OpenCoverage

ssl_lib.c

Absolute File Name:

/home/opencoverage/opencoverage/guest-scripts/libressl/src/ssl/ssl_lib.c

Source code

Switch to Preprocessed file

Line Source Count

1 /* $OpenBSD: ssl_lib.c,v 1.189 2018/09/05 16:58:59 jsing Exp $ */ -

4 * -

5 * This package is an SSL implementation written -

6 * by Eric Young (eay@cryptsoft.com). -

7 * The implementation was written so as to conform with Netscapes SSL. -

8 * -

9 * This library is free for commercial and non-commercial use as long as -

10 * the following conditions are aheared to. The following conditions -

11 * apply to all code found in this distribution, be it the RC4, RSA, -

12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation -

13 * included with this distribution is covered by the same copyright terms -

14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). -

15 * -

16 * Copyright remains Eric Young's, and as such any Copyright notices in -

17 * the code are not to be removed. -

18 * If this package is used in a product, Eric Young should be given attribution -

19 * as the author of the parts of the library used. -

20 * This can be in the form of a textual message at program startup or -

21 * in documentation (online or textual) provided with the package. -

22 * -

23 * Redistribution and use in source and binary forms, with or without -

24 * modification, are permitted provided that the following conditions -

25 * are met: -

26 * 1. Redistributions of source code must retain the copyright -

27 * notice, this list of conditions and the following disclaimer. -

28 * 2. Redistributions in binary form must reproduce the above copyright -

29 * notice, this list of conditions and the following disclaimer in the -

30 * documentation and/or other materials provided with the distribution. -

31 * 3. All advertising materials mentioning features or use of this software -

32 * must display the following acknowledgement: -

33 * "This product includes cryptographic software written by -

34 * Eric Young (eay@cryptsoft.com)" -

35 * The word 'cryptographic' can be left out if the rouines from the library -

36 * being used are not cryptographic related :-). -

37 * 4. If you include any Windows specific code (or a derivative thereof) from -

38 * the apps directory (application code) you must include an acknowledgement: -

39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" -

40 * -

41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND -

42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -

43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -

44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE -

45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -

46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -

47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -

48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -

49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -

50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -

51 * SUCH DAMAGE. -

52 * -

53 * The licence and distribution terms for any publically available version or -

54 * derivative of this code cannot be changed. i.e. this code cannot simply be -

55 * copied and put under another distribution licence -

56 * [including the GNU Public Licence.] -

57 */ -

58 /* ==================================================================== -

60 * -

61 * Redistribution and use in source and binary forms, with or without -

62 * modification, are permitted provided that the following conditions -

63 * are met: -

64 * -

65 * 1. Redistributions of source code must retain the above copyright -

66 * notice, this list of conditions and the following disclaimer. -

67 * -

68 * 2. Redistributions in binary form must reproduce the above copyright -

69 * notice, this list of conditions and the following disclaimer in -

70 * the documentation and/or other materials provided with the -

71 * distribution. -

72 * -

73 * 3. All advertising materials mentioning features or use of this -

74 * software must display the following acknowledgment: -

75 * "This product includes software developed by the OpenSSL Project -

76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -

77 * -

78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -

79 * endorse or promote products derived from this software without -

80 * prior written permission. For written permission, please contact -

81 * openssl-core@openssl.org. -

82 * -

83 * 5. Products derived from this software may not be called "OpenSSL" -

84 * nor may "OpenSSL" appear in their names without prior written -

85 * permission of the OpenSSL Project. -

86 * -

87 * 6. Redistributions of any form whatsoever must retain the following -

88 * acknowledgment: -

89 * "This product includes software developed by the OpenSSL Project -

90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)" -

91 * -

92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -

93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -

94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -

95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -

96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -

97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -

98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -

99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -

100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -

101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -

102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -

103 * OF THE POSSIBILITY OF SUCH DAMAGE. -

104 * ==================================================================== -

105 * -

106 * This product includes cryptographic software written by Eric Young -

107 * (eay@cryptsoft.com). This product includes software written by Tim -

108 * Hudson (tjh@cryptsoft.com). -

109 * -

110 */ -

111 /* ==================================================================== -

113 * ECC cipher suite support in OpenSSL originally developed by -

114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. -

115 */ -

116 /* ==================================================================== -

118 * -

119 * The portions of the attached software ("Contribution") is developed by -

120 * Nokia Corporation and is licensed pursuant to the OpenSSL open source -

121 * license. -

122 * -

123 * The Contribution, originally written by Mika Kousa and Pasi Eronen of -

124 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites -

125 * support (see RFC 4279) to OpenSSL. -

126 * -

127 * No patent licenses or other rights except those expressly stated in -

128 * the OpenSSL open source license shall be deemed granted or received -

129 * expressly, by implication, estoppel, or otherwise. -

130 * -

131 * No assurances are provided by Nokia that the Contribution does not -

132 * infringe the patent or other intellectual property rights of any third -

133 * party or that the license provides you with all the necessary rights -

134 * to make use of the Contribution. -

135 * -

136 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN -

137 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA -

138 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY -

139 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR -

140 * OTHERWISE. -

141 */ -

142 -

143 #include <stdio.h> -

144 -

145 #include "ssl_locl.h" -

146 -

147 #include <openssl/bn.h> -

148 #include <openssl/dh.h> -

149 #include <openssl/lhash.h> -

150 #include <openssl/objects.h> -

151 #include <openssl/ocsp.h> -

152 #include <openssl/x509v3.h> -

153 -

154 #ifndef OPENSSL_NO_ENGINE -

155 #include <openssl/engine.h> -

156 #endif -

157 -

158 #include "bytestring.h" -

159 -

160 const char *SSL_version_str = OPENSSL_VERSION_TEXT; -

161 -

162 int -

163 SSL_clear(SSL *s) -

164 { -

165

if (s->method == NULL) {

s->method == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 341 times by 11 tests Evaluated by: cipher_list cipherstest clienttest libssl.so.46.0.1 servertest ssl_versions ssltest tls_ext_alpn tls_prf tlsexttest tlstest

0-341

166 SSLerror(s, SSL_R_NO_METHOD_SPECIFIED); -

167

return (0);

never executed: return (0);

168 } -

169 -

170

if (ssl_clear_bad_session(s)) {

ssl_clear_bad_session(s)	Description
TRUE	never evaluated
FALSE	evaluated 341 times by 11 tests Evaluated by: cipher_list cipherstest clienttest libssl.so.46.0.1 servertest ssl_versions ssltest tls_ext_alpn tls_prf tlsexttest tlstest

0-341

171 SSL_SESSION_free(s->session); -

172 s->session = NULL; -

173

}

never executed: end of block

174 -

175 s->error = 0; -

176 s->internal->hit = 0; -

177 s->internal->shutdown = 0; -

178 -

179

if (s->internal->renegotiate) {

s->internal->renegotiate	Description
TRUE	never evaluated
FALSE	evaluated 341 times by 11 tests Evaluated by: cipher_list cipherstest clienttest libssl.so.46.0.1 servertest ssl_versions ssltest tls_ext_alpn tls_prf tlsexttest tlstest

0-341

180 SSLerror(s, ERR_R_INTERNAL_ERROR); -

181

return (0);

never executed: return (0);

182 } -

183 -

184 s->internal->type = 0; -

185 -

186 s->version = s->method->internal->version; -

187 s->client_version = s->version; -

188 s->internal->rwstate = SSL_NOTHING; -

189 s->internal->rstate = SSL_ST_READ_HEADER; -

190 -

191 BUF_MEM_free(s->internal->init_buf); -

192 s->internal->init_buf = NULL; -

193 -

194 ssl_clear_cipher_state(s); -

195 -

196 s->internal->first_packet = 0; -

197 -

198 /* -

199 * Check to see if we were changed into a different method, if -

200 * so, revert back if we are not doing session-id reuse. -

201 */ -

202

if (!s->internal->in_handshake && (s->session == NULL) &&

!s->internal->in_handshake	Description
TRUE	evaluated 202 times by 11 tests Evaluated by: cipher_list cipherstest clienttest libssl.so.46.0.1 servertest ssl_versions ssltest tls_ext_alpn tls_prf tlsexttest tlstest
FALSE	evaluated 139 times by 4 tests Evaluated by: clienttest servertest ssltest tlstest

(s->session == ((void *)0) )	Description
TRUE	evaluated 202 times by 11 tests Evaluated by: cipher_list cipherstest clienttest libssl.so.46.0.1 servertest ssl_versions ssltest tls_ext_alpn tls_prf tlsexttest tlstest
FALSE	never evaluated

0-202

203

(s->method != s->ctx->method)) {

(s->method != s->ctx->method)	Description
TRUE	never evaluated
FALSE	evaluated 202 times by 11 tests Evaluated by: cipher_list cipherstest clienttest libssl.so.46.0.1 servertest ssl_versions ssltest tls_ext_alpn tls_prf tlsexttest tlstest

0-202

204 s->method->internal->ssl_free(s); -

205 s->method = s->ctx->method; -

206

if (!s->method->internal->ssl_new(s))

!s->method->in...al->ssl_new(s)	Description
TRUE	never evaluated
FALSE	never evaluated

207

return (0);

never executed: return (0);

208

} else

never executed: end of block

209

s->method->internal->ssl_clear(s);

executed 341 times by 11 tests: s->method->internal->ssl_clear(s);

Executed by:

cipher_list
cipherstest
clienttest
libssl.so.46.0.1
servertest
ssl_versions
ssltest
tls_ext_alpn
tls_prf
tlsexttest
tlstest

341

210 -

211 S3I(s)->hs.state = SSL_ST_BEFORE|((s->server) ? SSL_ST_ACCEPT : SSL_ST_CONNECT); -

212 -

213

return (1);

executed 341 times by 11 tests: return (1);

Executed by:

cipher_list
cipherstest
clienttest
libssl.so.46.0.1
servertest
ssl_versions
ssltest
tls_ext_alpn
tls_prf
tlsexttest
tlstest

341

214 } -

215 -

216 /* Used to change an SSL_CTXs default SSL method type */ -

217 int -

218 SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth) -

219 { -

220 STACK_OF(SSL_CIPHER) *sk; -

221 -

222 ctx->method = meth; -

223 -

224 sk = ssl_create_cipher_list(ctx->method, &(ctx->cipher_list), -

225 &(ctx->internal->cipher_list_by_id), SSL_DEFAULT_CIPHER_LIST); -

226

if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= 0)) {

(sk == ((void *)0) )	Description
TRUE	never evaluated
FALSE	never evaluated

(sk_num(((_STA...ER*)0))) <= 0)	Description
TRUE	never evaluated
FALSE	never evaluated

227 SSLerrorx(SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS); -

228

return (0);

never executed: return (0);

229 } -

230

return (1);

never executed: return (1);

231 } -

232 -

233 SSL * -

234 SSL_new(SSL_CTX *ctx) -

235 { -

236 SSL *s; -

237 -

238

if (ctx == NULL) {

ctx == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 202 times by 11 tests Evaluated by: cipher_list cipherstest clienttest libssl.so.46.0.1 servertest ssl_versions ssltest tls_ext_alpn tls_prf tlsexttest tlstest

0-202

239 SSLerrorx(SSL_R_NULL_SSL_CTX); -

240

return (NULL);

never executed: return ( ((void *)0) );

241 } -

242

if (ctx->method == NULL) {

ctx->method == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 202 times by 11 tests Evaluated by: cipher_list cipherstest clienttest libssl.so.46.0.1 servertest ssl_versions ssltest tls_ext_alpn tls_prf tlsexttest tlstest

0-202

243 SSLerrorx(SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION); -

244

return (NULL);

never executed: return ( ((void *)0) );

245 } -

246 -

247

if ((s = calloc(1, sizeof(*s))) == NULL) {

(s = calloc(1,...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 202 times by 11 tests Evaluated by: cipher_list cipherstest clienttest libssl.so.46.0.1 servertest ssl_versions ssltest tls_ext_alpn tls_prf tlsexttest tlstest

0-202

248 SSLerrorx(ERR_R_MALLOC_FAILURE); -

249

return (NULL);

never executed: return ( ((void *)0) );

250 } -

251

if ((s->internal = calloc(1, sizeof(*s->internal))) == NULL) {

(s->internal =...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 202 times by 11 tests Evaluated by: cipher_list cipherstest clienttest libssl.so.46.0.1 servertest ssl_versions ssltest tls_ext_alpn tls_prf tlsexttest tlstest

0-202

252 free(s); -

253 SSLerrorx(ERR_R_MALLOC_FAILURE); -

254

return (NULL);

never executed: return ( ((void *)0) );

255 } -

256 -

257 s->internal->min_version = ctx->internal->min_version; -

258 s->internal->max_version = ctx->internal->max_version; -

259 -

260 s->internal->options = ctx->internal->options; -

261 s->internal->mode = ctx->internal->mode; -

262 s->internal->max_cert_list = ctx->internal->max_cert_list; -

263 -

264

if (ctx->internal->cert != NULL) {

ctx->internal-...!= ((void *)0)	Description
TRUE	evaluated 202 times by 11 tests Evaluated by: cipher_list cipherstest clienttest libssl.so.46.0.1 servertest ssl_versions ssltest tls_ext_alpn tls_prf tlsexttest tlstest
FALSE	never evaluated

0-202

265 /* -

266 * Earlier library versions used to copy the pointer to -

267 * the CERT, not its contents; only when setting new -

268 * parameters for the per-SSL copy, ssl_cert_new would be -

269 * called (and the direct reference to the per-SSL_CTX -

270 * settings would be lost, but those still were indirectly -

271 * accessed for various purposes, and for that reason they -

272 * used to be known as s->ctx->default_cert). -

273 * Now we don't look at the SSL_CTX's CERT after having -

274 * duplicated it once. -

275 */ -

276 s->cert = ssl_cert_dup(ctx->internal->cert); -

277

if (s->cert == NULL)

s->cert == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 202 times by 11 tests Evaluated by: cipher_list cipherstest clienttest libssl.so.46.0.1 servertest ssl_versions ssltest tls_ext_alpn tls_prf tlsexttest tlstest

0-202

278

goto err;

never executed: goto err;

279

} else

executed 202 times by 11 tests: end of block

Executed by:

cipher_list
cipherstest
clienttest
libssl.so.46.0.1
servertest
ssl_versions
ssltest
tls_ext_alpn
tls_prf
tlsexttest
tlstest

202

280

s->cert=NULL; /* Cannot really happen (see SSL_CTX_new) */

never executed: s->cert= ((void *)0) ;

281 -

282 s->internal->read_ahead = ctx->internal->read_ahead; -

283 s->internal->msg_callback = ctx->internal->msg_callback; -

284 s->internal->msg_callback_arg = ctx->internal->msg_callback_arg; -

285 s->verify_mode = ctx->verify_mode; -

286 s->sid_ctx_length = ctx->sid_ctx_length; -

287 OPENSSL_assert(s->sid_ctx_length <= sizeof s->sid_ctx); -

288 memcpy(&s->sid_ctx, &ctx->sid_ctx, sizeof(s->sid_ctx)); -

289 s->internal->verify_callback = ctx->internal->default_verify_callback; -

290 s->internal->generate_session_id = ctx->internal->generate_session_id; -

291 -

292 s->param = X509_VERIFY_PARAM_new(); -

293

if (!s->param)

!s->param	Description
TRUE	never evaluated
FALSE	evaluated 202 times by 11 tests Evaluated by: cipher_list cipherstest clienttest libssl.so.46.0.1 servertest ssl_versions ssltest tls_ext_alpn tls_prf tlsexttest tlstest

0-202

294

goto err;

never executed: goto err;

295 X509_VERIFY_PARAM_inherit(s->param, ctx->param); -

296 s->internal->quiet_shutdown = ctx->internal->quiet_shutdown; -

297 s->max_send_fragment = ctx->internal->max_send_fragment; -

298 -

299 CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX); -

300 s->ctx = ctx; -

301 s->internal->tlsext_debug_cb = 0; -

302 s->internal->tlsext_debug_arg = NULL; -

303 s->internal->tlsext_ticket_expected = 0; -

304 s->tlsext_status_type = -1; -

305 s->internal->tlsext_status_expected = 0; -

306 s->internal->tlsext_ocsp_ids = NULL; -

307 s->internal->tlsext_ocsp_exts = NULL; -

308 s->internal->tlsext_ocsp_resp = NULL; -

309 s->internal->tlsext_ocsp_resplen = -1; -

310 CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX); -

311 s->initial_ctx = ctx; -

312 -

313

if (ctx->internal->tlsext_ecpointformatlist != NULL) {

ctx->internal-...!= ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 202 times by 11 tests Evaluated by: cipher_list cipherstest clienttest libssl.so.46.0.1 servertest ssl_versions ssltest tls_ext_alpn tls_prf tlsexttest tlstest

0-202

314 s->internal->tlsext_ecpointformatlist = -

315 calloc(ctx->internal->tlsext_ecpointformatlist_length, -

316 sizeof(ctx->internal->tlsext_ecpointformatlist[0])); -

317

if (s->internal->tlsext_ecpointformatlist == NULL)

s->internal->t...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

318

goto err;

never executed: goto err;

