Fix various no-*s.
Reviewed-by: Rich Salz <rsalz@openssl.org>
This commit is contained in:
Ben Laurie
parent
087d3e8993
commit
620c6ad312
7 changed files with 39 additions and 2 deletions
|
|
@ -18,7 +18,7 @@ void ENGINE_load_builtin_engines(void)
|
|||
OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_ALL_BUILTIN, NULL);
|
||||
}
|
||||
|
||||
#if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV)
|
||||
#if (defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV)) && !defined(OPENSSL_NO_DEPRECATED)
|
||||
void ENGINE_setup_bsd_cryptodev(void)
|
||||
{
|
||||
static int bsd_cryptodev_default_loaded = 0;
|
||||
|
|
|
|||
12
fuzz/asn1.c
12
fuzz/asn1.c
|
|
@ -29,9 +29,11 @@
|
|||
|
||||
static ASN1_ITEM_EXP *item_type[] = {
|
||||
ASN1_ITEM_ref(ACCESS_DESCRIPTION),
|
||||
#ifndef OPENSSL_NO_RFC3779
|
||||
ASN1_ITEM_ref(ASIdentifierChoice),
|
||||
ASN1_ITEM_ref(ASIdentifiers),
|
||||
ASN1_ITEM_ref(ASIdOrRange),
|
||||
#endif
|
||||
ASN1_ITEM_ref(ASN1_ANY),
|
||||
ASN1_ITEM_ref(ASN1_BIT_STRING),
|
||||
ASN1_ITEM_ref(ASN1_BMPSTRING),
|
||||
|
|
@ -58,17 +60,23 @@ static ASN1_ITEM_EXP *item_type[] = {
|
|||
ASN1_ITEM_ref(ASN1_UTCTIME),
|
||||
ASN1_ITEM_ref(ASN1_UTF8STRING),
|
||||
ASN1_ITEM_ref(ASN1_VISIBLESTRING),
|
||||
#ifndef OPENSSL_NO_RFC3779
|
||||
ASN1_ITEM_ref(ASRange),
|
||||
#endif
|
||||
ASN1_ITEM_ref(AUTHORITY_INFO_ACCESS),
|
||||
ASN1_ITEM_ref(AUTHORITY_KEYID),
|
||||
ASN1_ITEM_ref(BASIC_CONSTRAINTS),
|
||||
ASN1_ITEM_ref(BIGNUM),
|
||||
ASN1_ITEM_ref(CBIGNUM),
|
||||
ASN1_ITEM_ref(CERTIFICATEPOLICIES),
|
||||
#ifndef OPENSSL_NO_CMS
|
||||
ASN1_ITEM_ref(CMS_ContentInfo),
|
||||
ASN1_ITEM_ref(CMS_ReceiptRequest),
|
||||
ASN1_ITEM_ref(CRL_DIST_POINTS),
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_DH
|
||||
ASN1_ITEM_ref(DHparams),
|
||||
#endif
|
||||
ASN1_ITEM_ref(DIRECTORYSTRING),
|
||||
ASN1_ITEM_ref(DISPLAYTEXT),
|
||||
ASN1_ITEM_ref(DIST_POINT),
|
||||
|
|
@ -82,10 +90,12 @@ static ASN1_ITEM_EXP *item_type[] = {
|
|||
ASN1_ITEM_ref(GENERAL_NAME),
|
||||
ASN1_ITEM_ref(GENERAL_NAMES),
|
||||
ASN1_ITEM_ref(GENERAL_SUBTREE),
|
||||
#ifndef OPENSSL_NO_RFC3779
|
||||
ASN1_ITEM_ref(IPAddressChoice),
|
||||
ASN1_ITEM_ref(IPAddressFamily),
|
||||
ASN1_ITEM_ref(IPAddressOrRange),
|
||||
ASN1_ITEM_ref(IPAddressRange),
|
||||
#endif
|
||||
ASN1_ITEM_ref(ISSUING_DIST_POINT),
|
||||
ASN1_ITEM_ref(LONG),
|
||||
ASN1_ITEM_ref(NAME_CONSTRAINTS),
|
||||
|
|
@ -93,6 +103,7 @@ static ASN1_ITEM_EXP *item_type[] = {
|
|||
ASN1_ITEM_ref(NETSCAPE_SPKAC),
|
||||
ASN1_ITEM_ref(NETSCAPE_SPKI),
|
||||
ASN1_ITEM_ref(NOTICEREF),
|
||||
#ifndef OPENSSL_NO_OCSP
|
||||
ASN1_ITEM_ref(OCSP_BASICRESP),
|
||||
ASN1_ITEM_ref(OCSP_CERTID),
|
||||
ASN1_ITEM_ref(OCSP_CERTSTATUS),
|
||||
|
|
@ -108,6 +119,7 @@ static ASN1_ITEM_EXP *item_type[] = {
|
|||
ASN1_ITEM_ref(OCSP_SERVICELOC),
|
||||
ASN1_ITEM_ref(OCSP_SIGNATURE),
|
||||
ASN1_ITEM_ref(OCSP_SINGLERESP),
|
||||
#endif
|
||||
ASN1_ITEM_ref(OTHERNAME),
|
||||
ASN1_ITEM_ref(PBE2PARAM),
|
||||
ASN1_ITEM_ref(PBEPARAM),
|
||||
|
|
|
|||
|
