projects / thirdparty / openssl.git / blame
| Commit | Line | Data |
|---|---|---|
| 453dfd8d | 1 | /* |
| 8fe3127c | 2 | * Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved. |
| 453dfd8d | 3 | * |
| 440e5d80 RS |
4 | * Licensed under the OpenSSL license (the "License"). You may not use |
| 5 | * this file except in compliance with the License. You can obtain a copy | |
| 6 | * in the file LICENSE in the source distribution or at | |
| 453dfd8d | 7 | * https://www.openssl.org/source/license.html |
| 453dfd8d EK |
8 | */ |
| 9 | ||
| 10 | #include <stdio.h> | |
| 5c753de6 | 11 | #include <string.h> |
| 453dfd8d EK |
12 | |
| 13 | #include <openssl/conf.h> | |
| 14 | #include <openssl/err.h> | |
| 15 | #include <openssl/ssl.h> | |
| 16 | ||
| 17 | #include "handshake_helper.h" | |
| 18 | #include "ssl_test_ctx.h" | |
| 19 | #include "testutil.h" | |
| 20 | ||
| 21 | static CONF *conf = NULL; | |
| 22 | ||
| 23 | /* Currently the section names are of the form test-<number>, e.g. test-15. */ | |
| 24 | #define MAX_TESTCASE_NAME_LENGTH 100 | |
| 25 | ||
| 453dfd8d EK |
26 | static const char *print_alert(int alert) |
| 27 | { | |
| 28 | return alert ? SSL_alert_desc_string_long(alert) : "no alert"; | |
| 29 | } | |
| 30 | ||
| ce2cdac2 | 31 | static int check_result(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx) |
| 453dfd8d | 32 | { |
| 2fae041d P |
33 | if (!TEST_int_eq(result->result, test_ctx->expected_result)) { |
| 34 | TEST_info("ExpectedResult mismatch: expected %s, got %s.", | |
| 35 | ssl_test_result_name(test_ctx->expected_result), | |
| 36 | ssl_test_result_name(result->result)); | |
| 453dfd8d EK |
37 | return 0; |
| 38 | } | |
| 39 | return 1; | |
| 40 | } | |
| 41 | ||
| ce2cdac2 | 42 | static int check_alerts(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx) |
| 453dfd8d | 43 | { |
| 2fae041d P |
44 | if (!TEST_int_eq(result->client_alert_sent, |
| 45 | result->client_alert_received)) { | |
| 46 | TEST_info("Client sent alert %s but server received %s.", | |
| 47 | print_alert(result->client_alert_sent), | |
| 48 | print_alert(result->client_alert_received)); | |
| 453dfd8d EK |
49 | /* |
| 50 | * We can't bail here because the peer doesn't always get far enough | |
| 51 | * to process a received alert. Specifically, in protocol version | |
| 52 | * negotiation tests, we have the following scenario. | |
| 53 | * Client supports TLS v1.2 only; Server supports TLS v1.1. | |
| 54 | * Client proposes TLS v1.2; server responds with 1.1; | |
| 55 | * Client now sends a protocol alert, using TLS v1.2 in the header. | |
| 56 | * The server, however, rejects the alert because of version mismatch | |
| 57 | * in the record layer; therefore, the server appears to never | |
| 58 | * receive the alert. | |
| 59 | */ | |
| 60 | /* return 0; */ | |
| 61 | } | |
| 62 | ||
| 2fae041d P |
63 | if (!TEST_int_eq(result->server_alert_sent, |
| 64 | result->server_alert_received)) { | |
| 65 | TEST_info("Server sent alert %s but client received %s.", | |
| 66 | print_alert(result->server_alert_sent), | |
| 67 | print_alert(result->server_alert_received)); | |
| 453dfd8d EK |
68 | /* return 0; */ |
| 69 | } | |
| 70 | ||
| 71 | /* Tolerate an alert if one wasn't explicitly specified in the test. */ | |
