configtest.c revision 1.2
1/* $OpenBSD: configtest.c,v 1.2 2020/01/20 08:40:16 jsing Exp $ */ 2/* 3 * Copyright (c) 2017 Joel Sing <jsing@openbsd.org> 4 * 5 * Permission to use, copy, modify, and distribute this software for any 6 * purpose with or without fee is hereby granted, provided that the above 7 * copyright notice and this permission notice appear in all copies. 8 * 9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 16 */ 17 18#include <err.h> 19#include <stdio.h> 20#include <stdlib.h> 21 22#include <tls.h> 23 24struct parse_protocols_test { 25 const char *protostr; 26 int want_return; 27 uint32_t want_protocols; 28}; 29 30struct parse_protocols_test parse_protocols_tests[] = { 31 { 32 .protostr = NULL, 33 .want_return = 0, 34 .want_protocols = TLS_PROTOCOLS_DEFAULT, 35 }, 36 { 37 .protostr = "default", 38 .want_return = 0, 39 .want_protocols = TLS_PROTOCOLS_DEFAULT, 40 }, 41 { 42 .protostr = "secure", 43 .want_return = 0, 44 .want_protocols = TLS_PROTOCOLS_DEFAULT, 45 }, 46 { 47 .protostr = "all", 48 .want_return = 0, 49 .want_protocols = TLS_PROTOCOLS_ALL, 50 }, 51 { 52 .protostr = "tlsv1", 53 .want_return = 0, 54 .want_protocols = TLS_PROTOCOL_TLSv1, 55 }, 56 { 57 .protostr = "tlsv1.2", 58 .want_return = 0, 59 .want_protocols = TLS_PROTOCOL_TLSv1_2, 60 }, 61 { 62 .protostr = "tlsv1.3", 63 .want_return = 0, 64 .want_protocols = TLS_PROTOCOL_TLSv1_3, 65 }, 66 { 67 .protostr = "", 68 .want_return = -1, 69 .want_protocols = 0, 70 }, 71 { 72 .protostr = "tlsv1.0:tlsv1.1:tlsv1.2:tlsv1.3", 73 .want_return = 0, 74 .want_protocols = TLS_PROTOCOL_TLSv1_0 | TLS_PROTOCOL_TLSv1_1 | 75 TLS_PROTOCOL_TLSv1_2 | TLS_PROTOCOL_TLSv1_3, 76 }, 77 { 78 .protostr = "tlsv1.0,tlsv1.1,tlsv1.2,tlsv1.3", 79 .want_return = 0, 80 .want_protocols = TLS_PROTOCOL_TLSv1_0 | TLS_PROTOCOL_TLSv1_1 | 81 TLS_PROTOCOL_TLSv1_2 | TLS_PROTOCOL_TLSv1_3, 82 }, 83 { 84 .protostr = "tlsv1.1,tlsv1.2,tlsv1.0", 85 .want_return = 0, 86 .want_protocols = TLS_PROTOCOL_TLSv1_0 | TLS_PROTOCOL_TLSv1_1 | 87 TLS_PROTOCOL_TLSv1_2, 88 }, 89 { 90 .protostr = "tlsv1.1,tlsv1.2,tlsv1.1", 91 .want_return = 0, 92 .want_protocols = TLS_PROTOCOL_TLSv1_1 | TLS_PROTOCOL_TLSv1_2, 93 }, 94 { 95 .protostr = "tlsv1.1,tlsv1.2,!tlsv1.1", 96 .want_return = 0, 97 .want_protocols = TLS_PROTOCOL_TLSv1_2, 98 }, 99 { 100 .protostr = "unknown", 101 .want_return = -1, 102 .want_protocols = 0, 103 }, 104 { 105 .protostr = "all,!unknown", 106 .want_return = -1, 107 .want_protocols = 0, 108 }, 109 { 110 .protostr = "sslv3,tlsv1.0,tlsv1.1,tlsv1.2", 111 .want_return = -1, 112 .want_protocols = 0, 113 }, 114 { 115 .protostr = "all,!tlsv1.0", 116 .want_return = 0, 117 .want_protocols = TLS_PROTOCOL_TLSv1_1 | TLS_PROTOCOL_TLSv1_2 | \ 118 TLS_PROTOCOL_TLSv1_3, 119 }, 120 { 121 .protostr = "!tlsv1.0", 122 .want_return = 0, 123 .want_protocols = TLS_PROTOCOL_TLSv1_1 | TLS_PROTOCOL_TLSv1_2 | \ 124 TLS_PROTOCOL_TLSv1_3, 125 }, 126 { 127 .protostr = "!tlsv1.0,!tlsv1.1,!tlsv1.3", 128 .want_return = 0, 129 .want_protocols = TLS_PROTOCOL_TLSv1_2, 130 }, 131 { 132 .protostr = "!tlsv1.0,!tlsv1.1,tlsv1.2,!tlsv1.3", 133 .want_return = 0, 134 .want_protocols = TLS_PROTOCOL_TLSv1_2, 135 }, 136}; 137 138#define N_PARSE_PROTOCOLS_TESTS \ 139 (sizeof(parse_protocols_tests) / sizeof(*parse_protocols_tests)) 140 141static int 142do_parse_protocols_test(int test_no, struct parse_protocols_test *ppt) 143{ 144 uint32_t protocols = 0; 145 int failed = 1; 146 int rv; 147 148 rv = tls_config_parse_protocols(&protocols, ppt->protostr); 149 if (rv != ppt->want_return) { 150 fprintf(stderr, "FAIL: test %i - tls_config_parse_protocols() " 151 "returned %i, want %i\n", test_no, rv, ppt->want_return); 152 goto done; 153 } 154 if (protocols != ppt->want_protocols) { 155 fprintf(stderr, "FAIL: test %i - got protocols 0x%x, " 156 "want 0x%x\n", test_no, protocols, ppt->want_protocols); 157 goto done; 158 } 159 160 failed = 0; 161 162 done: 163 return (failed); 164} 165 166int 167main(int argc, char **argv) 168{ 169 int failed = 0; 170 size_t i; 171 172 tls_init(); 173 174 for (i = 0; i < N_PARSE_PROTOCOLS_TESTS; i++) 175 failed += do_parse_protocols_test(i, &parse_protocols_tests[i]); 176 177 return (failed); 178} 179