]>
Commit | Line | Data |
---|---|---|
6fc1748e | 1 | /* |
aff636a4 | 2 | * Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved. |
6fc1748e | 3 | * |
909f1a2e | 4 | * Licensed under the Apache License 2.0 (the "License"). You may not use |
6fc1748e MC |
5 | * this file except in compliance with the License. You can obtain a copy |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
8 | */ | |
9 | ||
edcd29ef | 10 | #include <string.h> |
6fc1748e MC |
11 | #include <openssl/bio.h> |
12 | #include <openssl/crypto.h> | |
13 | #include <openssl/ssl.h> | |
14 | #include <openssl/err.h> | |
15 | ||
20f8bc72 | 16 | #include "helpers/ssltestlib.h" |
6fc1748e MC |
17 | #include "testutil.h" |
18 | ||
19 | static char *cert = NULL; | |
20 | static char *privkey = NULL; | |
fa4b82cc | 21 | static unsigned int timer_cb_count; |
6fc1748e | 22 | |
ac9fc67a MC |
23 | #define NUM_TESTS 2 |
24 | ||
6fc1748e MC |
25 | |
26 | #define DUMMY_CERT_STATUS_LEN 12 | |
27 | ||
52a03d2a | 28 | static unsigned char certstatus[] = { |
6fc1748e MC |
29 | SSL3_RT_HANDSHAKE, /* Content type */ |
30 | 0xfe, 0xfd, /* Record version */ | |
31 | 0, 1, /* Epoch */ | |
32 | 0, 0, 0, 0, 0, 0x0f, /* Record sequence number */ | |
33 | 0, DTLS1_HM_HEADER_LENGTH + DUMMY_CERT_STATUS_LEN - 2, | |
34 | SSL3_MT_CERTIFICATE_STATUS, /* Cert Status handshake message type */ | |
35 | 0, 0, DUMMY_CERT_STATUS_LEN, /* Message len */ | |
36 | 0, 5, /* Message sequence */ | |
37 | 0, 0, 0, /* Fragment offset */ | |
38 | 0, 0, DUMMY_CERT_STATUS_LEN - 2, /* Fragment len */ | |
39 | 0x80, 0x80, 0x80, 0x80, 0x80, | |
40 | 0x80, 0x80, 0x80, 0x80, 0x80 /* Dummy data */ | |
41 | }; | |
42 | ||
ac9fc67a MC |
43 | #define RECORD_SEQUENCE 10 |
44 | ||
fa4b82cc AH |
45 | static unsigned int timer_cb(SSL *s, unsigned int timer_us) |
46 | { | |
47 | ++timer_cb_count; | |
48 | ||
49 | if (timer_us == 0) | |
61e96557 | 50 | return 50000; |
fa4b82cc AH |
51 | else |
52 | return 2 * timer_us; | |
53 | } | |
54 | ||
ac9fc67a | 55 | static int test_dtls_unprocessed(int testidx) |
6fc1748e MC |
56 | { |
57 | SSL_CTX *sctx = NULL, *cctx = NULL; | |
58 | SSL *serverssl1 = NULL, *clientssl1 = NULL; | |
59 | BIO *c_to_s_fbio, *c_to_s_mempacket; | |
60 | int testresult = 0; | |
61 | ||
fa4b82cc AH |
62 | timer_cb_count = 0; |
63 | ||
5e30f2fd | 64 | if (!TEST_true(create_ssl_ctx_pair(NULL, DTLS_server_method(), |
7d7f6834 | 65 | DTLS_client_method(), |
5c587fb6 | 66 | DTLS1_VERSION, 0, |
7d7f6834 | 67 | &sctx, &cctx, cert, privkey))) |
6fc1748e | 68 | return 0; |
6fc1748e | 69 | |
fdf31270 | 70 | #ifndef OPENSSL_NO_DTLS1_2 |
745dec3a P |
71 | if (!TEST_true(SSL_CTX_set_cipher_list(cctx, "AES128-SHA"))) |
72 | goto end; | |
fdf31270 MC |
73 | #else |
74 | /* Default sigalgs are SHA1 based in <DTLS1.2 which is in security level 0 */ | |
75 | if (!TEST_true(SSL_CTX_set_cipher_list(sctx, "AES128-SHA:@SECLEVEL=0")) | |
76 | || !TEST_true(SSL_CTX_set_cipher_list(cctx, | |
77 | "AES128-SHA:@SECLEVEL=0"))) | |
78 | goto end; | |