| 9f48bbac | 72 | if (test_ctx->expected_client_alert |
| 453dfd8d EK |
73 | /* |
| 74 | * The info callback alert value is computed as | |
| 75 | * (s->s3->send_alert[0] << 8) | s->s3->send_alert[1] | |
| 76 | * where the low byte is the alert code and the high byte is other stuff. | |
| 77 | */ | |
| 9f48bbac | 78 | && (result->client_alert_sent & 0xff) != test_ctx->expected_client_alert) { |
| 2fae041d P |
79 | TEST_error("ClientAlert mismatch: expected %s, got %s.", |
| 80 | print_alert(test_ctx->expected_client_alert), | |
| 81 | print_alert(result->client_alert_sent)); | |
| 453dfd8d EK |
82 | return 0; |
| 83 | } | |
| 84 | ||
| 9f48bbac EK |
85 | if (test_ctx->expected_server_alert |
| 86 | && (result->server_alert_sent & 0xff) != test_ctx->expected_server_alert) { | |
| 2fae041d P |
87 | TEST_error("ServerAlert mismatch: expected %s, got %s.", |
| 88 | print_alert(test_ctx->expected_server_alert), | |
| 89 | print_alert(result->server_alert_sent)); | |
| 453dfd8d EK |
90 | return 0; |
| 91 | } | |
| 92 | ||
| 2fae041d | 93 | if (!TEST_int_le(result->client_num_fatal_alerts_sent, 1)) |
| dd8e5a57 | 94 | return 0; |
| 2fae041d | 95 | if (!TEST_int_le(result->server_num_fatal_alerts_sent, 1)) |
| dd8e5a57 | 96 | return 0; |
| 453dfd8d EK |
97 | return 1; |
| 98 | } | |
| 99 | ||
| ce2cdac2 | 100 | static int check_protocol(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx) |
| 453dfd8d | 101 | { |
| 2fae041d P |
102 | if (!TEST_int_eq(result->client_protocol, result->server_protocol)) { |
| 103 | TEST_info("Client has protocol %s but server has %s.", | |
| 104 | ssl_protocol_name(result->client_protocol), | |
| 105 | ssl_protocol_name(result->server_protocol)); | |
| 453dfd8d EK |
106 | return 0; |
| 107 | } | |
| 108 | ||
| 9f48bbac | 109 | if (test_ctx->expected_protocol) { |
| 2fae041d P |
110 | if (!TEST_int_eq(result->client_protocol, |
| 111 | test_ctx->expected_protocol)) { | |
| 112 | TEST_info("Protocol mismatch: expected %s, got %s.\n", | |
| 113 | ssl_protocol_name(test_ctx->expected_protocol), | |
| 114 | ssl_protocol_name(result->client_protocol)); | |
| 453dfd8d EK |
115 | return 0; |
| 116 | } | |
| 117 | } | |
| 118 | return 1; | |
| 119 | } | |
| 120 | ||
| ce2cdac2 | 121 | static int check_servername(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx) |
| 5c753de6 | 122 | { |
| 2fae041d P |
123 | if (!TEST_int_eq(result->servername, test_ctx->expected_servername)) { |
| 124 | TEST_info("Client ServerName mismatch, expected %s, got %s.", | |
| 125 | ssl_servername_name(test_ctx->expected_servername), | |
| 126 | ssl_servername_name(result->servername)); | |
| d2b23cd2 | 127 | return 0; |
| 5c753de6 | 128 | } |
| d2b23cd2 | 129 | return 1; |
| 5c753de6 TS |
130 | } |
| 131 | ||
| ce2cdac2 | 132 | static int check_session_ticket(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx) |
| 5c753de6 TS |
133 | { |
| 134 | if (test_ctx->session_ticket_expected == SSL_TEST_SESSION_TICKET_IGNORE) | |
| 135 | return 1; | |
| 2fae041d P |
136 | if (!TEST_int_eq(result->session_ticket, |
| 137 | test_ctx->session_ticket_expected)) { | |
| 138 | TEST_info("Client SessionTicketExpected mismatch, expected %s, got %s.", | |
| 139 | ssl_session_ticket_name(test_ctx->session_ticket_expected), | |
| 140 | ssl_session_ticket_name(result->session_ticket)); | |
