1279264Sdelphij/* test/heartbeat_test.c */ 2279264Sdelphij/* 3279264Sdelphij * Unit test for TLS heartbeats. 4279264Sdelphij * 5279264Sdelphij * Acts as a regression test against the Heartbleed bug (CVE-2014-0160). 6279264Sdelphij * 7279264Sdelphij * Author: Mike Bland (mbland@acm.org, http://mike-bland.com/) 8279264Sdelphij * Date: 2014-04-12 9279264Sdelphij * License: Creative Commons Attribution 4.0 International (CC By 4.0) 10279264Sdelphij * http://creativecommons.org/licenses/by/4.0/deed.en_US 11279264Sdelphij * 12279264Sdelphij * OUTPUT 13279264Sdelphij * ------ 14279264Sdelphij * The program returns zero on success. It will print a message with a count 15279264Sdelphij * of the number of failed tests and return nonzero if any tests fail. 16279264Sdelphij * 17279264Sdelphij * It will print the contents of the request and response buffers for each 18279264Sdelphij * failing test. In a "fixed" version, all the tests should pass and there 19279264Sdelphij * should be no output. 20279264Sdelphij * 21279264Sdelphij * In a "bleeding" version, you'll see: 22279264Sdelphij * 23279264Sdelphij * test_dtls1_heartbleed failed: 24279264Sdelphij * expected payload len: 0 25279264Sdelphij * received: 1024 26279264Sdelphij * sent 26 characters 27279264Sdelphij * "HEARTBLEED " 28279264Sdelphij * received 1024 characters 29279264Sdelphij * "HEARTBLEED \xde\xad\xbe\xef..." 30279264Sdelphij * ** test_dtls1_heartbleed failed ** 31279264Sdelphij * 32279264Sdelphij * The contents of the returned buffer in the failing test will depend on the 33279264Sdelphij * contents of memory on your machine. 34279264Sdelphij * 35279264Sdelphij * MORE INFORMATION 36279264Sdelphij * ---------------- 37279264Sdelphij * http://mike-bland.com/2014/04/12/heartbleed.html 38279264Sdelphij * http://mike-bland.com/tags/heartbleed.html 39279264Sdelphij */ 40279264Sdelphij 41279264Sdelphij#define OPENSSL_UNIT_TEST 42279264Sdelphij 43279264Sdelphij#include "../test/testutil.h" 44279264Sdelphij 45279264Sdelphij#include "../ssl/ssl_locl.h" 46279264Sdelphij#include <ctype.h> 47279264Sdelphij#include <stdio.h> 48279264Sdelphij#include <stdlib.h> 49279264Sdelphij#include <string.h> 50279264Sdelphij 51279264Sdelphij#if !defined(OPENSSL_NO_HEARTBEATS) && !defined(OPENSSL_NO_UNIT_TEST) 52279264Sdelphij 53279264Sdelphij/* As per https://tools.ietf.org/html/rfc6520#section-4 */ 54279264Sdelphij#define MIN_PADDING_SIZE 16 55279264Sdelphij 56279264Sdelphij/* Maximum number of payload characters to print as test output */ 57279264Sdelphij#define MAX_PRINTABLE_CHARACTERS 1024 58279264Sdelphij 59279264Sdelphijtypedef struct heartbeat_test_fixture 60279264Sdelphij { 61279264Sdelphij SSL_CTX *ctx; 62279264Sdelphij SSL *s; 63279264Sdelphij const char* test_case_name; 64279264Sdelphij int (*process_heartbeat)(SSL* s); 65279264Sdelphij unsigned char* payload; 66279264Sdelphij int sent_payload_len; 67279264Sdelphij int expected_return_value; 68279264Sdelphij int return_payload_offset; 69279264Sdelphij int expected_payload_len; 