[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, master, updated. gnutls-3_0_12-158-ge30cfb6
|
From: |
Nikos Mavrogiannopoulos |
|
Subject: |
[SCM] GNU gnutls branch, master, updated. gnutls-3_0_12-158-ge30cfb6 |
|
Date: |
Wed, 08 Feb 2012 17:08:24 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=e30cfb6711e20021612625d7e33d1af53fa10b58
The branch, master has been updated
via e30cfb6711e20021612625d7e33d1af53fa10b58 (commit)
via bbdd2021f7d9cfd1c89ddd577806d251bf17da21 (commit)
from fec4c0b841356f94f7fccb6a038e948b59ca24bb (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit e30cfb6711e20021612625d7e33d1af53fa10b58
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Wed Feb 8 18:12:32 2012 +0100
Added test program mini-loss2.
commit bbdd2021f7d9cfd1c89ddd577806d251bf17da21
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Wed Feb 8 17:08:40 2012 +0100
updated examples
-----------------------------------------------------------------------
Summary of changes:
.gitignore | 1 +
doc/examples/ex-client-anon.c | 2 +-
doc/examples/ex-client-dtls.c | 2 +-
doc/examples/ex-client-psk.c | 2 +-
doc/examples/ex-client-resume.c | 2 +-
doc/examples/ex-client-srp.c | 2 +-
doc/examples/ex-serv-anon.c | 2 +-
doc/examples/ex-serv-dtls.c | 2 +-
doc/examples/ex-serv-srp.c | 2 +-
doc/examples/ex-serv-x509.c | 2 +-
tests/Makefile.am | 2 +-
tests/{anonself.c => mini-loss2.c} | 276 ++++++++++++++++++------------------
12 files changed, 148 insertions(+), 149 deletions(-)
copy tests/{anonself.c => mini-loss2.c} (55%)
diff --git a/.gitignore b/.gitignore
index e723136..07c64a0 100644
--- a/.gitignore
+++ b/.gitignore
@@ -584,3 +584,4 @@ tests/x509self
tests/x509sign-verify
tests/x509signself
gl/tests/test-base64
+tests/mini-loss2
diff --git a/doc/examples/ex-client-anon.c b/doc/examples/ex-client-anon.c
index 8c06bda..ba56934 100644
--- a/doc/examples/ex-client-anon.c
+++ b/doc/examples/ex-client-anon.c
@@ -59,7 +59,7 @@ main (void)
{
ret = gnutls_handshake (session);
}
- while (gnutls_error_is_fatal (ret) == 0);
+ while (ret < 0 && gnutls_error_is_fatal (ret) == 0);
if (ret < 0)
{
diff --git a/doc/examples/ex-client-dtls.c b/doc/examples/ex-client-dtls.c
index 3c9d1ea..21e7244 100644
--- a/doc/examples/ex-client-dtls.c
+++ b/doc/examples/ex-client-dtls.c
@@ -75,7 +75,7 @@ main (void)
{
ret = gnutls_handshake (session);
}
- while (gnutls_error_is_fatal (ret) == 0);
+ while (ret < 0 && gnutls_error_is_fatal (ret) == 0);
if (ret < 0)
{
diff --git a/doc/examples/ex-client-psk.c b/doc/examples/ex-client-psk.c
index 4f83dde..f8e7207 100644
--- a/doc/examples/ex-client-psk.c
+++ b/doc/examples/ex-client-psk.c
@@ -69,7 +69,7 @@ main (void)
{
ret = gnutls_handshake (session);
}
- while (gnutls_error_is_fatal (ret) == 0);
+ while (ret < 0 && gnutls_error_is_fatal (ret) == 0);
if (ret < 0)
{
diff --git a/doc/examples/ex-client-resume.c b/doc/examples/ex-client-resume.c