| 5c753de6 TS |
141 | return 0; |
| 142 | } | |
| 143 | return 1; | |
| 144 | } | |
| 145 | ||
| 439db0c9 MC |
146 | static int check_compression(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx) |
| 147 | { | |
| 2fae041d | 148 | if (!TEST_int_eq(result->compression, test_ctx->compression_expected)) |
| 439db0c9 | 149 | return 0; |
| 439db0c9 MC |
150 | return 1; |
| 151 | } | |
| 620c6ad3 | 152 | #ifndef OPENSSL_NO_NEXTPROTONEG |
| ce2cdac2 EK |
153 | static int check_npn(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx) |
| 154 | { | |
| 155 | int ret = 1; | |
| 2fae041d P |
156 | if (!TEST_str_eq(result->client_npn_negotiated, |
| 157 | result->server_npn_negotiated)) | |
| 158 | ret = 0; | |
| 159 | if (!TEST_str_eq(test_ctx->expected_npn_protocol, | |
| 160 | result->client_npn_negotiated)) | |
| 161 | ret = 0; | |
| ce2cdac2 EK |
162 | return ret; |
| 163 | } | |
| 7b7cea6d | 164 | #endif |
| ce2cdac2 EK |
165 | |
| 166 | static int check_alpn(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx) | |
| 167 | { | |
| 168 | int ret = 1; | |
| 2fae041d P |
169 | if (!TEST_str_eq(result->client_alpn_negotiated, |
| 170 | result->server_alpn_negotiated)) | |
| 171 | ret = 0; | |
| 172 | if (!TEST_str_eq(test_ctx->expected_alpn_protocol, | |
| 173 | result->client_alpn_negotiated)) | |
| 174 | ret = 0; | |
| ce2cdac2 EK |
175 | return ret; |
| 176 | } | |
| 177 | ||
| 590ed3d7 EK |
178 | static int check_resumption(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx) |
| 179 | { | |
| 2fae041d | 180 | if (!TEST_int_eq(result->client_resumed, result->server_resumed)) |
| 590ed3d7 | 181 | return 0; |
| 2fae041d | 182 | if (!TEST_int_eq(result->client_resumed, test_ctx->resumption_expected)) |
| 590ed3d7 | 183 | return 0; |
| 590ed3d7 EK |
184 | return 1; |
| 185 | } | |
| 186 | ||
| ee5b6a42 | 187 | static int check_nid(const char *name, int expected_nid, int nid) |
| b93ad05d | 188 | { |
| ee5b6a42 | 189 | if (expected_nid == 0 || expected_nid == nid) |
| b93ad05d | 190 | return 1; |
| 2fae041d P |
191 | TEST_error("%s type mismatch, %s vs %s\n", |
| 192 | name, OBJ_nid2ln(expected_nid), | |
| 193 | nid == NID_undef ? "absent" : OBJ_nid2ln(nid)); | |
| b93ad05d DSH |
194 | return 0; |
| 195 | } | |
| 196 | ||
| 2e21539b DSH |
197 | static void print_ca_names(STACK_OF(X509_NAME) *names) |
| 198 | { | |
| 2e21539b DSH |
199 | int i; |
| 200 | ||
| 201 | if (names == NULL || sk_X509_NAME_num(names) == 0) { | |
| 8fe3127c | 202 | TEST_note(" <empty>"); |
| 2e21539b DSH |
203 | return; |
| 204 | } | |
| 2e21539b | 205 | for (i = 0; i < sk_X509_NAME_num(names); i++) { |
| 8fe3127c | 206 | X509_NAME_print_ex(bio_err, sk_X509_NAME_value(names, i), 4, |
| 2e21539b | 207 | XN_FLAG_ONELINE); |
| 8fe3127c | 208 | BIO_puts(bio_err, "\n"); |
| 2e21539b | 209 | } |
| 2e21539b DSH |
210 | } |
| 211 | ||
| 212 | static int check_ca_names(const char *name, | |
| 213 | STACK_OF(X509_NAME) *expected_names, | |
| 214 | STACK_OF(X509_NAME) *names) | |
| 215 | { | |
| 216 | int i; | |
| 217 | ||
| 218 | if (expected_names == NULL) | |
| 219 | return 1; | |
| 220 | if (names == NULL || sk_X509_NAME_num(names) == 0) { | |
| 8fe3127c | 221 | if (TEST_int_eq(sk_X509_NAME_num(expected_names), 0)) |
| 2e21539b DSH |
222 | return 1; |