319 memcpy(s->internal->tlsext_ecpointformatlist, -

320 ctx->internal->tlsext_ecpointformatlist, -

321 ctx->internal->tlsext_ecpointformatlist_length * -

322 sizeof(ctx->internal->tlsext_ecpointformatlist[0])); -

323 s->internal->tlsext_ecpointformatlist_length = -

324 ctx->internal->tlsext_ecpointformatlist_length; -

325

}

never executed: end of block

326

if (ctx->internal->tlsext_supportedgroups != NULL) {

ctx->internal-...!= ((void *)0)	Description
TRUE	evaluated 57 times by 2 tests Evaluated by: ssltest tlstest
FALSE	evaluated 145 times by 10 tests Evaluated by: cipher_list cipherstest clienttest libssl.so.46.0.1 servertest ssl_versions ssltest tls_ext_alpn tls_prf tlsexttest

57-145

327 s->internal->tlsext_supportedgroups = -

328 calloc(ctx->internal->tlsext_supportedgroups_length, -

329 sizeof(ctx->internal->tlsext_supportedgroups)); -

330

if (s->internal->tlsext_supportedgroups == NULL)

s->internal->t...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 57 times by 2 tests Evaluated by: ssltest tlstest

0-57

331

goto err;

never executed: goto err;

332 memcpy(s->internal->tlsext_supportedgroups, -

333 ctx->internal->tlsext_supportedgroups, -

334 ctx->internal->tlsext_supportedgroups_length * -

335 sizeof(ctx->internal->tlsext_supportedgroups[0])); -

336 s->internal->tlsext_supportedgroups_length = -

337 ctx->internal->tlsext_supportedgroups_length; -

338

}

executed 57 times by 2 tests: end of block

Executed by:

ssltest
tlstest

339 -

340

if (s->ctx->internal->alpn_client_proto_list != NULL) {

s->ctx->intern...!= ((void *)0)	Description
TRUE	evaluated 8 times by 1 test Evaluated by: ssltest
FALSE	evaluated 194 times by 11 tests Evaluated by: cipher_list cipherstest clienttest libssl.so.46.0.1 servertest ssl_versions ssltest tls_ext_alpn tls_prf tlsexttest tlstest

8-194

341 s->internal->alpn_client_proto_list = -

342 malloc(s->ctx->internal->alpn_client_proto_list_len); -

343

if (s->internal->alpn_client_proto_list == NULL)

s->internal->a...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 8 times by 1 test Evaluated by: ssltest

0-8

344

goto err;

never executed: goto err;

345 memcpy(s->internal->alpn_client_proto_list, -

346 s->ctx->internal->alpn_client_proto_list, -

347 s->ctx->internal->alpn_client_proto_list_len); -

348 s->internal->alpn_client_proto_list_len = -

349 s->ctx->internal->alpn_client_proto_list_len; -

350

}

executed 8 times by 1 test: end of block

Executed by:

ssltest

351 -

352 s->verify_result = X509_V_OK; -

353 -

354 s->method = ctx->method; -

355 -

356

if (!s->method->internal->ssl_new(s))

!s->method->in...al->ssl_new(s)	Description
TRUE	never evaluated
FALSE	evaluated 202 times by 11 tests Evaluated by: cipher_list cipherstest clienttest libssl.so.46.0.1 servertest ssl_versions ssltest tls_ext_alpn tls_prf tlsexttest tlstest

0-202

357

goto err;

never executed: goto err;

358 -

359 s->references = 1; -

360

s->server = (ctx->method->internal->ssl_accept == ssl_undefined_function) ? 0 : 1;

(ctx->method->...ined_function)	Description
TRUE	evaluated 36 times by 7 tests Evaluated by: cipher_list cipherstest clienttest libssl.so.46.0.1 tls_ext_alpn tlsexttest tlstest
FALSE	evaluated 166 times by 7 tests Evaluated by: cipherstest servertest ssl_versions ssltest tls_prf tlsexttest tlstest

36-166

361 -

362 SSL_clear(s); -

363 -

364 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->internal->ex_data); -

365 -

366

return (s);

executed 202 times by 11 tests: return (s);

Executed by:

cipher_list
cipherstest
clienttest
libssl.so.46.0.1
servertest
ssl_versions
ssltest
tls_ext_alpn
tls_prf
tlsexttest
tlstest

202

367 -

368 err: -

369 SSL_free(s); -

370 SSLerrorx(ERR_R_MALLOC_FAILURE); -

371

return (NULL);

never executed: return ( ((void *)0) );

372 } -

373 -

374 int -

375 SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid_ctx, -

376 unsigned int sid_ctx_len) -

377 { -

378

if (sid_ctx_len > sizeof ctx->sid_ctx) {

sid_ctx_len > ...f ctx->sid_ctx	Description
TRUE	never evaluated
FALSE	evaluated 54 times by 2 tests Evaluated by: ssltest tlstest

0-54

379 SSLerrorx(SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG); -

380

return (0);

never executed: return (0);

381 } -

382 ctx->sid_ctx_length = sid_ctx_len; -

383 memcpy(ctx->sid_ctx, sid_ctx, sid_ctx_len); -

384 -

385

return (1);

executed 54 times by 2 tests: return (1);

Executed by:

ssltest
tlstest

386 } -

387 -

388 int -

389 SSL_set_session_id_context(SSL *ssl, const unsigned char *sid_ctx, -

390 unsigned int sid_ctx_len) -

391 { -

392

if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) {

sid_ctx_len > 32	Description
TRUE	never evaluated
FALSE	never evaluated

393 SSLerror(ssl, SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG); -

394

return (0);

never executed: return (0);

395 } -

396 ssl->sid_ctx_length = sid_ctx_len; -

397 memcpy(ssl->sid_ctx, sid_ctx, sid_ctx_len); -

398 -

399

return (1);

never executed: return (1);

400 } -

401 -

402 int -

403 SSL_CTX_set_generate_session_id(SSL_CTX *ctx, GEN_SESSION_CB cb) -

404 { -

405 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX); -

406 ctx->internal->generate_session_id = cb; -

407 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX); -

408

return (1);

never executed: return (1);

409 } -

410 -

411 int -

412 SSL_set_generate_session_id(SSL *ssl, GEN_SESSION_CB cb) -

413 { -

414 CRYPTO_w_lock(CRYPTO_LOCK_SSL); -

415 ssl->internal->generate_session_id = cb; -

416 CRYPTO_w_unlock(CRYPTO_LOCK_SSL); -

417

return (1);

never executed: return (1);

418 } -

419 -

420 int -

421 SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id, -

422 unsigned int id_len) -

423 { -

424 /* -

425 * A quick examination of SSL_SESSION_hash and SSL_SESSION_cmp -

426 * shows how we can "construct" a session to give us the desired -

427 * check - ie. to find if there's a session in the hash table -

428 * that would conflict with any new session built out of this -

429 * id/id_len and the ssl_version in use by this SSL. -

430 */ -

431 SSL_SESSION r, *p; -

432 -

433

if (id_len > sizeof r.session_id)

id_len > sizeof r.session_id	Description
TRUE	never evaluated
FALSE	evaluated 12 times by 2 tests Evaluated by: servertest tlstest

0-12

434

return (0);

never executed: return (0);

435 -

436 r.ssl_version = ssl->version; -

437 r.session_id_length = id_len; -

438 memcpy(r.session_id, id, id_len); -

439 -

440 CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX); -

441 p = lh_SSL_SESSION_retrieve(ssl->ctx->internal->sessions, &r); -

442 CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX); -

443

return (p != NULL);

executed 12 times by 2 tests: return (p != ((void *)0) );

Executed by:

servertest
tlstest

444 } -

445 -

446 int -

447 SSL_CTX_set_purpose(SSL_CTX *s, int purpose) -

448 { -

449

return (X509_VERIFY_PARAM_set_purpose(s->param, purpose));

never executed: return (X509_VERIFY_PARAM_set_purpose(s->param, purpose));

450 } -

451 -

452 int -

453 SSL_set_purpose(SSL *s, int purpose) -

454 { -

455

return (X509_VERIFY_PARAM_set_purpose(s->param, purpose));

never executed: return (X509_VERIFY_PARAM_set_purpose(s->param, purpose));

456 } -

457 -

458 int -

459 SSL_CTX_set_trust(SSL_CTX *s, int trust) -

460 { -

461

return (X509_VERIFY_PARAM_set_trust(s->param, trust));

never executed: return (X509_VERIFY_PARAM_set_trust(s->param, trust));

462 } -

463 -

464 int -

465 SSL_set_trust(SSL *s, int trust) -

466 { -

467

return (X509_VERIFY_PARAM_set_trust(s->param, trust));

never executed: return (X509_VERIFY_PARAM_set_trust(s->param, trust));

468 } -

469 -

470 X509_VERIFY_PARAM * -

471 SSL_CTX_get0_param(SSL_CTX *ctx) -

472 { -

473

return (ctx->param);

never executed: return (ctx->param);

474 } -

475 -

476 int -

477 SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm) -

478 { -

479

return (X509_VERIFY_PARAM_set1(ctx->param, vpm));

never executed: return (X509_VERIFY_PARAM_set1(ctx->param, vpm));

480 } -

481 -

482 X509_VERIFY_PARAM * -

483 SSL_get0_param(SSL *ssl) -

484 { -

485

return (ssl->param);

never executed: return (ssl->param);

486 } -

487 -

488 int -

489 SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm) -

490 { -

491

return (X509_VERIFY_PARAM_set1(ssl->param, vpm));

never executed: return (X509_VERIFY_PARAM_set1(ssl->param, vpm));

492 } -

493 -

494 void -

495 SSL_free(SSL *s) -

496 { -

497 int i; -

498 -

499

if (s == NULL)

s == ((void *)0)	Description
TRUE	evaluated 75 times by 3 tests Evaluated by: ssl_versions tlstest verifytest
FALSE	evaluated 195 times by 11 tests Evaluated by: cipher_list cipherstest clienttest libssl.so.46.0.1 servertest ssl_versions ssltest tls_ext_alpn tls_prf tlsexttest tlstest

75-195

500

return;

executed 75 times by 3 tests: return;

Executed by:

ssl_versions
tlstest
verifytest

501 -

502 i = CRYPTO_add(&s->references, -1, CRYPTO_LOCK_SSL); -

503

if (i > 0)

i > 0	Description
TRUE	never evaluated
FALSE	evaluated 195 times by 11 tests Evaluated by: cipher_list cipherstest clienttest libssl.so.46.0.1 servertest ssl_versions ssltest tls_ext_alpn tls_prf tlsexttest tlstest

0-195

504

return;

never executed: return;

505 -

506 X509_VERIFY_PARAM_free(s->param); -

507 -

508 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->internal->ex_data); -

509 -

510

if (s->bbio != NULL) {

s->bbio != ((void *)0)	Description
TRUE	evaluated 13 times by 2 tests Evaluated by: clienttest servertest
FALSE	evaluated 182 times by 9 tests Evaluated by: cipher_list cipherstest libssl.so.46.0.1 ssl_versions ssltest tls_ext_alpn tls_prf tlsexttest tlstest

13-182

511 /* If the buffering BIO is in place, pop it off */ -

512

if (s->bbio == s->wbio) {

s->bbio == s->wbio	Description
TRUE	evaluated 13 times by 2 tests Evaluated by: clienttest servertest
FALSE	never evaluated

0-13

513 s->wbio = BIO_pop(s->wbio); -

514

}

executed 13 times by 2 tests: end of block

Executed by:

clienttest
servertest

515 BIO_free(s->bbio); -

516 s->bbio = NULL; -

517

}

executed 13 times by 2 tests: end of block

Executed by:

clienttest
servertest

518 -

519

if (s->rbio != s->wbio)

s->rbio != s->wbio	Description
TRUE	evaluated 15 times by 3 tests Evaluated by: clienttest servertest tlstest
FALSE	evaluated 180 times by 9 tests Evaluated by: cipher_list cipherstest libssl.so.46.0.1 ssl_versions ssltest tls_ext_alpn tls_prf tlsexttest tlstest

15-180

520

BIO_free_all(s->rbio);

executed 15 times by 3 tests: BIO_free_all(s->rbio);

Executed by:

clienttest
servertest
tlstest

521 BIO_free_all(s->wbio); -

522 -

523 BUF_MEM_free(s->internal->init_buf); -

524 -

525 /* add extra stuff */ -

526 sk_SSL_CIPHER_free(s->cipher_list); -

527 sk_SSL_CIPHER_free(s->internal->cipher_list_by_id); -

528 -

529 /* Make the next call work :-) */ -

530

if (s->session != NULL) {

s->session != ((void *)0)	Description
TRUE	evaluated 129 times by 5 tests Evaluated by: clienttest servertest ssltest tlsexttest tlstest
FALSE	evaluated 66 times by 7 tests Evaluated by: cipher_list cipherstest libssl.so.46.0.1 ssl_versions tls_ext_alpn tls_prf tlsexttest

66-129

531 ssl_clear_bad_session(s); -

532 SSL_SESSION_free(s->session); -

533

}

executed 129 times by 5 tests: end of block

Executed by:

clienttest
servertest
ssltest
tlsexttest
tlstest

129

534 -

535 ssl_clear_cipher_state(s); -

536 -

537 ssl_cert_free(s->cert); -

538 -

539 free(s->tlsext_hostname); -

540 SSL_CTX_free(s->initial_ctx); -

541 -

542 free(s->internal->tlsext_ecpointformatlist); -

543 free(s->internal->tlsext_supportedgroups); -

544 -

545 sk_X509_EXTENSION_pop_free(s->internal->tlsext_ocsp_exts, -

546 X509_EXTENSION_free); -

547 sk_OCSP_RESPID_pop_free(s->internal->tlsext_ocsp_ids, OCSP_RESPID_free); -

548 free(s->internal->tlsext_ocsp_resp); -

549 -

550 sk_X509_NAME_pop_free(s->internal->client_CA, X509_NAME_free); -

551 -

552

if (s->method != NULL)

s->method != ((void *)0)	Description
TRUE	evaluated 195 times by 11 tests Evaluated by: cipher_list cipherstest clienttest libssl.so.46.0.1 servertest ssl_versions ssltest tls_ext_alpn tls_prf tlsexttest tlstest
FALSE	never evaluated

0-195

553

s->method->internal->ssl_free(s);

executed 195 times by 11 tests: s->method->internal->ssl_free(s);

Executed by:

cipher_list
cipherstest
clienttest
libssl.so.46.0.1
servertest
ssl_versions
ssltest
tls_ext_alpn
tls_prf
tlsexttest
tlstest

195

554 -

555 SSL_CTX_free(s->ctx); -

556 -

557 free(s->internal->alpn_client_proto_list); -

558 -

559 #ifndef OPENSSL_NO_SRTP -

560 sk_SRTP_PROTECTION_PROFILE_free(s->internal->srtp_profiles); -

561 #endif -

562 -

563 free(s->internal); -

564 free(s); -

565

}

executed 195 times by 11 tests: end of block

Executed by:

cipher_list
cipherstest
clienttest
libssl.so.46.0.1
servertest
ssl_versions
ssltest
tls_ext_alpn
tls_prf
tlsexttest
tlstest

195

566 -

567 int -

568 SSL_up_ref(SSL *s) -

569 { -

570 int refs = CRYPTO_add(&s->references, 1, CRYPTO_LOCK_SSL); -

571

return (refs > 1) ? 1 : 0;

never executed: return (refs > 1) ? 1 : 0;

(refs > 1)	Description
TRUE	never evaluated
FALSE	never evaluated

572 } -

573 -

574 void -

575 SSL_set_bio(SSL *s, BIO *rbio, BIO *wbio) -

576 { -

577 /* If the output buffering BIO is still in place, remove it */ -

578

if (s->bbio != NULL) {

s->bbio != ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 143 times by 4 tests Evaluated by: clienttest servertest ssltest tlstest

0-143

579

if (s->wbio == s->bbio) {

s->wbio == s->bbio	Description
TRUE	never evaluated
FALSE	never evaluated

580 s->wbio = s->wbio->next_bio; -

581 s->bbio->next_bio = NULL; -

582

}

never executed: end of block

583

}

never executed: end of block

584 -

585

if (s->rbio != rbio && s->rbio != s->wbio)

s->rbio != rbio	Description
TRUE	evaluated 139 times by 4 tests Evaluated by: clienttest servertest ssltest tlstest
FALSE	evaluated 4 times by 1 test Evaluated by: tlstest

s->rbio != s->wbio	Description
TRUE	never evaluated
FALSE	evaluated 139 times by 4 tests Evaluated by: clienttest servertest ssltest tlstest

0-139

586

BIO_free_all(s->rbio);

never executed: BIO_free_all(s->rbio);

587

if (s->wbio != wbio)

s->wbio != wbio	Description
TRUE	evaluated 139 times by 4 tests Evaluated by: clienttest servertest ssltest tlstest
FALSE	evaluated 4 times by 1 test Evaluated by: tlstest

4-139

588

BIO_free_all(s->wbio);

executed 139 times by 4 tests: BIO_free_all(s->wbio);

Executed by:

clienttest
servertest
ssltest
tlstest

139

589 s->rbio = rbio; -

590 s->wbio = wbio; -

591

}

executed 143 times by 4 tests: end of block

Executed by:

clienttest
servertest
ssltest
tlstest

143

592 -

593 BIO * -

594 SSL_get_rbio(const SSL *s) -

595 { -

596

return (s->rbio);

executed 2613 times by 3 tests: return (s->rbio);

Executed by:

clienttest
ssltest
tlstest

2613

597 } -

598 -

599 BIO * -

600 SSL_get_wbio(const SSL *s) -

601 { -

602

return (s->wbio);

executed 755 times by 3 tests: return (s->wbio);