79 | #endif | |
6fc1748e MC |
80 | |
81 | c_to_s_fbio = BIO_new(bio_f_tls_dump_filter()); | |
745dec3a | 82 | if (!TEST_ptr(c_to_s_fbio)) |
6fc1748e | 83 | goto end; |
6fc1748e MC |
84 | |
85 | /* BIO is freed by create_ssl_connection on error */ | |
745dec3a P |
86 | if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl1, &clientssl1, |
87 | NULL, c_to_s_fbio))) | |
6fc1748e | 88 | goto end; |
6fc1748e | 89 | |
fa4b82cc AH |
90 | DTLS_set_timer_cb(clientssl1, timer_cb); |
91 | ||
ac9fc67a MC |
92 | if (testidx == 1) |
93 | certstatus[RECORD_SEQUENCE] = 0xff; | |
94 | ||
6fc1748e | 95 | /* |
ac9fc67a MC |
96 | * Inject a dummy record from the next epoch. In test 0, this should never |
97 | * get used because the message sequence number is too big. In test 1 we set | |
80c455d5 | 98 | * the record sequence number to be way off in the future. |
6fc1748e MC |
99 | */ |
100 | c_to_s_mempacket = SSL_get_wbio(clientssl1); | |
101 | c_to_s_mempacket = BIO_next(c_to_s_mempacket); | |
102 | mempacket_test_inject(c_to_s_mempacket, (char *)certstatus, | |
103 | sizeof(certstatus), 1, INJECT_PACKET_IGNORE_REC_SEQ); | |
104 | ||
80c455d5 MC |
105 | /* |
106 | * Create the connection. We use "create_bare_ssl_connection" here so that | |
c2969ff6 | 107 | * we can force the connection to not do "SSL_read" once partly connected. |
80c455d5 MC |
108 | * We don't want to accidentally read the dummy records we injected because |
109 | * they will fail to decrypt. | |
110 | */ | |
111 | if (!TEST_true(create_bare_ssl_connection(serverssl1, clientssl1, | |
112 | SSL_ERROR_NONE, 0))) | |
6fc1748e | 113 | goto end; |
6fc1748e | 114 | |
fa4b82cc AH |
115 | if (timer_cb_count == 0) { |
116 | printf("timer_callback was not called.\n"); | |
117 | goto end; | |
118 | } | |
119 | ||
6fc1748e MC |
120 | testresult = 1; |
121 | end: | |
122 | SSL_free(serverssl1); | |
123 | SSL_free(clientssl1); | |
124 | SSL_CTX_free(sctx); | |
125 | SSL_CTX_free(cctx); | |
126 | ||
127 | return testresult; | |
128 | } | |
129 | ||
61e96557 MC |
130 | #define CLI_TO_SRV_EPOCH_0_RECS 3 |
131 | #define CLI_TO_SRV_EPOCH_1_RECS 1 | |
1aac20f5 | 132 | #if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH) |
5fd72d96 | 133 | # define SRV_TO_CLI_EPOCH_0_RECS 10 |
1aac20f5 MC |
134 | #else |
135 | /* | |
136 | * In this case we have no ServerKeyExchange message, because we don't have | |
137 | * ECDHE or DHE. When it is present it gets fragmented into 3 records in this | |
138 | * test. | |
139 | */ | |
140 | # define SRV_TO_CLI_EPOCH_0_RECS 9 | |
141 | #endif | |
61e96557 MC |
142 | #define SRV_TO_CLI_EPOCH_1_RECS 1 |
143 | #define TOTAL_FULL_HAND_RECORDS \ | |
144 | (CLI_TO_SRV_EPOCH_0_RECS + CLI_TO_SRV_EPOCH_1_RECS + \ | |
145 | SRV_TO_CLI_EPOCH_0_RECS + SRV_TO_CLI_EPOCH_1_RECS) | |
146 | ||
147 | #define CLI_TO_SRV_RESUME_EPOCH_0_RECS 3 | |
148 | #define CLI_TO_SRV_RESUME_EPOCH_1_RECS 1 | |
149 | #define SRV_TO_CLI_RESUME_EPOCH_0_RECS 2 | |
150 | #define SRV_TO_CLI_RESUME_EPOCH_1_RECS 1 | |
