2 * Copyright (C) 2012 Free Software Foundation, Inc.
4 * Author: Nikos Mavrogiannopoulos
6 * This file is part of GnuTLS.
8 * GnuTLS is free software; you can redistribute it and/or modify it
9 * under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 3 of the License, or
11 * (at your option) any later version.
13 * GnuTLS is distributed in the hope that it will be useful, but
14 * WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 * General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with GnuTLS; if not, write to the Free Software Foundation,
20 * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
40 #include <sys/types.h>
41 #include <netinet/in.h>
42 #include <sys/socket.h>
44 #include <arpa/inet.h>
46 #include <gnutls/gnutls.h>
47 #include <gnutls/dtls.h>
52 /* This program tests whether a DTLS handshake would timeout
53 * in the expected time.
56 static void print_type(const unsigned char *buf, int size)
58 if (buf[0] == 22 && size >= 13) {
60 fprintf(stderr, "Client Hello\n");
61 else if (buf[13] == 2)
62 fprintf(stderr, "Server Hello\n");
63 else if (buf[13] == 12)
64 fprintf(stderr, "Server Key exchange\n");
65 else if (buf[13] == 14)
66 fprintf(stderr, "Server Hello Done\n");
67 else if (buf[13] == 11)
68 fprintf(stderr, "Certificate\n");
69 else if (buf[13] == 16)
70 fprintf(stderr, "Client Key Exchange\n");
72 fprintf(stderr, "Finished\n");
73 else if (buf[13] == 11)
74 fprintf(stderr, "Server Hello Done\n");
76 fprintf(stderr, "Unknown handshake\n");
77 } else if (buf[0] == 20) {
78 fprintf(stderr, "Change Cipher Spec\n");
80 fprintf(stderr, "Unknown\n");
83 static void server_log_func(int level, const char *str)
85 fprintf(stderr, "server|<%d>| %s", level, str);
88 static void client_log_func(int level, const char *str)
90 fprintf(stderr, "client|<%d>| %s", level, str);
93 /* A very basic TLS client, with anonymous authentication.
97 static int packet_to_lose;
100 push(gnutls_transport_ptr_t tr, const void *data, size_t len)
102 int fd = (long int) tr;
106 if (packet_to_lose != -1 && packet_to_lose == counter) {
108 fprintf(stderr, "Discarding packet %d: ", counter);
109 print_type(data, len);
116 return send(fd, data, len, 0);
119 static void client(int fd, unsigned timeout)
122 gnutls_anon_client_credentials_t anoncred;
123 gnutls_session_t session;
124 /* Need to enable anonymous KX specifically. */
129 gnutls_global_set_log_function(client_log_func);
130 gnutls_global_set_log_level(4711);
133 gnutls_anon_allocate_client_credentials(&anoncred);
135 /* Initialize TLS session
137 gnutls_init(&session, GNUTLS_CLIENT | GNUTLS_DATAGRAM);
138 gnutls_dtls_set_mtu(session, 1500);
139 gnutls_dtls_set_timeouts(session, 1 * 1000, timeout * 1000);
141 /* Use default priorities */
142 gnutls_priority_set_direct(session,
143 "NONE:+VERS-DTLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL",
146 /* put the anonymous credentials to the current session
148 gnutls_credentials_set(session, GNUTLS_CRD_ANON, anoncred);
152 gnutls_transport_set_int(session, fd);
154 /* Perform the TLS handshake
157 ret = gnutls_handshake(session);
159 while (ret < 0 && (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED));
161 gnutls_deinit(session);
162 gnutls_anon_free_client_credentials(anoncred);
163 gnutls_global_deinit();
166 if (ret == GNUTLS_E_TIMEDOUT) {
168 success("client: received timeout\n");
171 fail("client: Handshake failed with unexpected reason: %s\n", gnutls_strerror(ret));
173 fail("client: Handshake was completed (unexpected)\n");
178 /* These are global */
181 static void server(int fd, int packet, unsigned timeout)
183 gnutls_anon_server_credentials_t anoncred;
184 gnutls_session_t session;
186 /* this must be called once in the program
191 gnutls_global_set_log_function(server_log_func);
192 gnutls_global_set_log_level(4711);
195 gnutls_anon_allocate_server_credentials(&anoncred);
197 gnutls_init(&session, GNUTLS_SERVER | GNUTLS_DATAGRAM);
198 gnutls_dtls_set_mtu(session, 1500);
199 gnutls_dtls_set_timeouts(session, 1 * 1000, timeout * 1000);
201 /* avoid calling all the priority functions, since the defaults
204 gnutls_priority_set_direct(session,
205 "NONE:+VERS-DTLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL",
208 gnutls_credentials_set(session, GNUTLS_CRD_ANON, anoncred);
211 packet_to_lose = packet;
213 gnutls_transport_set_int(session, fd);
214 gnutls_transport_set_push_function(session, push);
217 ret = gnutls_handshake(session);
219 while (ret < 0 && (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED));
221 gnutls_deinit(session);
222 gnutls_anon_free_server_credentials(anoncred);
223 gnutls_global_deinit();
226 if (ret == GNUTLS_E_TIMEDOUT) {
228 success("server received timeout\n");
231 fail("server: Handshake failed with unexpected reason: %s\n", gnutls_strerror(ret));
233 fail("server: Handshake was completed (unexpected)\n");
241 static void start(int server_packet, int wait_server)
247 fprintf(stderr, "\nWill discard server packet %d\n",
250 /* we need dgram in this test */
251 ret = socketpair(AF_UNIX, SOCK_DGRAM, 0, fd);
253 perror("socketpair");
268 server(fd[1], server_packet, 30);
272 kill(child, SIGTERM);
278 server(fd[0], server_packet, 32);
284 static void ch_handler(int sig)
288 if (WEXITSTATUS(status) != 0)
289 fail("Child died with status %d\n", WEXITSTATUS(status));
295 time_t tstart, tstop;
296 int tries = 5; /* we try multiple times because in very busy systems the suite may fail to finish on time */
298 signal(SIGCHLD, ch_handler);
299 signal(SIGPIPE, SIG_IGN);
302 for (;tries>=0;tries--) {
308 tstop = tstop - tstart;
310 if (!(tstop < 40 && tstop > 25)) {
312 fail("Client wait time difference: %u\n", (unsigned) tstop);
314 success("Client wait time difference: %u\n", (unsigned) tstop);
319 for (;tries>=0;tries--) {
325 tstop = tstop - tstart;
327 if (!(tstop < 40 && tstop > 25)) {
329 fail("Server wait time difference: %u\n", (unsigned) tstop);
331 success("Server wait time difference: %u\n", (unsigned) tstop);