[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, master, updated. gnutls-3_0_12-160-g44eeb40
|
From: |
Nikos Mavrogiannopoulos |
|
Subject: |
[SCM] GNU gnutls branch, master, updated. gnutls-3_0_12-160-g44eeb40 |
|
Date: |
Wed, 08 Feb 2012 20:48:53 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=44eeb40c0fddff712223c62440f7320566061380
The branch, master has been updated
via 44eeb40c0fddff712223c62440f7320566061380 (commit)
via 128a3bafc38ebb69e67cd0f4d4951ea00652bbb3 (commit)
from e30cfb6711e20021612625d7e33d1af53fa10b58 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 44eeb40c0fddff712223c62440f7320566061380
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Wed Feb 8 21:54:00 2012 +0100
mini-loss2 is more robust.
commit 128a3bafc38ebb69e67cd0f4d4951ea00652bbb3
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Wed Feb 8 21:51:08 2012 +0100
DTLS is more tolerant in packet loss during last flight.
-----------------------------------------------------------------------
Summary of changes:
lib/gnutls_dtls.c | 42 +++++-
lib/gnutls_dtls.h | 8 +-
lib/gnutls_handshake.c | 26 +++-
lib/gnutls_record.c | 5 +-
tests/Makefile.am | 2 +-
tests/loss-common.h | 215 --------------------------
tests/mini-loss.c | 396 ++++++++++++++++++++++++++++++++++++++++--------
tests/mini-loss2.c | 365 --------------------------------------------
8 files changed, 404 insertions(+), 655 deletions(-)
delete mode 100644 tests/loss-common.h
delete mode 100644 tests/mini-loss2.c
diff --git a/lib/gnutls_dtls.c b/lib/gnutls_dtls.c
index 316897e..e6cf0e4 100644
--- a/lib/gnutls_dtls.c
+++ b/lib/gnutls_dtls.c
@@ -216,7 +216,7 @@ int ret;
goto cleanup;
}
- _gnutls_dtls_log ("DTLS[%p]: %sstart of flight transmission.\n",
session, (session->internals.dtls.flight_init == 0)?"":"re-");
+ _gnutls_dtls_log ("DTLS[%p]: %sStart of flight transmission.\n",
session, (session->internals.dtls.flight_init == 0)?"":"re-");
for (cur = send_buffer->head;
cur != NULL; cur = cur->next)
@@ -233,9 +233,9 @@ int ret;
if (last_type == GNUTLS_HANDSHAKE_FINISHED)
{
- /* we cannot do anything here. We just return 0 and
- * if a retransmission occurs because peer didn't receive it
- * we rely on the record layer calling this function again.
+ /* On the last flight we cannot ensure retransmission
+ * from here. _dtls_wait_and_retransmit() is being called
+ * by handshake.
*/
session->internals.dtls.last_flight = 1;
}
@@ -248,11 +248,12 @@ int ret;
return gnutls_assert_val(ret);
/* last message in handshake -> no ack */
- if (session->internals.dtls.last_flight != 0 && _dtls_is_async(session))
+ if (session->internals.dtls.last_flight != 0)
{
- /* we cannot do anything here. We just return 0 and
+ /* we don't wait here. We just return 0 and
* if a retransmission occurs because peer didn't receive it
- * we rely on the record layer calling this function again.
+ * we rely on the record or handshake
+ * layer calling this function again.
*/
return 0;
}
@@ -297,6 +298,33 @@ nb_timeout:
RETURN_DTLS_EAGAIN_OR_TIMEOUT(session);
}
+/* Waits for the last flight or retransmits
+ * the previous on timeout. Returns 0 on success.
+ */
+int _dtls_wait_and_retransmit(gnutls_session_t session)
+{
+int ret;
+
+ if (session->internals.dtls.blocking != 0)
+ ret = _gnutls_io_check_recv(session,
session->internals.dtls.actual_retrans_timeout_ms);
+ else
+ ret = _gnutls_io_check_recv(session, 0);
+
+ UPDATE_TIMER;
+
+ if (ret == GNUTLS_E_TIMEDOUT)
+ {
+ ret = _dtls_retransmit(session);
+ if (ret == 0)
+ {
+ RETURN_DTLS_EAGAIN_OR_TIMEOUT(session);
+ }
+ }
+
+ return 0;
+}
+
+
#define window_table session->internals.dtls.record_sw
#define window_size session->internals.dtls.record_sw_size
diff --git a/lib/gnutls_dtls.h b/lib/gnutls_dtls.h
index a188336..3c8754f 100644
--- a/lib/gnutls_dtls.h
+++ b/lib/gnutls_dtls.h
@@ -33,7 +33,7 @@ int _dtls_record_check(gnutls_session_t session, uint64 *
_seq);
#define MAX_DTLS_TIMEOUT 60000
-#define RETURN_DTLS_EAGAIN_OR_TIMEOUT(session) \
+#define RETURN_DTLS_EAGAIN_OR_TIMEOUT(session) { \
if (gnutls_time(0) - session->internals.dtls.handshake_start_time > \
session->internals.dtls.total_timeout_ms/1000) \
return gnutls_assert_val(GNUTLS_E_TIMEDOUT); \
@@ -42,7 +42,11 @@ int _dtls_record_check(gnutls_session_t session, uint64 *
_seq);
if (session->internals.dtls.blocking != 0) \
millisleep(50); \
return gnutls_assert_val(GNUTLS_E_AGAIN); \
- }
+ } \
+ }
+
+
+int _dtls_wait_and_retransmit(gnutls_session_t session);
/* returns true or false depending on whether we need to
* handle asynchronously handshake data.
