/* * sslAlert.cpp - test alert msg sending and processing, client and server side */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #define STARTING_PORT 2000 /* * localcert is a KC containing server cert and signing key * assumptions: * -- common name = "localcert" * -- password of KC = "localcert" */ #define SERVER_KC "localcert" #define SERVER_ROOT "localcert.cer" /* * clientcert is a KC containing client cert and signing key * assumptions: * -- password of KC = "clientcert" * -- note common name not checked by SecureTransport when verifying client cert chain */ #define CLIENT_KC "clientcert" #define CLIENT_ROOT "clientcert.cer" /* main() fills these in using sslKeychainPath() */ static char serverKcPath[MAXPATHLEN]; static char clientKcPath[MAXPATHLEN]; static void usage(char **argv) { printf("Usage: %s [options]\n", argv[0]); printf("options:\n"); printf(" q(uiet)\n"); printf(" v(erbose)\n"); printf(" p=startingPortNum\n"); printf(" b (non blocking I/O)\n"); printf(" s=serverCertName; default %s\n", SERVER_ROOT); printf(" c=clientCertName; default %s\n", CLIENT_ROOT); printf(" R (ringBuffer I/O)\n"); printf(" l=loops (default=1; 0=forever)\n"); exit(1); } #define IGNORE_SIGPIPE 1 #if IGNORE_SIGPIPE #include void sigpipe(int sig) { } #endif /* IGNORE_SIGPIPE */ /* * Default params for each test. Main() will make a copy of this and * adjust its copy on a per-test basis. */ SslAppTestParams serverDefaults = { "no name here", false, // skipHostNameCHeck 0, // port - test must set this NULL, NULL, // RingBuffers false, // noProtSpec kTLSProtocol1, NULL, // acceptedProts serverKcPath, // myCerts SERVER_KC, // password true, // idIsTrustedRoot false, // disableCertVerify NULL, // anchorFile false, // replaceAnchors kNeverAuthenticate, false, // resumeEnable NULL, // ciphers false, // nonBlocking NULL, // dhParams 0, // dhParamsLen noErr, // expectRtn kTLSProtocol1, // expectVersion kSSLClientCertNone, SSL_CIPHER_IGNORE, false, // quiet false, // silent false, // verbose {0}, // lock {0}, // cond false, // serverReady 0, // clientDone false, // serverAbort /* returned */ kSSLProtocolUnknown, SSL_NULL_WITH_NULL_NULL, kSSLClientCertNone, noHardwareErr }; SslAppTestParams clientDefaults = { "localhost", false, // skipHostNameCHeck 0, // port - test must set this NULL, NULL, // RingBuffers false, // noProtSpec kTLSProtocol1, NULL, // acceptedProts NULL, // myCertKcName CLIENT_KC, // password - only meaningful when test sets myCertKcName true, // idIsTrustedRoot false, // disableCertVerify SERVER_ROOT, // anchorFile false, // replaceAnchors kNeverAuthenticate, false, // resumeEnable NULL, // ciphers false, // nonBlocking NULL, // dhParams 0, // dhParamsLen noErr, // expectRtn kTLSProtocol1, // expectVersion kSSLClientCertNone, SSL_CIPHER_IGNORE, false, // quiet false, // silent false, // verbose {0}, // lock {0}, // cond false, // serverReady 0, // clientDone false, // serverAbort /* returned */ kSSLProtocolUnknown, SSL_NULL_WITH_NULL_NULL, kSSLClientCertNone, noHardwareErr }; int main(int argc, char **argv) { int ourRtn = 0; char *argp; int thisRtn; SslAppTestParams clientParams; SslAppTestParams serverParams; const char *desc; unsigned short portNum = STARTING_PORT; const char *clientCert = CLIENT_ROOT; RingBuffer serverToClientRing; RingBuffer clientToServerRing; bool ringBufferIo = false; unsigned loopNum = 0; unsigned loops = 1; for(int arg=1; arg