Executed by:

clienttest
ssltest
tlstest

755

603 } -

604 -

605 int -

606 SSL_get_fd(const SSL *s) -

607 { -

608

return (SSL_get_rfd(s));

never executed: return (SSL_get_rfd(s));

609 } -

610 -

611 int -

612 SSL_get_rfd(const SSL *s) -

613 { -

614 int ret = -1; -

615 BIO *b, *r; -

616 -

617 b = SSL_get_rbio(s); -

618 r = BIO_find_type(b, BIO_TYPE_DESCRIPTOR); -

619

if (r != NULL)

r != ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

620

BIO_get_fd(r, &ret);

never executed: BIO_ctrl(r,105,0,(char *)&ret);

621

return (ret);

never executed: return (ret);

622 } -

623 -

624 int -

625 SSL_get_wfd(const SSL *s) -

626 { -

627 int ret = -1; -

628 BIO *b, *r; -

629 -

630 b = SSL_get_wbio(s); -

631 r = BIO_find_type(b, BIO_TYPE_DESCRIPTOR); -

632

if (r != NULL)

r != ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

633

BIO_get_fd(r, &ret);

never executed: BIO_ctrl(r,105,0,(char *)&ret);

634

return (ret);

never executed: return (ret);

635 } -

636 -

637 int -

638 SSL_set_fd(SSL *s, int fd) -

639 { -

640 int ret = 0; -

641 BIO *bio = NULL; -

642 -

643 bio = BIO_new(BIO_s_socket()); -

644 -

645

if (bio == NULL) {

bio == ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

646 SSLerror(s, ERR_R_BUF_LIB); -

647

goto err;

never executed: goto err;

648 } -

649 BIO_set_fd(bio, fd, BIO_NOCLOSE); -

650 SSL_set_bio(s, bio, bio); -

651 ret = 1; -

652

err:

code before this statement never executed: err:

653

return (ret);

never executed: return (ret);

654 } -

655 -

656 int -

657 SSL_set_wfd(SSL *s, int fd) -

658 { -

659 int ret = 0; -

660 BIO *bio = NULL; -

661 -

662

if ((s->rbio == NULL) || (BIO_method_type(s->rbio) != BIO_TYPE_SOCKET)

(s->rbio == ((void *)0) )	Description
TRUE	never evaluated
FALSE	evaluated 4 times by 1 test Evaluated by: tlstest

(BIO_method_ty...x0400\|0x0100))	Description
TRUE	never evaluated
FALSE	evaluated 4 times by 1 test Evaluated by: tlstest

0-4

663

|| ((int)BIO_get_fd(s->rbio, NULL) != fd)) {

((int)BIO_ctrl... *)0) ) != fd)	Description
TRUE	evaluated 2 times by 1 test Evaluated by: tlstest
FALSE	evaluated 2 times by 1 test Evaluated by: tlstest

664 bio = BIO_new(BIO_s_socket()); -

665 -

666

if (bio == NULL) {

bio == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: tlstest

0-2

667 SSLerror(s, ERR_R_BUF_LIB); -

668

goto err;

never executed: goto err;

669 } -

670 BIO_set_fd(bio, fd, BIO_NOCLOSE); -

671 SSL_set_bio(s, SSL_get_rbio(s), bio); -

672

} else

executed 2 times by 1 test: end of block

Executed by:

tlstest

673

SSL_set_bio(s, SSL_get_rbio(s), SSL_get_rbio(s));

executed 2 times by 1 test: SSL_set_bio(s, SSL_get_rbio(s), SSL_get_rbio(s));

Executed by:

tlstest

674 ret = 1; -

675

err:

code before this statement executed 4 times by 1 test: err:

Executed by:

tlstest

676

return (ret);

executed 4 times by 1 test: return (ret);

Executed by:

tlstest

677 } -

678 -

679 int -

680 SSL_set_rfd(SSL *s, int fd) -

681 { -

682 int ret = 0; -

683 BIO *bio = NULL; -

684 -

685

if ((s->wbio == NULL) || (BIO_method_type(s->wbio) != BIO_TYPE_SOCKET)

(s->wbio == ((void *)0) )	Description
TRUE	evaluated 4 times by 1 test Evaluated by: tlstest
FALSE	never evaluated

(BIO_method_ty...x0400\|0x0100))	Description
TRUE	never evaluated
FALSE	never evaluated

0-4

686

|| ((int)BIO_get_fd(s->wbio, NULL) != fd)) {

((int)BIO_ctrl... *)0) ) != fd)	Description
TRUE	never evaluated
FALSE	never evaluated

687 bio = BIO_new(BIO_s_socket()); -

688 -

689

if (bio == NULL) {

bio == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 4 times by 1 test Evaluated by: tlstest

0-4

690 SSLerror(s, ERR_R_BUF_LIB); -

691

goto err;

never executed: goto err;

692 } -

693 BIO_set_fd(bio, fd, BIO_NOCLOSE); -

694 SSL_set_bio(s, bio, SSL_get_wbio(s)); -

695

} else

executed 4 times by 1 test: end of block

Executed by:

tlstest

696

SSL_set_bio(s, SSL_get_wbio(s), SSL_get_wbio(s));

never executed: SSL_set_bio(s, SSL_get_wbio(s), SSL_get_wbio(s));

697 ret = 1; -

698

err:

code before this statement executed 4 times by 1 test: err:

Executed by:

tlstest

699

return (ret);

executed 4 times by 1 test: return (ret);

Executed by:

tlstest

700 } -

701 -

702 -

703 /* return length of latest Finished message we sent, copy to 'buf' */ -

704 size_t -

705 SSL_get_finished(const SSL *s, void *buf, size_t count) -

706 { -

707 size_t ret = 0; -

708 -

709

if (s->s3 != NULL) {

s->s3 != ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

710 ret = S3I(s)->tmp.finish_md_len; -

711

if (count > ret)

count > ret	Description
TRUE	never evaluated
FALSE	never evaluated

712

count = ret;

never executed: count = ret;

713 memcpy(buf, S3I(s)->tmp.finish_md, count); -

714

}

never executed: end of block

715

return (ret);

never executed: return (ret);

716 } -

717 -

718 /* return length of latest Finished message we expected, copy to 'buf' */ -

719 size_t -

720 SSL_get_peer_finished(const SSL *s, void *buf, size_t count) -

721 { -

722 size_t ret = 0; -

723 -

724

if (s->s3 != NULL) {

s->s3 != ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

725 ret = S3I(s)->tmp.peer_finish_md_len; -

726

if (count > ret)

count > ret	Description
TRUE	never evaluated
FALSE	never evaluated

727

count = ret;

never executed: count = ret;

728 memcpy(buf, S3I(s)->tmp.peer_finish_md, count); -

729

}

never executed: end of block

730

return (ret);

never executed: return (ret);

731 } -

732 -

733 -

734 int -

735 SSL_get_verify_mode(const SSL *s) -

736 { -

737

return (s->verify_mode);

never executed: return (s->verify_mode);

738 } -

739 -

740 int -

741 SSL_get_verify_depth(const SSL *s) -

742 { -

743

return (X509_VERIFY_PARAM_get_depth(s->param));

never executed: return (X509_VERIFY_PARAM_get_depth(s->param));

744 } -

745 -

746 int -

747 (*SSL_get_verify_callback(const SSL *s))(int, X509_STORE_CTX *) -

748 { -

749

return (s->internal->verify_callback);

never executed: return (s->internal->verify_callback);

750 } -

751 -

752 int -

753 SSL_CTX_get_verify_mode(const SSL_CTX *ctx) -

754 { -

755

return (ctx->verify_mode);

never executed: return (ctx->verify_mode);

756 } -

757 -

758 int -

759 SSL_CTX_get_verify_depth(const SSL_CTX *ctx) -

760 { -

761

return (X509_VERIFY_PARAM_get_depth(ctx->param));

never executed: return (X509_VERIFY_PARAM_get_depth(ctx->param));

762 } -

763 -

764 int -

765 (*SSL_CTX_get_verify_callback(const SSL_CTX *ctx))(int, X509_STORE_CTX *) -

766 { -

767

return (ctx->internal->default_verify_callback);

never executed: return (ctx->internal->default_verify_callback);

768 } -

769 -

770 void -

771 SSL_set_verify(SSL *s, int mode, -

772 int (*callback)(int ok, X509_STORE_CTX *ctx)) -

773 { -

774 s->verify_mode = mode; -

775

if (callback != NULL)

callback != ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

776

s->internal->verify_callback = callback;

never executed: s->internal->verify_callback = callback;

777

}

never executed: end of block

778 -

779 void -

780 SSL_set_verify_depth(SSL *s, int depth) -

781 { -

782 X509_VERIFY_PARAM_set_depth(s->param, depth); -

783

}

never executed: end of block

784 -

785 void -

786 SSL_set_read_ahead(SSL *s, int yes) -

787 { -

788 s->internal->read_ahead = yes; -

789

}

never executed: end of block

790 -

791 int -

792 SSL_get_read_ahead(const SSL *s) -

793 { -

794

return (s->internal->read_ahead);

never executed: return (s->internal->read_ahead);

795 } -

796 -

797 int -

798 SSL_pending(const SSL *s) -

799 { -

800 /* -

801 * SSL_pending cannot work properly if read-ahead is enabled -

802 * (SSL_[CTX_]ctrl(..., SSL_CTRL_SET_READ_AHEAD, 1, NULL)), -

803 * and it is impossible to fix since SSL_pending cannot report -

804 * errors that may be observed while scanning the new data. -

805 * (Note that SSL_pending() is often used as a boolean value, -

806 * so we'd better not return -1.) -

807 */ -

808

return (ssl3_pending(s));

executed 560 times by 1 test: return (ssl3_pending(s));

Executed by:

ssltest

560

809 } -

810 -

811 X509 * -

812 SSL_get_peer_certificate(const SSL *s) -

813 { -

814 X509 *r; -

815 -

816

if ((s == NULL) || (s->session == NULL))

(s == ((void *)0) )	Description
TRUE	never evaluated
FALSE	evaluated 75 times by 2 tests Evaluated by: ssltest tlstest

(s->session == ((void *)0) )	Description
TRUE	never evaluated
FALSE	evaluated 75 times by 2 tests Evaluated by: ssltest tlstest

0-75

817

r = NULL;

never executed: r = ((void *)0) ;

818 else -

819

r = s->session->peer;

executed 75 times by 2 tests: r = s->session->peer;

Executed by:

ssltest
tlstest

820 -

821

if (r == NULL)

r == ((void *)0)	Description
TRUE	evaluated 18 times by 2 tests Evaluated by: ssltest tlstest
FALSE	evaluated 57 times by 2 tests Evaluated by: ssltest tlstest

18-57

822

return (r);

executed 18 times by 2 tests: return (r);

Executed by:

ssltest
tlstest

823 -

824 CRYPTO_add(&r->references, 1, CRYPTO_LOCK_X509); -

825 -

826

return (r);

executed 57 times by 2 tests: return (r);

Executed by:

ssltest
tlstest

827 } -

828 -

829 STACK_OF(X509) * -

830 SSL_get_peer_cert_chain(const SSL *s) -

831 { -

832 STACK_OF(X509) *r; -

833 -

834

if ((s == NULL) || (s->session == NULL) ||

(s == ((void *)0) )	Description
TRUE	never evaluated
FALSE	evaluated 16 times by 1 test Evaluated by: tlstest

(s->session == ((void *)0) )	Description
TRUE	never evaluated
FALSE	evaluated 16 times by 1 test Evaluated by: tlstest

0-16

835

(SSI(s)->sess_cert == NULL))

((s->session->... ((void *)0) )	Description
TRUE	evaluated 8 times by 1 test Evaluated by: tlstest
FALSE	evaluated 8 times by 1 test Evaluated by: tlstest

836

r = NULL;

executed 8 times by 1 test: r = ((void *)0) ;

Executed by:

tlstest

837 else -

838

r = SSI(s)->sess_cert->cert_chain;

executed 8 times by 1 test: r = (s->session->internal)->sess_cert->cert_chain;

Executed by:

tlstest

839 -

840 /* -

841 * If we are a client, cert_chain includes the peer's own -

842 * certificate; -

843 * if we are a server, it does not. -

844 */ -

845

return (r);

executed 16 times by 1 test: return (r);

Executed by:

tlstest

846 } -

847 -

848 /* -

849 * Now in theory, since the calling process own 't' it should be safe to -

850 * modify. We need to be able to read f without being hassled -

851 */ -

852 int -

853 SSL_copy_session_id(SSL *t, const SSL *f) -

854 { -

855 CERT *tmp; -

856 -

857 /* Do we need to do SSL locking? */ -

858

if (!SSL_set_session(t, SSL_get_session(f)))

!SSL_set_sessi...et_session(f))	Description
TRUE	never evaluated
FALSE	never evaluated

859

return 0;

never executed: return 0;

860 -

861 /* What if we are set up for one protocol but want to talk another? */ -

862

if (t->method != f->method) {

t->method != f->method	Description
TRUE	never evaluated
FALSE	never evaluated

863 t->method->internal->ssl_free(t); -

864 t->method = f->method; -

865

if (!t->method->internal->ssl_new(t))

!t->method->in...al->ssl_new(t)	Description
TRUE	never evaluated
FALSE	never evaluated

866

return 0;

never executed: return 0;

867

}

never executed: end of block

868 -

869 tmp = t->cert; -

870

if (f->cert != NULL) {

f->cert != ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

871 CRYPTO_add(&f->cert->references, 1, CRYPTO_LOCK_SSL_CERT); -

872 t->cert = f->cert; -

873

} else

never executed: end of block

874

t->cert = NULL;

never executed: t->cert = ((void *)0) ;

875 ssl_cert_free(tmp); -

876 -

877

if (!SSL_set_session_id_context(t, f->sid_ctx, f->sid_ctx_length))

!SSL_set_sessi...id_ctx_length)	Description
TRUE	never evaluated
FALSE	never evaluated

878

return 0;

never executed: return 0;

879 -

880

return 1;

never executed: return 1;

881 } -

882 -

883 /* Fix this so it checks all the valid key/cert options */ -

884 int -

885 SSL_CTX_check_private_key(const SSL_CTX *ctx) -

886 { -

887

if ((ctx == NULL) || (ctx->internal->cert == NULL) ||

(ctx == ((void *)0) )	Description
TRUE	never evaluated
FALSE	evaluated 4 times by 1 test Evaluated by: tlstest

(ctx->internal... ((void *)0) )	Description
TRUE	never evaluated
FALSE	evaluated 4 times by 1 test Evaluated by: tlstest

0-4

888

(ctx->internal->cert->key->x509 == NULL)) {

(ctx->internal... ((void *)0) )	Description
TRUE	never evaluated
FALSE	evaluated 4 times by 1 test Evaluated by: tlstest

0-4

889 SSLerrorx(SSL_R_NO_CERTIFICATE_ASSIGNED); -

890

return (0);

never executed: return (0);

891 } -

892

if (ctx->internal->cert->key->privatekey == NULL) {

ctx->internal-...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 4 times by 1 test Evaluated by: tlstest

0-4

893 SSLerrorx(SSL_R_NO_PRIVATE_KEY_ASSIGNED); -

894

return (0);

never executed: return (0);

895 } -

896

return (X509_check_private_key(ctx->internal->cert->key->x509,

executed 4 times by 1 test: return (X509_check_private_key(ctx->internal->cert->key->x509, ctx->internal->cert->key->privatekey));

Executed by:

tlstest

897

ctx->internal->cert->key->privatekey));

executed 4 times by 1 test: return (X509_check_private_key(ctx->internal->cert->key->x509, ctx->internal->cert->key->privatekey));

Executed by:

tlstest

898 } -

899 -

900 /* Fix this function so that it takes an optional type parameter */ -

901 int -

902 SSL_check_private_key(const SSL *ssl) -

903 { -

904

if (ssl == NULL) {

ssl == ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

905 SSLerrorx(ERR_R_PASSED_NULL_PARAMETER); -

906

return (0);

never executed: return (0);

907 } -

908

if (ssl->cert == NULL) {

ssl->cert == ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

909 SSLerror(ssl, SSL_R_NO_CERTIFICATE_ASSIGNED); -

910

return (0);

never executed: return (0);

911 } -

912

if (ssl->cert->key->x509 == NULL) {

ssl->cert->key...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

913 SSLerror(ssl, SSL_R_NO_CERTIFICATE_ASSIGNED); -

914

return (0);

never executed: return (0);

915 } -

916

if (ssl->cert->key->privatekey == NULL) {

ssl->cert->key...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

917 SSLerror(ssl, SSL_R_NO_PRIVATE_KEY_ASSIGNED); -

918

return (0);

never executed: return (0);

919 } -

920

return (X509_check_private_key(ssl->cert->key->x509,

never executed: return (X509_check_private_key(ssl->cert->key->x509, ssl->cert->key->privatekey));

921

ssl->cert->key->privatekey));

never executed: return (X509_check_private_key(ssl->cert->key->x509, ssl->cert->key->privatekey));

922 } -

923 -

924 int -

925 SSL_accept(SSL *s) -

926 { -

927

if (s->internal->handshake_func == NULL)

s->internal->h...== ((void *)0)	Description
TRUE	evaluated 6 times by 2 tests Evaluated by: servertest tlstest
FALSE	evaluated 8 times by 1 test Evaluated by: tlstest

6-8

928

SSL_set_accept_state(s); /* Not properly initialized yet */

executed 6 times by 2 tests: SSL_set_accept_state(s);