| 223 | goto err; | |
| 224 | } | |
| 225 | if (sk_X509_NAME_num(names) != sk_X509_NAME_num(expected_names)) | |
| 226 | goto err; | |
| 227 | for (i = 0; i < sk_X509_NAME_num(names); i++) { | |
| 8fe3127c P |
228 | if (!TEST_int_eq(X509_NAME_cmp(sk_X509_NAME_value(names, i), |
| 229 | sk_X509_NAME_value(expected_names, i)), | |
| 230 | 0)) { | |
| 2e21539b DSH |
231 | goto err; |
| 232 | } | |
| 233 | } | |
| 234 | return 1; | |
| 8fe3127c P |
235 | err: |
| 236 | TEST_info("%s: list mismatch", name); | |
| 237 | TEST_note("Expected Names:"); | |
| 2e21539b | 238 | print_ca_names(expected_names); |
| 8fe3127c | 239 | TEST_note("Received Names:"); |
| 2e21539b DSH |
240 | print_ca_names(names); |
| 241 | return 0; | |
| 242 | } | |
| 243 | ||
| f15b50c4 DSH |
244 | static int check_tmp_key(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx) |
| 245 | { | |
| 246 | return check_nid("Tmp key", test_ctx->expected_tmp_key_type, | |
| 247 | result->tmp_key_type); | |
| 248 | } | |
| 249 | ||
| 250 | static int check_server_cert_type(HANDSHAKE_RESULT *result, | |
| 251 | SSL_TEST_CTX *test_ctx) | |
| 252 | { | |
| 253 | return check_nid("Server certificate", test_ctx->expected_server_cert_type, | |
| 254 | result->server_cert_type); | |
| 255 | } | |
| 256 | ||
| 257 | static int check_server_sign_hash(HANDSHAKE_RESULT *result, | |
| 258 | SSL_TEST_CTX *test_ctx) | |
| 259 | { | |
| 260 | return check_nid("Server signing hash", test_ctx->expected_server_sign_hash, | |
| 261 | result->server_sign_hash); | |
| 262 | } | |
| 263 | ||
| 264 | static int check_server_sign_type(HANDSHAKE_RESULT *result, | |
| 265 | SSL_TEST_CTX *test_ctx) | |
| 266 | { | |
| 267 | return check_nid("Server signing", test_ctx->expected_server_sign_type, | |
| 268 | result->server_sign_type); | |
| 269 | } | |
| 270 | ||
| 271 | static int check_server_ca_names(HANDSHAKE_RESULT *result, | |
| 272 | SSL_TEST_CTX *test_ctx) | |
| 273 | { | |
| 274 | return check_ca_names("Server CA names", | |
| 275 | test_ctx->expected_server_ca_names, | |
| 276 | result->server_ca_names); | |
| 277 | } | |
| 278 | ||
| 279 | static int check_client_cert_type(HANDSHAKE_RESULT *result, | |
| 280 | SSL_TEST_CTX *test_ctx) | |
| 281 | { | |
| 282 | return check_nid("Client certificate", test_ctx->expected_client_cert_type, | |
| 283 | result->client_cert_type); | |
| 284 | } | |
| 285 | ||
| 286 | static int check_client_sign_hash(HANDSHAKE_RESULT *result, | |
| 287 | SSL_TEST_CTX *test_ctx) | |
| 288 | { | |
| 289 | return check_nid("Client signing hash", test_ctx->expected_client_sign_hash, | |
| 290 | result->client_sign_hash); | |
| 291 | } | |
| 292 | ||
| 293 | static int check_client_sign_type(HANDSHAKE_RESULT *result, | |
| 294 | SSL_TEST_CTX *test_ctx) | |
| 295 | { | |
| 296 | return check_nid("Client signing", test_ctx->expected_client_sign_type, | |
| 297 | result->client_sign_type); | |
| 298 | } | |
| 299 | ||
| 2e21539b DSH |
300 | static int check_client_ca_names(HANDSHAKE_RESULT *result, |
| 301 | SSL_TEST_CTX *test_ctx) | |
| 302 | { | |
| 303 | return check_ca_names("Client CA names", | |
| 304 | test_ctx->expected_client_ca_names, | |
| 305 | result->client_ca_names); | |
| 306 | } | |
| 307 | ||
| 453dfd8d EK |
308 | /* |
| 309 | * This could be further simplified by constructing an expected | |