diff --git a/lib/gnutls_handshake.c b/lib/gnutls_handshake.c
index b8edb57..f362be8 100644
--- a/lib/gnutls_handshake.c
+++ b/lib/gnutls_handshake.c
@@ -2670,12 +2670,24 @@ _gnutls_recv_handshake_final (gnutls_session_t session,
int init)
int ret = 0;
uint8_t ch;
+
switch (STATE)
{
case STATE0:
case STATE30:
- ret = _gnutls_recv_int (session, GNUTLS_CHANGE_CIPHER_SPEC, -1, &ch, 1,
NULL);
STATE = STATE30;
+
+ /* This is the last flight and peer cannot be sure
+ * we have received it unless we notify him. So we
+ * wait for a message and retransmit if needed. */
+ if (IS_DTLS(session) && !_dtls_is_async(session))
+ {
+ ret = _dtls_wait_and_retransmit(session);
+ if (ret < 0)
+ return gnutls_assert_val(ret);
+ }
+
+ ret = _gnutls_recv_int (session, GNUTLS_CHANGE_CIPHER_SPEC, -1, &ch, 1,
NULL);
if (ret <= 0)
{
ERR ("recv ChangeCipherSpec", ret);
@@ -2700,10 +2712,18 @@ _gnutls_recv_handshake_final (gnutls_session_t session,
int init)
gnutls_assert ();
return ret;
}
-
+
case STATE31:
- ret = _gnutls_recv_finished (session);
STATE = STATE31;
+
+ if (IS_DTLS(session) && !_dtls_is_async(session))
+ {
+ ret = _dtls_wait_and_retransmit(session);
+ if (ret < 0)
+ return gnutls_assert_val(ret);
+ }
+
+ ret = _gnutls_recv_finished (session);
if (ret < 0)
{
ERR ("recv finished", ret);
diff --git a/lib/gnutls_record.c b/lib/gnutls_record.c
index 7510fbf..963966f 100644
--- a/lib/gnutls_record.c
+++ b/lib/gnutls_record.c
@@ -724,7 +724,10 @@ record_add_to_buffers (gnutls_session_t session,
unexpected_packet:
if (IS_DTLS(session) && ret != GNUTLS_E_REHANDSHAKE)
- ret = GNUTLS_E_AGAIN; /* skip the packet */
+ {
+ _mbuffer_xfree(&bufel);
+ RETURN_DTLS_EAGAIN_OR_TIMEOUT(session);
+ }
cleanup:
_mbuffer_xfree(&bufel);
diff --git a/tests/Makefile.am b/tests/Makefile.am
index e1b6cf6..99532d3 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -66,7 +66,7 @@ ctests = mini-deflate simple gc set_pkcs12_cred certder
certuniqueid \
crq_apis init_roundtrip pkcs12_s2k_pem dn2 mini-eagain \
nul-in-x509-names x509_altname pkcs12_encode mini-x509 \
mini-x509-rehandshake rng-fork mini-eagain-dtls mini-loss \
- x509cert x509cert-tl infoaccess rsa-encrypt-decrypt mini-loss2
+ x509cert x509cert-tl infoaccess rsa-encrypt-decrypt
if ENABLE_OCSP
ctests += ocsp
diff --git a/tests/loss-common.h b/tests/loss-common.h
deleted file mode 100644
index 2843273..0000000
--- a/tests/loss-common.h
+++ /dev/null
@@ -1,215 +0,0 @@
-#define min(x,y) ((x)<(y)?(x):(y))
-
-char tmpbuf[128];
-extern const char* prefix;
-
-#define HANDSHAKE_EXPECT(c, s, clierr, serverr) \
- sret = cret = GNUTLS_E_AGAIN; \
- do \
- { \
- if (cret == GNUTLS_E_AGAIN) \
- { \
- prefix = "client"; \
- cret = gnutls_handshake (c); \
- } \
- else if (cret >= 0) \
- { \
- prefix = "client"; \
- ret = gnutls_record_recv(c, tmpbuf, sizeof(tmpbuf)); \
- } \
- if (sret == GNUTLS_E_AGAIN) \
- { \
- prefix = "server"; \
- sret = gnutls_handshake (s); \
- } \
- else if (sret >= 0) \
- { \
- prefix = "server"; \
- ret = gnutls_record_recv(s, tmpbuf, sizeof(tmpbuf)); \
- } \
- } \
- while ((cret == GNUTLS_E_AGAIN || (cret == 0 && sret == GNUTLS_E_AGAIN)) &&
(sret == GNUTLS_E_AGAIN || (sret == 0 && cret == GNUTLS_E_AGAIN))); \
- if (cret != clierr || sret != serverr) \
- { \
