regress_ssl.c revision 316722
195584Sanholt/* 295584Sanholt * Copyright (c) 2009-2012 Niels Provos and Nick Mathewson 395584Sanholt * 495584Sanholt * Redistribution and use in source and binary forms, with or without 595584Sanholt * modification, are permitted provided that the following conditions 695584Sanholt * are met: 795584Sanholt * 1. Redistributions of source code must retain the above copyright 895584Sanholt * notice, this list of conditions and the following disclaimer. 995584Sanholt * 2. Redistributions in binary form must reproduce the above copyright 1095584Sanholt * notice, this list of conditions and the following disclaimer in the 1195584Sanholt * documentation and/or other materials provided with the distribution. 1295584Sanholt * 3. The name of the author may not be used to endorse or promote products 1395584Sanholt * derived from this software without specific prior written permission. 1495584Sanholt * 1595584Sanholt * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 1695584Sanholt * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 1795584Sanholt * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 1895584Sanholt * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 1995584Sanholt * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 2095584Sanholt * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 2195584Sanholt * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 2295584Sanholt * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 2395584Sanholt * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 2495584Sanholt * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 2595584Sanholt */ 2695584Sanholt 2795584Sanholt// Get rid of OSX 10.7 and greater deprecation warnings. 2895584Sanholt#if defined(__APPLE__) && defined(__clang__) 2995584Sanholt#pragma clang diagnostic ignored "-Wdeprecated-declarations" 30112015Sanholt#endif 3195584Sanholt 3295584Sanholt#ifdef _WIN32 3395584Sanholt#include <winsock2.h> 3495584Sanholt#include <windows.h> 3595584Sanholt#endif 3695584Sanholt 3795584Sanholt#ifndef _WIN32 3895584Sanholt#include <sys/types.h> 3995584Sanholt#include <sys/socket.h> 40112015Sanholt#include <netinet/in.h> 4195746Sanholt#endif 4295584Sanholt 4395584Sanholt#include "event2/util.h" 4495584Sanholt#include "event2/event.h" 4595584Sanholt#include "event2/bufferevent_ssl.h" 4695584Sanholt#include "event2/buffer.h" 4795584Sanholt#include "event2/listener.h" 4895584Sanholt 4995584Sanholt#include "regress.h" 5095584Sanholt#include "tinytest.h" 5195584Sanholt#include "tinytest_macros.h" 5295584Sanholt 5395584Sanholt#include <openssl/asn1.h> 5495584Sanholt#include <openssl/ssl.h> 5595584Sanholt#include <openssl/bio.h> 56112015Sanholt#include <openssl/crypto.h> 5795584Sanholt#include <openssl/err.h> 5895584Sanholt#include <openssl/pem.h> 5995584Sanholt#include <openssl/opensslv.h> 6095584Sanholt#include <openssl/x509.h> 6195584Sanholt 6295584Sanholt#include <string.h> 6395584Sanholt 64112015Sanholt#if OPENSSL_VERSION_NUMBER < 0x10100000L 6595584Sanholt#define OpenSSL_version_num SSLeay 6695584Sanholt#endif /* OPENSSL_VERSION_NUMBER */ 6795584Sanholt 6895584Sanholt/* A short pre-generated key, to save the cost of doing an RSA key generation 6995584Sanholt * step during the unit tests. It's only 512 bits long, and it is published 7095584Sanholt * in this file, so you would have to be very foolish to consider using it in 71112015Sanholt * your own code. */ 7295584Sanholtstatic const char KEY[] = 7395584Sanholt "-----BEGIN RSA PRIVATE KEY-----\n" 7495584Sanholt "MIIBOgIBAAJBAKibTEzXjj+sqpipePX1lEk5BNFuL/dDBbw8QCXgaJWikOiKHeJq\n" 7595584Sanholt "3FQ0OmCnmpkdsPFE4x3ojYmmdgE2i0dJwq0CAwEAAQJAZ08gpUS+qE1IClps/2gG\n" 7695584Sanholt "AAer6Bc31K2AaiIQvCSQcH440cp062QtWMC3V5sEoWmdLsbAHFH26/9ZHn5zAflp\n" 7795584Sanholt "gQIhANWOx/UYeR8HD0WREU5kcuSzgzNLwUErHLzxP7U6aojpAiEAyh2H35CjN/P7\n" 78112015Sanholt "NhcZ4QYw3PeUWpqgJnaE/4i80BSYkSUCIQDLHFhLYLJZ80HwHTADif/ISn9/Ow6b\n" 7995584Sanholt "p6BWh3DbMar/eQIgBPS6azH5vpp983KXkNv9AL4VZi9ac/b+BeINdzC6GP0CIDmB\n" 8095584Sanholt "U6GFEQTZ3IfuiVabG5pummdC4DNbcdI+WKrSFNmQ\n" 8195584Sanholt "-----END RSA PRIVATE KEY-----\n"; 8295584Sanholt 83112015Sanholtstatic EVP_PKEY * 8495584Sanholtgetkey(void) 8595584Sanholt{ 8695584Sanholt EVP_PKEY *key; 8795584Sanholt BIO *bio; 8895584Sanholt 89112015Sanholt /* new read-only BIO backed by KEY. */ 9095584Sanholt bio = BIO_new_mem_buf((char*)KEY, -1); 9195584Sanholt tt_assert(bio); 9295584Sanholt 9395584Sanholt key = PEM_read_bio_PrivateKey(bio,NULL,NULL,NULL); 9495584Sanholt BIO_free(bio); 9595584Sanholt tt_assert(key); 9695584Sanholt 97112015Sanholt return key; 9895584Sanholtend: 9995584Sanholt return NULL; 10095584Sanholt} 10195584Sanholt 10295584Sanholtstatic X509 * 10395584Sanholtgetcert(void) 10495584Sanholt{ 10595584Sanholt /* Dummy code to make a quick-and-dirty valid certificate with 10695584Sanholt OpenSSL. Don't copy this code into your own program! It does a 10795584Sanholt number of things in a stupid and insecure way. */ 10895584Sanholt X509 *x509 = NULL; 10995584Sanholt X509_NAME *name = NULL; 11095584Sanholt EVP_PKEY *key = getkey(); 11195584Sanholt int nid; 11295584Sanholt time_t now = time(NULL); 11395584Sanholt 11495584Sanholt tt_assert(key); 11595584Sanholt 11695584Sanholt x509 = X509_new(); 11795584Sanholt tt_assert(x509); 118112015Sanholt tt_assert(0 != X509_set_version(x509, 2)); 11995584Sanholt tt_assert(0 != ASN1_INTEGER_set(X509_get_serialNumber(x509), 12095584Sanholt (long)now)); 12195584Sanholt 12295584Sanholt name = X509_NAME_new(); 12395584Sanholt tt_assert(name); 124112015Sanholt nid = OBJ_txt2nid("commonName"); 12595584Sanholt tt_assert(NID_undef != nid); 12695584Sanholt tt_assert(0 != X509_NAME_add_entry_by_NID( 12795584Sanholt name, nid, MBSTRING_ASC, (unsigned char*)"example.com", 12895584Sanholt -1, -1, 0)); 12995584Sanholt 13095584Sanholt X509_set_subject_name(x509, name); 13195584Sanholt X509_set_issuer_name(x509, name); 13295584Sanholt 13395584Sanholt#if OPENSSL_VERSION_NUMBER < 