cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-09-24 05:00:45 -04:00
Code Issues Packages Projects Releases Wiki Activity

mbedtls_test_ssl_endpoint_init: split configuration and setup

Browse Source 
Split `mbedtls_test_ssl_endpoint_init()` into two separate stages:
constructing the SSL configuration, and setting up an SSL session context
with that configuration.

No behavior change.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
Gilles Peskine 2025-06-01 21:53:52 +02:00
parent 00eb072846
commit 6edb76cba4
2 changed files with 80 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

61
tests/include/test/ssl_helpers.h
View File

@ -447,18 +447,59 @@ int mbedtls_test_ssl_endpoint_certificate_init(mbedtls_test_ssl_endpoint *ep,
int opaque_alg, int opaque_alg2, int opaque_alg, int opaque_alg2,
int opaque_usage); int opaque_usage);
/* /** Initialize the configuration in an SSL endpoint structure.
* Initializes \p ep structure. It is important to call
* `mbedtls_test_ssl_endpoint_free()` after calling this function
* even if it fails.
* *
* \note For DTLS, after calling this function on both endpoints, * \note You must call `mbedtls_test_ssl_endpoint_free()` after
* call mbedtls_test_ssl_dtls_join_endpoints(). * calling this function, even if it fails. This is necessary to
* free data that may have been stored in the endpoint structure.
* *
* \p endpoint_type must be set as MBEDTLS_SSL_IS_SERVER or * \param[out] ep The endpoint structure to configure.
* MBEDTLS_SSL_IS_CLIENT. * \param endpoint_type #MBEDTLS_SSL_IS_SERVER or #MBEDTLS_SSL_IS_CLIENT.
* \p pk_alg the algorithm to use, currently only MBEDTLS_PK_RSA and * \param[in] options The options to use for configuring the endpoint
* MBEDTLS_PK_ECDSA are supported. * structure.
*
* \retval 0 on success, otherwise error code.
*/
int mbedtls_test_ssl_endpoint_init_conf(
mbedtls_test_ssl_endpoint *ep, int endpoint_type,
const mbedtls_test_handshake_test_options *options);
/** Initialize the session context in an endpoint structure.
*
* \note The endpoint structure must have been set up with
* mbedtls_test_ssl_endpoint_init_conf() with the same \p options.
* Between calling mbedtls_test_ssl_endpoint_init_conf() and
* mbedtls_test_ssl_endpoint_init_ssl(), you may configure `ep->ssl`
* further if you know what you're doing.
*
* \note You must call `mbedtls_test_ssl_endpoint_free()` after
* calling this function, even if it fails. This is necessary to
* free data that may have been stored in the endpoint structure.
*
* \param[out] ep The endpoint structure to set up.
* \param[in] options The options used for configuring the endpoint
* structure.
*
* \retval 0 on success, otherwise error code.
*/
int mbedtls_test_ssl_endpoint_init_ssl(
mbedtls_test_ssl_endpoint *ep,
const mbedtls_test_handshake_test_options *options);
/** Initialize the configuration and a context in an SSL endpoint structure.
*
* This function is equivalent to calling
* mbedtls_test_ssl_endpoint_init_conf() followed by
* mbedtls_test_ssl_endpoint_init_ssl().
*
* \note You must call `mbedtls_test_ssl_endpoint_free()` after
* calling this function, even if it fails. This is necessary to
* free data that may have been stored in the endpoint structure.
*
* \param[out] ep The endpoint structure to configure.
* \param endpoint_type #MBEDTLS_SSL_IS_SERVER or #MBEDTLS_SSL_IS_CLIENT.
* \param[in] options The options to use for configuring the endpoint
* structure.
* *
* \retval 0 on success, otherwise error code. * \retval 0 on success, otherwise error code.
*/ */

31
tests/src/test_helpers/ssl_helpers.c
View File

@ -800,7 +800,7 @@ exit:
return ret; return ret;
} }
int mbedtls_test_ssl_endpoint_init( int mbedtls_test_ssl_endpoint_init_conf(
mbedtls_test_ssl_endpoint *ep, int endpoint_type, mbedtls_test_ssl_endpoint *ep, int endpoint_type,
const mbedtls_test_handshake_test_options *options) const mbedtls_test_handshake_test_options *options)
{ {
@ -968,7 +968,22 @@ int mbedtls_test_ssl_endpoint_init(
ep->user_data_cookie); ep->user_data_cookie);
mbedtls_ssl_conf_set_user_data_p(&ep->conf, ep); mbedtls_ssl_conf_set_user_data_p(&ep->conf, ep);
/* We've finished the configuration. Now set up a context. */ return 0;
exit:
if (ret == 0) {
/* Exiting due to a test assertion that isn't ret == 0 */
ret = -1;
}
return ret;
}
int mbedtls_test_ssl_endpoint_init_ssl(
mbedtls_test_ssl_endpoint *ep,
const mbedtls_test_handshake_test_options *options)
{
int endpoint_type = mbedtls_ssl_conf_get_endpoint(&ep->conf);
int ret = -1;
ret = mbedtls_ssl_setup(&(ep->ssl), &(ep->conf)); ret = mbedtls_ssl_setup(&(ep->ssl), &(ep->conf));
TEST_EQUAL(ret, 0); TEST_EQUAL(ret, 0);
@ -1009,6 +1024,18 @@ exit:
return ret; return ret;
} }
int mbedtls_test_ssl_endpoint_init(
mbedtls_test_ssl_endpoint *ep, int endpoint_type,
const mbedtls_test_handshake_test_options *options)
{
int ret = mbedtls_test_ssl_endpoint_init_conf(ep, endpoint_type, options);
if (ret != 0) {
return ret;
}
ret = mbedtls_test_ssl_endpoint_init_ssl(ep, options);
return ret;
}
void mbedtls_test_ssl_endpoint_free( void mbedtls_test_ssl_endpoint_free(
mbedtls_test_ssl_endpoint *ep) mbedtls_test_ssl_endpoint *ep)
{ {