tests: check certificate callbacks under TLS 1.2 and 1.3

Resolves #278

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

diff --git a/tests/x509-cert-callback.c b/tests/x509-cert-callback.c
index 6fe3d61406f41b0f6c625910f4c22fa673971fde..f23b531f87a52cfc39291f1f059779a2a71f99f2 100644 (file)
--- a/tests/x509-cert-callback.c
+++ b/tests/x509-cert-callback.c
@@ -15,9 +15,8 @@
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  * General Public License for more details.
  *
- * You should have received a copy of the GNU General Public License
- * along with GnuTLS; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
  */
 
 #ifdef HAVE_CONFIG_H
@@ -28,6 +27,7 @@
 #include <stdlib.h>
 #include <string.h>
 #include <errno.h>
+#include <assert.h>
 #include <gnutls/gnutls.h>
 #include <gnutls/abstract.h>
 #include <gnutls/x509.h>
@@ -65,11 +65,11 @@ cert_callback(gnutls_session_t session,
                return -1;
        }
 
-       p = gnutls_malloc(2 * sizeof(*p));
-       if (p == NULL)
-               return -1;
-
        if (g_pkey == NULL) {
+               p = gnutls_malloc(2 * sizeof(*p));
+               if (p == NULL)
+                       return -1;
+
                ret = gnutls_x509_crt_list_import2(&certs, &certs_size,
                                                   &cli_ca3_cert_chain,
                                                   GNUTLS_X509_FMT_PEM, 0);
@@ -128,11 +128,11 @@ server_cert_callback(gnutls_session_t session,
        gnutls_x509_crt_t *certs;
        unsigned certs_size, i;
 
-       p = gnutls_malloc(2 * sizeof(*p));
-       if (p == NULL)
-               return -1;
-
        if (server_pkey == NULL) {
+               p = gnutls_malloc(2 * sizeof(*p));
+               if (p == NULL)
+                       return -1;
+
                ret = gnutls_x509_crt_list_import2(&certs, &certs_size,
                                                   &server_ca3_localhost_cert_chain,
                                                   GNUTLS_X509_FMT_PEM, 0);
@@ -171,7 +171,7 @@ server_cert_callback(gnutls_session_t session,
        return 0;
 }
 
-void doit(void)
+static void start(const char *prio)
 {
        int exit_code = EXIT_SUCCESS;
        int ret;
@@ -184,6 +184,8 @@ void doit(void)
        gnutls_session_t client;
        int cret = GNUTLS_E_AGAIN;
 
+       success("testing %s\n", prio);
+
        /* General init. */
        global_init();
        gnutls_global_set_log_function(tls_log_func);
@@ -198,8 +200,8 @@ void doit(void)
 
        gnutls_init(&server, GNUTLS_SERVER);
        gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE, serverx509cred);
-       gnutls_priority_set_direct(server,
-                                  "NORMAL:-CIPHER-ALL:+AES-128-GCM", NULL);
+       assert(gnutls_priority_set_direct(server,
+                                  prio, NULL) >= 0);
        gnutls_transport_set_push_function(server, server_push);
        gnutls_transport_set_pull_function(server, server_pull);
        gnutls_transport_set_ptr(server, server);
@@ -229,7 +231,7 @@ void doit(void)
        if (ret < 0)
                exit(1);
 
-       gnutls_priority_set_direct(client, "NORMAL", NULL);
+       assert(gnutls_priority_set_direct(client, prio, NULL)>=0);
        gnutls_transport_set_push_function(client, client_push);
        gnutls_transport_set_pull_function(client, client_pull);
        gnutls_transport_set_ptr(client, client);
@@ -420,4 +422,13 @@ void doit(void)
                else
                        puts("Self-test failed");
        }
+
+       reset_buffers();
+}
+
+void doit(void)
+{
+       start("NORMAL:-VERS-TLS-ALL:+VERS-TLS1.3");
+       start("NORMAL:-VERS-TLS-ALL:+VERS-TLS1.2");
+       start("NORMAL:-VERS-TLS-ALL:+VERS-TLS1.1");
 }