[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[libmicrohttpd] branch master updated (993fd001 -> fdf0ea88)
|
From: |
gnunet |
|
Subject: |
[libmicrohttpd] branch master updated (993fd001 -> fdf0ea88) |
|
Date: |
Sun, 12 Dec 2021 18:52:46 +0100 |
This is an automated email from the git hooks/post-receive script.
karlson2k pushed a change to branch master
in repository libmicrohttpd.
from 993fd001 test_https_time_out: fixed broken check
new 54e83ba5 test_https_time_out: fixed test, now testing is real
new 141a8e70 test_https_time_out: additional fixes
new fdf0ea88 test_https_time_out: use better sleep function
The 3 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
src/testcurl/https/test_https_time_out.c | 127 +++++++++++++++++++++++++++----
src/testcurl/https/test_tls_extensions.c | 18 ++---
src/testcurl/https/tls_test_common.c | 59 ++++----------
src/testcurl/https/tls_test_common.h | 4 -
4 files changed, 135 insertions(+), 73 deletions(-)
diff --git a/src/testcurl/https/test_https_time_out.c
b/src/testcurl/https/test_https_time_out.c
index e77c8c66..88877b60 100644
--- a/src/testcurl/https/test_https_time_out.c
+++ b/src/testcurl/https/test_https_time_out.c
@@ -1,6 +1,7 @@
/*
This file is part of libmicrohttpd
Copyright (C) 2007 Christian Grothoff
+ Copyright (C) 2014-2021 Karlson2k (Evgeny Grin)
libmicrohttpd is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published
@@ -23,6 +24,7 @@
* @brief: daemon TLS alert response test-case
*
* @author Sagie Amir
+ * @author Karlson2k (Evgeny Grin)
*/
#include "platform.h"
@@ -31,6 +33,16 @@
#ifdef MHD_HTTPS_REQUIRE_GRYPT
#include <gcrypt.h>
#endif /* MHD_HTTPS_REQUIRE_GRYPT */
+#ifdef HAVE_SIGNAL_H
+#include <signal.h>
+#endif /* HAVE_SIGNAL_H */
+#ifdef HAVE_UNISTD_H
+#include <unistd.h>
+#endif /* HAVE_UNISTD_H */
+#ifdef HAVE_TIME_H
+#include <time.h>
+#endif /* HAVE_TIME_H */
+
#include "mhd_sockets.h" /* only macros used */
@@ -44,7 +56,72 @@
extern const char srv_key_pem[];
extern const char srv_self_signed_cert_pem[];
-static const int TIME_OUT = 3;
+static const int TIME_OUT = 2;
+
+static unsigned int num_connects = 0;
+static unsigned int num_disconnects = 0;
+
+
+/**
+ * Pause execution for specified number of milliseconds.
+ * @param ms the number of milliseconds to sleep
+ */
+void
+_MHD_sleep (uint32_t ms)
+{
+#if defined(_WIN32)
+ Sleep (ms);
+#elif defined(HAVE_NANOSLEEP)
+ struct timespec slp = {ms / 1000, (ms % 1000) * 1000000};
+ struct timespec rmn;
+ int num_retries = 0;
+ while (0 != nanosleep (&slp, &rmn))
+ {
+ if (num_retries++ > 8)
+ break;
+ slp = rmn;
+ }
+#elif defined(HAVE_USLEEP)
+ uint64_t us = ms * 1000;
+ do
+ {
+ uint64_t this_sleep;
+ if (999999 < us)
+ this_sleep = 999999;
+ else
+ this_sleep = us;
+ /* Ignore return value as it could be void */
+ usleep (this_sleep);
+ us -= this_sleep;
+ } while (us > 0);
+#else
+ sleep ((ms + 999) / 1000);
+#endif
+}
+
+
+void
+socket_cb (void *cls,
+ struct MHD_Connection *c,
+ void **socket_context,
+ enum MHD_ConnectionNotificationCode toe)
+{
+ struct sckt_notif_cb_param *param = (struct sckt_notif_cb_param *) cls;
+ if (NULL == socket_context)
+ abort ();
+ if (NULL == c)
+ abort ();
+ if (NULL == param)
+ abort ();
+
+ if (MHD_CONNECTION_NOTIFY_STARTED == toe)
+ num_connects++;
+ else if (MHD_CONNECTION_NOTIFY_CLOSED == toe)
+ num_disconnects++;
+ else
+ abort ();
+}
+
static int
test_tls_session_time_out (gnutls_session_t session, int port)
@@ -57,7 +134,7 @@ test_tls_session_time_out (gnutls_session_t session, int
port)
if (sd == MHD_INVALID_SOCKET)
{
fprintf (stderr, "Failed to create socket: %s\n", strerror (errno));
- return -1;
+ return 2;
}