- fprintf(stderr, "client: %s\n", gnutls_strerror(cret)); \
- fprintf(stderr, "server: %s\n", gnutls_strerror(sret)); \
- fail("Handshake failed\n"); \
- exit(1); \
- }
-
-#define HANDSHAKE(c, s) \
- HANDSHAKE_EXPECT(c,s,0,0)
-
-#define TRANSFER(c, s, msg, msglen, buf, buflen) \
- sret = cret = GNUTLS_E_AGAIN; \
- do \
- { \
- if (cret == GNUTLS_E_AGAIN) \
- { \
- prefix = "client"; \
- cret = gnutls_record_send (c, msg, msglen); \
- } \
- if (sret == GNUTLS_E_AGAIN) \
- { \
- prefix = "server"; \
- sret = gnutls_record_recv (s, buf, buflen); \
- } \
- } \
- while ((cret == GNUTLS_E_AGAIN || (cret >= 0 && sret == GNUTLS_E_AGAIN)) &&
(sret == GNUTLS_E_AGAIN || (sret >= 0 && cret == GNUTLS_E_AGAIN))); \
- \
- if (cret < 0) fail ("client send error: %s\n", gnutls_strerror (ret)); \
- if (sret < 0) fail ("server send error: %s\n", gnutls_strerror (ret))
-
-static char to_server[64*1024];
-static size_t to_server_len = 0;
-
-static char to_client[64*1024];
-static size_t to_client_len = 0;
-
-extern int counter;
-extern int packet_to_lose;
-
-#ifdef LOSS_DEBUG
-# define RETURN_RND_LOSS(session, len) { \
- if (counter++ == packet_to_lose) \
- { \
- int t = gnutls_handshake_get_last_out(session); \
- fprintf(stderr, "Discarding packet (%d) with seq %d\n", \
- t, counter); \
- return len; \
- } \
- }
-#else
-# define RETURN_RND_LOSS(session, len) { \
- if (counter++ == packet_to_lose) \
- { \
- return len; \
- } \
- }
-#endif
-
-static void reset_counters(void)
-{
- to_client_len = to_server_len = 0;
-}
-
-static ssize_t
-client_push (gnutls_transport_ptr_t tr, const void *data, size_t len)
-{
- size_t newlen;
-
- len = min(len, sizeof(to_server)-to_server_len);
-// RETURN_RND_LOSS(tr, len);
-
- newlen = to_server_len + len;
- memcpy (to_server + to_server_len, data, len);
- to_server_len = newlen;
-#ifdef LOSS_DEBUG
- fprintf(stderr, "loss: pushed %d bytes to server (avail: %d)\n", (int)len,
(int)to_server_len);
-#endif
- return len;
-}
-
-static ssize_t
-client_pull (gnutls_transport_ptr_t tr, void *data, size_t len)
-{
- if (to_client_len == 0)
- {
-#ifdef LOSS_DEBUG2
- fprintf(stderr, "loss: Not enough data by server (asked for: %d, have:
%d)\n", (int)len, (int)to_client_len);
-#endif
- return -1;
- }
-
- len = min(len, to_client_len);
-
- memcpy (data, to_client, len);
- memmove (to_client, to_client + len, to_client_len - len);
- to_client_len -= len;
-#ifdef LOSS_DEBUG
- fprintf(stderr, "loss: pulled %d bytes by client (avail: %d)\n", (int)len,
(int)to_client_len);
-#endif
- return len;
-}
-
-static ssize_t
-server_pull (gnutls_transport_ptr_t tr, void *data, size_t len)
-{
- if (to_server_len == 0)
- {
-#ifdef LOSS_DEBUG2
- fprintf(stderr, "loss: Not enough data by client (asked for: %d, have:
%d)\n", (int)len, (int)to_server_len);
-#endif
- return -1;
- }
-
- len = min(len, to_server_len);
-#ifdef LOSS_DEBUG
- fprintf(stderr, "loss: pulled %d bytes by server (avail: %d)\n", (int)len,
(int)to_server_len);
-#endif
- memcpy (data, to_server, len);
-
- memmove (to_server, to_server + len, to_server_len - len);
- to_server_len -= len;
-
- return len;
-}
-
-static ssize_t
-server_push (gnutls_transport_ptr_t tr, const void *data, size_t len)
-{
- size_t newlen;
-
-// hexprint (data, len);
-
