mirrors/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2025-02-25 15:10:48 +01:00
Code Issues Projects Releases Wiki Activity

Test a few more tortls.c functions

Browse source
This commit is contained in:
Nick Mathewson 2018-08-23 18:57:26 -04:00
parent 7163389b55
commit 52ac539b99
2 changed files with 93 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
src/lib/tls/tortls_nss.c
View file

@ -331,6 +331,7 @@ tls_log_errors(tor_tls_t *tls, int severity, int domain,
(void)tls; (void)tls;
PRErrorCode code = PORT_GetError(); PRErrorCode code = PORT_GetError();
const char *addr = tls ? tls->address : NULL;
const char *string = PORT_ErrorToString(code); const char *string = PORT_ErrorToString(code);
const char *name = PORT_ErrorToName(code); const char *name = PORT_ErrorToName(code);
char buf[16]; char buf[16];
@ -341,10 +342,14 @@ tls_log_errors(tor_tls_t *tls, int severity, int domain,
name = buf; name = buf;
} }
const char *with = addr ? " with " : "";
addr = addr ? addr : "";
if (doing) { if (doing) {
log_fn(severity, domain, "TLS error %s while %s: %s", name, doing, string); log_fn(severity, domain, "TLS error %s while %s%s%s: %s",
name, doing, with, addr, string);
} else { } else {
log_fn(severity, domain, "TLS error %s: %s", name, string); log_fn(severity, domain, "TLS error %s%s%s: %s", name, string,
with, addr);
} }
} }
@ -381,7 +386,7 @@ tor_tls_new(tor_socket_t sock, int is_server)
} }
SECStatus s = SSL_ResetHandshake(ssl, is_server ? PR_TRUE : PR_FALSE); SECStatus s = SSL_ResetHandshake(ssl, is_server ? PR_TRUE : PR_FALSE);
if (s != SECSuccess) { if (s != SECSuccess) {
crypto_nss_log_errors(LOG_WARN, "resetting handshake state"); tls_log_errors(tls, LOG_WARN, LD_CRYPTO, "resetting handshake state");
} }
return tls; return tls;
@ -457,7 +462,7 @@ tor_tls_read, (tor_tls_t *tls, char *cp, size_t len))
if (err == PR_WOULD_BLOCK_ERROR) { if (err == PR_WOULD_BLOCK_ERROR) {
return TOR_TLS_WANTREAD; // XXXX ???? return TOR_TLS_WANTREAD; // XXXX ????
} else { } else {
crypto_nss_log_errors(LOG_NOTICE, "reading"); // XXXX tls_log_errors(tls, LOG_NOTICE, LD_CRYPTO, "reading"); // XXXX
return TOR_TLS_ERROR_MISC; // ???? return TOR_TLS_ERROR_MISC; // ????
} }
} }
@ -482,7 +487,7 @@ tor_tls_write(tor_tls_t *tls, const char *cp, size_t n)
if (err == PR_WOULD_BLOCK_ERROR) { if (err == PR_WOULD_BLOCK_ERROR) {
return TOR_TLS_WANTWRITE; // XXXX ???? return TOR_TLS_WANTWRITE; // XXXX ????
} else { } else {
crypto_nss_log_errors(LOG_NOTICE, "writing"); // XXXX tls_log_errors(tls, LOG_NOTICE, LD_CRYPTO, "writing"); // XXXX
return TOR_TLS_ERROR_MISC; // ???? return TOR_TLS_ERROR_MISC; // ????
} }
} }
@ -541,7 +546,7 @@ tor_tls_get_pending_bytes(tor_tls_t *tls)
tor_assert(tls); tor_assert(tls);
int n = SSL_DataPending(tls->ssl); int n = SSL_DataPending(tls->ssl);
if (n < 0) { if (n < 0) {
crypto_nss_log_errors(LOG_WARN, "Looking up pending bytes"); tls_log_errors(tls, LOG_WARN, LD_CRYPTO, "looking up pending bytes");
return 0; return 0;
} }
return (int)n; return (int)n;

82
src/test/test_tortls.c
View file

@ -247,6 +247,85 @@ test_tortls_evaluate_ecgroup_for_tls(void *ignored)
(void)0; (void)0;
} }
static void
test_tortls_double_init(void *arg)
{
(void) arg;
/* If we call tor_tls_context_init() a second time, nothing should go
* wrong.
*/
crypto_pk_t *pk1 = NULL, *pk2 = NULL;
pk1 = pk_generate(2);
pk2 = pk_generate(0);
int r = tor_tls_context_init(TOR_TLS_CTX_IS_PUBLIC_SERVER,
pk1, pk2, 86400);
tt_int_op(r, OP_EQ, 0);
r = tor_tls_context_init(TOR_TLS_CTX_IS_PUBLIC_SERVER,
pk2, pk1, 86400);
tt_int_op(r, OP_EQ, 0);
done:
crypto_pk_free(pk1);
crypto_pk_free(pk2);
}
static void
test_tortls_address(void *arg)
{
(void)arg;
tor_tls_t *tls = NULL;
crypto_pk_t *pk1=NULL, *pk2=NULL;
pk1 = pk_generate(2);
pk2 = pk_generate(0);
int r = tor_tls_context_init(TOR_TLS_CTX_IS_PUBLIC_SERVER,
pk1, pk2, 86400);
tt_int_op(r, OP_EQ, 0);
tls = tor_tls_new(-1, 0);
tls->state = TOR_TLS_ST_OPEN;
tor_tls_set_logged_address(tls, "zombo.com");
/* This write should fail, since the fd is -1. */
setup_capture_of_logs(LOG_INFO);
int n = tor_tls_write(tls, "welcome", 7);
tt_int_op(n, OP_LT, 0);
expect_log_msg_containing("with zombo.com");
done:
teardown_capture_of_logs();
tor_tls_free(tls);
crypto_pk_free(pk1);
crypto_pk_free(pk2);
}
static void
test_tortls_is_server(void *arg)
{
(void)arg;
crypto_pk_t *pk1=NULL, *pk2=NULL;
tor_tls_t *tls1=NULL, *tls2=NULL;
pk1 = pk_generate(2);
pk2 = pk_generate(0);
int r = tor_tls_context_init(TOR_TLS_CTX_IS_PUBLIC_SERVER,
pk1, pk2, 86400);
tt_int_op(r, OP_EQ, 0);
tls1 = tor_tls_new(-1, 0);
tls2 = tor_tls_new(-1, 1);
tt_assert(! tor_tls_is_server(tls1));
tt_assert(tor_tls_is_server(tls2));
done:
tor_tls_free(tls1);
tor_tls_free(tls2);
crypto_pk_free(pk1);
crypto_pk_free(pk2);
}
#define LOCAL_TEST_CASE(name, flags) \ #define LOCAL_TEST_CASE(name, flags) \
{ #name, test_tortls_##name, (flags|TT_FORK), NULL, NULL } { #name, test_tortls_##name, (flags|TT_FORK), NULL, NULL }
@ -262,5 +341,8 @@ struct testcase_t tortls_tests[] = {
LOCAL_TEST_CASE(server_got_renegotiate, 0), LOCAL_TEST_CASE(server_got_renegotiate, 0),
#endif #endif
LOCAL_TEST_CASE(evaluate_ecgroup_for_tls, 0), LOCAL_TEST_CASE(evaluate_ecgroup_for_tls, 0),
LOCAL_TEST_CASE(double_init, TT_FORK),
LOCAL_TEST_CASE(address, TT_FORK),
LOCAL_TEST_CASE(is_server, 0),
END_OF_TESTCASES END_OF_TESTCASES
}; };