| 310 | * HANDSHAKE_RESULT, and implementing comparison methods for | |
| 311 | * its fields. | |
| 312 | */ | |
| ce2cdac2 | 313 | static int check_test(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx) |
| 453dfd8d EK |
314 | { |
| 315 | int ret = 1; | |
| 316 | ret &= check_result(result, test_ctx); | |
| 317 | ret &= check_alerts(result, test_ctx); | |
| ce2cdac2 | 318 | if (result->result == SSL_TEST_SUCCESS) { |
| 453dfd8d | 319 | ret &= check_protocol(result, test_ctx); |
| 5c753de6 | 320 | ret &= check_servername(result, test_ctx); |
| 81fc33c9 | 321 | ret &= check_session_ticket(result, test_ctx); |
| 439db0c9 | 322 | ret &= check_compression(result, test_ctx); |
| ce2cdac2 | 323 | ret &= (result->session_ticket_do_not_call == 0); |
| 620c6ad3 | 324 | #ifndef OPENSSL_NO_NEXTPROTONEG |
| ce2cdac2 | 325 | ret &= check_npn(result, test_ctx); |
| 620c6ad3 | 326 | #endif |
| 7b7cea6d | 327 | ret &= check_alpn(result, test_ctx); |
| 590ed3d7 | 328 | ret &= check_resumption(result, test_ctx); |
| b93ad05d | 329 | ret &= check_tmp_key(result, test_ctx); |
| 7f5f35af | 330 | ret &= check_server_cert_type(result, test_ctx); |
| ee5b6a42 | 331 | ret &= check_server_sign_hash(result, test_ctx); |
| 54b7f2a5 | 332 | ret &= check_server_sign_type(result, test_ctx); |
| f15b50c4 | 333 | ret &= check_server_ca_names(result, test_ctx); |
| 7f5f35af | 334 | ret &= check_client_cert_type(result, test_ctx); |
| ee5b6a42 | 335 | ret &= check_client_sign_hash(result, test_ctx); |
| 54b7f2a5 | 336 | ret &= check_client_sign_type(result, test_ctx); |
| 2e21539b | 337 | ret &= check_client_ca_names(result, test_ctx); |
| 5c753de6 | 338 | } |
| 453dfd8d EK |
339 | return ret; |
| 340 | } | |
| 341 | ||
| d836d71b | 342 | static int test_handshake(int idx) |
| 453dfd8d | 343 | { |
| ababe86b | 344 | int ret = 0; |
| 590ed3d7 | 345 | SSL_CTX *server_ctx = NULL, *server2_ctx = NULL, *client_ctx = NULL, |
| 11279b13 | 346 | *resume_server_ctx = NULL, *resume_client_ctx = NULL; |
| 453dfd8d | 347 | SSL_TEST_CTX *test_ctx = NULL; |
| ce2cdac2 | 348 | HANDSHAKE_RESULT *result = NULL; |
| d836d71b EK |
349 | char test_app[MAX_TESTCASE_NAME_LENGTH]; |
| 350 | ||
| 351 | BIO_snprintf(test_app, sizeof(test_app), "test-%d", idx); | |
| 453dfd8d | 352 | |
| d836d71b | 353 | test_ctx = SSL_TEST_CTX_create(conf, test_app); |
| 2fae041d | 354 | if (!TEST_ptr(test_ctx)) |
| 74726750 EK |
355 | goto err; |
| 356 | ||
| 357 | #ifndef OPENSSL_NO_DTLS | |
| 358 | if (test_ctx->method == SSL_TEST_METHOD_DTLS) { | |
| 359 | server_ctx = SSL_CTX_new(DTLS_server_method()); | |
| 9f48bbac EK |
360 | if (test_ctx->extra.server.servername_callback != |
| 361 | SSL_TEST_SERVERNAME_CB_NONE) { | |
| d2b23cd2 | 362 | server2_ctx = SSL_CTX_new(DTLS_server_method()); |
| d61f0078 | 363 | TEST_check(server2_ctx != NULL); |
| d2b23cd2 | 364 | } |
| 74726750 | 365 | client_ctx = SSL_CTX_new(DTLS_client_method()); |
| 590ed3d7 EK |
366 | if (test_ctx->handshake_mode == SSL_TEST_HANDSHAKE_RESUME) { |
| 367 | resume_server_ctx = SSL_CTX_new(DTLS_server_method()); | |
| 11279b13 | 368 | resume_client_ctx = SSL_CTX_new(DTLS_client_method()); |
| d61f0078 EK |
369 | TEST_check(resume_server_ctx != NULL); |
| 370 | TEST_check(resume_client_ctx != NULL); | |