|
@ -164,6 +164,7 @@ static int do_not_call_session_ticket_cb(SSL *s, unsigned char *key_name,
|
|||
return 0;
|
||||
}
|
||||
|
||||
#ifndef OPENSSL_NO_NEXTPROTONEG
|
||||
/* Parse the comma-separated list into TLS format. */
|
||||
static void parse_protos(const char *protos, unsigned char **out, size_t *outlen)
|
||||
{
|
||||
|
|
@ -260,7 +261,7 @@ static int server_alpn_cb(SSL *s, const unsigned char **out,
|
|||
return ret == OPENSSL_NPN_NEGOTIATED ? SSL_TLSEXT_ERR_OK
|
||||
: SSL_TLSEXT_ERR_NOACK;
|
||||
}
|
||||
|
||||
#endif
|
||||
|
||||
/*
|
||||
* Configure callbacks and other properties that can't be set directly
|
||||
|
|
@ -315,6 +316,7 @@ static void configure_handshake_ctx(SSL_CTX *server_ctx, SSL_CTX *server2_ctx,
|
|||
if (test_ctx->session_ticket_expected == SSL_TEST_SESSION_TICKET_BROKEN) {
|
||||
SSL_CTX_set_tlsext_ticket_key_cb(server_ctx, broken_session_ticket_cb);
|
||||
}
|
||||
#ifndef OPENSSL_NO_NEXTPROTONEG
|
||||
if (test_ctx->server_npn_protocols != NULL) {
|
||||
parse_protos(test_ctx->server_npn_protocols,
|
||||
&server_ctx_data->npn_protocols,
|
||||
|
|
@ -360,6 +362,7 @@ static void configure_handshake_ctx(SSL_CTX *server_ctx, SSL_CTX *server2_ctx,
|
|||
alpn_protos_len) == 0);
|
||||
OPENSSL_free(alpn_protos);
|
||||
}
|
||||
#endif
|
||||
/*
|
||||
* Use fixed session ticket keys so that we can decrypt a ticket created with
|
||||
* one CTX in another CTX. Don't address server2 for the moment.
|
||||
|
|
@ -496,6 +499,7 @@ static handshake_status_t handshake_status(peer_status_t last_status,
|
|||
return INTERNAL_ERROR;
|
||||
}
|
||||
|
||||
#ifndef OPENSSL_NO_NEXTPROTONEG
|
||||
/* Convert unsigned char buf's that shouldn't contain any NUL-bytes to char. */
|
||||
static char *dup_str(const unsigned char *in, size_t len)
|
||||
{
|
||||
|
|
@ -510,6 +514,7 @@ static char *dup_str(const unsigned char *in, size_t len)
|
|||
OPENSSL_assert(ret != NULL);
|
||||
return ret;
|
||||
}
|
||||
#endif
|
||||
|
||||
static HANDSHAKE_RESULT *do_handshake_internal(
|
||||
SSL_CTX *server_ctx, SSL_CTX *server2_ctx, SSL_CTX *client_ctx,
|
||||
|
|
@ -527,9 +532,11 @@ static HANDSHAKE_RESULT *do_handshake_internal(
|
|||
unsigned char* tick = NULL;
|
||||
size_t tick_len = 0;
|
||||
SSL_SESSION* sess = NULL;
|
||||
#ifndef OPENSSL_NO_NEXTPROTONEG
|
||||
const unsigned char *proto = NULL;
|
||||
/* API dictates unsigned int rather than size_t. */
|
||||
unsigned int proto_len = 0;
|
||||
#endif
|
||||
|
||||
memset(&server_ctx_data, 0, sizeof(server_ctx_data));
|
||||
memset(&server2_ctx_data, 0, sizeof(server2_ctx_data));
|
||||
|
|
@ -644,6 +651,7 @@ static HANDSHAKE_RESULT *do_handshake_internal(
|
|||
ret->session_ticket = SSL_TEST_SESSION_TICKET_YES;
|
||||
ret->session_ticket_do_not_call = server_ex_data.session_ticket_do_not_call;
|
||||
|
||||
#ifndef OPENSSL_NO_NEXTPROTONEG
|
||||
SSL_get0_next_proto_negotiated(client, &proto, &proto_len);
|
||||
ret->client_npn_negotiated = dup_str(proto, proto_len);
|
||||
|
||||
|
|