70279264Sdelphij const char* expected_return_payload; 71279264Sdelphij } HEARTBEAT_TEST_FIXTURE; 72279264Sdelphij 73279264Sdelphijstatic HEARTBEAT_TEST_FIXTURE set_up(const char* const test_case_name, 74279264Sdelphij const SSL_METHOD* meth) 75279264Sdelphij { 76279264Sdelphij HEARTBEAT_TEST_FIXTURE fixture; 77279264Sdelphij int setup_ok = 1; 78279264Sdelphij memset(&fixture, 0, sizeof(fixture)); 79279264Sdelphij fixture.test_case_name = test_case_name; 80279264Sdelphij 81279264Sdelphij fixture.ctx = SSL_CTX_new(meth); 82279264Sdelphij if (!fixture.ctx) 83279264Sdelphij { 84279264Sdelphij fprintf(stderr, "Failed to allocate SSL_CTX for test: %s\n", 85279264Sdelphij test_case_name); 86279264Sdelphij setup_ok = 0; 87279264Sdelphij goto fail; 88279264Sdelphij } 89279264Sdelphij 90279264Sdelphij fixture.s = SSL_new(fixture.ctx); 91279264Sdelphij if (!fixture.s) 92279264Sdelphij { 93279264Sdelphij fprintf(stderr, "Failed to allocate SSL for test: %s\n", test_case_name); 94279264Sdelphij setup_ok = 0; 95279264Sdelphij goto fail; 96279264Sdelphij } 97279264Sdelphij 98279264Sdelphij if (!ssl_init_wbio_buffer(fixture.s, 1)) 99279264Sdelphij { 100279264Sdelphij fprintf(stderr, "Failed to set up wbio buffer for test: %s\n", 101279264Sdelphij test_case_name); 102279264Sdelphij setup_ok = 0; 103279264Sdelphij goto fail; 104279264Sdelphij } 105279264Sdelphij 106279264Sdelphij if (!ssl3_setup_buffers(fixture.s)) 107279264Sdelphij { 108279264Sdelphij fprintf(stderr, "Failed to setup buffers for test: %s\n", 109279264Sdelphij test_case_name); 110279264Sdelphij setup_ok = 0; 111279264Sdelphij goto fail; 112279264Sdelphij } 113279264Sdelphij 114279264Sdelphij /* Clear the memory for the return buffer, since this isn't automatically 115279264Sdelphij * zeroed in opt mode and will cause spurious test failures that will change 116279264Sdelphij * with each execution. 117279264Sdelphij */ 118279264Sdelphij memset(fixture.s->s3->wbuf.buf, 0, fixture.s->s3->wbuf.len); 119279264Sdelphij 120279264Sdelphij fail: 121279264Sdelphij if (!setup_ok) 122279264Sdelphij { 123279264Sdelphij ERR_print_errors_fp(stderr); 124279264Sdelphij exit(EXIT_FAILURE); 125279264Sdelphij } 126279264Sdelphij return fixture; 127279264Sdelphij } 128279264Sdelphij 129279264Sdelphijstatic HEARTBEAT_TEST_FIXTURE set_up_dtls(const char* const test_case_name) 130279264Sdelphij { 131279264Sdelphij HEARTBEAT_TEST_FIXTURE fixture = set_up(test_case_name, 132279264Sdelphij DTLSv1_server_method()); 133279264Sdelphij fixture.process_heartbeat = dtls1_process_heartbeat; 134279264Sdelphij 135279264Sdelphij /* As per dtls1_get_record(), skipping the following from the beginning of 136279264Sdelphij * the returned heartbeat message: 137279264Sdelphij * type-1 byte; version-2 bytes; sequence number-8 bytes; length-2 bytes 138279264Sdelphij * 139279264Sdelphij * And then skipping the 1-byte type encoded by process_heartbeat for 140279264Sdelphij * a total of 14 bytes, at which point we can grab the length and the 141279264Sdelphij * payload