index 1a041d1..c094950 100644
--- a/doc/examples/ex-client-resume.c
+++ b/doc/examples/ex-client-resume.c
@@ -67,7 +67,7 @@ main (void)
{
ret = gnutls_handshake (session);
}
- while (gnutls_error_is_fatal (ret) == 0);
+ while (ret < 0 && gnutls_error_is_fatal (ret) == 0);
if (ret < 0)
{
diff --git a/doc/examples/ex-client-srp.c b/doc/examples/ex-client-srp.c
index 89d5165..2ec86d4 100644
--- a/doc/examples/ex-client-srp.c
+++ b/doc/examples/ex-client-srp.c
@@ -66,7 +66,7 @@ main (void)
{
ret = gnutls_handshake (session);
}
- while (gnutls_error_is_fatal (ret) == 0);
+ while (ret < 0 && gnutls_error_is_fatal (ret) == 0);
if (ret < 0)
{
diff --git a/doc/examples/ex-serv-anon.c b/doc/examples/ex-serv-anon.c
index 5263b01..1d6d541 100644
--- a/doc/examples/ex-serv-anon.c
+++ b/doc/examples/ex-serv-anon.c
@@ -120,7 +120,7 @@ main (void)
{
ret = gnutls_handshake (session);
}
- while (gnutls_error_is_fatal (ret) == 0);
+ while (ret < 0 && gnutls_error_is_fatal (ret) == 0);
if (ret < 0)
{
diff --git a/doc/examples/ex-serv-dtls.c b/doc/examples/ex-serv-dtls.c
index a32a984..adcc7eb 100644
--- a/doc/examples/ex-serv-dtls.c
+++ b/doc/examples/ex-serv-dtls.c
@@ -191,7 +191,7 @@ main (void)
{
ret = gnutls_handshake (session);
}
- while (gnutls_error_is_fatal (ret) == 0);
+ while (ret < 0 && gnutls_error_is_fatal (ret) == 0);
if (ret < 0)
{
diff --git a/doc/examples/ex-serv-srp.c b/doc/examples/ex-serv-srp.c
index 5873b39..880f70c 100644
--- a/doc/examples/ex-serv-srp.c
+++ b/doc/examples/ex-serv-srp.c
@@ -121,7 +121,7 @@ main (void)
{
ret = gnutls_handshake (session);
}
- while (gnutls_error_is_fatal (ret) == 0);
+ while (ret < 0 && gnutls_error_is_fatal (ret) == 0);
if (ret < 0)
{
diff --git a/doc/examples/ex-serv-x509.c b/doc/examples/ex-serv-x509.c
index c06f13e..dedd1a1 100644
--- a/doc/examples/ex-serv-x509.c
+++ b/doc/examples/ex-serv-x509.c
@@ -140,7 +140,7 @@ main (void)
{
ret = gnutls_handshake (session);
}
- while (gnutls_error_is_fatal (ret) == 0);
+ while (ret < 0 && gnutls_error_is_fatal (ret) == 0);
if (ret < 0)
{
diff --git a/tests/Makefile.am b/tests/Makefile.am
index 99532d3..e1b6cf6 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -66,7 +66,7 @@ ctests = mini-deflate simple gc set_pkcs12_cred certder
certuniqueid \
crq_apis init_roundtrip pkcs12_s2k_pem dn2 mini-eagain \
nul-in-x509-names x509_altname pkcs12_encode mini-x509 \
mini-x509-rehandshake rng-fork mini-eagain-dtls mini-loss \
- x509cert x509cert-tl infoaccess rsa-encrypt-decrypt
+ x509cert x509cert-tl infoaccess rsa-encrypt-decrypt mini-loss2
if ENABLE_OCSP
ctests += ocsp
diff --git a/tests/anonself.c b/tests/mini-loss2.c
similarity index 55%
copy from tests/anonself.c
copy to tests/mini-loss2.c
index e2085ac..a0c0aa5 100644
--- a/tests/anonself.c
+++ b/tests/mini-loss2.c
@@ -1,7 +1,7 @@
/*
- * Copyright (C) 2004-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2012 Free Software Foundation, Inc.