Executed by:

servertest
tlstest

929 -

930

return (s->method->internal->ssl_accept(s));

executed 14 times by 2 tests: return (s->method->internal->ssl_accept(s));

Executed by:

servertest
tlstest

931 } -

932 -

933 int -

934 SSL_connect(SSL *s) -

935 { -

936

if (s->internal->handshake_func == NULL)

s->internal->h...== ((void *)0)	Description
TRUE	evaluated 15 times by 2 tests Evaluated by: clienttest tlstest
FALSE	evaluated 12 times by 1 test Evaluated by: tlstest

12-15

937

SSL_set_connect_state(s); /* Not properly initialized yet */

executed 15 times by 2 tests: SSL_set_connect_state(s);

Executed by:

clienttest
tlstest

938 -

939

return (s->method->internal->ssl_connect(s));

executed 27 times by 2 tests: return (s->method->internal->ssl_connect(s));

Executed by:

clienttest
tlstest

940 } -

941 -

942 int -

943 SSL_is_server(const SSL *s) -

944 { -

945

return s->server;

never executed: return s->server;

946 } -

947 -

948 long -

949 SSL_get_default_timeout(const SSL *s) -

950 { -

951

return (s->method->internal->get_timeout());

never executed: return (s->method->internal->get_timeout());

952 } -

953 -

954 int -

955 SSL_read(SSL *s, void *buf, int num) -

956 { -

957

if (s->internal->handshake_func == NULL) {

s->internal->h...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 1598 times by 1 test Evaluated by: ssltest

0-1598

958 SSLerror(s, SSL_R_UNINITIALIZED); -

959

return (-1);

never executed: return (-1);

960 } -

961 -

962

if (s->internal->shutdown & SSL_RECEIVED_SHUTDOWN) {

s->internal->shutdown & 2	Description
TRUE	never evaluated
FALSE	evaluated 1598 times by 1 test Evaluated by: ssltest

0-1598

963 s->internal->rwstate = SSL_NOTHING; -

964

return (0);

never executed: return (0);

965 } -

966

return ssl3_read(s, buf, num);

executed 1598 times by 1 test: return ssl3_read(s, buf, num);

Executed by:

ssltest

1598

967 } -

968 -

969 int -

970 SSL_peek(SSL *s, void *buf, int num) -

971 { -

972

if (s->internal->handshake_func == NULL) {

s->internal->h...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

973 SSLerror(s, SSL_R_UNINITIALIZED); -

974

return (-1);

never executed: return (-1);

975 } -

976 -

977

if (s->internal->shutdown & SSL_RECEIVED_SHUTDOWN) {

s->internal->shutdown & 2	Description
TRUE	never evaluated
FALSE	never evaluated

978

return (0);

never executed: return (0);

979 } -

980

return ssl3_peek(s, buf, num);

never executed: return ssl3_peek(s, buf, num);

981 } -

982 -

983 int -

984 SSL_write(SSL *s, const void *buf, int num) -

985 { -

986

if (s->internal->handshake_func == NULL) {

s->internal->h...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 1526 times by 1 test Evaluated by: ssltest

0-1526

987 SSLerror(s, SSL_R_UNINITIALIZED); -

988

return (-1);

never executed: return (-1);

989 } -

990 -

991

if (s->internal->shutdown & SSL_SENT_SHUTDOWN) {

s->internal->shutdown & 1	Description
TRUE	never evaluated
FALSE	evaluated 1526 times by 1 test Evaluated by: ssltest

0-1526

992 s->internal->rwstate = SSL_NOTHING; -

993 SSLerror(s, SSL_R_PROTOCOL_IS_SHUTDOWN); -

994

return (-1);

never executed: return (-1);

995 } -

996

return ssl3_write(s, buf, num);

executed 1526 times by 1 test: return ssl3_write(s, buf, num);

Executed by:

ssltest

1526

997 } -

998 -

999 int -

1000 SSL_shutdown(SSL *s) -

1001 { -

1002 /* -

1003 * Note that this function behaves differently from what one might -

1004 * expect. Return values are 0 for no success (yet), -

1005 * 1 for success; but calling it once is usually not enough, -

1006 * even if blocking I/O is used (see ssl3_shutdown). -

1007 */ -

1008 -

1009

if (s->internal->handshake_func == NULL) {

s->internal->h...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 126 times by 2 tests Evaluated by: ssltest tlstest

0-126

1010 SSLerror(s, SSL_R_UNINITIALIZED); -

1011

return (-1);

never executed: return (-1);

1012 } -

1013 -

1014

if (s != NULL && !SSL_in_init(s))

s != ((void *)0)	Description
TRUE	evaluated 126 times by 2 tests Evaluated by: ssltest tlstest
FALSE	never evaluated

!(SSL_state((s...x1000\|0x2000))	Description
TRUE	evaluated 126 times by 2 tests Evaluated by: ssltest tlstest
FALSE	never evaluated

0-126

1015

return (ssl3_shutdown(s));

executed 126 times by 2 tests: return (ssl3_shutdown(s));

Executed by:

ssltest
tlstest

126

1016 -

1017

return (1);

never executed: return (1);

1018 } -

1019 -

1020 int -

1021 SSL_renegotiate(SSL *s) -

1022 { -

1023

if (s->internal->renegotiate == 0)

s->internal->renegotiate == 0	Description
TRUE	evaluated 1 time by 1 test Evaluated by: tlsexttest
FALSE	never evaluated

0-1

1024

s->internal->renegotiate = 1;

executed 1 time by 1 test: s->internal->renegotiate = 1;

Executed by:

tlsexttest

1025 -

1026 s->internal->new_session = 1; -

1027 -

1028

return (s->method->internal->ssl_renegotiate(s));

executed 1 time by 1 test: return (s->method->internal->ssl_renegotiate(s));

Executed by:

tlsexttest

1029 } -

1030 -

1031 int -

1032 SSL_renegotiate_abbreviated(SSL *s) -

1033 { -

1034

if (s->internal->renegotiate == 0)

s->internal->renegotiate == 0	Description
TRUE	never evaluated
FALSE	never evaluated

1035

s->internal->renegotiate = 1;

never executed: s->internal->renegotiate = 1;

1036 -

1037 s->internal->new_session = 0; -

1038 -

1039

return (s->method->internal->ssl_renegotiate(s));

never executed: return (s->method->internal->ssl_renegotiate(s));

1040 } -

1041 -

1042 int -

1043 SSL_renegotiate_pending(SSL *s) -

1044 { -

1045 /* -

1046 * Becomes true when negotiation is requested; -

1047 * false again once a handshake has finished. -

1048 */ -

1049

return (s->internal->renegotiate != 0);

never executed: return (s->internal->renegotiate != 0);

1050 } -

1051 -

1052 long -

1053 SSL_ctrl(SSL *s, int cmd, long larg, void *parg) -

1054 { -

1055 long l; -

1056 -

1057 switch (cmd) { -

1058

case SSL_CTRL_GET_READ_AHEAD:

never executed: case 40:

1059

return (s->internal->read_ahead);

never executed: return (s->internal->read_ahead);

1060

case SSL_CTRL_SET_READ_AHEAD:

never executed: case 41:

1061 l = s->internal->read_ahead; -

1062 s->internal->read_ahead = larg; -

1063

return (l);

never executed: return (l);

1064 -

1065

case SSL_CTRL_SET_MSG_CALLBACK_ARG:

never executed: case 16:

1066 s->internal->msg_callback_arg = parg; -

1067

return (1);

never executed: return (1);

1068 -

1069

case SSL_CTRL_OPTIONS:

executed 450 times by 7 tests: case 32:

Executed by:

cipherstest
clienttest
servertest
ssl_versions
ssltest
tlsexttest
tlstest

450

1070

return (s->internal->options|=larg);

executed 450 times by 7 tests: return (s->internal->options|=larg);

Executed by:

cipherstest
clienttest
servertest
ssl_versions
ssltest
tlsexttest
tlstest

450

1071

case SSL_CTRL_CLEAR_OPTIONS:

executed 35 times by 2 tests: case 77:

Executed by:

ssl_versions
tlsexttest

1072

return (s->internal->options&=~larg);

executed 35 times by 2 tests: return (s->internal->options&=~larg);

Executed by:

ssl_versions
tlsexttest

1073

case SSL_CTRL_MODE:

never executed: case 33:

1074

return (s->internal->mode|=larg);

never executed: return (s->internal->mode|=larg);

1075

case SSL_CTRL_CLEAR_MODE:

never executed: case 78:

1076

return (s->internal->mode &=~larg);

never executed: return (s->internal->mode &=~larg);

1077

case SSL_CTRL_GET_MAX_CERT_LIST:

never executed: case 50:

1078

return (s->internal->max_cert_list);

never executed: return (s->internal->max_cert_list);

1079

case SSL_CTRL_SET_MAX_CERT_LIST:

never executed: case 51:

1080 l = s->internal->max_cert_list; -

1081 s->internal->max_cert_list = larg; -

1082

return (l);

never executed: return (l);

1083

case SSL_CTRL_SET_MTU:

never executed: case 17:

1084 #ifndef OPENSSL_NO_DTLS1 -

1085

if (larg < (long)dtls1_min_mtu())

larg < (long)dtls1_min_mtu()	Description
TRUE	never evaluated
FALSE	never evaluated

1086

return (0);

never executed: return (0);

1087 #endif -

1088

if (SSL_IS_DTLS(s)) {

(s->method->in...ion == 0xFEFF)	Description
TRUE	never evaluated
FALSE	never evaluated

1089 D1I(s)->mtu = larg; -

1090

return (larg);

never executed: return (larg);

1091 } -

1092

return (0);

never executed: return (0);

1093

case SSL_CTRL_SET_MAX_SEND_FRAGMENT:

never executed: case 52:

1094

if (larg < 512 || larg > SSL3_RT_MAX_PLAIN_LENGTH)

larg < 512	Description
TRUE	never evaluated
FALSE	never evaluated

larg > 16384	Description
TRUE	never evaluated
FALSE	never evaluated

1095

return (0);

never executed: return (0);

1096 s->max_send_fragment = larg; -

1097

return (1);

never executed: return (1);

1098

case SSL_CTRL_GET_RI_SUPPORT:

never executed: case 76:

1099

if (s->s3)

s->s3	Description
TRUE	never evaluated
FALSE	never evaluated

1100

return (S3I(s)->send_connection_binding);

never executed: return ((s->s3->internal)->send_connection_binding);

1101

else return (0);

never executed: return (0);

1102

default:

executed 23 times by 2 tests: default:

Executed by:

tlsexttest
tlstest

1103

if (SSL_IS_DTLS(s))

(s->method->in...ion == 0xFEFF)	Description
TRUE	never evaluated
FALSE	evaluated 23 times by 2 tests Evaluated by: tlsexttest tlstest

0-23

1104

return dtls1_ctrl(s, cmd, larg, parg);

never executed: return dtls1_ctrl(s, cmd, larg, parg);

1105

return ssl3_ctrl(s, cmd, larg, parg);

executed 23 times by 2 tests: return ssl3_ctrl(s, cmd, larg, parg);

Executed by:

tlsexttest
tlstest

1106 } -

1107 } -

1108 -

1109 long -

1110 SSL_callback_ctrl(SSL *s, int cmd, void (*fp)(void)) -

1111 { -

1112 switch (cmd) { -

1113

case SSL_CTRL_SET_MSG_CALLBACK:

never executed: case 15:

1114 s->internal->msg_callback = (void (*)(int write_p, int version, -

1115 int content_type, const void *buf, size_t len, -

1116 SSL *ssl, void *arg))(fp); -

1117

return (1);

never executed: return (1);

1118 -

1119

default:

never executed: default:

1120

return (ssl3_callback_ctrl(s, cmd, fp));

never executed: return (ssl3_callback_ctrl(s, cmd, fp));

1121 } -

1122 } -

1123 -

1124 struct lhash_st_SSL_SESSION * -

1125 SSL_CTX_sessions(SSL_CTX *ctx) -

1126 { -

1127

return (ctx->internal->sessions);

never executed: return (ctx->internal->sessions);

1128 } -

1129 -

1130 long -

1131 SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) -

1132 { -

1133 long l; -

1134 -

1135 switch (cmd) { -

1136

case SSL_CTRL_GET_READ_AHEAD:

never executed: case 40:

1137

return (ctx->internal->read_ahead);

never executed: return (ctx->internal->read_ahead);

1138

case SSL_CTRL_SET_READ_AHEAD:

never executed: case 41:

1139 l = ctx->internal->read_ahead; -

1140 ctx->internal->read_ahead = larg; -

1141

return (l);

never executed: return (l);

1142 -

1143

case SSL_CTRL_SET_MSG_CALLBACK_ARG:

never executed: case 16:

1144 ctx->internal->msg_callback_arg = parg; -

1145

return (1);

never executed: return (1);

1146 -

1147

case SSL_CTRL_GET_MAX_CERT_LIST:

never executed: case 50:

1148

return (ctx->internal->max_cert_list);

never executed: return (ctx->internal->max_cert_list);

1149

case SSL_CTRL_SET_MAX_CERT_LIST:

never executed: case 51:

1150 l = ctx->internal->max_cert_list; -

1151 ctx->internal->max_cert_list = larg; -

1152

return (l);

never executed: return (l);

1153 -

1154

case SSL_CTRL_SET_SESS_CACHE_SIZE:

never executed: case 42:

1155 l = ctx->internal->session_cache_size; -

1156 ctx->internal->session_cache_size = larg; -

1157

return (l);

never executed: return (l);

1158

case SSL_CTRL_GET_SESS_CACHE_SIZE:

never executed: case 43:

1159

return (ctx->internal->session_cache_size);

never executed: return (ctx->internal->session_cache_size);

1160

case SSL_CTRL_SET_SESS_CACHE_MODE:

executed 8 times by 1 test: case 44:

Executed by:

tlstest

1161 l = ctx->internal->session_cache_mode; -

1162 ctx->internal->session_cache_mode = larg; -

1163

return (l);

executed 8 times by 1 test: return (l);

Executed by:

tlstest

1164

case SSL_CTRL_GET_SESS_CACHE_MODE:

never executed: case 45:

1165

return (ctx->internal->session_cache_mode);

never executed: return (ctx->internal->session_cache_mode);

1166 -

1167

case SSL_CTRL_SESS_NUMBER:

never executed: case 20:

1168

return (lh_SSL_SESSION_num_items(ctx->internal->sessions));

never executed: return (lh_num_items(((_LHASH *)((void*) (1 ? ctx->internal->sessions : (struct lhash_st_SSL_SESSION*)0)))));

1169

case SSL_CTRL_SESS_CONNECT:

never executed: case 21:

1170

return (ctx->internal->stats.sess_connect);

never executed: return (ctx->internal->stats.sess_connect);

1171

case SSL_CTRL_SESS_CONNECT_GOOD:

never executed: case 22:

1172

return (ctx->internal->stats.sess_connect_good);

never executed: return (ctx->internal->stats.sess_connect_good);

1173

case SSL_CTRL_SESS_CONNECT_RENEGOTIATE:

never executed: case 23:

1174

return (ctx->internal->stats.sess_connect_renegotiate);

never executed: return (ctx->internal->stats.sess_connect_renegotiate);

1175

case SSL_CTRL_SESS_ACCEPT:

never executed: case 24:

1176

return (ctx->internal->stats.sess_accept);

never executed: return (ctx->internal->stats.sess_accept);

1177

case SSL_CTRL_SESS_ACCEPT_GOOD:

never executed: case 25:

1178

return (ctx->internal->stats.sess_accept_good);

never executed: return (ctx->internal->stats.sess_accept_good);

1179

case SSL_CTRL_SESS_ACCEPT_RENEGOTIATE:

never executed: case 26:

1180

return (ctx->internal->stats.sess_accept_renegotiate);

never executed: return (ctx->internal->stats.sess_accept_renegotiate);

1181

case SSL_CTRL_SESS_HIT:

never executed: case 27:

1182

return (ctx->internal->stats.sess_hit);

never executed: return (ctx->internal->stats.sess_hit);

1183

case SSL_CTRL_SESS_CB_HIT:

never executed: case 28:

1184

return (ctx->internal->stats.sess_cb_hit);

never executed: return (ctx->internal->stats.sess_cb_hit);

1185

case SSL_CTRL_SESS_MISSES:

never executed: case 29:

1186

return (ctx->internal->stats.sess_miss);

never executed: return (ctx->internal->stats.sess_miss);

1187

case SSL_CTRL_SESS_TIMEOUTS:

never executed: case 30:

1188

return (ctx->internal->stats.sess_timeout);

never executed: return (ctx->internal->stats.sess_timeout);

1189

case SSL_CTRL_SESS_CACHE_FULL:

never executed: case 31:

1190

return (ctx->internal->stats.sess_cache_full);

never executed: return (ctx->internal->stats.sess_cache_full);

1191

case SSL_CTRL_OPTIONS:

executed 112 times by 4 tests: case 32:

Executed by:

clienttest
servertest
ssltest
tlstest

112

1192

return (ctx->internal->options|=larg);

executed 112 times by 4 tests: return (ctx->internal->options|=larg);

Executed by:

clienttest
servertest
ssltest
tlstest

112

1193

case SSL_CTRL_CLEAR_OPTIONS:

executed 24 times by 1 test: case 77:

Executed by:

tlstest

1194

return (ctx->internal->options&=~larg);

executed 24 times by 1 test: return (ctx->internal->options&=~larg);

Executed by:

tlstest

1195

case SSL_CTRL_MODE:

executed 16 times by 1 test: case 33:

Executed by:

tlstest

1196

return (ctx->internal->mode|=larg);

executed 16 times by 1 test: return (ctx->internal->mode|=larg);

Executed by:

tlstest

1197

case SSL_CTRL_CLEAR_MODE:

never executed: case 78:

1198

return (ctx->internal->mode&=~larg);

never executed: return (ctx->internal->mode&=~larg);

1199

case SSL_CTRL_SET_MAX_SEND_FRAGMENT:

never executed: case 52:

1200

if (larg < 512 || larg > SSL3_RT_MAX_PLAIN_LENGTH)

larg < 512	Description
TRUE	never evaluated
FALSE	never evaluated

larg > 16384	Description
TRUE	never evaluated
FALSE	never evaluated

1201

return (0);

never executed: return (0);

1202 ctx->internal->max_send_fragment = larg; -

1203

return (1);

never executed: return (1);

1204

default:

executed 110 times by 3 tests: default:

Executed by:

servertest
ssltest
tlstest

110

1205

return (ssl3_ctx_ctrl(ctx, cmd, larg, parg));

executed 110 times by 3 tests: return (ssl3_ctx_ctrl(ctx, cmd, larg, parg));

Executed by:

servertest
ssltest
tlstest

110

1206 } -

1207 } -

1208 -

1209 long -

1210 SSL_CTX_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void)) -

1211 { -

1212 switch (cmd) { -

1213

case SSL_CTRL_SET_MSG_CALLBACK:

never executed: case 15:

1214 ctx->internal->msg_callback = (void (*)(int write_p, int version, -

1215 int content_type, const void *buf, size_t len, SSL *ssl, -

1216 void *arg))(fp); -

1217

return (1);

never executed: return (1);

1218 -

1219

default:

executed 62 times by 2 tests: default:

Executed by:

ssltest
tlstest

1220

return (ssl3_ctx_callback_ctrl(ctx, cmd, fp));

executed 62 times by 2 tests: return (ssl3_ctx_callback_ctrl(ctx, cmd, fp));

Executed by:

ssltest
tlstest

1221 } -

1222 } -

1223 -

1224 int -

1225 ssl_cipher_id_cmp(const SSL_CIPHER *a, const SSL_CIPHER *b) -

1226 { -

1227 long l; -

1228 -

1229 l = a->id - b->id; -

1230

if (l == 0L)

l == 0L	Description
TRUE	evaluated 1726 times by 7 tests Evaluated by: cipher_list cipherstest servertest ssltest tls_prf tlsexttest tlstest
FALSE	evaluated 7609 times by 7 tests Evaluated by: cipher_list cipherstest servertest ssltest tls_prf tlsexttest tlstest

1726-7609

1231

return (0);

executed 1726 times by 7 tests: return (0);

Executed by:

cipher_list
cipherstest
servertest
ssltest
tls_prf
tlsexttest
tlstest

1726

1232 else -

1233

return ((l > 0) ? 1:-1);

executed 7609 times by 7 tests: return ((l > 0) ? 1:-1);

Executed by:

cipher_list
cipherstest
servertest
ssltest
tls_prf
tlsexttest
tlstest

(l > 0)	Description
TRUE	evaluated 3565 times by 7 tests Evaluated by: cipher_list cipherstest servertest ssltest tls_prf tlsexttest tlstest
FALSE	evaluated 4044 times by 7 tests Evaluated by: cipher_list cipherstest servertest ssltest tls_prf tlsexttest tlstest

3565-7609

1234 } -

1235 -

1236 int -

1237 ssl_cipher_ptr_id_cmp(const SSL_CIPHER * const *ap, -

1238 const SSL_CIPHER * const *bp) -

1239 { -

1240 long l; -

1241 -

1242 l = (*ap)->id - (*bp)->id; -

1243

if (l == 0L)

l == 0L	Description
TRUE	evaluated 63 times by 2 tests Evaluated by: ssltest tlstest
FALSE	evaluated 39543 times by 13 tests Evaluated by: cipher_list cipherstest clienttest configtest libssl.so.46.0.1 servertest ssl_versions ssltest tls_ext_alpn tls_prf tlsexttest tlstest verifytest

63-39543

1244

return (0);

executed 63 times by 2 tests: return (0);

Executed by:

ssltest
tlstest

1245 else -

1246

return ((l > 0) ? 1:-1);

executed 39543 times by 13 tests: return ((l > 0) ? 1:-1);

Executed by:

cipher_list
cipherstest
clienttest
configtest
libssl.so.46.0.1
servertest
ssl_versions
ssltest
tls_ext_alpn
tls_prf
tlsexttest
tlstest
verifytest

(l > 0)	Description
TRUE	evaluated 25472 times by 13 tests Evaluated by: cipher_list cipherstest clienttest configtest libssl.so.46.0.1 servertest ssl_versions ssltest tls_ext_alpn tls_prf tlsexttest tlstest verifytest
FALSE	evaluated 14071 times by 13 tests Evaluated by: cipher_list cipherstest clienttest configtest libssl.so.46.0.1 servertest ssl_versions ssltest tls_ext_alpn tls_prf tlsexttest tlstest verifytest

14071-39543

1247 } -

1248 -

1249 /* -

1250 * Return a STACK of the ciphers available for the SSL and in order of -

1251 * preference. -

1252 */ -

1253 STACK_OF(SSL_CIPHER) * -

1254 SSL_get_ciphers(const SSL *s) -

1255 { -

1256

if (s != NULL) {

s != ((void *)0)	Description
TRUE	evaluated 294 times by 7 tests Evaluated by: cipherstest clienttest libssl.so.46.0.1 servertest ssltest tlsexttest tlstest
FALSE	never evaluated

0-294

1257

if (s->cipher_list != NULL) {

s->cipher_list != ((void *)0)	Description
TRUE	evaluated 9 times by 1 test Evaluated by: tlsexttest
FALSE	evaluated 285 times by 7 tests Evaluated by: cipherstest clienttest libssl.so.46.0.1 servertest ssltest tlsexttest tlstest

9-285

1258

return (s->cipher_list);

executed 9 times by 1 test: return (s->cipher_list);

Executed by:

tlsexttest

1259

} else if ((s->ctx != NULL) && (s->ctx->cipher_list != NULL)) {

(s->ctx != ((void *)0) )	Description
TRUE	evaluated 285 times by 7 tests Evaluated by: cipherstest clienttest libssl.so.46.0.1 servertest ssltest tlsexttest tlstest
FALSE	never evaluated

(s->ctx->ciphe... ((void *)0) )	Description
TRUE	evaluated 285 times by 7 tests Evaluated by: cipherstest clienttest libssl.so.46.0.1 servertest ssltest tlsexttest tlstest
FALSE	never evaluated

0-285

1260

return (s->ctx->cipher_list);

executed 285 times by 7 tests: return (s->ctx->cipher_list);

Executed by:

cipherstest
clienttest
libssl.so.46.0.1
servertest
ssltest
tlsexttest
tlstest

285

1261 } -

1262

}

never executed: end of block

1263

return (NULL);

never executed: return ( ((void *)0) );

1264 } -

1265 -

1266 /* -

1267 * Return a STACK of the ciphers available for the SSL and in order of -

1268 * algorithm id. -

1269 */ -

1270 STACK_OF(SSL_CIPHER) * -

1271 ssl_get_ciphers_by_id(SSL *s) -

1272 { -

1273

if (s != NULL) {

s != ((void *)0)	Description
TRUE	evaluated 63 times by 2 tests Evaluated by: ssltest tlstest
FALSE	never evaluated

0-63

1274

if (s->internal->cipher_list_by_id != NULL) {

s->internal->c...!= ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 63 times by 2 tests Evaluated by: ssltest tlstest

0-63

1275

return (s->internal->cipher_list_by_id);

never executed: return (s->internal->cipher_list_by_id);

1276

} else if ((s->ctx != NULL) &&

(s->ctx != ((void *)0) )	Description
TRUE	evaluated 63 times by 2 tests Evaluated by: ssltest tlstest
FALSE	never evaluated

0-63

1277

(s->ctx->internal->cipher_list_by_id != NULL)) {

(s->ctx->inter... ((void *)0) )	Description
TRUE	evaluated 63 times by 2 tests Evaluated by: ssltest tlstest
FALSE	never evaluated

0-63

1278

return (s->ctx->internal->cipher_list_by_id);

executed 63 times by 2 tests: return (s->ctx->internal->cipher_list_by_id);

Executed by:

ssltest
tlstest

1279 } -

1280

}

never executed: end of block

1281

return (NULL);

never executed: return ( ((void *)0) );

1282 } -

1283 -

1284 /* See if we have any ECC cipher suites. */ -

1285 int -

1286 ssl_has_ecc_ciphers(SSL *s) -

1287 { -

1288 STACK_OF(SSL_CIPHER) *ciphers; -

1289 unsigned long alg_k, alg_a; -

1290 SSL_CIPHER *cipher; -

1291 int i; -

1292 -

1293

if (s->version == DTLS1_VERSION)

s->version == 0xFEFF	Description
TRUE	evaluated 24 times by 2 tests Evaluated by: clienttest ssltest
FALSE	evaluated 137 times by 4 tests Evaluated by: clienttest ssltest tlsexttest tlstest

24-137

1294

return 0;

executed 24 times by 2 tests: return 0;

Executed by:

clienttest
ssltest

1295

if ((ciphers = SSL_get_ciphers(s)) == NULL)

(ciphers = SSL...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 137 times by 4 tests Evaluated by: clienttest ssltest tlsexttest tlstest

0-137

1296

return 0;

never executed: return 0;

1297 -

1298

for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) {

i < sk_num(((_...L_CIPHER*)0)))	Description
TRUE	evaluated 452 times by 4 tests Evaluated by: clienttest ssltest tlsexttest tlstest
FALSE	evaluated 52 times by 2 tests Evaluated by: ssltest tlsexttest

52-452

1299 cipher = sk_SSL_CIPHER_value(ciphers, i); -

1300 -

1301 alg_k = cipher->algorithm_mkey; -

1302 alg_a = cipher->algorithm_auth; -

1303 -

1304

if ((alg_k & SSL_kECDHE) || (alg_a & SSL_aECDSA))

(alg_k & 0x00000080L)	Description
TRUE	evaluated 85 times by 4 tests Evaluated by: clienttest ssltest tlsexttest tlstest
FALSE	evaluated 367 times by 2 tests Evaluated by: ssltest tlsexttest

(alg_a & 0x00000040L)	Description
TRUE	never evaluated
FALSE	evaluated 367 times by 2 tests Evaluated by: ssltest tlsexttest

0-367

1305

return 1;

executed 85 times by 4 tests: return 1;

Executed by:

clienttest
ssltest
tlsexttest
tlstest

1306

}

executed 367 times by 2 tests: end of block

Executed by:

ssltest
tlsexttest

367

1307 -

1308

return 0;

executed 52 times by 2 tests: return 0;

Executed by:

ssltest
tlsexttest

1309 } -

1310 -

1311 /* The old interface to get the same thing as SSL_get_ciphers(). */ -

1312 const char * -

1313 SSL_get_cipher_list(const SSL *s, int n) -

1314 { -

1315 SSL_CIPHER *c; -

1316 STACK_OF(SSL_CIPHER) *sk; -

1317 -

1318

if (s == NULL)

s == ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

1319

return (NULL);

never executed: return ( ((void *)0) );

1320 sk = SSL_get_ciphers(s); -

1321

if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= n))

(sk == ((void *)0) )	Description
TRUE	never evaluated
FALSE	never evaluated

(sk_num(((_STA...ER*)0))) <= n)	Description
TRUE	never evaluated
FALSE	never evaluated

1322

return (NULL);

never executed: return ( ((void *)0) );

1323 c = sk_SSL_CIPHER_value(sk, n); -

1324

if (c == NULL)

c == ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

1325

return (NULL);

never executed: return ( ((void *)0) );

1326

return (c->name);

never executed: return (c->name);

1327 } -

1328 -

1329 STACK_OF(SSL_CIPHER) * -

1330 SSL_CTX_get_ciphers(const SSL_CTX *ctx) -

1331 { -

1332

return ctx->cipher_list;

never executed: return ctx->cipher_list;

1333 } -

1334 -

1335 /* Specify the ciphers to be used by default by the SSL_CTX. */ -

1336 int -

1337 SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str) -

1338 { -

1339 STACK_OF(SSL_CIPHER) *sk; -

1340 -

1341 sk = ssl_create_cipher_list(ctx->method, &ctx->cipher_list, -

1342 &ctx->internal->cipher_list_by_id, str); -

1343 /* -

1344 * ssl_create_cipher_list may return an empty stack if it -

1345 * was unable to find a cipher matching the given rule string -

1346 * (for example if the rule string specifies a cipher which -

1347 * has been disabled). This is not an error as far as -

1348 * ssl_create_cipher_list is concerned, and hence -

1349 * ctx->cipher_list and ctx->internal->cipher_list_by_id has been -

1350 * updated. -

1351 */ -

1352

if (sk == NULL)

sk == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 71 times by 5 tests Evaluated by: configtest libssl.so.46.0.1 ssltest tlstest verifytest

0-71

1353

return (0);

never executed: return (0);

1354

else if (sk_SSL_CIPHER_num(sk) == 0) {

sk_num(((_STAC...HER*)0))) == 0	Description
TRUE	never evaluated
FALSE	evaluated 71 times by 5 tests Evaluated by: configtest libssl.so.46.0.1 ssltest tlstest verifytest

0-71

1355 SSLerrorx(SSL_R_NO_CIPHER_MATCH); -

1356

return (0);

never executed: return (0);

1357 } -

1358

return (1);

executed 71 times by 5 tests: return (1);

Executed by:

configtest
libssl.so.46.0.1
ssltest
tlstest
verifytest

1359 } -

1360 -

1361 /* Specify the ciphers to be used by the SSL. */ -

1362 int -

1363 SSL_set_cipher_list(SSL *s, const char *str) -

1364 { -

1365 STACK_OF(SSL_CIPHER) *sk; -

1366 -

1367 sk = ssl_create_cipher_list(s->ctx->method, &s->cipher_list, -

1368 &s->internal->cipher_list_by_id, str); -

1369 /* see comment in SSL_CTX_set_cipher_list */ -

1370

if (sk == NULL)

sk == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 5 times by 1 test Evaluated by: tlsexttest

0-5

1371

return (0);

never executed: return (0);

1372

else if (sk_SSL_CIPHER_num(sk) == 0) {

sk_num(((_STAC...HER*)0))) == 0	Description
TRUE	never evaluated
FALSE	evaluated 5 times by 1 test Evaluated by: tlsexttest

0-5

1373 SSLerror(s, SSL_R_NO_CIPHER_MATCH); -

1374

return (0);

never executed: return (0);

1375 } -

1376

return (1);

executed 5 times by 1 test: return (1);

Executed by:

tlsexttest

1377 } -

1378 -

1379 /* works well for SSLv2, not so good for SSLv3 */ -

1380 char * -

1381 SSL_get_shared_ciphers(const SSL *s, char *buf, int len) -

1382 { -

1383 char *end; -

1384 STACK_OF(SSL_CIPHER) *sk; -

1385 SSL_CIPHER *c; -

1386 size_t curlen = 0; -

1387 int i; -

1388 -

1389

if (s->session == NULL || s->session->ciphers == NULL || len < 2)

s->session == ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

s->session->ci...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

len < 2	Description
TRUE	never evaluated
FALSE	never evaluated

1390

return (NULL);

never executed: return ( ((void *)0) );

1391 -

1392 sk = s->session->ciphers; -

1393

if (sk_SSL_CIPHER_num(sk) == 0)

sk_num(((_STAC...HER*)0))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

1394

return (NULL);

never executed: return ( ((void *)0) );

1395 -

1396 buf[0] = '\0'; -

1397

for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) {

i < sk_num(((_...L_CIPHER*)0)))	Description
TRUE	never evaluated
FALSE	never evaluated

1398 c = sk_SSL_CIPHER_value(sk, i); -

1399 end = buf + curlen; -

1400

if (strlcat(buf, c->name, len) >= len ||

strlcat(buf, c...e, len) >= len	Description
TRUE	never evaluated
FALSE	never evaluated

1401

(curlen = strlcat(buf, ":", len)) >= len) {

(curlen = strl..., len)) >= len	Description
TRUE	never evaluated
FALSE	never evaluated

1402 /* remove truncated cipher from list */ -

1403 *end = '\0'; -

1404

break;

never executed: break;

1405 } -

1406

}

never executed: end of block

1407 /* remove trailing colon */ -

1408

if ((end = strrchr(buf, ':')) != NULL)

(end = strrchr...!= ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

1409

*end = '\0';

never executed: *end = '\0';

1410

return (buf);

never executed: return (buf);

1411 } -

1412 -

1413 int -

1414 ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *ciphers, CBB *cbb) -

1415 { -

1416 SSL_CIPHER *cipher; -

1417 int num_ciphers = 0; -

1418 int i; -

1419 -

1420

if (ciphers == NULL)

ciphers == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 76 times by 4 tests Evaluated by: cipher_list clienttest ssltest tlstest

0-76

1421

return 0;

never executed: return 0;

1422 -

1423

for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) {

i < sk_num(((_...L_CIPHER*)0)))	Description
TRUE	evaluated 1702 times by 4 tests Evaluated by: cipher_list clienttest ssltest tlstest
FALSE	evaluated 76 times by 4 tests Evaluated by: cipher_list clienttest ssltest tlstest