151 | #define TOTAL_RESUME_HAND_RECORDS \ | |
152 | (CLI_TO_SRV_RESUME_EPOCH_0_RECS + CLI_TO_SRV_RESUME_EPOCH_1_RECS + \ | |
153 | SRV_TO_CLI_RESUME_EPOCH_0_RECS + SRV_TO_CLI_RESUME_EPOCH_1_RECS) | |
154 | ||
155 | #define TOTAL_RECORDS (TOTAL_FULL_HAND_RECORDS + TOTAL_RESUME_HAND_RECORDS) | |
156 | ||
cbb85bda MC |
157 | /* |
158 | * We are assuming a ServerKeyExchange message is sent in this test. If we don't | |
159 | * have either DH or EC, then it won't be | |
160 | */ | |
161 | #if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_EC) | |
61e96557 MC |
162 | static int test_dtls_drop_records(int idx) |
163 | { | |
164 | SSL_CTX *sctx = NULL, *cctx = NULL; | |
165 | SSL *serverssl = NULL, *clientssl = NULL; | |
166 | BIO *c_to_s_fbio, *mempackbio; | |
167 | int testresult = 0; | |
168 | int epoch = 0; | |
169 | SSL_SESSION *sess = NULL; | |
170 | int cli_to_srv_epoch0, cli_to_srv_epoch1, srv_to_cli_epoch0; | |
171 | ||
5e30f2fd | 172 | if (!TEST_true(create_ssl_ctx_pair(NULL, DTLS_server_method(), |
61e96557 | 173 | DTLS_client_method(), |
5c587fb6 | 174 | DTLS1_VERSION, 0, |
61e96557 MC |
175 | &sctx, &cctx, cert, privkey))) |
176 | return 0; | |
177 | ||
fdf31270 MC |
178 | #ifdef OPENSSL_NO_DTLS1_2 |
179 | /* Default sigalgs are SHA1 based in <DTLS1.2 which is in security level 0 */ | |
180 | if (!TEST_true(SSL_CTX_set_cipher_list(sctx, "DEFAULT:@SECLEVEL=0")) | |
181 | || !TEST_true(SSL_CTX_set_cipher_list(cctx, | |
182 | "DEFAULT:@SECLEVEL=0"))) | |
183 | goto end; | |
184 | #endif | |
185 | ||
33c39a06 MC |
186 | if (!TEST_true(SSL_CTX_set_dh_auto(sctx, 1))) |
187 | goto end; | |
188 | ||
61e96557 MC |
189 | if (idx >= TOTAL_FULL_HAND_RECORDS) { |
190 | /* We're going to do a resumption handshake. Get a session first. */ | |
191 | if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl, | |
192 | NULL, NULL)) | |
193 | || !TEST_true(create_ssl_connection(serverssl, clientssl, | |
194 | SSL_ERROR_NONE)) | |
195 | || !TEST_ptr(sess = SSL_get1_session(clientssl))) | |
196 | goto end; | |
197 | ||
198 | SSL_shutdown(clientssl); | |
199 | SSL_shutdown(serverssl); | |
200 | SSL_free(serverssl); | |
201 | SSL_free(clientssl); | |
202 | serverssl = clientssl = NULL; | |
203 | ||
204 | cli_to_srv_epoch0 = CLI_TO_SRV_RESUME_EPOCH_0_RECS; | |
205 | cli_to_srv_epoch1 = CLI_TO_SRV_RESUME_EPOCH_1_RECS; | |
206 | srv_to_cli_epoch0 = SRV_TO_CLI_RESUME_EPOCH_0_RECS; | |
207 | idx -= TOTAL_FULL_HAND_RECORDS; | |
208 | } else { | |
209 | cli_to_srv_epoch0 = CLI_TO_SRV_EPOCH_0_RECS; | |
210 | cli_to_srv_epoch1 = CLI_TO_SRV_EPOCH_1_RECS; | |
211 | srv_to_cli_epoch0 = SRV_TO_CLI_EPOCH_0_RECS; | |
212 | } | |
213 | ||
214 | c_to_s_fbio = BIO_new(bio_f_tls_dump_filter()); | |
215 | if (!TEST_ptr(c_to_s_fbio)) | |
216 | goto end; | |
217 | ||
218 | /* BIO is freed by create_ssl_connection on error */ | |
219 | if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl, | |
220 | NULL, c_to_s_fbio))) | |
221 | goto end; | |
222 | ||
223 | if (sess != NULL) { | |
