Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
OpenHarmony
Third Party Openssl
提交
a8989362
T
Third Party Openssl
项目概览
OpenHarmony
/
Third Party Openssl
1 年多 前同步成功
通知
10
Star
18
Fork
1
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
T
Third Party Openssl
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
提交
a8989362
编写于
7月 15, 2013
作者:
A
Adam Langley
提交者:
Ben Laurie
7月 22, 2013
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Add tests for ALPN functionality.
Conflicts: ssl/ssltest.c
上级
a108f841
变更
3
隐藏空白更改
内联
并排
Showing
3 changed file
with
174 addition
and
0 deletion
+174
-0
apps/s_client.c
apps/s_client.c
+1
-0
ssl/ssltest.c
ssl/ssltest.c
+161
-0
test/testssl
test/testssl
+12
-0
未找到文件。
apps/s_client.c
浏览文件 @
a8989362
...
...
@@ -1329,6 +1329,7 @@ bad:
goto
end
;
}
SSL_CTX_set_alpn_protos
(
ctx
,
alpn
,
alpn_len
);
OPENSSL_free
(
alpn
);
}
#endif
#ifndef OPENSSL_NO_TLSEXT
...
...
ssl/ssltest.c
浏览文件 @
a8989362
...
...
@@ -370,6 +370,127 @@ static int verify_npn(SSL *client, SSL *server)
}
#endif
static
const
char
*
alpn_client
;
static
const
char
*
alpn_server
;
static
const
char
*
alpn_expected
;
static
unsigned
char
*
alpn_selected
;
/* next_protos_parse parses a comma separated list of strings into a string
* in a format suitable for passing to SSL_CTX_set_next_protos_advertised.
* outlen: (output) set to the length of the resulting buffer on success.
* err: (maybe NULL) on failure, an error message line is written to this BIO.
* in: a NUL termianted string like "abc,def,ghi"
*
* returns: a malloced buffer or NULL on failure.
*/
static
unsigned
char
*
next_protos_parse
(
unsigned
short
*
outlen
,
const
char
*
in
)
{
size_t
len
;
unsigned
char
*
out
;
size_t
i
,
start
=
0
;
len
=
strlen
(
in
);
if
(
len
>=
65535
)
return
NULL
;
out
=
OPENSSL_malloc
(
strlen
(
in
)
+
1
);
if
(
!
out
)
return
NULL
;
for
(
i
=
0
;
i
<=
len
;
++
i
)
{
if
(
i
==
len
||
in
[
i
]
==
','
)
{
if
(
i
-
start
>
255
)
{
OPENSSL_free
(
out
);
return
NULL
;
}
out
[
start
]
=
i
-
start
;
start
=
i
+
1
;
}
else
out
[
i
+
1
]
=
in
[
i
];
}
*
outlen
=
len
+
1
;
return
out
;
}
static
int
cb_server_alpn
(
SSL
*
s
,
const
unsigned
char
**
out
,
unsigned
char
*
outlen
,
const
unsigned
char
*
in
,
unsigned
int
inlen
,
void
*
arg
)
{
unsigned
char
*
protos
;
unsigned
short
protos_len
;
protos
=
next_protos_parse
(
&
protos_len
,
alpn_server
);
if
(
protos
==
NULL
)
{
fprintf
(
stderr
,
"failed to parser ALPN server protocol string: %s
\n
"
,
alpn_server
);
abort
();
}
if
(
SSL_select_next_proto
((
unsigned
char
**
)
out
,
outlen
,
protos
,
protos_len
,
in
,
inlen
)
!=
OPENSSL_NPN_NEGOTIATED
)
{
OPENSSL_free
(
protos
);
return
SSL_TLSEXT_ERR_NOACK
;
}
/* Make a copy of the selected protocol which will be freed in verify_alpn. */
alpn_selected
=
OPENSSL_malloc
(
*
outlen
);
memcpy
(
alpn_selected
,
*
out
,
*
outlen
);
*
out
=
alpn_selected
;
OPENSSL_free
(
protos
);
return
SSL_TLSEXT_ERR_OK
;
}
static
int
verify_alpn
(
SSL
*
client
,
SSL
*
server
)
{
const
unsigned
char
*
client_proto
,
*
server_proto
;
unsigned
int
client_proto_len
=
0
,
server_proto_len
=
0
;
SSL_get0_alpn_selected
(
client
,
&
client_proto
,
&
client_proto_len
);
SSL_get0_alpn_selected
(
server
,
&
server_proto
,
&
server_proto_len
);
if
(
alpn_selected
!=
NULL
)
{
OPENSSL_free
(
alpn_selected
);
alpn_selected
=
NULL
;
}
if
(
client_proto_len
!=
server_proto_len
||
memcmp
(
client_proto
,
server_proto
,
client_proto_len
)
!=
0
)
{
BIO_printf
(
bio_stdout
,
"ALPN selected protocols differ!
