configtest.c revision 1.2 
1/* $OpenBSD: configtest.c,v 1.2 2020/01/20 08:40:16 jsing Exp $ */
2/*
3 * Copyright (c) 2017 Joel Sing <jsing@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <err.h>
19#include <stdio.h>
20#include <stdlib.h>
21
22#include <tls.h>
23
24struct parse_protocols_test {
25	const char *protostr;
26	int want_return;
27	uint32_t want_protocols;
28};
29
30struct parse_protocols_test parse_protocols_tests[] = {
31	{
32		.protostr = NULL,
33		.want_return = 0,
34		.want_protocols = TLS_PROTOCOLS_DEFAULT,
35	},
36	{
37		.protostr = "default",
38		.want_return = 0,
39		.want_protocols = TLS_PROTOCOLS_DEFAULT,
40	},
41	{
42		.protostr = "secure",
43		.want_return = 0,
44		.want_protocols = TLS_PROTOCOLS_DEFAULT,
45	},
46	{
47		.protostr = "all",
48		.want_return = 0,
49		.want_protocols = TLS_PROTOCOLS_ALL,
50	},
51	{
52		.protostr = "tlsv1",
53		.want_return = 0,
54		.want_protocols = TLS_PROTOCOL_TLSv1,
55	},
56	{
57		.protostr = "tlsv1.2",
58		.want_return = 0,
59		.want_protocols = TLS_PROTOCOL_TLSv1_2,
60	},
61	{
62		.protostr = "tlsv1.3",
63		.want_return = 0,
64		.want_protocols = TLS_PROTOCOL_TLSv1_3,
65	},
66	{
67		.protostr = "",
68		.want_return = -1,
69		.want_protocols = 0,
70	},
71	{
72		.protostr = "tlsv1.0:tlsv1.1:tlsv1.2:tlsv1.3",
73		.want_return = 0,
74		.want_protocols = TLS_PROTOCOL_TLSv1_0 | TLS_PROTOCOL_TLSv1_1 |
75		    TLS_PROTOCOL_TLSv1_2 | TLS_PROTOCOL_TLSv1_3,
76	},
77	{
78		.protostr = "tlsv1.0,tlsv1.1,tlsv1.2,tlsv1.3",
79		.want_return = 0,
80		.want_protocols = TLS_PROTOCOL_TLSv1_0 | TLS_PROTOCOL_TLSv1_1 |
81		    TLS_PROTOCOL_TLSv1_2 | TLS_PROTOCOL_TLSv1_3,
82	},
83	{
84		.protostr = "tlsv1.1,tlsv1.2,tlsv1.0",
85		.want_return = 0,
86		.want_protocols = TLS_PROTOCOL_TLSv1_0 | TLS_PROTOCOL_TLSv1_1 |
87		    TLS_PROTOCOL_TLSv1_2,
88	},
89	{
90		.protostr = "tlsv1.1,tlsv1.2,tlsv1.1",
91		.want_return = 0,
92		.want_protocols = TLS_PROTOCOL_TLSv1_1 | TLS_PROTOCOL_TLSv1_2,
93	},
94	{
95		.protostr = "tlsv1.1,tlsv1.2,!tlsv1.1",
96		.want_return = 0,
97		.want_protocols = TLS_PROTOCOL_TLSv1_2,
98	},
99	{
100		.protostr = "unknown",
101		.want_return = -1,
102		.want_protocols = 0,
103	},
104	{
105		.protostr = "all,!unknown",
106		.want_return = -1,
107		.want_protocols = 0,
108	},
109	{
110		.protostr = "sslv3,tlsv1.0,tlsv1.1,tlsv1.2",
111		.want_return = -1,
112		.want_protocols = 0,
113	},
114	{
115		.protostr = "all,!tlsv1.0",
116		.want_return = 0,
117		.want_protocols = TLS_PROTOCOL_TLSv1_1 | TLS_PROTOCOL_TLSv1_2 | \
118			TLS_PROTOCOL_TLSv1_3,
119	},
120	{
121		.protostr = "!tlsv1.0",
122		.want_return = 0,
123		.want_protocols = TLS_PROTOCOL_TLSv1_1 | TLS_PROTOCOL_TLSv1_2 | \
124			TLS_PROTOCOL_TLSv1_3,
125	},
126	{
127		.protostr = "!tlsv1.0,!tlsv1.1,!tlsv1.3",
128		.want_return = 0,
129		.want_protocols = TLS_PROTOCOL_TLSv1_2,
130	},
131	{
132		.protostr = "!tlsv1.0,!tlsv1.1,tlsv1.2,!tlsv1.3",
133		.want_return = 0,
134		.want_protocols = TLS_PROTOCOL_TLSv1_2,
135	},
136};
137
138#define N_PARSE_PROTOCOLS_TESTS \
139    (sizeof(parse_protocols_tests) / sizeof(*parse_protocols_tests))
140
141static int
142do_parse_protocols_test(int test_no, struct parse_protocols_test *ppt)
143{
144	uint32_t protocols = 0;
145	int failed = 1;
146	int rv;
147
148	rv = tls_config_parse_protocols(&protocols, ppt->protostr);
149	if (rv != ppt->want_return) {
150		fprintf(stderr, "FAIL: test %i - tls_config_parse_protocols() "
151		    "returned %i, want %i\n", test_no, rv, ppt->want_return);
152		goto done;
153	}
154	if (protocols != ppt->want_protocols) {
155		fprintf(stderr, "FAIL: test %i - got protocols 0x%x, "
156		    "want 0x%x\n", test_no, protocols, ppt->want_protocols);
157		goto done;
158	}
159
160	failed = 0;
161
162 done:
163	return (failed);
164}
165
166int
167main(int argc, char **argv)
168{
169	int failed = 0;
170	size_t i;
171
172	tls_init();
173
174	for (i = 0; i < N_PARSE_PROTOCOLS_TESTS; i++)
175		failed += do_parse_protocols_test(i, &parse_protocols_tests[i]);
176
177	return (failed);
178}
179