- len = min(len, sizeof(to_client)-to_client_len);
- RETURN_RND_LOSS(tr, len);
-
- newlen = to_client_len + len;
- memcpy (to_client + to_client_len, data, len);
- to_client_len = newlen;
-#ifdef LOSS_DEBUG
- fprintf(stderr, "loss: pushed %d bytes to client (avail: %d)\n", (int)len,
(int)to_client_len);
-#endif
-
- return len;
-}
-
-/* inline is used to avoid a gcc warning if used in mini-loss */
-inline static int server_pull_timeout_func(gnutls_transport_ptr_t ptr,
unsigned int ms)
-{
-int ret;
-
- if (to_server_len > 0)
- ret = 1; /* available data */
- else
- ret = 0; /* timeout */
-
-#ifdef LOSS_DEBUG
- fprintf(stderr, "loss: server_pull_timeout: %d\n", ret);
-#endif
-
- return ret;
-}
-
-inline static int client_pull_timeout_func(gnutls_transport_ptr_t ptr,
unsigned int ms)
-{
-int ret;
-
- if (to_client_len > 0)
- ret = 1;
- else
- ret = 0;
-
-#ifdef LOSS_DEBUG
- fprintf(stderr, "loss: client_pull_timeout: %d\n", ret);
-#endif
-
- return ret;
-}
-
-inline static void reset_buffers(void)
-{
- to_server_len = 0;
- to_client_len = 0;
-}
diff --git a/tests/mini-loss.c b/tests/mini-loss.c
index 21e0132..78a91f5 100644
--- a/tests/mini-loss.c
+++ b/tests/mini-loss.c
@@ -1,7 +1,7 @@
/*
- * Copyright (C) 2008-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2012 Free Software Foundation, Inc.
*
- * Author: Simon Josefsson, Nikos Mavrogiannopoulos
+ * Author: Nikos Mavrogiannopoulos
*
* This file is part of GnuTLS.
*
@@ -27,94 +27,368 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
-#include <errno.h>
+#include <sys/types.h>
+#include <netinet/in.h>
+#include <sys/socket.h>
+#if !defined(_WIN32)
+#include <sys/wait.h>
+#include <arpa/inet.h>
+#endif
+#include <unistd.h>
#include <gnutls/gnutls.h>
-#include <gnutls/crypto.h>
+#include <gnutls/dtls.h>
+
#include "utils.h"
-#include "loss-common.h"
-const char * prefix = NULL;
-int counter;
-int packet_to_lose;
+/* This program simulates packet loss in DTLS datagrams using
+ * the blocking functions
+ */
+
+static void print_type(const unsigned char* buf, int size)
+{
+ if (buf[0] == 22 && size >= 13) {
+ if (buf[13] == 1)
+ fprintf(stderr, "Client Hello\n");
+ else if (buf[13] == 2)
+ fprintf(stderr, "Server Hello\n");
+ else if (buf[13] == 12)
+ fprintf(stderr, "Server Key exchange\n");
+ else if (buf[13] == 14)
+ fprintf(stderr, "Server Hello Done\n");
+ else if (buf[13] == 11)
+ fprintf(stderr, "Certificate\n");
+ else if (buf[13] == 16)
+ fprintf(stderr, "Client Key Exchange\n");
+ else if (buf[4] == 1)
+ fprintf(stderr, "Finished\n");
+ else if (buf[13] == 11)
+ fprintf(stderr, "Server Hello Done\n");
+ else
+ fprintf(stderr, "Unknown handshake\n");
+ } else if (buf[0] == 20) {
+ fprintf(stderr, "Change Cipher Spec\n");
+ } else
+ fprintf(stderr, "Unknown\n");
+}
static void
-tls_log_func (int level, const char *str)
+server_log_func (int level, const char *str)
{
- fprintf (stderr, "%s|<%d>| %s", prefix, level, str);
+ fprintf (stderr, "server|<%d>| %s", level, str);
}
-static gnutls_anon_server_credentials_t s_anoncred;
-static gnutls_anon_client_credentials_t c_anoncred;
+static void
+client_log_func (int level, const char *str)
+{
+ fprintf (stderr, "client|<%d>| %s", level, str);
+}
+
+/* A very basic TLS client, with anonymous authentication.