0x10100000L 13495584Sanholt X509_time_adj(X509_get_notBefore(x509), 0, &now); 13595584Sanholt now += 3600; 13695584Sanholt X509_time_adj(X509_get_notAfter(x509), 0, &now); 13795584Sanholt#else /* OPENSSL_VERSION_NUMBER >= 0x10100000L */ 13895584Sanholt X509_time_adj(X509_getm_notBefore(x509), 0, &now); 13995584Sanholt now += 3600; 14095584Sanholt X509_time_adj(X509_getm_notAfter(x509), 0, &now); 14195584Sanholt#endif /* OPENSSL_VERSION_NUMBER */ 14295584Sanholt X509_set_pubkey(x509, key); 14395584Sanholt tt_assert(0 != X509_sign(x509, key, EVP_sha1())); 14495584Sanholt 14595584Sanholt return x509; 14695584Sanholtend: 14795584Sanholt X509_free(x509); 14895584Sanholt return NULL; 14995584Sanholt} 15095584Sanholt 15195584Sanholtstatic int disable_tls_11_and_12 = 0; 15295584Sanholtstatic SSL_CTX *the_ssl_ctx = NULL; 15395584Sanholt 15495584Sanholtstatic SSL_CTX * 15595584Sanholtget_ssl_ctx(void) 15695584Sanholt{ 15795584Sanholt if (the_ssl_ctx) 15895584Sanholt return the_ssl_ctx; 15995584Sanholt the_ssl_ctx = SSL_CTX_new(SSLv23_method()); 16095584Sanholt if (!the_ssl_ctx) 16195584Sanholt return NULL; 162112015Sanholt if (disable_tls_11_and_12) { 163112015Sanholt#ifdef SSL_OP_NO_TLSv1_2 164112015Sanholt SSL_CTX_set_options(the_ssl_ctx, SSL_OP_NO_TLSv1_2); 165112015Sanholt#endif 16695584Sanholt#ifdef SSL_OP_NO_TLSv1_1 167112015Sanholt SSL_CTX_set_options(the_ssl_ctx, SSL_OP_NO_TLSv1_1); 168112015Sanholt#endif 169112015Sanholt } 170112015Sanholt return the_ssl_ctx; 171112015Sanholt} 172112015Sanholt 173112015Sanholtstatic void 17495584Sanholtinit_ssl(void) 17595584Sanholt{ 17695584Sanholt SSL_library_init(); 17795584Sanholt ERR_load_crypto_strings(); 17895584Sanholt SSL_load_error_strings(); 17995584Sanholt OpenSSL_add_all_algorithms(); 18095584Sanholt if (OpenSSL_version_num() != OPENSSL_VERSION_NUMBER) { 18195584Sanholt TT_DECLARE("WARN", ("Version mismatch for openssl: compiled with %lx but running with %lx", (unsigned long)OPENSSL_VERSION_NUMBER, (unsigned long) OpenSSL_version_num())); 18295584Sanholt } 18395584Sanholt} 18495584Sanholt 18595584Sanholt/* ==================== 18695584Sanholt Here's a simple test: we read a number from the input, increment it, and 18795584Sanholt reply, until we get to 1001. 18895584Sanholt*/ 18995584Sanholt 19095584Sanholtstatic int test_is_done = 0; 19195584Sanholtstatic int n_connected = 0; 19295584Sanholtstatic int got_close = 0; 19395584Sanholtstatic int got_error = 0; 19495584Sanholtstatic int renegotiate_at = -1; 19595584Sanholtstatic int stop_when_connected = 0; 19695584Sanholtstatic int pending_connect_events = 0; 19795584Sanholtstatic struct event_base *exit_base = NULL; 19895584Sanholt 19995584Sanholtstatic void 20095584Sanholtrespond_to_number(struct bufferevent *bev, void *ctx) 20195584Sanholt{ 20295584Sanholt struct evbuffer *b = bufferevent_get_input(bev); 20395584Sanholt char *line; 20495584Sanholt int n; 20595584Sanholt line = evbuffer_readln(b, NULL, EVBUFFER_EOL_LF); 20695584Sanholt if (! line) 20795584Sanholt