*
- * Author: Simon Josefsson
+ * Author: Nikos Mavrogiannopoulos
*
* This file is part of GnuTLS.
*
@@ -20,8 +20,6 @@
* Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
-/* Parts copied from GnuTLS example programs. */
-
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
@@ -38,15 +36,24 @@
#endif
#include <unistd.h>
#include <gnutls/gnutls.h>
-
-#include "tcp.c"
+#include <gnutls/dtls.h>
#include "utils.h"
+/* This program simulates packet loss in DTLS datagrams using
+ * the blocking functions
+ */
+
+static void
+server_log_func (int level, const char *str)
+{
+ fprintf (stderr, "server|<%d>| %s", level, str);
+}
+
static void
-tls_log_func (int level, const char *str)
+client_log_func (int level, const char *str)
{
- fprintf (stderr, "|<%d>| %s", level, str);
+ fprintf (stderr, "client|<%d>| %s", level, str);
}
/* A very basic TLS client, with anonymous authentication.
@@ -55,49 +62,77 @@ tls_log_func (int level, const char *str)
#define MAX_BUF 1024
#define MSG "Hello TLS"
+static int counter;
+static int packet_to_lose;
+gnutls_session_t session;
+
+static ssize_t
+push (gnutls_transport_ptr_t tr, const void *data, size_t len)
+{
+int fd = (long int)tr;
+
+ counter++;
+ if (packet_to_lose != -1 && packet_to_lose == counter) {
+ if (debug)
+ {
+ int type = gnutls_handshake_get_last_out(session);
+
+ fprintf(stderr, "Discarding packet %d (%d)\n", counter, type);
+ }
+ return len;
+ }
+ return send(fd, data, len, 0);
+}
+
static void
-client (void)
+client (int fd, int packet)
{
- int ret, sd, ii;
- gnutls_session_t session;
+ int ret, ii;
char buffer[MAX_BUF + 1];
gnutls_anon_client_credentials_t anoncred;
/* Need to enable anonymous KX specifically. */
gnutls_global_init ();
- gnutls_global_set_log_function (tls_log_func);
if (debug)
- gnutls_global_set_log_level (4711);
+ {
+ gnutls_global_set_log_function (client_log_func);
+ gnutls_global_set_log_level (4711);
+ }
gnutls_anon_allocate_client_credentials (&anoncred);
/* Initialize TLS session
*/
- gnutls_init (&session, GNUTLS_CLIENT);
+ gnutls_init (&session, GNUTLS_CLIENT|GNUTLS_DATAGRAM);
+ gnutls_dtls_set_mtu( session, 1500);
/* Use default priorities */
- gnutls_priority_set_direct (session,
"NONE:+VERS-TLS-ALL:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-DH", NULL);
+ gnutls_priority_set_direct (session,
"NONE:+VERS-DTLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL",
NULL);
/* put the anonymous credentials to the current session
*/
gnutls_credentials_set (session, GNUTLS_CRD_ANON, anoncred);
- /* connect to the peer
- */
- sd = tcp_connect ();
+ counter = 0;
+ packet_to_lose = packet;
- gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) sd);
+ gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) fd);
+ gnutls_transport_set_push_function (session, push);
/* Perform the TLS handshake
*/
- ret = gnutls_handshake (session);
+ do
+ {
+ ret = gnutls_handshake (session);
+ }
+ while (ret < 0 && gnutls_error_is_fatal(ret) == 0);
if (ret < 0)
{
fail ("client: Handshake failed\n");
gnutls_perror (ret);
- goto end;
+ exit(1);
}
else
{
@@ -110,9 +145,14 @@ client (void)
gnutls_protocol_get_name (gnutls_protocol_get_version
(session)));
- gnutls_record_send (session, MSG, strlen (MSG));
+ do {
+ ret = gnutls_record_send (session, MSG, strlen (MSG));
+ } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED);
+
+ do {
+ ret = gnutls_record_recv (session, buffer, MAX_BUF);
+ } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED);
- ret = gnutls_record_recv (session, buffer, MAX_BUF);
if (ret == 0)
{
if (debug)
@@ -122,7 +162,7 @@ client (void)
else if (ret < 0)
{
fail ("client: Error: %s\n", gnutls_strerror (ret));
- goto end;
+ exit(1);
}
if (debug)
@@ -139,7 +179,7 @@ client (void)
end:
- tcp_close (sd);
+ close (fd);
gnutls_deinit (session);
@@ -148,141 +188,74 @@ end:
gnutls_global_deinit ();
}
-/* This is a sample TLS 1.0 echo server, for anonymous authentication only.