+ */
+
+#define MAX_BUF 1024
+#define MSG "Hello TLS"
+
+static int counter;
+static int packet_to_lose;
+gnutls_session_t session;
+
+static ssize_t
+push (gnutls_transport_ptr_t tr, const void *data, size_t len)
+{
+int fd = (long int)tr;
+
+ counter++;
+
+ if (packet_to_lose != -1 && packet_to_lose == counter) {
+ if (debug)
+ {
+ fprintf(stderr, "Discarding packet %d: ", counter);
+ print_type(data, len);
+ }
+ return len;
+ }
+ return send(fd, data, len, 0);
+}
-static void try1 (int packet)
+static void
+client (int fd, int packet)
{
- /* Server stuff. */
- gnutls_session_t server;
- int sret, cret;
- /* Client stuff. */
- gnutls_session_t client;
+ int ret, ii;
+ char buffer[MAX_BUF + 1];
+ gnutls_anon_client_credentials_t anoncred;
/* Need to enable anonymous KX specifically. */
- int ret;
+
+ gnutls_global_init ();
+
+ if (debug)
+ {
+ gnutls_global_set_log_function (client_log_func);
+ gnutls_global_set_log_level (4711);
+ }
+
+ gnutls_anon_allocate_client_credentials (&anoncred);
+
+ /* Initialize TLS session
+ */
+ gnutls_init (&session, GNUTLS_CLIENT|GNUTLS_DATAGRAM);
+ gnutls_dtls_set_mtu( session, 1500);
+
+ /* Use default priorities */
+ gnutls_priority_set_direct (session,
"NONE:+VERS-DTLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL",
NULL);
+
+ /* put the anonymous credentials to the current session
+ */
+ gnutls_credentials_set (session, GNUTLS_CRD_ANON, anoncred);
counter = 0;
packet_to_lose = packet;
- reset_counters();
-
- gnutls_init (&server, GNUTLS_SERVER|GNUTLS_DATAGRAM|GNUTLS_NONBLOCK);
- ret = gnutls_priority_set_direct (server,
"NONE:+VERS-DTLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL",
NULL);
+
+ gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) fd);
+ gnutls_transport_set_push_function (session, push);
+
+ /* Perform the TLS handshake
+ */
+ do
+ {
+ ret = gnutls_handshake (session);
+ }
+ while (ret < 0 && gnutls_error_is_fatal(ret) == 0);
+
if (ret < 0)
- exit(1);
- gnutls_credentials_set (server, GNUTLS_CRD_ANON, s_anoncred);
- gnutls_transport_set_push_function (server, server_push);
- gnutls_transport_set_pull_function (server, server_pull);
- gnutls_transport_set_pull_timeout_function (server,
server_pull_timeout_func);
- gnutls_transport_set_ptr (server, (gnutls_transport_ptr_t)server);
-
- /* Init client */
- gnutls_init (&client, GNUTLS_CLIENT|GNUTLS_DATAGRAM|GNUTLS_NONBLOCK);
- cret = gnutls_priority_set_direct (client,
"NONE:+VERS-DTLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL",
NULL);
- if (cret < 0)
- exit(1);
- gnutls_credentials_set (client, GNUTLS_CRD_ANON, c_anoncred);
- gnutls_transport_set_push_function (client, client_push);
- gnutls_transport_set_pull_function (client, client_pull);
- gnutls_transport_set_pull_timeout_function (client,
client_pull_timeout_func);
- gnutls_transport_set_ptr (client, (gnutls_transport_ptr_t)client);
-
- HANDSHAKE(client, server);
+ {
+ fail ("client: Handshake failed\n");
+ gnutls_perror (ret);
+ exit(1);
+ }
+ else
+ {
+ if (debug)
+ success ("client: Handshake was completed\n");
+ }
if (debug)
- success ("Handshake established\n");
+ success ("client: TLS version is: %s\n",
+ gnutls_protocol_get_name (gnutls_protocol_get_version
+ (session)));
- gnutls_bye (client, GNUTLS_SHUT_WR);
- gnutls_bye (server, GNUTLS_SHUT_WR);
+ do {
+ ret = gnutls_record_send (session, MSG, strlen (MSG));
+ } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED);
- gnutls_deinit (client);
- gnutls_deinit (server);
+ do {
+ ret = gnutls_record_recv (session, buffer, MAX_BUF);
+ } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED);
+
+ if (ret == 0)
+ {
+ if (debug)
+ success ("client: Peer has closed the TLS connection\n");
+ goto end;
+ }
+ else if (ret < 0)
+ {
+ fail ("client: Error: %s\n", gnutls_strerror (ret));
+ exit(1);
+ }
+
+ if (debug)
+ {
+ printf ("- Received %d bytes: ", ret);
+ for (ii = 0; ii < ret; ii++)
+ {
+ fputc (buffer[ii], stdout);
+ }
+ fputs ("\n", stdout);
+ }
+
+ gnutls_bye (session, GNUTLS_SHUT_RDWR);
+
+end:
+
+ close (fd);
+
+ gnutls_deinit (session);
+
+ gnutls_anon_free_client_credentials (anoncred);
+
+ gnutls_global_deinit ();
}
-void
-doit (void)
+
+/* These are global */
+gnutls_anon_server_credentials_t anoncred;
+pid_t child;
+
+static gnutls_session_t
+initialize_tls_session (void)
+{
+ gnutls_session_t session;
+
+ gnutls_init (&session, GNUTLS_SERVER|GNUTLS_DATAGRAM);
+ gnutls_dtls_set_mtu( session, 1500);
+
+ /* avoid calling all the priority functions, since the defaults
+ * are adequate.