return; 20895584Sanholt n = atoi(line); 20995584Sanholt if (n <= 0) 21095584Sanholt TT_FAIL(("Bad number: %s", line)); 211112015Sanholt free(line); 21295584Sanholt TT_BLATHER(("The number was %d", n)); 21395584Sanholt if (n == 1001) { 21495584Sanholt ++test_is_done; 21595584Sanholt bufferevent_free(bev); /* Should trigger close on other side. */ 21695584Sanholt return; 21795584Sanholt } 21895584Sanholt if (!strcmp(ctx, "client") && n == renegotiate_at) { 219112015Sanholt SSL_renegotiate(bufferevent_openssl_get_ssl(bev)); 22095584Sanholt } 22195584Sanholt ++n; 22295584Sanholt evbuffer_add_printf(bufferevent_get_output(bev), 22395584Sanholt "%d\n", n); 22495584Sanholt TT_BLATHER(("Done reading; now writing.")); 22595584Sanholt bufferevent_enable(bev, EV_WRITE); 22695584Sanholt bufferevent_disable(bev, EV_READ); 22795584Sanholt} 22895584Sanholt 22995584Sanholtstatic void 23095584Sanholtdone_writing_cb(struct bufferevent *bev, void *ctx) 23195584Sanholt{ 23295584Sanholt struct evbuffer *b = bufferevent_get_output(bev); 23395584Sanholt if (evbuffer_get_length(b)) 23495584Sanholt return; 23595584Sanholt TT_BLATHER(("Done writing.")); 23695584Sanholt bufferevent_disable(bev, EV_WRITE); 23795584Sanholt bufferevent_enable(bev, EV_READ); 23895584Sanholt} 23995584Sanholt 24095584Sanholtstatic void 24195584Sanholteventcb(struct bufferevent *bev, short what, void *ctx) 24295584Sanholt{ 24395584Sanholt TT_BLATHER(("Got event %d", (int)what)); 24495584Sanholt if (what & BEV_EVENT_CONNECTED) { 24595584Sanholt SSL *ssl; 24695584Sanholt X509 *peer_cert; 24795584Sanholt ++n_connected; 24895584Sanholt ssl = bufferevent_openssl_get_ssl(bev); 24995584Sanholt tt_assert(ssl); 25095584Sanholt peer_cert = SSL_get_peer_certificate(ssl); 25195584Sanholt if (0==strcmp(ctx, "server")) { 25295584Sanholt tt_assert(peer_cert == NULL); 25395584Sanholt } else { 254112015Sanholt tt_assert(peer_cert != NULL); 25595584Sanholt } 25695584Sanholt if (stop_when_connected) { 25795584Sanholt if (--pending_connect_events == 0) 25895584Sanholt event_base_loopexit(exit_base, NULL); 25995584Sanholt } 26095584Sanholt } else if (what & BEV_EVENT_EOF) { 26195584Sanholt TT_BLATHER(("Got a good EOF")); 262112015Sanholt ++got_close; 26395584Sanholt bufferevent_free(bev); 26495584Sanholt } else if (what & BEV_EVENT_ERROR) { 26595584Sanholt TT_BLATHER(("Got an error.")); 26695584Sanholt ++got_error; 26795584Sanholt bufferevent_free(bev); 26895584Sanholt } 26995584Sanholtend: 27095584Sanholt ; 271112015Sanholt} 27295584Sanholt 27395584Sanholtstatic void 27495584Sanholtopen_ssl_bufevs(struct bufferevent **bev1_out, struct bufferevent **bev2_out, 27595584Sanholt struct event_base *base, int is_open, int flags, SSL *ssl1, SSL *ssl2, 27695584Sanholt evutil_socket_t *fd_pair, struct bufferevent **underlying_pair) 27795584Sanholt{ 27895584Sanholt int state1 = is_open ? BUFFEREVENT_SSL_OPEN :BUFFEREVENT_SSL_CONNECTING; 27995584Sanholt int state2 = is_open ? BUFFEREVENT_SSL_OPEN :BUFFEREVENT_SSL_ACCEPTING; 28095584Sanholt