we seek. 142279264Sdelphij */ 143279264Sdelphij fixture.return_payload_offset = 14; 144279264Sdelphij return fixture; 145279264Sdelphij } 146279264Sdelphij 147279264Sdelphij/* Needed by ssl3_write_bytes() */ 148279264Sdelphijstatic int dummy_handshake(SSL* s) 149279264Sdelphij { 150279264Sdelphij return 1; 151279264Sdelphij } 152279264Sdelphij 153279264Sdelphijstatic HEARTBEAT_TEST_FIXTURE set_up_tls(const char* const test_case_name) 154279264Sdelphij { 155279264Sdelphij HEARTBEAT_TEST_FIXTURE fixture = set_up(test_case_name, 156279264Sdelphij TLSv1_server_method()); 157279264Sdelphij fixture.process_heartbeat = tls1_process_heartbeat; 158279264Sdelphij fixture.s->handshake_func = dummy_handshake; 159279264Sdelphij 160279264Sdelphij /* As per do_ssl3_write(), skipping the following from the beginning of 161279264Sdelphij * the returned heartbeat message: 162279264Sdelphij * type-1 byte; version-2 bytes; length-2 bytes 163279264Sdelphij * 164279264Sdelphij * And then skipping the 1-byte type encoded by process_heartbeat for 165279264Sdelphij * a total of 6 bytes, at which point we can grab the length and the payload 166279264Sdelphij * we seek. 167279264Sdelphij */ 168279264Sdelphij fixture.return_payload_offset = 6; 169279264Sdelphij return fixture; 170279264Sdelphij } 171279264Sdelphij 172279264Sdelphijstatic void tear_down(HEARTBEAT_TEST_FIXTURE fixture) 173279264Sdelphij { 174279264Sdelphij ERR_print_errors_fp(stderr); 175279264Sdelphij SSL_free(fixture.s); 176279264Sdelphij SSL_CTX_free(fixture.ctx); 177279264Sdelphij } 178279264Sdelphij 179279264Sdelphijstatic void print_payload(const char* const prefix, 180279264Sdelphij const unsigned char *payload, const int n) 181279264Sdelphij { 182279264Sdelphij const int end = n < MAX_PRINTABLE_CHARACTERS ? n 183279264Sdelphij : MAX_PRINTABLE_CHARACTERS; 184279264Sdelphij int i = 0; 185279264Sdelphij 186279264Sdelphij printf("%s %d character%s", prefix, n, n == 1 ? "" : "s"); 187279264Sdelphij if (end != n) printf(" (first %d shown)", end); 188279264Sdelphij printf("\n \""); 189279264Sdelphij 190279264Sdelphij for (; i != end; ++i) 191279264Sdelphij { 192279264Sdelphij const unsigned char c = payload[i]; 193279264Sdelphij if (isprint(c)) fputc(c, stdout); 194279264Sdelphij else printf("\\x%02x", c); 195279264Sdelphij } 196279264Sdelphij printf("\"\n"); 197279264Sdelphij } 198279264Sdelphij 199279264Sdelphijstatic int execute_heartbeat(HEARTBEAT_TEST_FIXTURE fixture) 200279264Sdelphij { 201279264Sdelphij int result = 0; 202279264Sdelphij SSL* s = fixture.s; 203279264Sdelphij unsigned char *payload = fixture.payload; 204279264Sdelphij unsigned char sent_buf[MAX_PRINTABLE_CHARACTERS + 1]; 205279264Sdelphij int return_value; 206279264Sdelphij unsigned const char *p; 207279264Sdelphij int actual_payload_len; 208279264Sdelphij 209279264Sdelphij s->s3->rrec.data = payload; 210279264Sdelphij s->s3->rrec.length = strlen((const char*)payload); 211279264Sdelphij *payload++ = TLS1_HB_REQUEST; 212279264Sdelphij s2n(fixture.sent_payload_len, payload); 