+ */
+ gnutls_priority_set_direct (session,
"NONE:+VERS-DTLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL",
NULL);
+
+ gnutls_credentials_set (session, GNUTLS_CRD_ANON, anoncred);
+
+ return session;
+}
+
+static void terminate(void)
{
- /* General init. */
+int status;
+
+ kill(child, SIGTERM);
+ wait(&status);
+ exit(1);
+}
+
+static void
+server (int fd, int packet)
+{
+int ret;
+char buffer[MAX_BUF + 1];
+ /* this must be called once in the program
+ */
gnutls_global_init ();
+
if (debug)
{
- gnutls_global_set_log_function (tls_log_func);
- gnutls_global_set_log_level (9);
+ gnutls_global_set_log_function (server_log_func);
+ gnutls_global_set_log_level (4711);
+ }
+
+ gnutls_anon_allocate_server_credentials (&anoncred);
+
+ session = initialize_tls_session ();
+
+ counter = 0;
+ packet_to_lose = packet;
+
+ gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) fd);
+ gnutls_transport_set_push_function (session, push);
+
+ do
+ {
+ ret = gnutls_handshake (session);
}
+ while (ret < 0 && gnutls_error_is_fatal(ret) == 0);
+ if (ret < 0)
+ {
+ close (fd);
+ gnutls_deinit (session);
+ fail ("server: Handshake has failed (%s)\n\n", gnutls_strerror (ret));
+ terminate();
+ }
+ if (debug)
+ success ("server: Handshake was completed\n");
- gnutls_anon_allocate_server_credentials (&s_anoncred);
- gnutls_anon_allocate_client_credentials (&c_anoncred);
+ if (debug)
+ success ("server: TLS version is: %s\n",
+ gnutls_protocol_get_name (gnutls_protocol_get_version
+ (session)));
- try1(1);
- try1(2);
- try1(3);
- try1(4);
- try1(5);
+ /* see the Getting peer's information example */
+ /* print_info(session); */
- gnutls_anon_free_client_credentials (c_anoncred);
- gnutls_anon_free_server_credentials (s_anoncred);
+ for (;;)
+ {
+ memset (buffer, 0, MAX_BUF + 1);
+
+ do {
+ ret = gnutls_record_recv (session, buffer, MAX_BUF);
+ } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED);
+
+ if (ret == 0)
+ {
+ if (debug)
+ success ("server: Peer has closed the GnuTLS connection\n");
+ break;
+ }
+ else if (ret < 0)
+ {
+ fail ("server: Received corrupted data(%d). Closing...\n", ret);
+ terminate();
+ }
+ else if (ret > 0)
+ {
+ /* echo data back to the client
+ */
+ do {
+ ret = gnutls_record_send (session, buffer, strlen (buffer));
+ } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED);
+ }
+ }
+ /* do not wait for the peer to close the connection.
