2 * Copyright (C) 2000,2001,2002 Nikos Mavroyanopoulos
4 * This file is part of GNUTLS.
6 * GNUTLS is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
11 * GNUTLS is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
24 #include <sys/types.h>
25 #include <sys/socket.h>
26 #include <netinet/in.h>
27 #include <arpa/inet.h>
30 #include "../lib/gnutls.h"
31 #include "../libextra/gnutls-extra.h"
36 #include <tls_test-gaa.h>
46 #define SA struct sockaddr
47 #define ERR(err,s) if (err==-1) {perror(s);return(1);}
50 /* global stuff here */
57 GNUTLS_SRP_CLIENT_CREDENTIALS srp_cred
;
58 GNUTLS_ANON_CLIENT_CREDENTIALS anon_cred
;
59 GNUTLS_CERTIFICATE_CLIENT_CREDENTIALS xcred
;
61 /* end of global stuff */
69 typedef int (*TEST_FUNC
)( GNUTLS_STATE
);
79 static const TLS_TEST tls_tests
[] = {
80 { "for TLS 1.0 support", test_tls1
, "yes", "no", "dunno" },
81 { "for SSL 3.0 support", test_ssl3
, "yes", "no", "dunno" },
82 { "for version rollback bug in RSA PMS", test_rsa_pms
, "no", "yes", "dunno" },
83 { "for version rollback bug in Client Hello", test_version_rollback
, "no", "yes", "dunno" },
84 /* this test will disable TLS 1.0 if the server is
86 { "whether we need to disable TLS 1.0", test_tls1_2
, "no", "yes", "dunno" },
87 { "whether the server can accept Hello Extensions", test_hello_extension
, "yes", "no", "dunno"},
88 { "whether the server can accept cipher suites not in SSL 3.0 spec", test_unknown_ciphersuites
, "yes", "no", "dunno"},
89 { "whether the server understands TLS closure alerts", test_bye
, "yes", "no", "partially"},
90 { "whether the server supports session resumption", test_session_resume2
, "yes", "no", "dunno"},
91 { "for anonymous authentication support", test_anonymous
, "yes", "no", "dunno"},
92 { "for ephemeral Diffie Hellman support", test_dhe
, "yes", "no", "dunno" },
93 { "for AES cipher support", test_aes
, "yes", "no", "dunno"},
94 { "for 3DES cipher support", test_3des
, "yes", "no", "dunno"},
95 { "for ARCFOUR cipher support", test_arcfour
, "yes", "no", "dunno"},
96 { "for MD5 MAC support", test_md5
, "yes", "no", "dunno"},
97 { "for SHA1 MAC support", test_sha
, "yes", "no", "dunno"},
98 { "for max record size TLS extension", test_max_record_size
, "yes", "no", "dunno" },
99 { "for SRP authentication support (gnutls extension)", test_srp
, "yes", "no", "dunno" },
100 { "for OpenPGP authentication support (gnutls extension)", test_openpgp1
, "yes", "no", "dunno" },
107 sd = socket(AF_INET, SOCK_STREAM, 0); \
109 memset(&sa, '\0', sizeof(sa)); \
110 sa.sin_family = AF_INET; \
111 sa.sin_port = htons(port); \
112 sa.sin_addr.s_addr = *((unsigned int *) server_host->h_addr); \
113 inet_ntop(AF_INET, &sa.sin_addr, buffer, MAX_BUF); \
114 if (tt++ == 0) fprintf(stderr, "Connecting to '%s:%d'...\n", buffer, port); \
115 err = connect(sd, (SA *) & sa, sizeof(sa)); \
118 static void gaa_parser(int argc
, char **argv
);
120 int main(int argc
, char **argv
)
124 struct sockaddr_in sa
;
126 char buffer
[MAX_BUF
+ 1];
127 struct hostent
*server_host
;
129 gaa_parser(argc
, argv
);
131 signal(SIGPIPE
, SIG_IGN
);
133 if (gnutls_global_init() < 0) {
134 fprintf(stderr
, "global state initialization error\n");
138 printf("Resolving '%s'...\n", hostname
);
139 /* get server name */
140 server_host
= gethostbyname(hostname
);
141 if (server_host
== NULL
) {
142 fprintf(stderr
, "Cannot resolve %s\n", hostname
);
147 if (gnutls_certificate_allocate_sc(&xcred
) < 0) { /* space for 2 certificates */
148 fprintf(stderr
, "memory error\n");
153 if (gnutls_srp_allocate_client_sc(&srp_cred
) < 0) {
154 fprintf(stderr
, "memory error\n");
157 gnutls_srp_set_client_cred( srp_cred
, "test", "test");
160 if (gnutls_anon_allocate_client_sc(&anon_cred
) < 0) {
161 fprintf(stderr
, "memory error\n");
170 if (tls_tests
[i
].test_name
==NULL
) break; /* finished */
173 gnutls_init(&state
, GNUTLS_CLIENT
);
174 gnutls_transport_set_ptr(state
, sd
);
176 printf("Checking %s...", tls_tests
[i
].test_name
);
178 if ((ret
=tls_tests
[i
].func( state
)) == SUCCEED
)
179 printf(" %s\n", tls_tests
[i
].suc_str
);
180 else if (ret
==FAILED
)
181 printf(" %s\n", tls_tests
[i
].fail_str
);
182 else printf(" %s\n", tls_tests
[i
].unsure_str
);
184 gnutls_deinit(state
);
186 shutdown(sd
, SHUT_RDWR
); /* no more receptions */
192 gnutls_srp_free_client_sc(srp_cred
);
193 gnutls_certificate_free_sc(xcred
);
194 gnutls_anon_free_client_sc(anon_cred
);
196 gnutls_global_deinit();
202 void gaa_parser(int argc
, char **argv
)
204 if (gaa(argc
, argv
, &info
) != -1) {
205 fprintf(stderr
, "Error in the arguments. Use the -h or --help parameters to get more info.\n");
210 if (info
.nrest_args
==0) hostname
="localhost";
211 else hostname
= info
.rest_args
[0];