- */
-
-#define SA struct sockaddr
-#define MAX_BUF 1024
-#define PORT 5556 /* listen to 5556 port */
-#define DH_BITS 1024
/* These are global */
gnutls_anon_server_credentials_t anoncred;
+pid_t child;
static gnutls_session_t
initialize_tls_session (void)
{
gnutls_session_t session;
- gnutls_init (&session, GNUTLS_SERVER);
+ gnutls_init (&session, GNUTLS_SERVER|GNUTLS_DATAGRAM);
+ gnutls_dtls_set_mtu( session, 1500);
/* avoid calling all the priority functions, since the defaults
* are adequate.
*/
- gnutls_priority_set_direct (session,
"NONE:+VERS-TLS-ALL:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-DH", NULL);
+ gnutls_priority_set_direct (session,
"NONE:+VERS-DTLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL",
NULL);
gnutls_credentials_set (session, GNUTLS_CRD_ANON, anoncred);
- gnutls_dh_set_prime_bits (session, DH_BITS);
-
return session;
}
-static gnutls_dh_params_t dh_params;
-
-static int
-generate_dh_params (void)
+static void terminate(void)
{
- const gnutls_datum_t p3 = { (void *) pkcs3, strlen (pkcs3) };
- /* Generate Diffie-Hellman parameters - for use with DHE
- * kx algorithms. These should be discarded and regenerated
- * once a day, once a week or once a month. Depending on the
- * security requirements.
- */
- gnutls_dh_params_init (&dh_params);
- return gnutls_dh_params_import_pkcs3 (dh_params, &p3, GNUTLS_X509_FMT_PEM);
-}
-
-int err, listen_sd, i;
-int sd, ret;
-struct sockaddr_in sa_serv;
-struct sockaddr_in sa_cli;
-socklen_t client_len;
-char topbuf[512];
-gnutls_session_t session;
-char buffer[MAX_BUF + 1];
-int optval = 1;
-
-static void
-server_start (void)
-{
- /* Socket operations
- */
- listen_sd = socket (AF_INET, SOCK_STREAM, 0);
- if (err == -1)
- {
- perror ("socket");
- fail ("server: socket failed\n");
- return;
- }
+int status;
- memset (&sa_serv, '\0', sizeof (sa_serv));
- sa_serv.sin_family = AF_INET;
- sa_serv.sin_addr.s_addr = INADDR_ANY;
- sa_serv.sin_port = htons (PORT); /* Server Port number */
-
- setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval,
- sizeof (int));
-
- err = bind (listen_sd, (SA *) & sa_serv, sizeof (sa_serv));
- if (err == -1)
- {
- perror ("bind");
- fail ("server: bind failed\n");
- return;
- }
-
- err = listen (listen_sd, 1024);
- if (err == -1)
- {
- perror ("listen");
- fail ("server: listen failed\n");
- return;
- }
-
- if (debug)
- success ("server: ready. Listening to port '%d'.\n", PORT);
+ kill(child, SIGTERM);
+ wait(&status);
+ exit(1);
}
static void
-server (void)
+server (int fd, int packet)
{
+int ret;
+char buffer[MAX_BUF + 1];
/* this must be called once in the program
*/
gnutls_global_init ();
- gnutls_global_set_log_function (tls_log_func);
if (debug)
- gnutls_global_set_log_level (4711);
+ {
+ gnutls_global_set_log_function (server_log_func);
+ gnutls_global_set_log_level (4711);
+ }
gnutls_anon_allocate_server_credentials (&anoncred);
- if (debug)
- success ("Launched, generating DH parameters...\n");
-
- generate_dh_params ();
-
- gnutls_anon_set_server_dh_params (anoncred, dh_params);
-