+ */
+ gnutls_bye (session, GNUTLS_SHUT_WR);
+
+ close (fd);
+ gnutls_deinit (session);
+
+ gnutls_anon_free_server_credentials (anoncred);
gnutls_global_deinit ();
+
+ if (debug)
+ success ("server: finished\n");
+}
+
+static void start (int server_packet, int client_packet)
+{
+ int fd[2];
+ int ret;
+
+ if (debug)
+ fprintf(stderr, "\nWill discard %s packet %d\n",
+ (client_packet!=-1)?"client":"server",
(client_packet!=-1)?client_packet:server_packet);
+
+ ret = socketpair(AF_LOCAL, SOCK_DGRAM, 0, fd);
+ if (ret < 0)
+ {
+ perror("socketpair");
+ exit(1);
+ }
+
+ child = fork ();
+ if (child < 0)
+ {
+ perror ("fork");
+ fail ("fork");
+ exit(1);
+ }
+
+ if (child)
+ {
+ int status;
+ /* parent */
+ server (fd[0], server_packet);
+ wait (&status);
+ if (WEXITSTATUS(status) != 0)
+ fail("Child died with status %d\n", WEXITSTATUS(status));
+ }
+ else
+ {
+ client (fd[1], client_packet);
+ exit(0);
+ }
+}
+
+void
+doit (void)
+{
+ start(-1, 1);
+ start(-1, 2);
+ start(-1, 3);
+ start(-1, 4);
+
+ start(1, -1);
+ start(2, -1);
+ start(3, -1);
+ start(4, -1);
+ start(5, -1);
}
diff --git a/tests/mini-loss2.c b/tests/mini-loss2.c
deleted file mode 100644
index a0c0aa5..0000000
--- a/tests/mini-loss2.c
+++ /dev/null
@@ -1,365 +0,0 @@
-/*
- * Copyright (C) 2012 Free Software Foundation, Inc.
- *
- * Author: Nikos Mavrogiannopoulos
- *
- * This file is part of GnuTLS.
- *
- * GnuTLS is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * GnuTLS is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with GnuTLS; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-#endif
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <sys/types.h>
-#include <netinet/in.h>
-#include <sys/socket.h>
-#if !defined(_WIN32)
-#include <sys/wait.h>
-#include <arpa/inet.h>
-#endif
-#include <unistd.h>
-#include <gnutls/gnutls.h>
-#include <gnutls/dtls.h>
-
-#include "utils.h"
-
-/* This program simulates packet loss in DTLS datagrams using
- * the blocking functions
- */
-
-static void
-server_log_func (int level, const char *str)
-{
- fprintf (stderr, "server|<%d>| %s", level, str);
-}
-
-static void
-client_log_func (int level, const char *str)
-{
- fprintf (stderr, "client|<%d>| %s", level, str);
-}
-
-/* A very basic TLS client, with anonymous authentication.
- */
-
-#define MAX_BUF 1024
-#define MSG "Hello TLS"
-
-static int counter;
-static int packet_to_lose;
-gnutls_session_t session;
-
-static ssize_t
-push (gnutls_transport_ptr_t tr, const void *data, size_t len)
-{
-int fd = (long int)tr;
-
- counter++;
- if (packet_to_lose != -1 && packet_to_lose == counter) {
- if (debug)
- {
- int type = gnutls_handshake_get_last_out(session);
-
- fprintf(stderr, "Discarding packet %d (%d)\n", counter, type);
- }
- return len;
- }
- return send(fd, data, len, 0);
-}
-
-static void
-client (int fd, int packet)
-{
- int ret, ii;
- char buffer[MAX_BUF + 1];
- gnutls_anon_client_credentials_t anoncred;
- /* Need to enable anonymous KX specifically. */
-
- gnutls_global_init ();
-
- if (debug)
- {
- gnutls_global_set_log_function (client_log_func);
- gnutls_global_set_log_level (4711);
- }
-
- gnutls_anon_allocate_client_credentials (&anoncred);
-
- /* Initialize TLS session
- */
- gnutls_init (&session, GNUTLS_CLIENT|GNUTLS_DATAGRAM);
- gnutls_dtls_set_mtu( session, 1500);
-
- /* Use default priorities */
- gnutls_priority_set_direct (session,
"NONE:+VERS-DTLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL",
NULL);
-
- /* put the anonymous credentials to the current session
- */
- gnutls_credentials_set (session, GNUTLS_CRD_ANON, anoncred);
-
- counter = 0;
- packet_to_lose = packet;
-
- gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) fd);
- gnutls_transport_set_push_function (session, push);
-
- /* Perform the TLS handshake
- */
- do
- {
- ret = gnutls_handshake (session);
- }
- while (ret < 0 && gnutls_error_is_fatal(ret) == 0);
-
- if (ret < 0)
- {
- fail ("client: Handshake failed\n");
- gnutls_perror (ret);
- exit(1);
- }
- else
- {
- if (debug)
- success ("client: Handshake was completed\n");
- }
-
- if (debug)
- success ("client: TLS version is: %s\n",
- gnutls_protocol_get_name (gnutls_protocol_get_version
- (session)));
-
- do {
- ret = gnutls_record_send (session, MSG, strlen (MSG));
- } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED);
-
- do {
- ret = gnutls_record_recv (session, buffer, MAX_BUF);
- } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED);
-
- if (ret == 0)
- {
- if (debug)
- success ("client: Peer has closed the TLS connection\n");
- goto end;
- }
- else if (ret < 0)
- {
- fail ("client: Error: %s\n", gnutls_strerror (ret));
- exit(1);
- }
-
- if (debug)
- {
- printf ("- Received %d bytes: ", ret);
- for (ii = 0; ii < ret; ii++)
- {
- fputc (buffer[ii], stdout);
- }
- fputs ("\n", stdout);
- }
-
- gnutls_bye (session, GNUTLS_SHUT_RDWR);
-
-end:
-
- close (fd);
-
- gnutls_deinit (session);
-
- gnutls_anon_free_client_credentials (anoncred);
-
- gnutls_global_deinit ();
-}
-
-
-/* These are global */
-gnutls_anon_server_credentials_t anoncred;
-pid_t child;
-
-static gnutls_session_t
-initialize_tls_session (void)
-{
- gnutls_session_t session;
-
- gnutls_init (&session, GNUTLS_SERVER|GNUTLS_DATAGRAM);
- gnutls_dtls_set_mtu( session, 1500);
-
- /* avoid calling all the priority functions, since the defaults
- * are adequate.