224 | if (!TEST_true(SSL_set_session(clientssl, sess))) | |
225 | goto end; | |
226 | } | |
227 | ||
228 | DTLS_set_timer_cb(clientssl, timer_cb); | |
229 | DTLS_set_timer_cb(serverssl, timer_cb); | |
230 | ||
231 | /* Work out which record to drop based on the test number */ | |
232 | if (idx >= cli_to_srv_epoch0 + cli_to_srv_epoch1) { | |
233 | mempackbio = SSL_get_wbio(serverssl); | |
234 | idx -= cli_to_srv_epoch0 + cli_to_srv_epoch1; | |
235 | if (idx >= srv_to_cli_epoch0) { | |
236 | epoch = 1; | |
237 | idx -= srv_to_cli_epoch0; | |
238 | } | |
239 | } else { | |
240 | mempackbio = SSL_get_wbio(clientssl); | |
241 | if (idx >= cli_to_srv_epoch0) { | |
242 | epoch = 1; | |
243 | idx -= cli_to_srv_epoch0; | |
244 | } | |
245 | mempackbio = BIO_next(mempackbio); | |
246 | } | |
247 | BIO_ctrl(mempackbio, MEMPACKET_CTRL_SET_DROP_EPOCH, epoch, NULL); | |
248 | BIO_ctrl(mempackbio, MEMPACKET_CTRL_SET_DROP_REC, idx, NULL); | |
249 | ||
250 | if (!TEST_true(create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE))) | |
251 | goto end; | |
252 | ||
253 | if (sess != NULL && !TEST_true(SSL_session_reused(clientssl))) | |
254 | goto end; | |
255 | ||
256 | /* If the test did what we planned then it should have dropped a record */ | |
257 | if (!TEST_int_eq((int)BIO_ctrl(mempackbio, MEMPACKET_CTRL_GET_DROP_REC, 0, | |
258 | NULL), -1)) | |
259 | goto end; | |
260 | ||
261 | testresult = 1; | |
262 | end: | |
263 | SSL_SESSION_free(sess); | |
264 | SSL_free(serverssl); | |
265 | SSL_free(clientssl); | |
266 | SSL_CTX_free(sctx); | |
267 | SSL_CTX_free(cctx); | |
268 | ||
269 | return testresult; | |
270 | } | |
cbb85bda | 271 | #endif /* !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_EC) */ |
61e96557 | 272 | |
edcd29ef MC |
273 | static const char dummy_cookie[] = "0123456"; |
274 | ||
275 | static int generate_cookie_cb(SSL *ssl, unsigned char *cookie, | |
276 | unsigned int *cookie_len) | |
277 | { | |
278 | memcpy(cookie, dummy_cookie, sizeof(dummy_cookie)); | |
279 | *cookie_len = sizeof(dummy_cookie); | |
280 | return 1; | |
281 | } | |
282 | ||
283 | static int verify_cookie_cb(SSL *ssl, const unsigned char *cookie, | |
284 | unsigned int cookie_len) | |
285 | { | |
286 | return TEST_mem_eq(cookie, cookie_len, dummy_cookie, sizeof(dummy_cookie)); | |
287 | } | |
288 | ||
289 | static int test_cookie(void) | |
290 | { | |
291 | SSL_CTX *sctx = NULL, *cctx = NULL; | |
292 | SSL *serverssl = NULL, *clientssl = NULL; | |
293 | int testresult = 0; | |
294 | ||
5e30f2fd | 295 | if (!TEST_true(create_ssl_ctx_pair(NULL, DTLS_server_method(), |
edcd29ef | 296 | DTLS_client_method(), |
5c587fb6 | 297 | DTLS1_VERSION, 0, |
edcd29ef MC |
298 | &sctx, &cctx, cert, privkey))) |
299 | return 0; | |
300 | ||
301 | SSL_CTX_set_options(sctx, SSL_OP_COOKIE_EXCHANGE); | |
302 | SSL_CTX_set_cookie_generate_cb(sctx, generate_cookie_cb); | |
303 | SSL_CTX_set_cookie_verify_cb(sctx, verify_cookie_cb); | |
304 | ||
fdf31270 MC |