memset (&sa, '\0', sizeof (struct sockaddr_in));
@@ -65,35 +142,40 @@ test_tls_session_time_out (gnutls_session_t session, int
port)
sa.sin_port = htons (port);
sa.sin_addr.s_addr = htonl (INADDR_LOOPBACK);
- gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) (intptr_t) sd);
-
ret = connect (sd, (struct sockaddr *) &sa, sizeof (struct sockaddr_in));
if (ret < 0)
{
fprintf (stderr, "Error: %s\n", MHD_E_FAILED_TO_CONNECT);
MHD_socket_close_chk_ (sd);
- return -1;
+ return 2;
}
+#if (GNUTLS_VERSION_NUMBER + 0 >= 0x030109) && ! defined(_WIN64)
+ gnutls_transport_set_int (session, (int) (sd));
+#else /* GnuTLS before 3.1.9 or Win64 */
+ gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) (intptr_t) (sd));
+#endif /* GnuTLS before 3.1.9 or Win64 */
+
ret = gnutls_handshake (session);
if (ret < 0)
{
fprintf (stderr, "Handshake failed\n");
MHD_socket_close_chk_ (sd);
- return -1;
+ return 2;
}
- (void) sleep (TIME_OUT + 1);
+ _MHD_sleep (TIME_OUT * 1000 + 1200);
/* check that server has closed the connection */
- /* TODO better RST trigger */
- if (send (sd, "", 1, 0) >= 0)
+ if (1 == num_disconnects)
{
fprintf (stderr, "Connection failed to time-out\n");
MHD_socket_close_chk_ (sd);
- return -1;
+ return 1;
}
+ else if (0 != num_disconnects)
+ abort ();
MHD_socket_close_chk_ (sd);
return 0;
@@ -106,8 +188,6 @@ main (int argc, char *const *argv)
int errorCount = 0;
struct MHD_Daemon *d;
gnutls_session_t session;
- gnutls_datum_t key;
- gnutls_datum_t cert;
gnutls_certificate_credentials_t xcred;
int port;
(void) argc; /* Unused. Silent compiler warning. */
@@ -117,13 +197,30 @@ main (int argc, char *const *argv)
else
port = 3070;
+#ifdef MHD_SEND_SPIPE_SUPPRESS_NEEDED
+#if defined(HAVE_SIGNAL_H) && defined(SIGPIPE)
+ if (SIG_ERR == signal (SIGPIPE, SIG_IGN))
+ {
+ fprintf (stderr, "Error suppressing SIGPIPE signal.\n");
+ exit (99);
+ }
+#else /* ! HAVE_SIGNAL_H || ! SIGPIPE */
+ fprintf (stderr, "Cannot suppress SIGPIPE signal.\n");
+ /* exit (77); */
+#endif
+#endif /* MHD_SEND_SPIPE_SUPPRESS_NEEDED */
+
#ifdef MHD_HTTPS_REQUIRE_GRYPT
gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0);
#ifdef GCRYCTL_INITIALIZATION_FINISHED
gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0);
#endif
#endif /* MHD_HTTPS_REQUIRE_GRYPT */
- gnutls_global_init ();
+ if (GNUTLS_E_SUCCESS != gnutls_global_init ())
+ {
+ fprintf (stderr, "Cannot initialize GnuTLS.\n");
+ exit (99);
+ }
gnutls_global_set_log_level (11);
d = MHD_start_daemon (MHD_USE_THREAD_PER_CONNECTION
@@ -151,13 +248,13 @@ main (int argc, char *const *argv)
port = (int) dinfo->port;
}
- if (0 != setup_session (&session, &key, &cert, &xcred))
+ if (0 != setup_session (&session, &xcred))
{
fprintf (stderr, "failed to setup session\n");
return 1;
}
errorCount += test_tls_session_time_out (session, port);
- teardown_session (session, &key, &cert, xcred);
+ teardown_session (session, xcred);
print_test_result (errorCount, argv[0]);
diff --git a/src/testcurl/https/test_tls_extensions.c
b/src/testcurl/https/test_tls_extensions.c
index 4754632a..19b98e7e 100644
--- a/src/testcurl/https/test_tls_extensions.c
+++ b/src/testcurl/https/test_tls_extensions.c
@@ -210,8 +210,6 @@ main (int argc, char *const *argv)
FILE *test_fd;
struct MHD_Daemon *d;
gnutls_session_t session;
- gnutls_datum_t key;
- gnutls_datum_t cert;
gnutls_certificate_credentials_t xcred;
const int ext_arr[] = {
GNUTLS_EXTENSION_SERVER_NAME,
@@ -266,25 +264,25 @@ main (int argc, char *const *argv)
}
i = 0;
- setup_session (&session, &key, &cert, &xcred);
+ setup_session (&session, &xcred);
errorCount += test_hello_extension (session, port, ext_arr[i], 1, 16);
- teardown_session (session, &key, &cert, xcred);