76-1702

1424

if ((cipher = sk_SSL_CIPHER_value(ciphers, i)) == NULL)

(cipher = ((SS...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 1702 times by 4 tests Evaluated by: cipher_list clienttest ssltest tlstest

0-1702

1425

return 0;

never executed: return 0;

1426 -

1427 /* Skip TLS v1.2 only ciphersuites if lower than v1.2 */ -

1428

if ((cipher->algorithm_ssl & SSL_TLSV1_2) &&

(cipher->algor...& 0x00000004L)	Description
TRUE	evaluated 907 times by 4 tests Evaluated by: cipher_list clienttest ssltest tlstest
FALSE	evaluated 795 times by 2 tests Evaluated by: clienttest ssltest

795-907

1429

(TLS1_get_client_version(s) < TLS1_2_VERSION))

(s->client_ver... >> 8) == 0x03	Description
TRUE	evaluated 792 times by 4 tests Evaluated by: cipher_list clienttest ssltest tlstest
FALSE	evaluated 115 times by 2 tests Evaluated by: clienttest ssltest

(((s->client_v...: 0) < 0x0303)	Description
TRUE	evaluated 497 times by 2 tests Evaluated by: clienttest ssltest
FALSE	evaluated 410 times by 4 tests Evaluated by: cipher_list clienttest ssltest tlstest

115-792

1430

continue;

executed 497 times by 2 tests: continue;

Executed by:

clienttest
ssltest

497

1431 -

1432

if (!CBB_add_u16(cbb, ssl3_cipher_get_value(cipher)))

!CBB_add_u16(c...value(cipher))	Description
TRUE	never evaluated
FALSE	evaluated 1205 times by 4 tests Evaluated by: cipher_list clienttest ssltest tlstest

0-1205

1433

return 0;

never executed: return 0;

1434 -

1435 num_ciphers++; -

1436

}

executed 1205 times by 4 tests: end of block

Executed by:

cipher_list
clienttest
ssltest
tlstest

1205

1437 -

1438 /* Add SCSV if there are other ciphers and we're not renegotiating. */ -

1439

if (num_ciphers > 0 && !s->internal->renegotiate) {

num_ciphers > 0	Description
TRUE	evaluated 76 times by 4 tests Evaluated by: cipher_list clienttest ssltest tlstest
FALSE	never evaluated

!s->internal->renegotiate	Description
TRUE	evaluated 75 times by 4 tests Evaluated by: cipher_list clienttest ssltest tlstest
FALSE	evaluated 1 time by 1 test Evaluated by: cipher_list

0-76

1440

if (!CBB_add_u16(cbb, SSL3_CK_SCSV & SSL3_CK_VALUE_MASK))

!CBB_add_u16(c... & 0x0000ffff)	Description
TRUE	never evaluated
FALSE	evaluated 75 times by 4 tests Evaluated by: cipher_list clienttest ssltest tlstest

0-75

1441

return 0;

never executed: return 0;

1442

}

executed 75 times by 4 tests: end of block

Executed by:

cipher_list
clienttest
ssltest
tlstest

1443 -

1444

if (!CBB_flush(cbb))

!CBB_flush(cbb)	Description
TRUE	never evaluated
FALSE	evaluated 76 times by 4 tests Evaluated by: cipher_list clienttest ssltest tlstest

0-76

1445

return 0;

never executed: return 0;

1446 -

1447

return 1;

executed 76 times by 4 tests: return 1;

Executed by:

cipher_list
clienttest
ssltest
tlstest

1448 } -

1449 -

1450 STACK_OF(SSL_CIPHER) * -

1451 ssl_bytes_to_cipher_list(SSL *s, CBS *cbs) -

1452 { -

1453 STACK_OF(SSL_CIPHER) *ciphers = NULL; -

1454 const SSL_CIPHER *cipher; -

1455 uint16_t cipher_value, max_version; -

1456 unsigned long cipher_id; -

1457 -

1458

if (s->s3 != NULL)

s->s3 != ((void *)0)	Description
TRUE	evaluated 68 times by 4 tests Evaluated by: cipher_list servertest ssltest tlstest
FALSE	never evaluated

0-68

1459

S3I(s)->send_connection_binding = 0;

executed 68 times by 4 tests: (s->s3->internal)->send_connection_binding = 0;

Executed by:

cipher_list
servertest
ssltest
tlstest

1460 -

1461

if ((ciphers = sk_SSL_CIPHER_new_null()) == NULL) {

(ciphers = ((s...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 68 times by 4 tests Evaluated by: cipher_list servertest ssltest tlstest

0-68

1462 SSLerror(s, ERR_R_MALLOC_FAILURE); -

1463

goto err;

never executed: goto err;

1464 } -

1465 -

1466

while (CBS_len(cbs) > 0) {

CBS_len(cbs) > 0	Description
TRUE	evaluated 1020 times by 4 tests Evaluated by: cipher_list servertest ssltest tlstest
FALSE	evaluated 66 times by 4 tests Evaluated by: cipher_list servertest ssltest tlstest

66-1020

1467

if (!CBS_get_u16(cbs, &cipher_value)) {

!CBS_get_u16(c...&cipher_value)	Description
TRUE	evaluated 2 times by 1 test Evaluated by: cipher_list
FALSE	evaluated 1018 times by 4 tests Evaluated by: cipher_list servertest ssltest tlstest

2-1018

1468 SSLerror(s, SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST); -

1469

goto err;

executed 2 times by 1 test: goto err;

Executed by:

cipher_list

1470 } -

1471 -

1472 cipher_id = SSL3_CK_ID | cipher_value; -

1473 -

1474

if (s->s3 != NULL && cipher_id == SSL3_CK_SCSV) {

s->s3 != ((void *)0)	Description
TRUE	evaluated 1018 times by 4 tests Evaluated by: cipher_list servertest ssltest tlstest
FALSE	never evaluated

cipher_id == 0x030000FF	Description
TRUE	evaluated 64 times by 3 tests Evaluated by: servertest ssltest tlstest
FALSE	evaluated 954 times by 4 tests Evaluated by: cipher_list servertest ssltest tlstest

0-1018

1475 /* -

1476 * TLS_EMPTY_RENEGOTIATION_INFO_SCSV is fatal if -

1477 * renegotiating. -

1478 */ -

1479

if (s->internal->renegotiate) {

s->internal->renegotiate	Description
TRUE	never evaluated
FALSE	evaluated 64 times by 3 tests Evaluated by: servertest ssltest tlstest

0-64

1480 SSLerror(s, SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING); -

1481 ssl3_send_alert(s, SSL3_AL_FATAL, -

1482 SSL_AD_HANDSHAKE_FAILURE); -

1483 -

1484

goto err;

never executed: goto err;

1485 } -

1486 S3I(s)->send_connection_binding = 1; -

1487

continue;

executed 64 times by 3 tests: continue;

Executed by:

servertest
ssltest
tlstest

1488 } -

1489 -

1490

if (cipher_id == SSL3_CK_FALLBACK_SCSV) {

cipher_id == 0x03005600	Description
TRUE	never evaluated
FALSE	evaluated 954 times by 4 tests Evaluated by: cipher_list servertest ssltest tlstest

0-954

1491 /* -

1492 * TLS_FALLBACK_SCSV indicates that the client -

1493 * previously tried a higher protocol version. -

1494 * Fail if the current version is an unexpected -

1495 * downgrade. -

1496 */ -

1497 max_version = ssl_max_server_version(s); -

1498

if (max_version == 0 || s->version < max_version) {

max_version == 0	Description
TRUE	never evaluated
FALSE	never evaluated

s->version < max_version	Description
TRUE	never evaluated
FALSE	never evaluated

1499 SSLerror(s, SSL_R_INAPPROPRIATE_FALLBACK); -

1500

if (s->s3 != NULL)

s->s3 != ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

1501

ssl3_send_alert(s, SSL3_AL_FATAL,

never executed: ssl3_send_alert(s, 2, 86);

1502

SSL_AD_INAPPROPRIATE_FALLBACK);

never executed: ssl3_send_alert(s, 2, 86);

1503

goto err;

never executed: goto err;

1504 } -

1505

continue;

never executed: continue;

1506 } -

1507 -

1508

if ((cipher = ssl3_get_cipher_by_value(cipher_value)) != NULL) {

(cipher = ssl3...!= ((void *)0)	Description
TRUE	evaluated 902 times by 4 tests Evaluated by: cipher_list servertest ssltest tlstest
FALSE	evaluated 52 times by 1 test Evaluated by: servertest

52-902

1509

if (!sk_SSL_CIPHER_push(ciphers, cipher)) {

!sk_push(((_ST...L_CIPHER*)0)))	Description
TRUE	never evaluated
FALSE	evaluated 902 times by 4 tests Evaluated by: cipher_list servertest ssltest tlstest

0-902

1510 SSLerror(s, ERR_R_MALLOC_FAILURE); -

1511

goto err;

never executed: goto err;

1512 } -

1513

}

executed 902 times by 4 tests: end of block

Executed by:

cipher_list
servertest
ssltest
tlstest

902

1514

}

executed 954 times by 4 tests: end of block

Executed by:

cipher_list
servertest
ssltest
tlstest

954

1515 -

1516

return (ciphers);

executed 66 times by 4 tests: return (ciphers);

Executed by:

cipher_list
servertest
ssltest
tlstest

1517 -

1518 err: -

1519 sk_SSL_CIPHER_free(ciphers); -

1520 -

1521

return (NULL);

executed 2 times by 1 test: return ( ((void *)0) );

Executed by:

cipher_list

1522 } -

1523 -

1524 -

1525 /* -

1526 * Return a servername extension value if provided in Client Hello, or NULL. -

1527 * So far, only host_name types are defined (RFC 3546). -

1528 */ -

1529 const char * -

1530 SSL_get_servername(const SSL *s, const int type) -

1531 { -

1532

if (type != TLSEXT_NAMETYPE_host_name)

type != 0	Description
TRUE	never evaluated
FALSE	evaluated 4 times by 1 test Evaluated by: tlstest

0-4

1533

return (NULL);

never executed: return ( ((void *)0) );

1534 -

1535

return (s->session && !s->tlsext_hostname ?

executed 4 times by 1 test: return (s->session && !s->tlsext_hostname ? s->session->tlsext_hostname : s->tlsext_hostname);

Executed by:

tlstest

s->session	Description
TRUE	evaluated 4 times by 1 test Evaluated by: tlstest
FALSE	never evaluated

!s->tlsext_hostname	Description
TRUE	evaluated 4 times by 1 test Evaluated by: tlstest
FALSE	never evaluated

0-4

1536

s->session->tlsext_hostname :

executed 4 times by 1 test: return (s->session && !s->tlsext_hostname ? s->session->tlsext_hostname : s->tlsext_hostname);

Executed by:

tlstest

1537

s->tlsext_hostname);

executed 4 times by 1 test: return (s->session && !s->tlsext_hostname ? s->session->tlsext_hostname : s->tlsext_hostname);

Executed by:

tlstest

1538 } -

1539 -

1540 int -

1541 SSL_get_servername_type(const SSL *s) -

1542 { -

1543

if (s->session &&

s->session	Description
TRUE	never evaluated
FALSE	never evaluated

1544

(!s->tlsext_hostname ?

!s->tlsext_hostname	Description
TRUE	never evaluated
FALSE	never evaluated

(!s->tlsext_ho...sext_hostname)	Description
TRUE	never evaluated
FALSE	never evaluated

1545

s->session->tlsext_hostname : s->tlsext_hostname))

(!s->tlsext_ho...sext_hostname)	Description
TRUE	never evaluated
FALSE	never evaluated

1546

return (TLSEXT_NAMETYPE_host_name);

never executed: return (0);

1547

return (-1);

never executed: return (-1);

1548 } -

1549 -

1550 /* -

1551 * SSL_select_next_proto implements standard protocol selection. It is -

1552 * expected that this function is called from the callback set by -

1553 * SSL_CTX_set_alpn_select_cb. -

1554 * -

1555 * The protocol data is assumed to be a vector of 8-bit, length prefixed byte -

1556 * strings. The length byte itself is not included in the length. A byte -

1557 * string of length 0 is invalid. No byte string may be truncated. -

1558 * -

1559 * It returns either: -

1560 * OPENSSL_NPN_NEGOTIATED if a common protocol was found, or -

1561 * OPENSSL_NPN_NO_OVERLAP if the fallback case was reached. -

1562 */ -

1563 int -

1564 SSL_select_next_proto(unsigned char **out, unsigned char *outlen, -

1565 const unsigned char *server, unsigned int server_len, -

1566 const unsigned char *client, unsigned int client_len) -

1567 { -

1568 unsigned int i, j; -

1569 const unsigned char *result; -

1570 int status = OPENSSL_NPN_UNSUPPORTED; -

1571 -

1572 /* -

1573 * For each protocol in server preference order, -

1574 * see if we support it. -

1575 */ -

1576

for (i = 0; i < server_len; ) {

i < server_len	Description
TRUE	evaluated 9 times by 1 test Evaluated by: ssltest
FALSE	evaluated 2 times by 1 test Evaluated by: ssltest

2-9

1577

for (j = 0; j < client_len; ) {

j < client_len	Description
TRUE	evaluated 12 times by 1 test Evaluated by: ssltest
FALSE	evaluated 3 times by 1 test Evaluated by: ssltest

3-12

1578

if (server[i] == client[j] &&

server[i] == client[j]	Description
TRUE	evaluated 12 times by 1 test Evaluated by: ssltest
FALSE	never evaluated

0-12

1579

memcmp(&server[i + 1],

memcmp(&server...erver[i]) == 0	Description
TRUE	evaluated 6 times by 1 test Evaluated by: ssltest
FALSE	evaluated 6 times by 1 test Evaluated by: ssltest

1580

&client[j + 1], server[i]) == 0) {

memcmp(&server...erver[i]) == 0	Description
TRUE	evaluated 6 times by 1 test Evaluated by: ssltest
FALSE	evaluated 6 times by 1 test Evaluated by: ssltest

1581 /* We found a match */ -

1582 result = &server[i]; -

1583 status = OPENSSL_NPN_NEGOTIATED; -

1584

goto found;

executed 6 times by 1 test: goto found;

Executed by:

ssltest

1585 } -

1586 j += client[j]; -

1587 j++; -

1588

}

executed 6 times by 1 test: end of block

Executed by:

ssltest

1589 i += server[i]; -

1590 i++; -

1591

}

executed 3 times by 1 test: end of block

Executed by:

ssltest

1592 -

1593 /* There's no overlap between our protocols and the server's list. */ -

1594 result = client; -

1595 status = OPENSSL_NPN_NO_OVERLAP; -

1596 -

1597

found:

code before this statement executed 2 times by 1 test: found:

Executed by:

ssltest

1598 *out = (unsigned char *) result + 1; -

1599 *outlen = result[0]; -

1600

return (status);

executed 8 times by 1 test: return (status);

Executed by:

ssltest

1601 } -

1602 -

1603 /* SSL_get0_next_proto_negotiated is deprecated. */ -

1604 void -

1605 SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data, -

1606 unsigned *len) -

1607 { -

1608 *data = NULL; -

1609 *len = 0; -

1610

}

never executed: end of block

1611 -

1612 /* SSL_CTX_set_next_protos_advertised_cb is deprecated. */ -

1613 void -

1614 SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *ctx, int (*cb) (SSL *ssl, -

1615 const unsigned char **out, unsigned int *outlen, void *arg), void *arg) -

1616 { -

1617 } -

1618 -

1619 /* SSL_CTX_set_next_proto_select_cb is deprecated. */ -

1620 void -

1621 SSL_CTX_set_next_proto_select_cb(SSL_CTX *ctx, int (*cb) (SSL *s, -

1622 unsigned char **out, unsigned char *outlen, const unsigned char *in, -

1623 unsigned int inlen, void *arg), void *arg) -

1624 { -

1625 } -

1626 -

1627 /* -

1628 * SSL_CTX_set_alpn_protos sets the ALPN protocol list to the specified -

1629 * protocols, which must be in wire-format (i.e. a series of non-empty, -

1630 * 8-bit length-prefixed strings). Returns 0 on success. -

1631 */ -

1632 int -

1633 SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char *protos, -

1634 unsigned int protos_len) -

1635 { -

1636 int failed = 1; -

1637 -

1638

if (protos == NULL || protos_len == 0)

protos == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 8 times by 1 test Evaluated by: ssltest

protos_len == 0	Description
TRUE	never evaluated
FALSE	evaluated 8 times by 1 test Evaluated by: ssltest

0-8

1639

goto err;

never executed: goto err;

1640 -

1641 free(ctx->internal->alpn_client_proto_list); -

1642 ctx->internal->alpn_client_proto_list = NULL; -

1643 ctx->internal->alpn_client_proto_list_len = 0; -

1644 -

1645

if ((ctx->internal->alpn_client_proto_list = malloc(protos_len))

(ctx->internal...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 8 times by 1 test Evaluated by: ssltest

0-8

1646

== NULL)

(ctx->internal...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 8 times by 1 test Evaluated by: ssltest

0-8

1647

goto err;

never executed: goto err;

1648 ctx->internal->alpn_client_proto_list_len = protos_len; -

1649 -

1650 memcpy(ctx->internal->alpn_client_proto_list, protos, protos_len); -

1651 -

1652 failed = 0; -

1653 -

1654

err:

code before this statement executed 8 times by 1 test: err:

Executed by:

ssltest

1655 /* NOTE: Return values are the reverse of what you expect. */ -

1656

return (failed);

executed 8 times by 1 test: return (failed);