305 | #ifdef OPENSSL_NO_DTLS1_2 |
306 | /* Default sigalgs are SHA1 based in <DTLS1.2 which is in security level 0 */ | |
307 | if (!TEST_true(SSL_CTX_set_cipher_list(sctx, "DEFAULT:@SECLEVEL=0")) | |
308 | || !TEST_true(SSL_CTX_set_cipher_list(cctx, | |
309 | "DEFAULT:@SECLEVEL=0"))) | |
310 | goto end; | |
311 | #endif | |
312 | ||
edcd29ef MC |
313 | if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl, |
314 | NULL, NULL)) | |
315 | || !TEST_true(create_ssl_connection(serverssl, clientssl, | |
316 | SSL_ERROR_NONE))) | |
317 | goto end; | |
318 | ||
319 | testresult = 1; | |
320 | end: | |
321 | SSL_free(serverssl); | |
322 | SSL_free(clientssl); | |
323 | SSL_CTX_free(sctx); | |
324 | SSL_CTX_free(cctx); | |
325 | ||
326 | return testresult; | |
327 | } | |
328 | ||
f1358634 MC |
329 | static int test_dtls_duplicate_records(void) |
330 | { | |
331 | SSL_CTX *sctx = NULL, *cctx = NULL; | |
332 | SSL *serverssl = NULL, *clientssl = NULL; | |
333 | int testresult = 0; | |
334 | ||
5e30f2fd | 335 | if (!TEST_true(create_ssl_ctx_pair(NULL, DTLS_server_method(), |
f1358634 | 336 | DTLS_client_method(), |
5c587fb6 | 337 | DTLS1_VERSION, 0, |
f1358634 MC |
338 | &sctx, &cctx, cert, privkey))) |
339 | return 0; | |
340 | ||
fdf31270 MC |
341 | #ifdef OPENSSL_NO_DTLS1_2 |
342 | /* Default sigalgs are SHA1 based in <DTLS1.2 which is in security level 0 */ | |
343 | if (!TEST_true(SSL_CTX_set_cipher_list(sctx, "DEFAULT:@SECLEVEL=0")) | |
344 | || !TEST_true(SSL_CTX_set_cipher_list(cctx, | |
345 | "DEFAULT:@SECLEVEL=0"))) | |
346 | goto end; | |
347 | #endif | |
348 | ||
f1358634 MC |
349 | if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl, |
350 | NULL, NULL))) | |
351 | goto end; | |
352 | ||
353 | DTLS_set_timer_cb(clientssl, timer_cb); | |
354 | DTLS_set_timer_cb(serverssl, timer_cb); | |
355 | ||
356 | BIO_ctrl(SSL_get_wbio(clientssl), MEMPACKET_CTRL_SET_DUPLICATE_REC, 1, NULL); | |
357 | BIO_ctrl(SSL_get_wbio(serverssl), MEMPACKET_CTRL_SET_DUPLICATE_REC, 1, NULL); | |
358 | ||
359 | if (!TEST_true(create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE))) | |
360 | goto end; | |
361 | ||
362 | testresult = 1; | |
363 | end: | |
364 | SSL_free(serverssl); | |
365 | SSL_free(clientssl); | |
366 | SSL_CTX_free(sctx); | |
367 | SSL_CTX_free(cctx); | |
368 | ||
369 | return testresult; | |
370 | } | |
edcd29ef | 371 | |
e9b30d9f MC |
372 | /* |
373 | * Test just sending a Finished message as the first message. Should fail due | |
374 | * to an unexpected message. | |
375 | */ | |
376 | static int test_just_finished(void) | |
377 | { | |
378 | int testresult = 0, ret; | |
379 | SSL_CTX *sctx = NULL; | |
380 | SSL *serverssl = NULL; | |
381 | BIO *rbio = NULL, *wbio = NULL, *sbio = NULL; | |
382 | unsigned char buf[] = { | |
383 | /* Record header */ | |
384 | SSL3_RT_HANDSHAKE, /* content type */ | |
385 | (DTLS1_2_VERSION >> 8) & 0xff, /* protocol version hi byte */ | |
386 | DTLS1_2_VERSION & 0xff, /* protocol version lo byte */ | |