213279264Sdelphij 214279264Sdelphij /* Make a local copy of the request, since it gets overwritten at some 215279264Sdelphij * point */ 216279264Sdelphij memcpy((char *)sent_buf, (const char*)payload, sizeof(sent_buf)); 217279264Sdelphij 218279264Sdelphij return_value = fixture.process_heartbeat(s); 219279264Sdelphij 220279264Sdelphij if (return_value != fixture.expected_return_value) 221279264Sdelphij { 222279264Sdelphij printf("%s failed: expected return value %d, received %d\n", 223279264Sdelphij fixture.test_case_name, fixture.expected_return_value, 224279264Sdelphij return_value); 225279264Sdelphij result = 1; 226279264Sdelphij } 227279264Sdelphij 228279264Sdelphij /* If there is any byte alignment, it will be stored in wbuf.offset. */ 229279264Sdelphij p = &(s->s3->wbuf.buf[ 230279264Sdelphij fixture.return_payload_offset + s->s3->wbuf.offset]); 231279264Sdelphij actual_payload_len = 0; 232279264Sdelphij n2s(p, actual_payload_len); 233279264Sdelphij 234279264Sdelphij if (actual_payload_len != fixture.expected_payload_len) 235279264Sdelphij { 236279264Sdelphij printf("%s failed:\n expected payload len: %d\n received: %d\n", 237279264Sdelphij fixture.test_case_name, fixture.expected_payload_len, 238279264Sdelphij actual_payload_len); 239279264Sdelphij print_payload("sent", sent_buf, strlen((const char*)sent_buf)); 240279264Sdelphij print_payload("received", p, actual_payload_len); 241279264Sdelphij result = 1; 242279264Sdelphij } 243279264Sdelphij else 244279264Sdelphij { 245279264Sdelphij char* actual_payload = BUF_strndup((const char*)p, actual_payload_len); 246279264Sdelphij if (strcmp(actual_payload, fixture.expected_return_payload) != 0) 247279264Sdelphij { 248279264Sdelphij printf("%s failed:\n expected payload: \"%s\"\n received: \"%s\"\n", 249279264Sdelphij fixture.test_case_name, fixture.expected_return_payload, 250279264Sdelphij actual_payload); 251279264Sdelphij result = 1; 252279264Sdelphij } 253279264Sdelphij OPENSSL_free(actual_payload); 254279264Sdelphij } 255279264Sdelphij 256279264Sdelphij if (result != 0) 257279264Sdelphij { 258279264Sdelphij printf("** %s failed **\n--------\n", fixture.test_case_name); 259279264Sdelphij } 260279264Sdelphij return result; 261279264Sdelphij } 262279264Sdelphij 263279264Sdelphijstatic int honest_payload_size(unsigned char payload_buf[]) 264279264Sdelphij { 265279264Sdelphij /* Omit three-byte pad at the beginning for type and payload length */ 266279264Sdelphij return strlen((const char*)&payload_buf[3]) - MIN_PADDING_SIZE; 267279264Sdelphij } 268279264Sdelphij 269279264Sdelphij#define SETUP_HEARTBEAT_TEST_FIXTURE(type)\ 270279264Sdelphij SETUP_TEST_FIXTURE(HEARTBEAT_TEST_FIXTURE, set_up_##type) 271279264Sdelphij 272279264Sdelphij#define EXECUTE_HEARTBEAT_TEST()\ 273279264Sdelphij EXECUTE_TEST(execute_heartbeat, tear_down) 274279264Sdelphij 275279264Sdelphijstatic int test_dtls1_not_bleeding() 276279264Sdelphij { 277279264Sdelphij SETUP_HEARTBEAT_TEST_FIXTURE(dtls); 278279264Sdelphij /* Three-byte