSv1_method());
-
- tls = tor_malloc_zero(sizeof(tor_tls_t));
- tls->ssl = SSL_new(ctx);
- tls->state = TOR_TLS_ST_OPEN;
-
- ret = tor_tls_renegotiate(tls);
- tt_int_op(ret, OP_EQ, -9);
-
- tls->ssl->method = method;
- method->ssl_renegotiate = fixed_ssl_renegotiate;
- fixed_ssl_renegotiate_result = 0;
- ERR_clear_error();
- ret = tor_tls_renegotiate(tls);
- tt_int_op(ret, OP_EQ, -9);
-
- ERR_clear_error();
- tls->ssl->handshake_func = dummy_handshake_func;
- tls->state = TOR_TLS_ST_RENEGOTIATE;
- ret = tor_tls_renegotiate(tls);
- tt_int_op(ret, OP_EQ, TOR_TLS_DONE);
-
- ERR_clear_error();
- tls->state = TOR_TLS_ST_OPEN;
- fixed_ssl_renegotiate_result = -1;
- ret = tor_tls_renegotiate(tls);
- tt_int_op(ret, OP_EQ, -9);
-
- done:
- teardown_capture_of_logs(previous_log);
- SSL_free(tls->ssl);
- SSL_CTX_free(ctx);
- tor_free(tls);
+ tor_free(method);
}
-
- static int fixed_ssl_renegotiate_result;
-
- static int
- fixed_ssl_renegotiate(SSL *s)
- {
- (void) s;
- return fixed_ssl_renegotiate_result;
- }
-
- static void
- test_tortls_renegotiate(void *ignored)
- {
- (void)ignored;
- int ret;
- tor_tls_t *tls;
- SSL_CTX *ctx;
- SSL_METHOD *method = give_me_a_test_method();
- int previous_log = setup_capture_of_logs(LOG_WARN);
-
- SSL_library_init();
- SSL_load_error_strings();
-
- ctx = SSL_CTX_new(TLSv1_method());
-
- tls = tor_malloc_zero(sizeof(tor_tls_t));
- tls->ssl = SSL_new(ctx);
- tls->state = TOR_TLS_ST_OPEN;
-
- ret = tor_tls_renegotiate(tls);
- tt_int_op(ret, OP_EQ, -9);
-
- tls->ssl->method = method;
- method->ssl_renegotiate = fixed_ssl_renegotiate;
- fixed_ssl_renegotiate_result = 0;
- ERR_clear_error();
- ret = tor_tls_renegotiate(tls);
- tt_int_op(ret, OP_EQ, -9);
-
- ERR_clear_error();
- tls->ssl->handshake_func = dummy_handshake_func;
- tls->state = TOR_TLS_ST_RENEGOTIATE;
- ret = tor_tls_renegotiate(tls);
- tt_int_op(ret, OP_EQ, TOR_TLS_DONE);
-
- ERR_clear_error();
- tls->state = TOR_TLS_ST_OPEN;
- fixed_ssl_renegotiate_result = -1;
- ret = tor_tls_renegotiate(tls);
- tt_int_op(ret, OP_EQ, -9);
-
- done:
- teardown_capture_of_logs(previous_log);
- SSL_free(tls->ssl);
- SSL_CTX_free(ctx);
- tor_free(tls);
- tor_free(method);
- }
#endif
#ifndef OPENSSL_OPAQUE
@@@ -2496,8 -2288,7 +2297,7 @@@ test_tortls_finish_handshake(void *igno
SSL_load_error_strings();
X509 *c1 = read_cert_from(validCertString);
-- X509 *c2 = read_cert_from(caCertString);
+ SESS_CERT_local *sess = NULL;
ctx = SSL_CTX_new(method);
@@@ -2537,33 -2328,25 +2337,20 @@@
tt_int_op(ret, OP_EQ, 0);
tt_int_op(tls->wasV2Handshake, OP_EQ, 1);
-- tls->ssl->session->peer = c2;
-- tls->wasV2Handshake = 1;
-- ret = tor_tls_finish_handshake(tls);
-- tt_int_op(ret, OP_EQ, 0);
-- tt_int_op(tls->wasV2Handshake, OP_EQ, 0);
--
-- sk_X509_push(sess->cert_chain, c2);
-- tls->wasV2Handshake = 1;
-- ret = tor_tls_finish_handshake(tls);
-- tt_int_op(ret, OP_EQ, 0);
-- tt_int_op(tls->wasV2Handshake, OP_EQ, 0);
--
method->num_ciphers = fake_num_ciphers;
ret = tor_tls_finish_handshake(tls);
tt_int_op(ret, OP_EQ, -9);
done:
- SSL_CTX_free(ctx);
+ if (sess)
+ sk_X509_free(sess->cert_chain);
+ if (tls->ssl && tls->ssl->session) {
+ tor_free(tls->ssl->session->sess_cert);
+ }
+ SSL_free(tls->ssl);
tor_free(tls);
+ SSL_CTX_free(ctx);
+ tor_free(method);
- X509_free(c1);
}
#endif
@@@ -3037,7 -2786,7 +2822,6 @@@ struct testcase_t tortls_tests[] =
INTRUSIVE_TEST_CASE(get_peer_cert, 0),
INTRUSIVE_TEST_CASE(peer_has_cert, 0),
INTRUSIVE_TEST_CASE(shutdown, 0),
-- INTRUSIVE_TEST_CASE(renegotiate, 0),
INTRUSIVE_TEST_CASE(finish_handshake, 0),
INTRUSIVE_TEST_CASE(handshake, 0),
INTRUSIVE_TEST_CASE(write, 0),
More information about the tor-commits
mailing list