387 | 0, 0, /* epoch */ | |
388 | 0, 0, 0, 0, 0, 0, /* record sequence */ | |
389 | 0, DTLS1_HM_HEADER_LENGTH + SHA_DIGEST_LENGTH, /* record length */ | |
390 | ||
391 | /* Message header */ | |
392 | SSL3_MT_FINISHED, /* message type */ | |
393 | 0, 0, SHA_DIGEST_LENGTH, /* message length */ | |
394 | 0, 0, /* message sequence */ | |
395 | 0, 0, 0, /* fragment offset */ | |
396 | 0, 0, SHA_DIGEST_LENGTH, /* fragment length */ | |
397 | ||
398 | /* Message body */ | |
399 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 | |
400 | }; | |
401 | ||
402 | ||
403 | if (!TEST_true(create_ssl_ctx_pair(NULL, DTLS_server_method(), | |
404 | NULL, 0, 0, | |
405 | &sctx, NULL, cert, privkey))) | |
406 | return 0; | |
407 | ||
408 | serverssl = SSL_new(sctx); | |
409 | rbio = BIO_new(BIO_s_mem()); | |
410 | wbio = BIO_new(BIO_s_mem()); | |
411 | ||
412 | if (!TEST_ptr(serverssl) || !TEST_ptr(rbio) || !TEST_ptr(wbio)) | |
413 | goto end; | |
414 | ||
415 | sbio = rbio; | |
416 | SSL_set0_rbio(serverssl, rbio); | |
417 | SSL_set0_wbio(serverssl, wbio); | |
418 | rbio = wbio = NULL; | |
419 | DTLS_set_timer_cb(serverssl, timer_cb); | |
420 | ||
421 | if (!TEST_int_eq(BIO_write(sbio, buf, sizeof(buf)), sizeof(buf))) | |
422 | goto end; | |
423 | ||
424 | /* We expect the attempt to process the message to fail */ | |
425 | if (!TEST_int_le(ret = SSL_accept(serverssl), 0)) | |
426 | goto end; | |
427 | ||
428 | /* Check that we got the error we were expecting */ | |
429 | if (!TEST_int_eq(SSL_get_error(serverssl, ret), SSL_ERROR_SSL)) | |
430 | goto end; | |
431 | ||
432 | if (!TEST_int_eq(ERR_GET_REASON(ERR_get_error()), SSL_R_UNEXPECTED_MESSAGE)) | |
433 | goto end; | |
434 | ||
435 | testresult = 1; | |
436 | end: | |
437 | BIO_free(rbio); | |
438 | BIO_free(wbio); | |
439 | SSL_free(serverssl); | |
440 | SSL_CTX_free(sctx); | |
441 | ||
442 | return testresult; | |
443 | } | |
444 | ||
a43ce58f SL |
445 | OPT_TEST_DECLARE_USAGE("certfile privkeyfile\n") |
446 | ||
ad887416 | 447 | int setup_tests(void) |
6fc1748e | 448 | { |
8d242823 MC |
449 | if (!test_skip_common_options()) { |
450 | TEST_error("Error parsing test options\n"); | |
451 | return 0; | |
452 | } | |
453 | ||
ad887416 P |
454 | if (!TEST_ptr(cert = test_get_argument(0)) |
455 | || !TEST_ptr(privkey = test_get_argument(1))) | |
456 | return 0; | |
6fc1748e | 457 | |
ac9fc67a | 458 | ADD_ALL_TESTS(test_dtls_unprocessed, NUM_TESTS); |
cbb85bda | 459 | #if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_EC) |
61e96557 | 460 | ADD_ALL_TESTS(test_dtls_drop_records, TOTAL_RECORDS); |
cbb85bda | 461 | #endif |
edcd29ef | 462 | ADD_TEST(test_cookie); |
f1358634 | 463 | ADD_TEST(test_dtls_duplicate_records); |
e9b30d9f | 464 | ADD_TEST(test_just_finished); |
61e96557 | 465 | |
ad887416 P |
466 | return 1; |
467 | } | |
6fc1748e | 468 | |
ad887416 P |
469 | void cleanup_tests(void) |
470 | { | |
6fc1748e MC |
471 | bio_f_tls_dump_filter_free(); |
472 | bio_s_mempacket_test_free(); | |
6fc1748e | 473 | } |