- */
- gnutls_priority_set_direct (session,
"NONE:+VERS-DTLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL",
NULL);
-
- gnutls_credentials_set (session, GNUTLS_CRD_ANON, anoncred);
-
- return session;
-}
-
-static void terminate(void)
-{
-int status;
-
- kill(child, SIGTERM);
- wait(&status);
- exit(1);
-}
-
-static void
-server (int fd, int packet)
-{
-int ret;
-char buffer[MAX_BUF + 1];
- /* this must be called once in the program
- */
- gnutls_global_init ();
-
- if (debug)
- {
- gnutls_global_set_log_function (server_log_func);
- gnutls_global_set_log_level (4711);
- }
-
- gnutls_anon_allocate_server_credentials (&anoncred);
-
- session = initialize_tls_session ();
-
- counter = 0;
- packet_to_lose = packet;
-
- gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) fd);
- gnutls_transport_set_push_function (session, push);
-
- do
- {
- ret = gnutls_handshake (session);
- }
- while (ret < 0 && gnutls_error_is_fatal(ret) == 0);
- if (ret < 0)
- {
- close (fd);
- gnutls_deinit (session);
- fail ("server: Handshake has failed (%s)\n\n", gnutls_strerror (ret));
- terminate();
- }
- if (debug)
- success ("server: Handshake was completed\n");
-
- if (debug)
- success ("server: TLS version is: %s\n",
- gnutls_protocol_get_name (gnutls_protocol_get_version
- (session)));
-
- /* see the Getting peer's information example */
- /* print_info(session); */
-
- for (;;)
- {
- memset (buffer, 0, MAX_BUF + 1);
-
- do {
- ret = gnutls_record_recv (session, buffer, MAX_BUF);
- } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED);
-
- if (ret == 0)
- {
- if (debug)
- success ("server: Peer has closed the GnuTLS connection\n");
- break;
- }
- else if (ret < 0)
- {
- fail ("server: Received corrupted data(%d). Closing...\n", ret);
- terminate();
- }
- else if (ret > 0)
- {
- /* echo data back to the client
- */
- do {
- ret = gnutls_record_send (session, buffer, strlen (buffer));
- } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED);
- }
- }
- /* do not wait for the peer to close the connection.
- */
- gnutls_bye (session, GNUTLS_SHUT_WR);
-
- close (fd);
- gnutls_deinit (session);
-
- gnutls_anon_free_server_credentials (anoncred);
-
- gnutls_global_deinit ();
-
- if (debug)
- success ("server: finished\n");
-}
-
-static void start (int server_packet, int client_packet)
-{
- int fd[2];
- int ret;
-
- if (debug)
- fprintf(stderr, "\nWill discard %s packet %d\n",
- (client_packet!=-1)?"client":"server",
(client_packet!=-1)?client_packet:server_packet);
-
- ret = socketpair(AF_LOCAL, SOCK_DGRAM, 0, fd);
- if (ret < 0)
- {
- perror("socketpair");
- exit(1);
- }
-
- child = fork ();
- if (child < 0)
- {
- perror ("fork");
- fail ("fork");
- exit(1);
- }
-
- if (child)
- {
- int status;
- /* parent */
- server (fd[0], server_packet);
- wait (&status);
- if (WEXITSTATUS(status) != 0)
- fail("Child died with status %d\n", WEXITSTATUS(status));
- }
- else
- {
- client (fd[1], client_packet);
- exit(0);
- }
-}
-
-void
-doit (void)
-{
- start(-1, 1);
- start(-1, 2);
- start(-1, 3);
- start(-1, 4);
-
- start(1, -1);
- start(2, -1);
- start(3, -1);
-}
hooks/post-receive
--
GNU gnutls
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gnutls branch, master, updated. gnutls-3_0_12-160-g44eeb40,
Nikos Mavrogiannopoulos <=