\n
"
);
goto
err
;
}
if
(
client_proto_len
>
0
&&
alpn_expected
==
NULL
)
{
BIO_printf
(
bio_stdout
,
"ALPN unexpectedly negotiated
\n
"
);
goto
err
;
}
if
(
alpn_expected
!=
NULL
&&
(
client_proto_len
!=
strlen
(
alpn_expected
)
||
memcmp
(
client_proto
,
alpn_expected
,
client_proto_len
)
!=
0
))
{
BIO_printf
(
bio_stdout
,
"ALPN selected protocols not equal to expected protocol: %s
\n
"
,
alpn_expected
);
goto
err
;
}
return
0
;
err:
BIO_printf
(
bio_stdout
,
"ALPN results: client: '"
);
BIO_write
(
bio_stdout
,
client_proto
,
client_proto_len
);
BIO_printf
(
bio_stdout
,
"', server: '"
);
BIO_write
(
bio_stdout
,
server_proto
,
server_proto_len
);
BIO_printf
(
bio_stdout
,
"'
\n
"
);
BIO_printf
(
bio_stdout
,
"ALPN configured: client: '%s', server: '%s'
\n
"
,
alpn_client
,
alpn_server
);
return
-
1
;
}
#define SCT_EXT_TYPE 18
/* WARNING : below extension types are *NOT* IETF assigned, and
...
...
@@ -689,6 +810,9 @@ static void sv_usage(void)
fprintf
(
stderr
,
" -serverinfo_sct - have client offer and expect SCT
\n
"
);
fprintf
(
stderr
,
" -serverinfo_tack - have client offer and expect TACK
\n
"
);
fprintf
(
stderr
,
" -custom_ext - try various custom extension callbacks
\n
"
);
fprintf
(
stderr
,
" -alpn_client <string> - have client side offer ALPN
\n
"
);
fprintf
(
stderr
,
" -alpn_server <string> - have server side offer ALPN
\n
"
);
fprintf
(
stderr
,
" -alpn_expected <string> - the ALPN protocol that should be negotiated
\n
"
);
}
static
void
print_details
(
SSL
*
c_ssl
,
const
char
*
prefix
)
...
...
@@ -1118,6 +1242,21 @@ int main(int argc, char *argv[])
{
custom_ext
=
1
;
}
else
if
(
strcmp
(
*
argv
,
"-alpn_client"
)
==
0
)
{
if
(
--
argc
<
1
)
goto
bad
;
alpn_client
=
*
(
++
argv
);
}
else
if
(
strcmp
(
*
argv
,
"-alpn_server"
)
==
0
)
{
if
(
--
argc
<
1
)
goto
bad
;
alpn_server
=
*
(
++
argv
);
}
else
if
(
strcmp
(
*
argv
,
"-alpn_expected"
)
==
0
)
{
if
(
--
argc
<
1
)
goto
bad
;
alpn_expected
=
*
(
++
argv
);
}
else
{
fprintf
(
stderr
,
"unknown option %s
\n
"
,
*
argv
);
...
...
@@ -1487,6 +1626,23 @@ bad:
custom_ext_3_srv_second_cb
,
NULL
);
}
if
(
alpn_server
)
SSL_CTX_set_alpn_select_cb
(
s_ctx
,
cb_server_alpn
,
NULL
);
if
(
alpn_client
)
{
unsigned
short
alpn_len
;
unsigned
char
*
alpn
=
next_protos_parse
(
&
alpn_len
,
alpn_client
);
if
(
alpn
==
NULL
)
{
BIO_printf
(
bio_err
,
"Error parsing -alpn_client argument
\n
"
);
goto
end
;
}
SSL_CTX_set_alpn_protos
(
c_ctx
,
alpn
,
alpn_len
);
OPENSSL_free
(
alpn
);
}
c_ssl
=
SSL_new
(
c_ctx
);
s_ssl
=
SSL_new
(
s_ctx
);
...
...
@@ -1949,6 +2105,11 @@ int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count,
ret
=
1
;
goto
err
;
}
if
(
verify_alpn
(
c_ssl
,
s_ssl
)
<
0
)
{
ret
=
1
;
goto
err
;
}
if
(
custom_ext_error
)
{
...
...
test/testssl
浏览文件 @
a8989362
...
...
@@ -195,6 +195,18 @@ $ssltest -bio_pair -tls1 -serverinfo_file $serverinfo -serverinfo_sct -serverinf
$ssltest
-bio_pair
-tls1
-custom_ext
-serverinfo_file
$serverinfo
-serverinfo_sct
-serverinfo_tack
||
exit
1
#############################################################################
# ALPN tests
$ssltest
-bio_pair
-tls1
-alpn_client
foo
-alpn_server
bar
||
exit
1
$ssltest
-bio_pair
-tls1
-alpn_client
foo
-alpn_server
foo
-alpn_expected
foo
||
exit
1
$ssltest
-bio_pair
-tls1
-alpn_client
foo,bar
-alpn_server
foo
-alpn_expected
foo
||
exit
1
$ssltest
-bio_pair
-tls1
-alpn_client
bar,foo
-alpn_server
foo
-alpn_expected
foo
||
exit
1
$ssltest
-bio_pair
-tls1
-alpn_client
bar,foo
-alpn_server
foo,bar
-alpn_expected
foo
||
exit
1
$ssltest
-bio_pair
-tls1
-alpn_client
bar,foo
-alpn_server
bar,foo
-alpn_expected
bar
||
exit
1
$ssltest
-bio_pair
-tls1
-alpn_client
foo,bar
-alpn_server
bar,foo
-alpn_expected
bar
||
exit
1
$ssltest
-bio_pair
-tls1
-alpn_client
baz
-alpn_server
bar,foo
||
exit
1
if
../util/shlib_wrap.sh ../apps/openssl no-srp
;
then
echo
skipping SRP tests
else
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录