pad at the beginning for type and payload length */ 279279264Sdelphij unsigned char payload_buf[] = " Not bleeding, sixteen spaces of padding" 280279264Sdelphij " "; 281279264Sdelphij const int payload_buf_len = honest_payload_size(payload_buf); 282279264Sdelphij 283279264Sdelphij fixture.payload = &payload_buf[0]; 284279264Sdelphij fixture.sent_payload_len = payload_buf_len; 285279264Sdelphij fixture.expected_return_value = 0; 286279264Sdelphij fixture.expected_payload_len = payload_buf_len; 287279264Sdelphij fixture.expected_return_payload = "Not bleeding, sixteen spaces of padding"; 288279264Sdelphij EXECUTE_HEARTBEAT_TEST(); 289279264Sdelphij } 290279264Sdelphij 291279264Sdelphijstatic int test_dtls1_not_bleeding_empty_payload() 292279264Sdelphij { 293279264Sdelphij int payload_buf_len; 294279264Sdelphij 295279264Sdelphij SETUP_HEARTBEAT_TEST_FIXTURE(dtls); 296279264Sdelphij /* Three-byte pad at the beginning for type and payload length, plus a NUL 297279264Sdelphij * at the end */ 298279264Sdelphij unsigned char payload_buf[4 + MIN_PADDING_SIZE]; 299279264Sdelphij memset(payload_buf, ' ', sizeof(payload_buf)); 300279264Sdelphij payload_buf[sizeof(payload_buf) - 1] = '\0'; 301279264Sdelphij payload_buf_len = honest_payload_size(payload_buf); 302279264Sdelphij 303279264Sdelphij fixture.payload = &payload_buf[0]; 304279264Sdelphij fixture.sent_payload_len = payload_buf_len; 305279264Sdelphij fixture.expected_return_value = 0; 306279264Sdelphij fixture.expected_payload_len = payload_buf_len; 307279264Sdelphij fixture.expected_return_payload = ""; 308279264Sdelphij EXECUTE_HEARTBEAT_TEST(); 309279264Sdelphij } 310279264Sdelphij 311279264Sdelphijstatic int test_dtls1_heartbleed() 312279264Sdelphij { 313279264Sdelphij SETUP_HEARTBEAT_TEST_FIXTURE(dtls); 314279264Sdelphij /* Three-byte pad at the beginning for type and payload length */ 315279264Sdelphij unsigned char payload_buf[] = " HEARTBLEED "; 316279264Sdelphij 317279264Sdelphij fixture.payload = &payload_buf[0]; 318279264Sdelphij fixture.sent_payload_len = MAX_PRINTABLE_CHARACTERS; 319279264Sdelphij fixture.expected_return_value = 0; 320279264Sdelphij fixture.expected_payload_len = 0; 321279264Sdelphij fixture.expected_return_payload = ""; 322279264Sdelphij EXECUTE_HEARTBEAT_TEST(); 323279264Sdelphij } 324279264Sdelphij 325279264Sdelphijstatic int test_dtls1_heartbleed_empty_payload() 326279264Sdelphij { 327279264Sdelphij SETUP_HEARTBEAT_TEST_FIXTURE(dtls); 328279264Sdelphij /* Excluding the NUL at the end, one byte short of type + payload length + 329279264Sdelphij * minimum padding */ 330279264Sdelphij unsigned char payload_buf[MIN_PADDING_SIZE + 3]; 331279264Sdelphij memset(payload_buf, ' ', sizeof(payload_buf)); 332279264Sdelphij payload_buf[sizeof(payload_buf) - 1] = '\0'; 333279264Sdelphij 334279264Sdelphij fixture.payload = &payload_buf[0]; 335279264Sdelphij fixture.sent_payload_len = MAX_PRINTABLE_CHARACTERS; 336279264Sdelphij fixture.expected_return_value = 0; 337279264Sdelphij fixture.expected_payload_len = 0; 338279264Sdelphij fixture.expected_return_payload = ""; 339279264Sdelphij EXECUTE_HEARTBEAT_TEST(); 340279264Sdelphij } 341279264Sdelphij 342279264Sdelphijstatic int test_dtls1_heartbleed_excessive_plaintext_length() 343279264Sdelphij { 344279264Sdelphij SETUP_HEARTBEAT_TEST_FIXTURE(dtls); 345279264Sdelphij /* Excluding the NUL at the end, one byte in excess of maximum allowed 346279264Sdelphij * heartbeat message length */ 347279264Sdelphij unsigned char payload_buf[SSL3_RT_MAX_PLAIN_LENGTH + 2]; 348279264Sdelphij memset(payload_buf, ' ', sizeof(payload_buf)); 349279264Sdelphij payload_buf[sizeof(payload_buf) - 1] = '\0'; 350279264Sdelphij 351279264Sdelphij fixture.payload = &payload_buf[0]; 352279264Sdelphij fixture.sent_payload_len = honest_payload_size(payload_buf); 353279264Sdelphij fixture.expected_return_value = 0; 354279264Sdelphij fixture.expected_payload_len = 0; 355279264Sdelphij fixture.expected_return_payload = ""; 356279264Sdelphij EXECUTE_HEARTBEAT_TEST(); 357279264Sdelphij } 358279264Sdelphij 359279264Sdelphijstatic int test_tls1_not_bleeding() 360279264Sdelphij { 361279264Sdelphij SETUP_HEARTBEAT_TEST_FIXTURE(tls); 362279264Sdelphij /* Three-byte pad at the beginning for type and payload length */ 363279264Sdelphij unsigned char payload_buf[] = " Not bleeding, sixteen spaces of padding" 364279264Sdelphij " "; 365279264Sdelphij const int payload_buf_len = honest_payload_size(payload_buf); 366279264Sdelphij 367279264Sdelphij fixture.payload = &payload_buf[0]; 368279264Sdelphij fixture.sent_payload_len = payload_buf_len; 369279264Sdelphij fixture.expected_return_value = 0; 370279264Sdelphij fixture.expected_payload_len = payload_buf_len; 371279264Sdelphij fixture.expected_return_payload = "Not bleeding, sixteen spaces of padding"; 372279264Sdelphij EXECUTE_HEARTBEAT_TEST(); 373279264Sdelphij } 374279264Sdelphij 375279264Sdelphijstatic int test_tls1_not_bleeding_empty_payload() 376279264Sdelphij { 377279264Sdelphij int payload_buf_len; 378279264Sdelphij 379279264Sdelphij SETUP_HEARTBEAT_TEST_FIXTURE(tls); 380279264Sdelphij /* Three-byte pad at the beginning for type and payload length, plus a NUL 381279264Sdelphij * at the end */ 382279264Sdelphij unsigned char payload_buf[4 + MIN_PADDING_SIZE]; 383279264Sdelphij memset(payload_buf, ' ', sizeof(payload_buf)); 384279264Sdelphij payload_buf[sizeof(payload_buf) - 1] = '\0'; 385279264Sdelphij payload_buf_len = honest_payload_size(payload_buf); 386279264Sdelphij 387279264Sdelphij fixture.payload = &payload_buf[0]; 388279264Sdelphij fixture.sent_payload_len = payload_buf_len; 389279264Sdelphij fixture.expected_return_value = 0; 390279264Sdelphij fixture.expected_payload_len = payload_buf_len; 391279264Sdelphij fixture.expected_return_payload = ""; 392279264Sdelphij EXECUTE_HEARTBEAT_TEST(); 393279264Sdelphij } 394279264Sdelphij 395279264Sdelphijstatic int test_tls1_heartbleed() 396279264Sdelphij { 397279264Sdelphij SETUP_HEARTBEAT_TEST_FIXTURE(tls); 398279264Sdelphij /* Three-byte pad at the beginning for