Executed by:

ssltest

1657 } -

1658 -

1659 /* -

1660 * SSL_set_alpn_protos sets the ALPN protocol list to the specified -

1661 * protocols, which must be in wire-format (i.e. a series of non-empty, -

1662 * 8-bit length-prefixed strings). Returns 0 on success. -

1663 */ -

1664 int -

1665 SSL_set_alpn_protos(SSL *ssl, const unsigned char *protos, -

1666 unsigned int protos_len) -

1667 { -

1668 int failed = 1; -

1669 -

1670

if (protos == NULL || protos_len == 0)

protos == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 5 times by 2 tests Evaluated by: tls_ext_alpn tlsexttest

protos_len == 0	Description
TRUE	never evaluated
FALSE	evaluated 5 times by 2 tests Evaluated by: tls_ext_alpn tlsexttest

0-5

1671

goto err;

never executed: goto err;

1672 -

1673 free(ssl->internal->alpn_client_proto_list); -

1674 ssl->internal->alpn_client_proto_list = NULL; -

1675 ssl->internal->alpn_client_proto_list_len = 0; -

1676 -

1677

if ((ssl->internal->alpn_client_proto_list = malloc(protos_len))

(ssl->internal...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 5 times by 2 tests Evaluated by: tls_ext_alpn tlsexttest

0-5

1678

== NULL)

(ssl->internal...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 5 times by 2 tests Evaluated by: tls_ext_alpn tlsexttest

0-5

1679

goto err;

never executed: goto err;

1680 ssl->internal->alpn_client_proto_list_len = protos_len; -

1681 -

1682 memcpy(ssl->internal->alpn_client_proto_list, protos, protos_len); -

1683 -

1684 failed = 0; -

1685 -

1686

err:

code before this statement executed 5 times by 2 tests: err:

Executed by:

tls_ext_alpn
tlsexttest

1687 /* NOTE: Return values are the reverse of what you expect. */ -

1688

return (failed);

executed 5 times by 2 tests: return (failed);

Executed by:

tls_ext_alpn
tlsexttest

1689 } -

1690 -

1691 /* -

1692 * SSL_CTX_set_alpn_select_cb sets a callback function that is called during -

1693 * ClientHello processing in order to select an ALPN protocol from the -

1694 * client's list of offered protocols. -

1695 */ -

1696 void -

1697 SSL_CTX_set_alpn_select_cb(SSL_CTX* ctx, -

1698 int (*cb) (SSL *ssl, const unsigned char **out, unsigned char *outlen, -

1699 const unsigned char *in, unsigned int inlen, void *arg), void *arg) -

1700 { -

1701 ctx->internal->alpn_select_cb = cb; -

1702 ctx->internal->alpn_select_cb_arg = arg; -

1703

}

executed 10 times by 2 tests: end of block

Executed by:

ssltest
tls_ext_alpn

1704 -

1705 /* -

1706 * SSL_get0_alpn_selected gets the selected ALPN protocol (if any). On return -

1707 * it sets data to point to len bytes of protocol name (not including the -

1708 * leading length-prefix byte). If the server didn't respond with* a negotiated -

1709 * protocol then len will be zero. -

1710 */ -

1711 void -

1712 SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data, -

1713 unsigned *len) -

1714 { -

1715 *data = NULL; -

1716 *len = 0; -

1717 -

1718

if (ssl->s3 != NULL) {

ssl->s3 != ((void *)0)	Description
TRUE	evaluated 126 times by 2 tests Evaluated by: ssltest tlstest
FALSE	never evaluated

0-126

1719 *data = ssl->s3->internal->alpn_selected; -

1720 *len = ssl->s3->internal->alpn_selected_len; -

1721

}

executed 126 times by 2 tests: end of block

Executed by:

ssltest
tlstest

126

1722

}

executed 126 times by 2 tests: end of block

Executed by:

ssltest
tlstest

126

1723 -

1724 int -

1725 SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen, -

1726 const char *label, size_t llen, const unsigned char *p, size_t plen, -

1727 int use_context) -

1728 { -

1729

return (tls1_export_keying_material(s, out, olen,

never executed: return (tls1_export_keying_material(s, out, olen, label, llen, p, plen, use_context));

1730

label, llen, p, plen, use_context));

never executed: return (tls1_export_keying_material(s, out, olen, label, llen, p, plen, use_context));

1731 } -

1732 -

1733 static unsigned long -

1734 ssl_session_hash(const SSL_SESSION *a) -

1735 { -

1736 unsigned long l; -

1737 -

1738 l = (unsigned long) -

1739 ((unsigned int) a->session_id[0] )| -

1740 ((unsigned int) a->session_id[1]<< 8L)| -

1741 ((unsigned long)a->session_id[2]<<16L)| -

1742 ((unsigned long)a->session_id[3]<<24L); -

1743

return (l);

executed 12 times by 2 tests: return (l);

Executed by:

servertest
tlstest

1744 } -

1745 -

1746 /* -

1747 * NB: If this function (or indeed the hash function which uses a sort of -

1748 * coarser function than this one) is changed, ensure -

1749 * SSL_CTX_has_matching_session_id() is checked accordingly. It relies on being -

1750 * able to construct an SSL_SESSION that will collide with any existing session -

1751 * with a matching session ID. -

1752 */ -

1753 static int -

1754 ssl_session_cmp(const SSL_SESSION *a, const SSL_SESSION *b) -

1755 { -

1756

if (a->ssl_version != b->ssl_version)

a->ssl_version...b->ssl_version	Description
TRUE	never evaluated
FALSE	never evaluated

1757

return (1);

never executed: return (1);

1758

if (a->session_id_length != b->session_id_length)

a->session_id_...sion_id_length	Description
TRUE	never evaluated
FALSE	never evaluated

1759

return (1);

never executed: return (1);

1760

if (timingsafe_memcmp(a->session_id, b->session_id, a->session_id_length) != 0)

timingsafe_mem...d_length) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

1761

return (1);

never executed: return (1);

1762

return (0);

never executed: return (0);

1763 } -

1764 -

1765 /* -

1766 * These wrapper functions should remain rather than redeclaring -

1767 * SSL_SESSION_hash and SSL_SESSION_cmp for void* types and casting each -

1768 * variable. The reason is that the functions aren't static, they're exposed via -

1769 * ssl.h. -

1770 */ -

1771 static unsigned long -

1772 ssl_session_LHASH_HASH(const void *arg) -

1773 { -

1774 const SSL_SESSION *a = arg; -

1775 -

1776

return ssl_session_hash(a);

executed 12 times by 2 tests: return ssl_session_hash(a);

Executed by:

servertest
tlstest

1777 } -

1778 -

1779 static int -

1780 ssl_session_LHASH_COMP(const void *arg1, const void *arg2) -

1781 { -

1782 const SSL_SESSION *a = arg1; -

1783 const SSL_SESSION *b = arg2; -

1784 -

1785

return ssl_session_cmp(a, b);

never executed: return ssl_session_cmp(a, b);

1786 } -

1787 -

1788 SSL_CTX * -

1789 SSL_CTX_new(const SSL_METHOD *meth) -

1790 { -

1791 SSL_CTX *ret; -

1792 -

1793

if (!OPENSSL_init_ssl(0, NULL)) {

!OPENSSL_init_... ((void *)0) )	Description
TRUE	never evaluated
FALSE	evaluated 214 times by 13 tests Evaluated by: cipher_list cipherstest clienttest configtest libssl.so.46.0.1 servertest ssl_versions ssltest tls_ext_alpn tls_prf tlsexttest tlstest verifytest

0-214

1794 SSLerrorx(SSL_R_LIBRARY_BUG); -

1795

return (NULL);

never executed: return ( ((void *)0) );

1796 } -

1797 -

1798

if (meth == NULL) {

meth == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 214 times by 13 tests Evaluated by: cipher_list cipherstest clienttest configtest libssl.so.46.0.1 servertest ssl_versions ssltest tls_ext_alpn tls_prf tlsexttest tlstest verifytest

0-214

1799 SSLerrorx(SSL_R_NULL_SSL_METHOD_PASSED); -

1800

return (NULL);

never executed: return ( ((void *)0) );

1801 } -

1802 -

1803

if ((ret = calloc(1, sizeof(*ret))) == NULL) {

(ret = calloc(...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 214 times by 13 tests Evaluated by: cipher_list cipherstest clienttest configtest libssl.so.46.0.1 servertest ssl_versions ssltest tls_ext_alpn tls_prf tlsexttest tlstest verifytest

0-214

1804 SSLerrorx(ERR_R_MALLOC_FAILURE); -

1805

return (NULL);

never executed: return ( ((void *)0) );

1806 } -

1807

if ((ret->internal = calloc(1, sizeof(*ret->internal))) == NULL) {

(ret->internal...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 214 times by 13 tests Evaluated by: cipher_list cipherstest clienttest configtest libssl.so.46.0.1 servertest ssl_versions ssltest tls_ext_alpn tls_prf tlsexttest tlstest verifytest

0-214

1808 free(ret); -

1809 SSLerrorx(ERR_R_MALLOC_FAILURE); -

1810

return (NULL);

never executed: return ( ((void *)0) );

1811 } -

1812 -

1813

if (SSL_get_ex_data_X509_STORE_CTX_idx() < 0) {

SSL_get_ex_dat..._CTX_idx() < 0	Description
TRUE	never evaluated
FALSE	evaluated 214 times by 13 tests Evaluated by: cipher_list cipherstest clienttest configtest libssl.so.46.0.1 servertest ssl_versions ssltest tls_ext_alpn tls_prf tlsexttest tlstest verifytest

0-214

1814 SSLerrorx(SSL_R_X509_VERIFICATION_SETUP_PROBLEMS); -

1815

goto err;

never executed: goto err;

1816 } -

1817 -

1818 ret->method = meth; -

1819 ret->internal->min_version = meth->internal->min_version; -

1820 ret->internal->max_version = meth->internal->max_version; -

1821 -

1822 ret->cert_store = NULL; -

1823 ret->internal->session_cache_mode = SSL_SESS_CACHE_SERVER; -

1824 ret->internal->session_cache_size = SSL_SESSION_CACHE_MAX_SIZE_DEFAULT; -

1825 ret->internal->session_cache_head = NULL; -

1826 ret->internal->session_cache_tail = NULL; -

1827 -

1828 /* We take the system default */ -

1829 ret->session_timeout = meth->internal->get_timeout(); -

1830 -

1831 ret->internal->new_session_cb = 0; -

1832 ret->internal->remove_session_cb = 0; -

1833 ret->internal->get_session_cb = 0; -

1834 ret->internal->generate_session_id = 0; -

1835 -

1836 memset((char *)&ret->internal->stats, 0, sizeof(ret->internal->stats)); -

1837 -

1838 ret->references = 1; -

1839 ret->internal->quiet_shutdown = 0; -

1840 -

1841 ret->internal->info_callback = NULL; -

1842 -

1843 ret->internal->app_verify_callback = 0; -

1844 ret->internal->app_verify_arg = NULL; -

1845 -

1846 ret->internal->max_cert_list = SSL_MAX_CERT_LIST_DEFAULT; -

1847 ret->internal->read_ahead = 0; -

1848 ret->internal->msg_callback = 0; -

1849 ret->internal->msg_callback_arg = NULL; -

1850 ret->verify_mode = SSL_VERIFY_NONE; -

1851 ret->sid_ctx_length = 0; -

1852 ret->internal->default_verify_callback = NULL; -

1853

if ((ret->internal->cert = ssl_cert_new()) == NULL)

(ret->internal...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 214 times by 13 tests Evaluated by: cipher_list cipherstest clienttest configtest libssl.so.46.0.1 servertest ssl_versions ssltest tls_ext_alpn tls_prf tlsexttest tlstest verifytest

0-214

1854

goto err;

never executed: goto err;

1855 -

1856 ret->default_passwd_callback = 0; -

1857 ret->default_passwd_callback_userdata = NULL; -

1858 ret->internal->client_cert_cb = 0; -

1859 ret->internal->app_gen_cookie_cb = 0; -

1860 ret->internal->app_verify_cookie_cb = 0; -

1861 -

1862 ret->internal->sessions = lh_SSL_SESSION_new(); -

1863

if (ret->internal->sessions == NULL)

ret->internal-...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 214 times by 13 tests Evaluated by: cipher_list cipherstest clienttest configtest libssl.so.46.0.1 servertest ssl_versions ssltest tls_ext_alpn tls_prf tlsexttest tlstest verifytest

0-214

1864

goto err;

never executed: goto err;

1865 ret->cert_store = X509_STORE_new(); -

1866

if (ret->cert_store == NULL)

ret->cert_store == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 214 times by 13 tests Evaluated by: cipher_list cipherstest clienttest configtest libssl.so.46.0.1 servertest ssl_versions ssltest tls_ext_alpn tls_prf tlsexttest tlstest verifytest

0-214

1867

goto err;

never executed: goto err;

1868 -

1869 ssl_create_cipher_list(ret->method, &ret->cipher_list, -

1870 &ret->internal->cipher_list_by_id, SSL_DEFAULT_CIPHER_LIST); -

1871

if (ret->cipher_list == NULL ||

ret->cipher_li...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 214 times by 13 tests Evaluated by: cipher_list cipherstest clienttest configtest libssl.so.46.0.1 servertest ssl_versions ssltest tls_ext_alpn tls_prf tlsexttest tlstest verifytest

0-214

1872

sk_SSL_CIPHER_num(ret->cipher_list) <= 0) {

sk_num(((_STAC...HER*)0))) <= 0	Description
TRUE	never evaluated
FALSE	evaluated 214 times by 13 tests Evaluated by: cipher_list cipherstest clienttest configtest libssl.so.46.0.1 servertest ssl_versions ssltest tls_ext_alpn tls_prf tlsexttest tlstest verifytest

0-214

1873 SSLerrorx(SSL_R_LIBRARY_HAS_NO_CIPHERS); -

1874

goto err2;

never executed: goto err2;

1875 } -

1876 -

1877 ret->param = X509_VERIFY_PARAM_new(); -

1878

if (!ret->param)

!ret->param	Description
TRUE	never evaluated
FALSE	evaluated 214 times by 13 tests Evaluated by: cipher_list cipherstest clienttest configtest libssl.so.46.0.1 servertest ssl_versions ssltest tls_ext_alpn tls_prf tlsexttest tlstest verifytest

0-214

1879

goto err;

never executed: goto err;

1880 -

1881

if ((ret->internal->client_CA = sk_X509_NAME_new_null()) == NULL)

(ret->internal...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 214 times by 13 tests Evaluated by: cipher_list cipherstest clienttest configtest libssl.so.46.0.1 servertest ssl_versions ssltest tls_ext_alpn tls_prf tlsexttest tlstest verifytest

0-214

1882

goto err;

never executed: goto err;

1883 -

1884 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_CTX, ret, &ret->internal->ex_data); -

1885 -

1886 ret->extra_certs = NULL; -

1887 -

1888 ret->internal->max_send_fragment = SSL3_RT_MAX_PLAIN_LENGTH; -

1889 -

1890 ret->internal->tlsext_servername_callback = 0; -

1891 ret->internal->tlsext_servername_arg = NULL; -

1892 -

1893 /* Setup RFC4507 ticket keys */ -

1894 arc4random_buf(ret->internal->tlsext_tick_key_name, 16); -

1895 arc4random_buf(ret->internal->tlsext_tick_hmac_key, 16); -

1896 arc4random_buf(ret->internal->tlsext_tick_aes_key, 16); -

1897 -

1898 ret->internal->tlsext_status_cb = 0; -

1899 ret->internal->tlsext_status_arg = NULL; -

1900 -

1901 #ifndef OPENSSL_NO_ENGINE -

1902 ret->internal->client_cert_engine = NULL; -

1903 #ifdef OPENSSL_SSL_CLIENT_ENGINE_AUTO -

1904 #define eng_strx(x) #x -

1905 #define eng_str(x) eng_strx(x) -

1906 /* Use specific client engine automatically... ignore errors */ -

1907 { -

1908 ENGINE *eng; -

1909 eng = ENGINE_by_id(eng_str(OPENSSL_SSL_CLIENT_ENGINE_AUTO)); -

1910 if (!eng) { -

1911 ERR_clear_error(); -

1912 ENGINE_load_builtin_engines(); -

1913 eng = ENGINE_by_id(eng_str( -

1914 OPENSSL_SSL_CLIENT_ENGINE_AUTO)); -

1915 } -

1916 if (!eng || !SSL_CTX_set_client_cert_engine(ret, eng)) -

1917 ERR_clear_error(); -

1918 } -

1919 #endif -

1920 #endif -

1921 /* -

1922 * Default is to connect to non-RI servers. When RI is more widely -

1923 * deployed might change this. -

1924 */ -

1925 ret->internal->options |= SSL_OP_LEGACY_SERVER_CONNECT; -

1926 -

1927

return (ret);

executed 214 times by 13 tests: return (ret);

Executed by:

cipher_list
cipherstest
clienttest
configtest
libssl.so.46.0.1
servertest
ssl_versions
ssltest
tls_ext_alpn
tls_prf
tlsexttest
tlstest
verifytest

214

1928 err: -

1929 SSLerrorx(ERR_R_MALLOC_FAILURE); -

1930

err2:

code before this statement never executed: err2:

1931 SSL_CTX_free(ret); -

1932

return (NULL);

never executed: return ( ((void *)0) );

