2 * Copyright (C) 2000,2001,2002 Nikos Mavroyanopoulos
4 * This file is part of GNUTLS.
6 * GNUTLS is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
11 * GNUTLS is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
24 #include <sys/types.h>
25 #include <sys/socket.h>
26 #include <netinet/in.h>
27 #include <arpa/inet.h>
30 #include "../lib/gnutls.h"
35 #include <tls_test-gaa.h>
45 #define SA struct sockaddr
46 #define ERR(err,s) if (err==-1) {perror(s);return(1);}
49 /* global stuff here */
56 GNUTLS_SRP_CLIENT_CREDENTIALS srp_cred
;
57 GNUTLS_ANON_CLIENT_CREDENTIALS anon_cred
;
58 GNUTLS_CERTIFICATE_CLIENT_CREDENTIALS xcred
;
60 /* end of global stuff */
68 typedef int (*TEST_FUNC
)( GNUTLS_STATE
);
78 static const TLS_TEST tls_tests
[] = {
79 { "for TLS 1.0 support", test_tls1
, "yes", "no", "dunno" },
80 { "for SSL 3.0 support", test_ssl3
, "yes", "no", "dunno" },
81 { "for version rollback bug in RSA PMS", test_rsa_pms
, "no", "yes", "dunno" },
82 { "for version rollback bug in Client Hello", test_version_rollback
, "no", "yes", "dunno" },
83 /* this test will disable TLS 1.0 if the server is
85 { "whether we need to disable TLS 1.0", test_tls1_2
, "no", "yes", "dunno" },
86 { "whether the server can accept Hello Extensions", test_hello_extension
, "yes", "no", "dunno"},
87 { "whether the server can accept cipher suites not in SSL 3.0 spec", test_unknown_ciphersuites
, "yes", "no", "dunno"},
88 { "whether the server understands TLS closure alerts", test_bye
, "yes", "no", "partially"},
89 { "whether the server supports session resumption", test_session_resume2
, "yes", "no", "dunno"},
90 { "for anonymous authentication support", test_anonymous
, "yes", "no", "dunno"},
91 { "for ephemeral Diffie Hellman support", test_dhe
, "yes", "no", "dunno" },
92 { "for AES cipher support", test_aes
, "yes", "no", "dunno"},
93 { "for 3DES cipher support", test_3des
, "yes", "no", "dunno"},
94 { "for ARCFOUR cipher support", test_arcfour
, "yes", "no", "dunno"},
95 { "for MD5 MAC support", test_md5
, "yes", "no", "dunno"},
96 { "for SHA1 MAC support", test_sha
, "yes", "no", "dunno"},
97 { "for max record size TLS extension", test_max_record_size
, "yes", "no", "dunno" },
98 { "for SRP authentication support (gnutls extension)", test_srp
, "yes", "no", "dunno" },
99 { "for OpenPGP authentication support (gnutls extension)", test_openpgp1
, "yes", "no", "dunno" },
106 sd = socket(AF_INET, SOCK_STREAM, 0); \
108 memset(&sa, '\0', sizeof(sa)); \
109 sa.sin_family = AF_INET; \
110 sa.sin_port = htons(port); \
111 sa.sin_addr.s_addr = *((unsigned int *) server_host->h_addr); \
112 inet_ntop(AF_INET, &sa.sin_addr, buffer, MAX_BUF); \
113 if (tt++ == 0) fprintf(stderr, "Connecting to '%s:%d'...\n", buffer, port); \
114 err = connect(sd, (SA *) & sa, sizeof(sa)); \
117 static void gaa_parser(int argc
, char **argv
);
119 int main(int argc
, char **argv
)
123 struct sockaddr_in sa
;
125 char buffer
[MAX_BUF
+ 1];
126 struct hostent
*server_host
;
128 gaa_parser(argc
, argv
);
130 signal(SIGPIPE
, SIG_IGN
);
132 if (gnutls_global_init() < 0) {
133 fprintf(stderr
, "global state initialization error\n");
137 printf("Resolving '%s'...\n", hostname
);
138 /* get server name */
139 server_host
= gethostbyname(hostname
);
140 if (server_host
== NULL
) {
141 fprintf(stderr
, "Cannot resolve %s\n", hostname
);
146 if (gnutls_certificate_allocate_sc(&xcred
) < 0) { /* space for 2 certificates */
147 fprintf(stderr
, "memory error\n");
152 if (gnutls_srp_allocate_client_sc(&srp_cred
) < 0) {
153 fprintf(stderr
, "memory error\n");
156 gnutls_srp_set_client_cred( srp_cred
, "test", "test");
159 if (gnutls_anon_allocate_client_sc(&anon_cred
) < 0) {
160 fprintf(stderr
, "memory error\n");
169 if (tls_tests
[i
].test_name
==NULL
) break; /* finished */
172 gnutls_init(&state
, GNUTLS_CLIENT
);
173 gnutls_transport_set_ptr(state
, sd
);
175 printf("Checking %s...", tls_tests
[i
].test_name
);
177 if ((ret
=tls_tests
[i
].func( state
)) == SUCCEED
)
178 printf(" %s\n", tls_tests
[i
].suc_str
);
179 else if (ret
==FAILED
)
180 printf(" %s\n", tls_tests
[i
].fail_str
);
181 else printf(" %s\n", tls_tests
[i
].unsure_str
);
183 gnutls_deinit(state
);
185 shutdown(sd
, SHUT_RDWR
); /* no more receptions */
191 gnutls_srp_free_client_sc(srp_cred
);
192 gnutls_certificate_free_sc(xcred
);
193 gnutls_anon_free_client_sc(anon_cred
);
195 gnutls_global_deinit();
201 void gaa_parser(int argc
, char **argv
)
203 if (gaa(argc
, argv
, &info
) != -1) {
204 fprintf(stderr
, "Error in the arguments. Use the -h or --help parameters to get more info.\n");
209 if (info
.nrest_args
==0) hostname
="localhost";
210 else hostname
= info
.rest_args
[0];