@ -655,6 +663,7 @@ static HANDSHAKE_RESULT *do_handshake_internal(
|
|||
|
||||
SSL_get0_alpn_selected(server, &proto, &proto_len);
|
||||
ret->server_alpn_negotiated = dup_str(proto, proto_len);
|
||||
#endif
|
||||
|
||||
ret->client_resumed = SSL_session_reused(client);
|
||||
ret->server_resumed = SSL_session_reused(server);
|
||||
|
|
|
|||
|
|
@ -150,6 +150,7 @@ static int check_session_ticket(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx
|
|||
return 1;
|
||||
}
|
||||
|
||||
#ifndef OPENSSL_NO_NEXTPROTONEG
|
||||
static int check_npn(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx)
|
||||
{
|
||||
int ret = 1;
|
||||
|
|
@ -173,6 +174,7 @@ static int check_alpn(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx)
|
|||
result->client_alpn_negotiated);
|
||||
return ret;
|
||||
}
|
||||
#endif
|
||||
|
||||
static int check_resumption(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx)
|
||||
{
|
||||
|
|
@ -204,8 +206,10 @@ static int check_test(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx)
|
|||
ret &= check_servername(result, test_ctx);
|
||||
ret &= check_session_ticket(result, test_ctx);
|
||||
ret &= (result->session_ticket_do_not_call == 0);
|
||||
#ifndef OPENSSL_NO_NEXTPROTONEG
|
||||
ret &= check_npn(result, test_ctx);
|
||||
ret &= check_alpn(result, test_ctx);
|
||||
#endif
|
||||
ret &= check_resumption(result, test_ctx);
|
||||
}
|
||||
return ret;
|
||||
|
|
|
|||
|
|
@ -295,6 +295,7 @@ const char *ssl_test_method_name(ssl_test_method_t method)
|
|||
/* NPN and ALPN options */
|
||||
/************************************/
|
||||
|
||||
#ifndef OPENSSL_NO_NEXTPROTONEG
|
||||
IMPLEMENT_SSL_TEST_CTX_STRING_OPTION(client_npn_protocols)
|
||||
IMPLEMENT_SSL_TEST_CTX_STRING_OPTION(server_npn_protocols)
|
||||
IMPLEMENT_SSL_TEST_CTX_STRING_OPTION(server2_npn_protocols)
|
||||
|
|
@ -303,6 +304,7 @@ IMPLEMENT_SSL_TEST_CTX_STRING_OPTION(client_alpn_protocols)
|
|||
IMPLEMENT_SSL_TEST_CTX_STRING_OPTION(server_alpn_protocols)
|
||||
IMPLEMENT_SSL_TEST_CTX_STRING_OPTION(server2_alpn_protocols)
|
||||
IMPLEMENT_SSL_TEST_CTX_STRING_OPTION(expected_alpn_protocol)
|
||||
#endif
|
||||
|
||||
/***********************/
|
||||
/* Handshake mode */
|
||||
|
|
@ -372,6 +374,7 @@ static const ssl_test_ctx_option ssl_test_ctx_options[] = {
|
|||
{ "ServerNameCallback", &parse_servername_callback },
|
||||
{ "SessionTicketExpected", &parse_session_ticket },
|
||||
{ "Method", &parse_test_method },
|
||||
#ifndef OPENSSL_NO_NEXTPROTONEG
|
||||
{ "ClientNPNProtocols", &parse_client_npn_protocols },
|
||||
{ "ServerNPNProtocols", &parse_server_npn_protocols },
|
||||
{ "Server2NPNProtocols", &parse_server2_npn_protocols },
|
||||
|
|
@ -380,6 +383,7 @@ static const ssl_test_ctx_option ssl_test_ctx_options[] = {
|
|||
{ "ServerALPNProtocols", &parse_server_alpn_protocols },
|
||||
{ "Server2ALPNProtocols", &parse_server2_alpn_protocols },
|
||||
{ "ExpectedALPNProtocol", &parse_expected_alpn_protocol },
|
||||
#endif
|
||||
{ "HandshakeMode", &parse_handshake_mode },
|
||||