if (fd_pair) { 28195584Sanholt *bev1_out = bufferevent_openssl_socket_new( 28295584Sanholt base, fd_pair[0], ssl1, state1, flags); 28395584Sanholt *bev2_out = bufferevent_openssl_socket_new( 28495584Sanholt base, fd_pair[1], ssl2, state2, flags); 28595584Sanholt } else { 28695584Sanholt *bev1_out = bufferevent_openssl_filter_new( 28795584Sanholt base, underlying_pair[0], ssl1, state1, flags); 28895584Sanholt *bev2_out = bufferevent_openssl_filter_new( 28995584Sanholt base, underlying_pair[1], ssl2, state2, flags); 29095584Sanholt 29195584Sanholt } 29295584Sanholt bufferevent_setcb(*bev1_out, respond_to_number, done_writing_cb, 29395584Sanholt eventcb, (void*)"client"); 29495584Sanholt bufferevent_setcb(*bev2_out, respond_to_number, done_writing_cb, 29595584Sanholt eventcb, (void*)"server"); 29695584Sanholt} 29795584Sanholt 29895584Sanholtstatic void 29995584Sanholtregress_bufferevent_openssl(void *arg) 30095584Sanholt{ 30195584Sanholt struct basic_test_data *data = arg; 30295584Sanholt 30395584Sanholt struct bufferevent *bev1, *bev2; 30495584Sanholt SSL *ssl1, *ssl2; 30595584Sanholt X509 *cert = getcert(); 30695584Sanholt EVP_PKEY *key = getkey(); 30795584Sanholt const int start_open = strstr((char*)data->setup_data, "open")!=NULL; 30895584Sanholt const int filter = strstr((char*)data->setup_data, "filter")!=NULL; 30995584Sanholt int flags = BEV_OPT_DEFER_CALLBACKS; 31095584Sanholt struct bufferevent *bev_ll[2] = { NULL, NULL }; 311112015Sanholt evutil_socket_t *fd_pair = NULL; 31295584Sanholt 31395584Sanholt tt_assert(cert); 31495584Sanholt tt_assert(key); 31595584Sanholt 316112015Sanholt init_ssl(); 31795584Sanholt 31895584Sanholt if (strstr((char*)data->setup_data, "renegotiate")) { 31995584Sanholt if (OpenSSL_version_num() >= 0x10001000 && 32095584Sanholt OpenSSL_version_num() < 0x1000104f) { 32195584Sanholt /* 1.0.1 up to 1.0.1c has a bug where TLS1.1 and 1.2 32295584Sanholt * can't renegotiate with themselves. Disable. */ 32395584Sanholt disable_tls_11_and_12 = 1; 32495584Sanholt } 32595584Sanholt renegotiate_at = 600; 32695584Sanholt } 32795584Sanholt 328112015Sanholt ssl1 = SSL_new(get_ssl_ctx()); 32995584Sanholt ssl2 = SSL_new(get_ssl_ctx()); 33095584Sanholt 33195584Sanholt SSL_use_certificate(ssl2, cert); 33295584Sanholt SSL_use_PrivateKey(ssl2, key); 33395584Sanholt 33495584Sanholt if (! start_open) 33595584Sanholt flags |= BEV_OPT_CLOSE_ON_FREE; 33695584Sanholt 33795584Sanholt if (!filter) { 33895584Sanholt tt_assert(strstr((char*)data->setup_data, "socketpair")); 33995584Sanholt fd_pair = data->pair; 34095584Sanholt } else { 34195584Sanholt bev_ll[0] = bufferevent_socket_new(data->base, data->pair[0], 34295584Sanholt BEV_OPT_CLOSE_ON_FREE); 34395584Sanholt bev_ll[1] = bufferevent_socket_new(data->base, data->pair[1], 34495584Sanholt BEV_OPT_CLOSE_ON_FREE); 34595584Sanholt } 34695584Sanholt 34795584Sanholt open_ssl_bufevs(&bev1, &bev2, data->base, 0, flags, ssl1, ssl2, 34895584Sanholt fd_pair, bev_ll); 34995584Sanholt 35095584Sanholt if (!filter) { 35195584Sanholt tt_int_op(bufferevent_getfd(bev1), ==, data->pair[0]); 35295584Sanholt } else { 35395584Sanholt tt_ptr_op(bufferevent_get_underlying(bev1), ==, bev_ll[0]); 35495584Sanholt } 35595584Sanholt 35695584Sanholt if (start_open) { 357112015Sanholt pending_connect_events = 2; 35895584Sanholt stop_when_connected = 1; 35995584Sanholt exit_base = data->base; 36095584Sanholt event_base_dispatch(data->base); 36195584Sanholt /* Okay, now the renegotiation is done. Make new 36295584Sanholt * bufferevents to test opening in BUFFEREVENT_SSL_OPEN */ 36395584Sanholt flags |= BEV_OPT_CLOSE_ON_FREE; 36495584Sanholt bufferevent_free(bev1); 36595584Sanholt bufferevent_free(bev2); 36695584Sanholt bev1 = bev2 = NULL; 36795584Sanholt open_ssl_bufevs(&bev1, &bev2, data->base, 1, flags, ssl1, ssl2, 36895584Sanholt fd_pair, bev_ll); 36995584Sanholt } 37095584Sanholt 37195584Sanholt bufferevent_enable(bev1, EV_READ|EV_WRITE); 37295584Sanholt bufferevent_enable(bev2, EV_READ|EV_WRITE); 37395584Sanholt 37495584Sanholt evbuffer_add_printf(bufferevent_get_output(bev1), "1\n"); 37595584Sanholt 37695584Sanholt event_base_dispatch(data->base); 37795584Sanholt 37895584Sanholt tt_assert(test_is_done == 1); 37995584Sanholt tt_assert(n_connected == 2); 38095584Sanholt 38195584Sanholt /* We don't handle shutdown properly yet. 38295584Sanholt tt_int_op(got_close, ==, 1); 38395584Sanholt tt_int_op(got_error, ==, 0); 38495584Sanholt */ 38595584Sanholtend: 38695584Sanholt return; 38795584Sanholt} 38895584Sanholt 38995584Sanholtstatic void 39095584Sanholtacceptcb(struct evconnlistener *listener, evutil_socket_t fd, 39195584Sanholt struct sockaddr *addr, int socklen, void *arg) 39295584Sanholt{ 39395584Sanholt struct basic_test_data *data = arg; 39495584Sanholt struct bufferevent *bev; 395112015Sanholt SSL *ssl = SSL_new(get_ssl_ctx()); 39695584Sanholt 39795584Sanholt SSL_use_certificate(ssl, getcert()); 39895584Sanholt SSL_use_PrivateKey(ssl, getkey()); 39995584Sanholt 40095584Sanholt bev = bufferevent_openssl_socket_new( 40195584Sanholt data->base, 40295584Sanholt fd, 40395584Sanholt ssl, 40495584Sanholt BUFFEREVENT_SSL_ACCEPTING, 40595584Sanholt BEV_OPT_CLOSE_ON_FREE|BEV_OPT_DEFER_CALLBACKS); 40695584Sanholt 40795584Sanholt bufferevent_setcb(bev, respond_to_number, NULL, eventcb, 40895584Sanholt (void*)"server"); 40995584Sanholt 41095584Sanholt bufferevent_enable(bev, EV_READ|EV_WRITE); 41195584Sanholt 41295584Sanholt /* Only accept once, then disable ourself. */ 41395584Sanholt evconnlistener_disable(listener); 41495584Sanholt} 41595584Sanholt 41695584Sanholtstatic void 41795584Sanholtregress_bufferevent_openssl_connect(void *arg) 41895584Sanholt{ 41995584Sanholt struct basic_test_data *data = arg; 42095584Sanholt 42195584Sanholt struct event_base *base = data->base; 42295584Sanholt 42395584Sanholt struct evconnlistener *listener; 42495584Sanholt struct bufferevent *bev; 42595584Sanholt struct sockaddr_in sin; 42695584Sanholt struct sockaddr_storage ss; 427112015Sanholt ev_socklen_t