| 590ed3d7 | 371 | } |
| 74726750 EK |
372 | } |
| 373 | #endif | |
| 374 | if (test_ctx->method == SSL_TEST_METHOD_TLS) { | |
| 375 | server_ctx = SSL_CTX_new(TLS_server_method()); | |
| 9f48bbac EK |
376 | /* SNI on resumption isn't supported/tested yet. */ |
| 377 | if (test_ctx->extra.server.servername_callback != | |
| 378 | SSL_TEST_SERVERNAME_CB_NONE) { | |
| d2b23cd2 | 379 | server2_ctx = SSL_CTX_new(TLS_server_method()); |
| d61f0078 | 380 | TEST_check(server2_ctx != NULL); |
| d2b23cd2 | 381 | } |
| 74726750 | 382 | client_ctx = SSL_CTX_new(TLS_client_method()); |
| 590ed3d7 EK |
383 | |
| 384 | if (test_ctx->handshake_mode == SSL_TEST_HANDSHAKE_RESUME) { | |
| 385 | resume_server_ctx = SSL_CTX_new(TLS_server_method()); | |
| 11279b13 | 386 | resume_client_ctx = SSL_CTX_new(TLS_client_method()); |
| d61f0078 EK |
387 | TEST_check(resume_server_ctx != NULL); |
| 388 | TEST_check(resume_client_ctx != NULL); | |
| 590ed3d7 | 389 | } |
| 74726750 EK |
390 | } |
| 391 | ||
| d61f0078 EK |
392 | TEST_check(server_ctx != NULL); |
| 393 | TEST_check(client_ctx != NULL); | |
| 453dfd8d | 394 | |
| d836d71b | 395 | TEST_check(CONF_modules_load(conf, test_app, 0) > 0); |
| 453dfd8d EK |
396 | |
| 397 | if (!SSL_CTX_config(server_ctx, "server") | |
| 5c753de6 | 398 | || !SSL_CTX_config(client_ctx, "client")) { |
| 453dfd8d EK |
399 | goto err; |
| 400 | } | |
| 401 | ||
| d2b23cd2 EK |
402 | if (server2_ctx != NULL && !SSL_CTX_config(server2_ctx, "server2")) |
| 403 | goto err; | |
| 590ed3d7 EK |
404 | if (resume_server_ctx != NULL |
| 405 | && !SSL_CTX_config(resume_server_ctx, "resume-server")) | |
| 406 | goto err; | |
| 11279b13 EK |
407 | if (resume_client_ctx != NULL |
| 408 | && !SSL_CTX_config(resume_client_ctx, "resume-client")) | |
| 409 | goto err; | |
| d2b23cd2 | 410 | |
| 590ed3d7 | 411 | result = do_handshake(server_ctx, server2_ctx, client_ctx, |
| 11279b13 | 412 | resume_server_ctx, resume_client_ctx, test_ctx); |
| 453dfd8d | 413 | |
| ababe86b | 414 | ret = check_test(result, test_ctx); |
| 453dfd8d EK |
415 | |
| 416 | err: | |
| 417 | CONF_modules_unload(0); | |
| 418 | SSL_CTX_free(server_ctx); | |
| 5c753de6 | 419 | SSL_CTX_free(server2_ctx); |
| 453dfd8d | 420 | SSL_CTX_free(client_ctx); |
| 590ed3d7 | 421 | SSL_CTX_free(resume_server_ctx); |
| 11279b13 | 422 | SSL_CTX_free(resume_client_ctx); |
| 453dfd8d | 423 | SSL_TEST_CTX_free(test_ctx); |
| ce2cdac2 | 424 | HANDSHAKE_RESULT_free(result); |
| 453dfd8d EK |
425 | return ret; |
| 426 | } | |
| 427 | ||
| e364c3b2 | 428 | int test_main(int argc, char **argv) |
| 453dfd8d EK |
429 | { |
| 430 | int result = 0; | |
| 431 | long num_tests; | |
| 432 | ||
| 433 | if (argc != 2) | |
| 434 | return 1; | |
| 435 | ||
| 436 | conf = NCONF_new(NULL); | |
| d61f0078 | 437 | TEST_check(conf != NULL); |
| 453dfd8d EK |
438 | |
| 439 | /* argv[1] should point to the test conf file */ | |
| d61f0078 | 440 | TEST_check(NCONF_load(conf, argv[1], NULL) > 0); |
| 453dfd8d | 441 | |
| d61f0078 | 442 | TEST_check(NCONF_get_number_e(conf, NULL, "num_tests", &num_tests)); |
| 453dfd8d EK |
443 | |
| 444 | ADD_ALL_TESTS(test_handshake, (int)(num_tests)); | |
| 445 | result = run_tests(argv[0]); | |
| 446 | ||
| e364c3b2 | 447 | NCONF_free(conf); |
| 453dfd8d EK |
448 | return result; |
| 449 | } |