{ "ResumptionExpected", &parse_resumption_expected },
|
||||
};
|
||||
|
|
@ -399,6 +403,7 @@ SSL_TEST_CTX *SSL_TEST_CTX_new()
|
|||
void SSL_TEST_CTX_free(SSL_TEST_CTX *ctx)
|
||||
{
|
||||
|
||||
#ifndef OPENSSL_NO_NEXTPROTONEG
|
||||
OPENSSL_free(ctx->client_npn_protocols);
|
||||
OPENSSL_free(ctx->server_npn_protocols);
|
||||
OPENSSL_free(ctx->server2_npn_protocols);
|
||||
|
|
@ -407,6 +412,7 @@ void SSL_TEST_CTX_free(SSL_TEST_CTX *ctx)
|
|||
OPENSSL_free(ctx->server2_alpn_protocols);
|
||||
OPENSSL_free(ctx->expected_npn_protocol);
|
||||
OPENSSL_free(ctx->expected_alpn_protocol);
|
||||
#endif
|
||||
OPENSSL_free(ctx);
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -92,6 +92,7 @@ typedef struct ssl_test_ctx {
|
|||
ssl_session_ticket_t session_ticket_expected;
|
||||
/* Whether the server/client CTX should use DTLS or TLS. */
|
||||
ssl_test_method_t method;
|
||||
#ifndef OPENSSL_NO_NEXTPROTONEG
|
||||
/*
|
||||
* NPN and ALPN protocols supported by the client, server, and second
|
||||
* (SNI) server. A comma-separated list.
|
||||
|
|
@ -104,6 +105,7 @@ typedef struct ssl_test_ctx {
|
|||
char *server_alpn_protocols;
|
||||
char *server2_alpn_protocols;
|
||||
char *expected_alpn_protocol;
|
||||
#endif
|
||||
/* Whether to test a resumed/renegotiated handshake. */
|
||||
ssl_handshake_mode_t handshake_mode;
|
||||
/* Whether the second handshake is resumed or a full handshake (boolean). */
|
||||
|
|
|
|||
|
|
@ -89,6 +89,7 @@ static int SSL_TEST_CTX_equal(SSL_TEST_CTX *ctx, SSL_TEST_CTX *ctx2)
|
|||
ssl_session_ticket_name(ctx2->session_ticket_expected));
|
||||
return 0;
|
||||
}
|
||||
#ifndef OPENSSL_NO_NEXTPROTONEG
|
||||
if (!strings_equal("ClientNPNProtocols", ctx->client_npn_protocols,
|
||||
ctx2->client_npn_protocols))
|
||||
return 0;
|
||||
|
|
@ -120,6 +121,7 @@ static int SSL_TEST_CTX_equal(SSL_TEST_CTX *ctx, SSL_TEST_CTX *ctx2)
|
|||
if (!strings_equal("ExpectedALPNProtocol", ctx->expected_alpn_protocol,
|
||||
ctx2->expected_alpn_protocol))
|
||||
return 0;
|
||||
#endif
|
||||
if (ctx->handshake_mode != ctx2->handshake_mode) {
|
||||
fprintf(stderr, "HandshakeMode mismatch: %s vs %s.\n",
|
||||
ssl_handshake_mode_name(ctx->handshake_mode),
|
||||
|
|
@ -214,10 +216,12 @@ static int test_good_configuration()
|
|||
SSL_TEST_SERVERNAME_IGNORE_MISMATCH;
|
||||
fixture.expected_ctx->session_ticket_expected = SSL_TEST_SESSION_TICKET_YES;
|
||||
fixture.expected_ctx->method = SSL_TEST_METHOD_DTLS;
|
||||
#ifndef OPENSSL_NO_NEXTPROTONEG
|
||||
fixture.expected_ctx->client_npn_protocols = OPENSSL_strdup("foo,bar");
|
||||
fixture.expected_ctx->server2_alpn_protocols = OPENSSL_strdup("baz");
|
||||
OPENSSL_assert(fixture.expected_ctx->client_npn_protocols != NULL);
|
||||
OPENSSL_assert(fixture.expected_ctx->server2_alpn_protocols != NULL);
|
||||
#endif
|
||||
fixture.expected_ctx->handshake_mode = SSL_TEST_HANDSHAKE_RESUME;
|
||||
fixture.expected_ctx->resumption_expected = 1;
|
||||
EXECUTE_SSL_TEST_CTX_TEST();
|
||||
|
|
|
|||
Loading…
Reference in a new issue