type and payload length */ 399279264Sdelphij unsigned char payload_buf[] = " HEARTBLEED "; 400279264Sdelphij 401279264Sdelphij fixture.payload = &payload_buf[0]; 402279264Sdelphij fixture.sent_payload_len = MAX_PRINTABLE_CHARACTERS; 403279264Sdelphij fixture.expected_return_value = 0; 404279264Sdelphij fixture.expected_payload_len = 0; 405279264Sdelphij fixture.expected_return_payload = ""; 406279264Sdelphij EXECUTE_HEARTBEAT_TEST(); 407279264Sdelphij } 408279264Sdelphij 409279264Sdelphijstatic int test_tls1_heartbleed_empty_payload() 410279264Sdelphij { 411279264Sdelphij SETUP_HEARTBEAT_TEST_FIXTURE(tls); 412279264Sdelphij /* Excluding the NUL at the end, one byte short of type + payload length + 413279264Sdelphij * minimum padding */ 414279264Sdelphij unsigned char payload_buf[MIN_PADDING_SIZE + 3]; 415279264Sdelphij memset(payload_buf, ' ', sizeof(payload_buf)); 416279264Sdelphij payload_buf[sizeof(payload_buf) - 1] = '\0'; 417279264Sdelphij 418279264Sdelphij fixture.payload = &payload_buf[0]; 419279264Sdelphij fixture.sent_payload_len = MAX_PRINTABLE_CHARACTERS; 420279264Sdelphij fixture.expected_return_value = 0; 421279264Sdelphij fixture.expected_payload_len = 0; 422279264Sdelphij fixture.expected_return_payload = ""; 423279264Sdelphij EXECUTE_HEARTBEAT_TEST(); 424279264Sdelphij } 425279264Sdelphij 426279264Sdelphij#undef EXECUTE_HEARTBEAT_TEST 427279264Sdelphij#undef SETUP_HEARTBEAT_TEST_FIXTURE 428279264Sdelphij 429279264Sdelphijint main(int argc, char *argv[]) 430279264Sdelphij { 431279264Sdelphij int num_failed; 432279264Sdelphij 433279264Sdelphij SSL_library_init(); 434279264Sdelphij SSL_load_error_strings(); 435279264Sdelphij 436279264Sdelphij num_failed = test_dtls1_not_bleeding() + 437279264Sdelphij test_dtls1_not_bleeding_empty_payload() + 438279264Sdelphij test_dtls1_heartbleed() + 439279264Sdelphij test_dtls1_heartbleed_empty_payload() + 440279264Sdelphij /* The following test causes an assertion failure at 441279264Sdelphij * ssl/d1_pkt.c:dtls1_write_bytes() in versions prior to 1.0.1g: */ 442279264Sdelphij (OPENSSL_VERSION_NUMBER >= 0x1000107fL ? 443279264Sdelphij test_dtls1_heartbleed_excessive_plaintext_length() : 0) + 444279264Sdelphij test_tls1_not_bleeding() + 445279264Sdelphij test_tls1_not_bleeding_empty_payload() + 446279264Sdelphij test_tls1_heartbleed() + 447279264Sdelphij test_tls1_heartbleed_empty_payload() + 448279264Sdelphij 0; 449279264Sdelphij 450279264Sdelphij ERR_print_errors_fp(stderr); 451279264Sdelphij 452279264Sdelphij if (num_failed != 0) 453279264Sdelphij { 454279264Sdelphij printf("%d test%s failed\n", num_failed, num_failed != 1 ? "s" : ""); 455279264Sdelphij return EXIT_FAILURE; 456279264Sdelphij } 457279264Sdelphij return EXIT_SUCCESS; 458279264Sdelphij } 459279264Sdelphij 460279264Sdelphij#else /* OPENSSL_NO_HEARTBEATS*/ 461279264Sdelphij 462279264Sdelphijint main(int argc, char *argv[]) 463279264Sdelphij { 464279264Sdelphij return EXIT_SUCCESS; 465279264Sdelphij } 466279264Sdelphij#endif /* OPENSSL_NO_HEARTBEATS */ 467