xref: /openbsd-src/regress/lib/libtls/config/configtest.c (revision 141c93e2a20bfc66591c104e112b9ad964e23e22) 
1*141c93e2Stb /* $OpenBSD: configtest.c,v 1.5 2024/08/02 16:02:35 tb Exp $ */
240317078Sjsing /*
340317078Sjsing  * Copyright (c) 2017 Joel Sing <jsing@openbsd.org>
440317078Sjsing  *
540317078Sjsing  * Permission to use, copy, modify, and distribute this software for any
640317078Sjsing  * purpose with or without fee is hereby granted, provided that the above
740317078Sjsing  * copyright notice and this permission notice appear in all copies.
840317078Sjsing  *
940317078Sjsing  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
1040317078Sjsing  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
1140317078Sjsing  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
1240317078Sjsing  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
1340317078Sjsing  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
1440317078Sjsing  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
1540317078Sjsing  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
1640317078Sjsing  */
1740317078Sjsing 
1840317078Sjsing #include <err.h>
1940317078Sjsing #include <stdio.h>
2040317078Sjsing #include <stdlib.h>
2140317078Sjsing 
2240317078Sjsing #include <tls.h>
2340317078Sjsing 
2440317078Sjsing struct parse_protocols_test {
2540317078Sjsing 	const char *protostr;
2640317078Sjsing 	int want_return;
2740317078Sjsing 	uint32_t want_protocols;
2840317078Sjsing };
2940317078Sjsing 
3040317078Sjsing struct parse_protocols_test parse_protocols_tests[] = {
3140317078Sjsing 	{
3240317078Sjsing 		.protostr = NULL,
3340317078Sjsing 		.want_return = 0,
3440317078Sjsing 		.want_protocols = TLS_PROTOCOLS_DEFAULT,
3540317078Sjsing 	},
3640317078Sjsing 	{
3740317078Sjsing 		.protostr = "default",
3840317078Sjsing 		.want_return = 0,
3940317078Sjsing 		.want_protocols = TLS_PROTOCOLS_DEFAULT,
4040317078Sjsing 	},
4140317078Sjsing 	{
4240317078Sjsing 		.protostr = "secure",
4340317078Sjsing 		.want_return = 0,
4440317078Sjsing 		.want_protocols = TLS_PROTOCOLS_DEFAULT,
4540317078Sjsing 	},
4640317078Sjsing 	{
4740317078Sjsing 		.protostr = "all",
4840317078Sjsing 		.want_return = 0,
4940317078Sjsing 		.want_protocols = TLS_PROTOCOLS_ALL,
5040317078Sjsing 	},
5140317078Sjsing 	{
5240317078Sjsing 		.protostr = "tlsv1",
5340317078Sjsing 		.want_return = 0,
5440317078Sjsing 		.want_protocols = TLS_PROTOCOL_TLSv1,
5540317078Sjsing 	},
5640317078Sjsing 	{
5740317078Sjsing 		.protostr = "tlsv1.2",
5840317078Sjsing 		.want_return = 0,
5940317078Sjsing 		.want_protocols = TLS_PROTOCOL_TLSv1_2,
6040317078Sjsing 	},
6140317078Sjsing 	{
627bed9f40Sjsing 		.protostr = "tlsv1.3",
637bed9f40Sjsing 		.want_return = 0,
647bed9f40Sjsing 		.want_protocols = TLS_PROTOCOL_TLSv1_3,
657bed9f40Sjsing 	},
667bed9f40Sjsing 	{
6740317078Sjsing 		.protostr = "",
6840317078Sjsing 		.want_return = -1,
6940317078Sjsing 		.want_protocols = 0,
7040317078Sjsing 	},
7140317078Sjsing 	{
727bed9f40Sjsing 		.protostr = "tlsv1.0:tlsv1.1:tlsv1.2:tlsv1.3",
7340317078Sjsing 		.want_return = 0,
740c5dceccStb 		.want_protocols = TLS_PROTOCOL_TLSv1_0 | TLS_PROTOCOL_TLSv1_1 |
750c5dceccStb 		    TLS_PROTOCOL_TLSv1_2 | TLS_PROTOCOL_TLSv1_3,
7640317078Sjsing 	},
7740317078Sjsing 	{
787bed9f40Sjsing 		.protostr = "tlsv1.0,tlsv1.1,tlsv1.2,tlsv1.3",
7940317078Sjsing 		.want_return = 0,
800c5dceccStb 		.want_protocols = TLS_PROTOCOL_TLSv1_0 | TLS_PROTOCOL_TLSv1_1 |
810c5dceccStb 		    TLS_PROTOCOL_TLSv1_2 | TLS_PROTOCOL_TLSv1_3,
8240317078Sjsing 	},
8340317078Sjsing 	{
8440317078Sjsing 		.protostr = "tlsv1.1,tlsv1.2,tlsv1.0",
