Fix CVE-2017-6891 in minitasn1 code

[platform/upstream/gnutls.git] / tests / mini-dtls-rehandshake.c

diff --git a/tests/mini-dtls-rehandshake.c b/tests/mini-dtls-rehandshake.c
index 9e47178..8f4f38d 100644 (file)
--- a/tests/mini-dtls-rehandshake.c
+++ b/tests/mini-dtls-rehandshake.c
@@ -69,6 +69,8 @@ static void client_log_func(int level, const char *str)
 #define MAX_BUF 1024
 #define MSG "Hello TLS"
 
+gnutls_session_t session;
+
 static ssize_t
 push(gnutls_transport_ptr_t tr, const void *data, size_t len)
 {
@@ -82,8 +84,6 @@ static void client(int fd, int server_init)
        int ret;
        char buffer[MAX_BUF + 1];
        gnutls_anon_client_credentials_t anoncred;
-       gnutls_session_t session;
-
        /* Need to enable anonymous KX specifically. */
 
        global_init();
@@ -134,7 +134,7 @@ static void client(int fd, int server_init)
                        (gnutls_protocol_get_version(session)));
 
        if (!server_init) {
-               sec_sleep(60);
+               sleep(60);
                if (debug)
                        success("Initiating client rehandshake\n");
                do {
@@ -194,8 +194,27 @@ static void client(int fd, int server_init)
 
 
 /* These are global */
+gnutls_anon_server_credentials_t anoncred;
 pid_t child;
 
+static gnutls_session_t initialize_tls_session(void)
+{
+       gnutls_session_t session;
+
+       gnutls_init(&session, GNUTLS_SERVER | GNUTLS_DATAGRAM);
+       gnutls_dtls_set_mtu(session, 1500);
+
+       /* avoid calling all the priority functions, since the defaults
+        * are adequate.
+        */
+       gnutls_priority_set_direct(session,
+                                  "NONE:+VERS-DTLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL",
+                                  NULL);
+
+       gnutls_credentials_set(session, GNUTLS_CRD_ANON, anoncred);
+
+       return session;
+}
 
 static void terminate(void)
 {
@@ -210,8 +229,6 @@ static void server(int fd, int server_init)
 {
        int ret;
        char buffer[MAX_BUF + 1];
-       gnutls_anon_server_credentials_t anoncred;
-       gnutls_session_t session;
        /* this must be called once in the program
         */
        global_init();
@@ -223,17 +240,7 @@ static void server(int fd, int server_init)
 
        gnutls_anon_allocate_server_credentials(&anoncred);
 
-       gnutls_init(&session, GNUTLS_SERVER | GNUTLS_DATAGRAM);
-       gnutls_dtls_set_mtu(session, 1500);
-
-       /* avoid calling all the priority functions, since the defaults
-        * are adequate.
-        */
-       gnutls_priority_set_direct(session,
-                                  "NONE:+VERS-DTLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL",
-                                  NULL);
-
-       gnutls_credentials_set(session, GNUTLS_CRD_ANON, anoncred);
+       session = initialize_tls_session();
 
        gnutls_transport_set_int(session, fd);
        gnutls_transport_set_push_function(session, push);
@@ -360,7 +367,7 @@ static void start(int server_initiated)
        }
 
        if (child) {
-               int status = 0;
+               int status;
                /* parent */
 
                server(fd[0], server_initiated);