slen; 42895584Sanholt 42995584Sanholt init_ssl(); 43095584Sanholt 43195584Sanholt memset(&sin, 0, sizeof(sin)); 43295584Sanholt sin.sin_family = AF_INET; 43395584Sanholt sin.sin_addr.s_addr = htonl(0x7f000001); 43495584Sanholt 43595584Sanholt memset(&ss, 0, sizeof(ss)); 43695584Sanholt slen = sizeof(ss); 43795584Sanholt 43895584Sanholt listener = evconnlistener_new_bind(base, acceptcb, data, 43995584Sanholt LEV_OPT_CLOSE_ON_FREE|LEV_OPT_REUSEABLE, 44095584Sanholt -1, (struct sockaddr *)&sin, sizeof(sin)); 44195584Sanholt 44295584Sanholt tt_assert(listener); 44395584Sanholt tt_assert(evconnlistener_get_fd(listener) >= 0); 44495584Sanholt 44595584Sanholt bev = bufferevent_openssl_socket_new( 44695584Sanholt data->base, -1, SSL_new(get_ssl_ctx()), 44795584Sanholt BUFFEREVENT_SSL_CONNECTING, 44895584Sanholt BEV_OPT_CLOSE_ON_FREE|BEV_OPT_DEFER_CALLBACKS); 44995584Sanholt tt_assert(bev); 45095584Sanholt 45195584Sanholt bufferevent_setcb(bev, respond_to_number, NULL, eventcb, 45295584Sanholt (void*)"client"); 45395584Sanholt 45495584Sanholt tt_assert(getsockname(evconnlistener_get_fd(listener), 45595584Sanholt (struct sockaddr*)&ss, &slen) == 0); 45695584Sanholt tt_assert(slen == sizeof(struct sockaddr_in)); 45795584Sanholt tt_int_op(((struct sockaddr*)&ss)->sa_family, ==, AF_INET); 45895584Sanholt tt_int_op(((struct sockaddr*)&ss)->sa_family, ==, AF_INET); 45995584Sanholt 46095584Sanholt tt_assert(0 == 461112015Sanholt bufferevent_socket_connect(bev, (struct sockaddr*)&ss, slen)); 46295584Sanholt evbuffer_add_printf(bufferevent_get_output(bev), "1\n"); 46395584Sanholt bufferevent_enable(bev, EV_READ|EV_WRITE); 46495584Sanholt 465112015Sanholt event_base_dispatch(base); 46695584Sanholtend: 46795584Sanholt ; 46895584Sanholt} 46995584Sanholt 47095584Sanholtstruct testcase_t ssl_testcases[] = { 47195584Sanholt 47295584Sanholt { "bufferevent_socketpair", regress_bufferevent_openssl, TT_ISOLATED, 47395584Sanholt &basic_setup, (void*)"socketpair" }, 47495584Sanholt { "bufferevent_filter", regress_bufferevent_openssl, 47595584Sanholt TT_ISOLATED, 47695584Sanholt &basic_setup, (void*)"filter" }, 47795584Sanholt { "bufferevent_renegotiate_socketpair", regress_bufferevent_openssl, 47895584Sanholt TT_ISOLATED, 47995584Sanholt &basic_setup, (void*)"socketpair renegotiate" }, 48095584Sanholt { "bufferevent_renegotiate_filter", regress_bufferevent_openssl, 48195584Sanholt TT_ISOLATED, 48295584Sanholt &basic_setup, (void*)"filter renegotiate" }, 48395584Sanholt { "bufferevent_socketpair_startopen", regress_bufferevent_openssl, 48495584Sanholt TT_ISOLATED, &basic_setup, (void*)"socketpair open" }, 48595584Sanholt { "bufferevent_filter_startopen", regress_bufferevent_openssl, 48695584Sanholt TT_ISOLATED, &basic_setup, (void*)"filter open" }, 48795584Sanholt 48895584Sanholt { "bufferevent_connect", regress_bufferevent_openssl_connect, 48995584Sanholt TT_FORK|TT_NEED_BASE, &basic_setup, NULL }, 49095584Sanholt 49195584Sanholt END_OF_TESTCASES, 49295584Sanholt}; 49395584Sanholt