+ teardown_session (session, xcred);
#if 1
i = 0;
while (ext_arr[i] != -1)
{
- setup_session (&session, &key, &cert, &xcred);
+ setup_session (&session, &xcred);
errorCount += test_hello_extension (session, port, ext_arr[i], 1, 16);
- teardown_session (session, &key, &cert, xcred);
+ teardown_session (session, xcred);
- setup_session (&session, &key, &cert, &xcred);
+ setup_session (&session, &xcred);
errorCount += test_hello_extension (session, port, ext_arr[i], 3, 8);
- teardown_session (session, &key, &cert, xcred);
+ teardown_session (session, xcred);
/* this test specifically tests the issue raised in CVE-2008-1948 */
- setup_session (&session, &key, &cert, &xcred);
+ setup_session (&session, &xcred);
errorCount += test_hello_extension (session, port, ext_arr[i], 6, 0);
- teardown_session (session, &key, &cert, xcred);
+ teardown_session (session, xcred);
i++;
}
#endif
diff --git a/src/testcurl/https/tls_test_common.c
b/src/testcurl/https/tls_test_common.c
index cf500034..9cce3d94 100644
--- a/src/testcurl/https/tls_test_common.c
+++ b/src/testcurl/https/tls_test_common.c
@@ -504,62 +504,33 @@ teardown_testcase (struct MHD_Daemon *d)
int
setup_session (gnutls_session_t *session,
- gnutls_datum_t *key,
- gnutls_datum_t *cert,
gnutls_certificate_credentials_t *xcred)
{
- int ret;
- const char *err_pos;
-
- gnutls_certificate_allocate_credentials (xcred);
- key->size = strlen (srv_key_pem) + 1;
- key->data = malloc (key->size);
- if (NULL == key->data)
- {
- gnutls_certificate_free_credentials (*xcred);
- return -1;
- }
- memcpy (key->data, srv_key_pem, key->size);
- cert->size = strlen (srv_self_signed_cert_pem) + 1;
- cert->data = malloc (cert->size);
- if (NULL == cert->data)
- {
- gnutls_certificate_free_credentials (*xcred);
- free (key->data);
- return -1;
- }
- memcpy (cert->data, srv_self_signed_cert_pem, cert->size);
- gnutls_certificate_set_x509_key_mem (*xcred, cert, key,
- GNUTLS_X509_FMT_PEM);
- gnutls_init (session, GNUTLS_CLIENT);
- ret = gnutls_priority_set_direct (*session,
- "NORMAL", &err_pos);
- if (ret < 0)
+ if (GNUTLS_E_SUCCESS == gnutls_init (session, GNUTLS_CLIENT))
{
+ if (GNUTLS_E_SUCCESS == gnutls_set_default_priority (*session))
+ {
+ if (GNUTLS_E_SUCCESS == gnutls_certificate_allocate_credentials (xcred))
+ {
+ if (GNUTLS_E_SUCCESS == gnutls_credentials_set (*session,
+ GNUTLS_CRD_CERTIFICATE,
+ *xcred))
+ {
+ return 0;
+ }
+ gnutls_certificate_free_credentials (*xcred);
+ }
+ }
gnutls_deinit (*session);
- gnutls_certificate_free_credentials (*xcred);
- free (key->data);
- return -1;
}
- gnutls_credentials_set (*session,
- GNUTLS_CRD_CERTIFICATE,
- *xcred);
- return 0;
+ return -1;
}
int
teardown_session (gnutls_session_t session,
- gnutls_datum_t *key,
- gnutls_datum_t *cert,
gnutls_certificate_credentials_t xcred)
{
- free (key->data);
- key->data = NULL;
- key->size = 0;
- free (cert->data);
- cert->data = NULL;
- cert->size = 0;
gnutls_deinit (session);
gnutls_certificate_free_credentials (xcred);
return 0;
diff --git a/src/testcurl/https/tls_test_common.h
b/src/testcurl/https/tls_test_common.h
index 02f0f0fa..a9af504d 100644
--- a/src/testcurl/https/tls_test_common.h
+++ b/src/testcurl/https/tls_test_common.h
@@ -146,14 +146,10 @@ teardown_testcase (struct MHD_Daemon *d);
int
setup_session (gnutls_session_t *session,
- gnutls_datum_t *key,
- gnutls_datum_t *cert,
gnutls_certificate_credentials_t *xcred);
int
teardown_session (gnutls_session_t session,
- gnutls_datum_t *key,
- gnutls_datum_t *cert,
gnutls_certificate_credentials_t xcred);
int
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
- [libmicrohttpd] branch master updated (993fd001 -> fdf0ea88),
gnunet <=