- client_len = sizeof (sa_cli);
-
session = initialize_tls_session ();
- sd = accept (listen_sd, (SA *) & sa_cli, &client_len);
+ counter = 0;
+ packet_to_lose = packet;
- if (debug)
- success ("server: connection from %s, port %d\n",
- inet_ntop (AF_INET, &sa_cli.sin_addr, topbuf,
- sizeof (topbuf)), ntohs (sa_cli.sin_port));
+ gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) fd);
+ gnutls_transport_set_push_function (session, push);
- gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) sd);
- ret = gnutls_handshake (session);
+ do
+ {
+ ret = gnutls_handshake (session);
+ }
+ while (ret < 0 && gnutls_error_is_fatal(ret) == 0);
if (ret < 0)
{
- close (sd);
+ close (fd);
gnutls_deinit (session);
fail ("server: Handshake has failed (%s)\n\n", gnutls_strerror (ret));
- return;
+ terminate();
}
if (debug)
success ("server: Handshake was completed\n");
@@ -295,11 +268,13 @@ server (void)
/* see the Getting peer's information example */
/* print_info(session); */
- i = 0;
for (;;)
{
memset (buffer, 0, MAX_BUF + 1);
- ret = gnutls_record_recv (session, buffer, MAX_BUF);
+
+ do {
+ ret = gnutls_record_recv (session, buffer, MAX_BUF);
+ } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED);
if (ret == 0)
{
@@ -310,58 +285,81 @@ server (void)
else if (ret < 0)
{
fail ("server: Received corrupted data(%d). Closing...\n", ret);
- break;
+ terminate();
}
else if (ret > 0)
{
/* echo data back to the client
*/
- gnutls_record_send (session, buffer, strlen (buffer));
+ do {
+ ret = gnutls_record_send (session, buffer, strlen (buffer));
+ } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED);
}
}
/* do not wait for the peer to close the connection.
*/
gnutls_bye (session, GNUTLS_SHUT_WR);
- close (sd);
+ close (fd);
gnutls_deinit (session);
- close (listen_sd);
-
gnutls_anon_free_server_credentials (anoncred);
- gnutls_dh_params_deinit (dh_params);
-
gnutls_global_deinit ();
if (debug)
success ("server: finished\n");
}
-void
-doit (void)
+static void start (int server_packet, int client_packet)
{
- pid_t child;
-
- server_start ();
- if (error_count)
- return;
+ int fd[2];
+ int ret;
+
+ if (debug)
+ fprintf(stderr, "\nWill discard %s packet %d\n",
+ (client_packet!=-1)?"client":"server",
(client_packet!=-1)?client_packet:server_packet);
+
+ ret = socketpair(AF_LOCAL, SOCK_DGRAM, 0, fd);
+ if (ret < 0)
+ {
+ perror("socketpair");
+ exit(1);
+ }
child = fork ();
if (child < 0)
{
perror ("fork");
fail ("fork");
- return;
+ exit(1);
}
if (child)
{
int status;
/* parent */
- server ();
+ server (fd[0], server_packet);
wait (&status);
+ if (WEXITSTATUS(status) != 0)
+ fail("Child died with status %d\n", WEXITSTATUS(status));
}
- else
- client ();
+ else
+ {
+ client (fd[1], client_packet);
+ exit(0);
+ }
+}
+
+void
+doit (void)
+{
+ start(-1, 1);
+ start(-1, 2);
+ start(-1, 3);
+ start(-1, 4);
+
+ start(1, -1);
+ start(2, -1);
+ start(3, -1);
}
hooks/post-receive
--
GNU gnutls
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gnutls branch, master, updated. gnutls-3_0_12-158-ge30cfb6,
Nikos Mavrogiannopoulos <=