8540317078Sjsing 		.want_return = 0,
860c5dceccStb 		.want_protocols = TLS_PROTOCOL_TLSv1_0 | TLS_PROTOCOL_TLSv1_1 |
870c5dceccStb 		    TLS_PROTOCOL_TLSv1_2,
8840317078Sjsing 	},
8940317078Sjsing 	{
9040317078Sjsing 		.protostr = "tlsv1.1,tlsv1.2,tlsv1.1",
9140317078Sjsing 		.want_return = 0,
920c5dceccStb 		.want_protocols = TLS_PROTOCOL_TLSv1_1 | TLS_PROTOCOL_TLSv1_2,
9340317078Sjsing 	},
9440317078Sjsing 	{
9540317078Sjsing 		.protostr = "tlsv1.1,tlsv1.2,!tlsv1.1",
9640317078Sjsing 		.want_return = 0,
970c5dceccStb 		.want_protocols = TLS_PROTOCOL_TLSv1_2,
9840317078Sjsing 	},
9940317078Sjsing 	{
10040317078Sjsing 		.protostr = "unknown",
10140317078Sjsing 		.want_return = -1,
10240317078Sjsing 		.want_protocols = 0,
10340317078Sjsing 	},
10440317078Sjsing 	{
10540317078Sjsing 		.protostr = "all,!unknown",
10640317078Sjsing 		.want_return = -1,
10740317078Sjsing 		.want_protocols = 0,
10840317078Sjsing 	},
10940317078Sjsing 	{
11040317078Sjsing 		.protostr = "sslv3,tlsv1.0,tlsv1.1,tlsv1.2",
11140317078Sjsing 		.want_return = -1,
11240317078Sjsing 		.want_protocols = 0,
11340317078Sjsing 	},
11440317078Sjsing 	{
11540317078Sjsing 		.protostr = "all,!tlsv1.0",
11640317078Sjsing 		.want_return = 0,
117*141c93e2Stb 		.want_protocols = TLS_PROTOCOL_TLSv1_2 | TLS_PROTOCOL_TLSv1_3,
11840317078Sjsing 	},
11940317078Sjsing 	{
12040317078Sjsing 		.protostr = "!tlsv1.0",
12140317078Sjsing 		.want_return = 0,
122*141c93e2Stb 		.want_protocols = TLS_PROTOCOL_TLSv1_2 | TLS_PROTOCOL_TLSv1_3,
12340317078Sjsing 	},
12440317078Sjsing 	{
1257bed9f40Sjsing 		.protostr = "!tlsv1.0,!tlsv1.1,!tlsv1.3",
12640317078Sjsing 		.want_return = 0,
1270c5dceccStb 		.want_protocols = TLS_PROTOCOL_TLSv1_2,
12840317078Sjsing 	},
12940317078Sjsing 	{
1307bed9f40Sjsing 		.protostr = "!tlsv1.0,!tlsv1.1,tlsv1.2,!tlsv1.3",
13140317078Sjsing 		.want_return = 0,
13240317078Sjsing 		.want_protocols = TLS_PROTOCOL_TLSv1_2,
13340317078Sjsing 	},
13440317078Sjsing };
13540317078Sjsing 
13640317078Sjsing #define N_PARSE_PROTOCOLS_TESTS \
13740317078Sjsing     (sizeof(parse_protocols_tests) / sizeof(*parse_protocols_tests))
13840317078Sjsing 
13940317078Sjsing static int
14040317078Sjsing do_parse_protocols_test(int test_no, struct parse_protocols_test *ppt)
14140317078Sjsing {
14240317078Sjsing 	uint32_t protocols = 0;
14340317078Sjsing 	int failed = 1;
14440317078Sjsing 	int rv;
14540317078Sjsing 
14640317078Sjsing 	rv = tls_config_parse_protocols(&protocols, ppt->protostr);
14740317078Sjsing 	if (rv != ppt->want_return) {
14840317078Sjsing 		fprintf(stderr, "FAIL: test %i - tls_config_parse_protocols() "
14940317078Sjsing 		    "returned %i, want %i\n", test_no, rv, ppt->want_return);
15040317078Sjsing 		goto done;
15140317078Sjsing 	}
15240317078Sjsing 	if (protocols != ppt->want_protocols) {
15340317078Sjsing 		fprintf(stderr, "FAIL: test %i - got protocols 0x%x, "
15440317078Sjsing 		    "want 0x%x\n", test_no, protocols, ppt->want_protocols);
15540317078Sjsing 		goto done;
15640317078Sjsing 	}
15740317078Sjsing 
15840317078Sjsing 	failed = 0;
15940317078Sjsing 
16040317078Sjsing  done:
16140317078Sjsing 	return (failed);
16240317078Sjsing }
16340317078Sjsing 
16440317078Sjsing int
16540317078Sjsing main(int argc, char **argv)
16640317078Sjsing {
16740317078Sjsing 	int failed = 0;
16840317078Sjsing 	size_t i;
16940317078Sjsing 
17040317078Sjsing 	tls_init();
17140317078Sjsing 
17240317078Sjsing 	for (i = 0; i < N_PARSE_PROTOCOLS_TESTS; i++)
17340317078Sjsing 		failed += do_parse_protocols_test(i, &parse_protocols_tests[i]);
17440317078Sjsing 
17540317078Sjsing 	return (failed);
17640317078Sjsing }
177