1933 } -

1934 -

1935 void -

1936 SSL_CTX_free(SSL_CTX *ctx) -

1937 { -

1938 int i; -

1939 -

1940

if (ctx == NULL)

ctx == ((void *)0)	Description
TRUE	evaluated 74 times by 2 tests Evaluated by: tlstest verifytest
FALSE	evaluated 597 times by 13 tests Evaluated by: cipher_list cipherstest clienttest configtest libssl.so.46.0.1 servertest ssl_versions ssltest tls_ext_alpn tls_prf tlsexttest tlstest verifytest

74-597

1941

return;

executed 74 times by 2 tests: return;

Executed by:

tlstest
verifytest

1942 -

1943 i = CRYPTO_add(&ctx->references, -1, CRYPTO_LOCK_SSL_CTX); -

1944

if (i > 0)

i > 0	Description
TRUE	evaluated 390 times by 11 tests Evaluated by: cipher_list cipherstest clienttest libssl.so.46.0.1 servertest ssl_versions ssltest tls_ext_alpn tls_prf tlsexttest tlstest
FALSE	evaluated 207 times by 13 tests Evaluated by: cipher_list cipherstest clienttest configtest libssl.so.46.0.1 servertest ssl_versions ssltest tls_ext_alpn tls_prf tlsexttest tlstest verifytest

207-390

1945

return;

executed 390 times by 11 tests: return;

Executed by:

cipher_list
cipherstest
clienttest
libssl.so.46.0.1
servertest
ssl_versions
ssltest
tls_ext_alpn
tls_prf
tlsexttest
tlstest

390

1946 -

1947 X509_VERIFY_PARAM_free(ctx->param); -

1948 -

1949 /* -

1950 * Free internal session cache. However: the remove_cb() may reference -

1951 * the ex_data of SSL_CTX, thus the ex_data store can only be removed -

1952 * after the sessions were flushed. -

1953 * As the ex_data handling routines might also touch the session cache, -

1954 * the most secure solution seems to be: empty (flush) the cache, then -

1955 * free ex_data, then finally free the cache. -

1956 * (See ticket [openssl.org #212].) -

1957 */ -

1958

if (ctx->internal->sessions != NULL)

ctx->internal-...!= ((void *)0)	Description
TRUE	evaluated 207 times by 13 tests Evaluated by: cipher_list cipherstest clienttest configtest libssl.so.46.0.1 servertest ssl_versions ssltest tls_ext_alpn tls_prf tlsexttest tlstest verifytest
FALSE	never evaluated

0-207

1959

SSL_CTX_flush_sessions(ctx, 0);

executed 207 times by 13 tests: SSL_CTX_flush_sessions(ctx, 0);

Executed by:

cipher_list
cipherstest
clienttest
configtest
libssl.so.46.0.1
servertest
ssl_versions
ssltest
tls_ext_alpn
tls_prf
tlsexttest
tlstest
verifytest

207

1960 -

1961 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_CTX, ctx, &ctx->internal->ex_data); -

1962 -

1963 lh_SSL_SESSION_free(ctx->internal->sessions); -

1964 -

1965 X509_STORE_free(ctx->cert_store); -

1966 sk_SSL_CIPHER_free(ctx->cipher_list); -

1967 sk_SSL_CIPHER_free(ctx->internal->cipher_list_by_id); -

1968 ssl_cert_free(ctx->internal->cert); -

1969 sk_X509_NAME_pop_free(ctx->internal->client_CA, X509_NAME_free); -

1970 sk_X509_pop_free(ctx->extra_certs, X509_free); -

1971 -

1972 #ifndef OPENSSL_NO_SRTP -

1973

if (ctx->internal->srtp_profiles)

ctx->internal->srtp_profiles	Description
TRUE	never evaluated
FALSE	evaluated 207 times by 13 tests Evaluated by: cipher_list cipherstest clienttest configtest libssl.so.46.0.1 servertest ssl_versions ssltest tls_ext_alpn tls_prf tlsexttest tlstest verifytest

0-207

1974

sk_SRTP_PROTECTION_PROFILE_free(ctx->internal->srtp_profiles);

never executed: sk_free(((_STACK*) (1 ? (ctx->internal->srtp_profiles) : (struct stack_st_SRTP_PROTECTION_PROFILE*)0)));

1975 #endif -

1976 -

1977 #ifndef OPENSSL_NO_ENGINE -

1978 ENGINE_finish(ctx->internal->client_cert_engine); -

1979 #endif -

1980 -

1981 free(ctx->internal->tlsext_ecpointformatlist); -

1982 free(ctx->internal->tlsext_supportedgroups); -

1983 -

1984 free(ctx->internal->alpn_client_proto_list); -

1985 -

1986 free(ctx->internal); -

1987 free(ctx); -

1988

}

executed 207 times by 13 tests: end of block

Executed by:

cipher_list
cipherstest
clienttest
configtest
libssl.so.46.0.1
servertest
ssl_versions
ssltest
tls_ext_alpn
tls_prf
tlsexttest
tlstest
verifytest

207

1989 -

1990 int -

1991 SSL_CTX_up_ref(SSL_CTX *ctx) -

1992 { -

1993 int refs = CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX); -

1994

return ((refs > 1) ? 1 : 0);

never executed: return ((refs > 1) ? 1 : 0);

(refs > 1)	Description
TRUE	never evaluated
FALSE	never evaluated

1995 } -

1996 -

1997 pem_password_cb * -

1998 SSL_CTX_get_default_passwd_cb(SSL_CTX *ctx) -

1999 { -

2000

return (ctx->default_passwd_callback);

never executed: return (ctx->default_passwd_callback);

2001 } -

2002 -

2003 void -

2004 SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb) -

2005 { -

2006 ctx->default_passwd_callback = cb; -

2007

}

never executed: end of block

2008 -

2009 void * -

2010 SSL_CTX_get_default_passwd_cb_userdata(SSL_CTX *ctx) -

2011 { -

2012

return ctx->default_passwd_callback_userdata;

never executed: return ctx->default_passwd_callback_userdata;

2013 } -

2014 -

2015 void -

2016 SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u) -

2017 { -

2018 ctx->default_passwd_callback_userdata = u; -

2019

}

never executed: end of block

2020 -

2021 void -

2022 SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx, int (*cb)(X509_STORE_CTX *, -

2023 void *), void *arg) -

2024 { -

2025 ctx->internal->app_verify_callback = cb; -

2026 ctx->internal->app_verify_arg = arg; -

2027

}

executed 18 times by 2 tests: end of block

Executed by:

ssltest
tlstest

2028 -

2029 void -

2030 SSL_CTX_set_verify(SSL_CTX *ctx, int mode, int (*cb)(int, X509_STORE_CTX *)) -

2031 { -

2032 ctx->verify_mode = mode; -

2033 ctx->internal->default_verify_callback = cb; -

2034

}

executed 18 times by 2 tests: end of block

Executed by:

ssltest
tlstest

2035 -

2036 void -

2037 SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth) -

2038 { -

2039 X509_VERIFY_PARAM_set_depth(ctx->param, depth); -

2040

}

executed 4 times by 1 test: end of block

Executed by:

tlstest

2041 -

2042 void -

2043 ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher) -

2044 { -

2045 int rsa_enc, rsa_sign, dh_tmp; -

2046 int have_ecc_cert; -

2047 unsigned long mask_k, mask_a; -

2048 X509 *x = NULL; -

2049 CERT_PKEY *cpk; -

2050 -

2051

if (c == NULL)

c == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 149 times by 3 tests Evaluated by: servertest ssltest tlstest

0-149

2052

return;

never executed: return;

2053 -

2054

dh_tmp = (c->dh_tmp != NULL || c->dh_tmp_cb != NULL ||

c->dh_tmp != ((void *)0)	Description
TRUE	evaluated 124 times by 1 test Evaluated by: ssltest
FALSE	evaluated 25 times by 3 tests Evaluated by: servertest ssltest tlstest

c->dh_tmp_cb != ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 25 times by 3 tests Evaluated by: servertest ssltest tlstest

0-124

2055

c->dh_tmp_auto != 0);

c->dh_tmp_auto != 0	Description
TRUE	evaluated 6 times by 1 test Evaluated by: servertest
FALSE	evaluated 19 times by 2 tests Evaluated by: ssltest tlstest

6-19

2056 -

2057 cpk = &(c->pkeys[SSL_PKEY_RSA_ENC]); -

2058

rsa_enc = (cpk->x509 != NULL && cpk->privatekey != NULL);

cpk->x509 != ((void *)0)	Description
TRUE	evaluated 149 times by 3 tests Evaluated by: servertest ssltest tlstest
FALSE	never evaluated

cpk->privatekey != ((void *)0)	Description
TRUE	evaluated 149 times by 3 tests Evaluated by: servertest ssltest tlstest
FALSE	never evaluated

0-149

2059 cpk = &(c->pkeys[SSL_PKEY_RSA_SIGN]); -

2060

rsa_sign = (cpk->x509 != NULL && cpk->privatekey != NULL);

cpk->x509 != ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 149 times by 3 tests Evaluated by: servertest ssltest tlstest

cpk->privatekey != ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

0-149

2061 cpk = &(c->pkeys[SSL_PKEY_ECC]); -

2062

have_ecc_cert = (cpk->x509 != NULL && cpk->privatekey != NULL);

cpk->x509 != ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 149 times by 3 tests Evaluated by: servertest ssltest tlstest

cpk->privatekey != ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

0-149

2063 -

2064 mask_k = 0; -

2065 mask_a = 0; -

2066 -

2067 cpk = &(c->pkeys[SSL_PKEY_GOST01]); -

2068

if (cpk->x509 != NULL && cpk->privatekey !=NULL) {

cpk->x509 != ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 149 times by 3 tests Evaluated by: servertest ssltest tlstest

cpk->privatekey != ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

0-149

2069 mask_k |= SSL_kGOST; -

2070 mask_a |= SSL_aGOST01; -

2071

}

never executed: end of block

2072 -

2073

if (rsa_enc)

rsa_enc	Description
TRUE	evaluated 149 times by 3 tests Evaluated by: servertest ssltest tlstest
FALSE	never evaluated

0-149

2074

mask_k |= SSL_kRSA;

executed 149 times by 3 tests: mask_k |= 0x00000001L;

Executed by:

servertest
ssltest
tlstest

149

2075 -

2076

if (dh_tmp)

dh_tmp	Description
TRUE	evaluated 130 times by 2 tests Evaluated by: servertest ssltest
FALSE	evaluated 19 times by 2 tests Evaluated by: ssltest tlstest

19-130

2077

mask_k |= SSL_kDHE;

executed 130 times by 2 tests: mask_k |= 0x00000008L;

Executed by:

servertest
ssltest

130

2078 -

2079

if (rsa_enc || rsa_sign)

rsa_enc	Description
TRUE	evaluated 149 times by 3 tests Evaluated by: servertest ssltest tlstest
FALSE	never evaluated

rsa_sign	Description
TRUE	never evaluated
FALSE	never evaluated

0-149

2080

mask_a |= SSL_aRSA;

executed 149 times by 3 tests: mask_a |= 0x00000001L;

Executed by:

servertest
ssltest
tlstest

149

2081 -

2082 mask_a |= SSL_aNULL; -

2083 -

2084 /* -

2085 * An ECC certificate may be usable for ECDH and/or -

2086 * ECDSA cipher suites depending on the key usage extension. -

2087 */ -

2088

if (have_ecc_cert) {

have_ecc_cert	Description
TRUE	never evaluated
FALSE	evaluated 149 times by 3 tests Evaluated by: servertest ssltest tlstest

0-149

2089 x = (c->pkeys[SSL_PKEY_ECC]).x509; -

2090 -

2091 /* This call populates extension flags (ex_flags). */ -

2092 X509_check_purpose(x, -1, 0); -

2093 -

2094 /* Key usage, if present, must allow signing. */ -

2095

if ((x->ex_flags & EXFLAG_KUSAGE) == 0 ||

(x->ex_flags & 0x0002) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

2096

(x->ex_kusage & X509v3_KU_DIGITAL_SIGNATURE))

(x->ex_kusage & 0x0080)	Description
TRUE	never evaluated
FALSE	never evaluated

2097

mask_a |= SSL_aECDSA;

never executed: mask_a |= 0x00000040L;

2098

}

never executed: end of block

2099 -

2100 mask_k |= SSL_kECDHE; -

2101 -

2102 c->mask_k = mask_k; -

2103 c->mask_a = mask_a; -

2104 c->valid = 1; -

2105

}

executed 149 times by 3 tests: end of block

Executed by:

servertest
ssltest
tlstest

149

2106 -

2107 /* See if this handshake is using an ECC cipher suite. */ -

2108 int -

2109 ssl_using_ecc_cipher(SSL *s) -

2110 { -

2111 unsigned long alg_a, alg_k; -

2112 -

2113 alg_a = S3I(s)->hs.new_cipher->algorithm_auth; -

2114 alg_k = S3I(s)->hs.new_cipher->algorithm_mkey; -

2115 -

2116

return SSI(s)->tlsext_ecpointformatlist != NULL &&

executed 58 times by 4 tests:

return (s->session->internal)->tlsext_ecpointformatlist != ((void *)0) && (s->session->internal)->tlsext_ecpointformatlist_length > 0 && ((alg_k & 0x00000080L) || (alg_a & 0x00000040L));

Executed by:

servertest
ssltest
tlsexttest
tlstest

(s->session->i...!= ((void *)0)	Description
TRUE	evaluated 31 times by 3 tests Evaluated by: ssltest tlsexttest tlstest
FALSE	evaluated 27 times by 3 tests Evaluated by: servertest ssltest tlsexttest

27-58

2117

SSI(s)->tlsext_ecpointformatlist_length > 0 &&

executed 58 times by 4 tests:

return (s->session->internal)->tlsext_ecpointformatlist != ((void *)0) && (s->session->internal)->tlsext_ecpointformatlist_length > 0 && ((alg_k & 0x00000080L) || (alg_a & 0x00000040L));

Executed by:

servertest
ssltest
tlsexttest
tlstest

(s->session->i...ist_length > 0	Description
TRUE	evaluated 31 times by 3 tests Evaluated by: ssltest tlsexttest tlstest
FALSE	never evaluated

0-58

2118

((alg_k & SSL_kECDHE) || (alg_a & SSL_aECDSA));

executed 58 times by 4 tests:

return (s->session->internal)->tlsext_ecpointformatlist != ((void *)0) && (s->session->internal)->tlsext_ecpointformatlist_length > 0 && ((alg_k & 0x00000080L) || (alg_a & 0x00000040L));

Executed by:

servertest
ssltest
tlsexttest
tlstest

(alg_k & 0x00000080L)	Description
TRUE	evaluated 31 times by 3 tests Evaluated by: ssltest tlsexttest tlstest
FALSE	never evaluated

(alg_a & 0x00000040L)	Description
TRUE	never evaluated
FALSE	never evaluated

0-58

2119 } -

2120 -

2121 int -

2122 ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s) -

2123 { -

2124 const SSL_CIPHER *cs = S3I(s)->hs.new_cipher; -

2125 unsigned long alg_a; -

2126 -

2127 alg_a = cs->algorithm_auth; -

2128 -

2129

if (alg_a & SSL_aECDSA) {

alg_a & 0x00000040L	Description
TRUE	never evaluated
FALSE	never evaluated

2130 /* This call populates extension flags (ex_flags). */ -

2131 X509_check_purpose(x, -1, 0); -

2132 -

2133 /* Key usage, if present, must allow signing. */ -

2134

if ((x->ex_flags & EXFLAG_KUSAGE) &&

(x->ex_flags & 0x0002)	Description
TRUE	never evaluated
FALSE	never evaluated

2135

((x->ex_kusage & X509v3_KU_DIGITAL_SIGNATURE) == 0)) {

((x->ex_kusage & 0x0080) == 0)	Description
TRUE	never evaluated
FALSE	never evaluated

2136 SSLerror(s, SSL_R_ECC_CERT_NOT_FOR_SIGNING); -

2137

return (0);

never executed: return (0);

2138 } -

2139

}

never executed: end of block

2140 -

2141

return (1);

never executed: return (1);

2142 } -

2143 -

2144 CERT_PKEY * -

2145 ssl_get_server_send_pkey(const SSL *s) -

2146 { -

2147 unsigned long alg_a; -

2148 CERT *c; -

2149 int i; -

2150 -

2151 c = s->cert; -

2152 ssl_set_cert_masks(c, S3I(s)->hs.new_cipher); -

2153 -

2154 alg_a = S3I(s)->hs.new_cipher->algorithm_auth; -

2155 -

2156

if (alg_a & SSL_aECDSA) {

alg_a & 0x00000040L	Description
TRUE	never evaluated
FALSE	evaluated 61 times by 3 tests Evaluated by: servertest ssltest tlstest

0-61

2157 i = SSL_PKEY_ECC; -

2158

} else if (alg_a & SSL_aRSA) {

never executed: end of block

alg_a & 0x00000001L	Description
TRUE	evaluated 61 times by 3 tests Evaluated by: servertest ssltest tlstest
FALSE	never evaluated

0-61

2159

if (c->pkeys[SSL_PKEY_RSA_ENC].x509 == NULL)

c->pkeys[0].x5...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 61 times by 3 tests Evaluated by: servertest ssltest tlstest

0-61

2160

i = SSL_PKEY_RSA_SIGN;

never executed: i = 1;

2161 else -

2162

i = SSL_PKEY_RSA_ENC;

executed 61 times by 3 tests: i = 0;

Executed by:

servertest
ssltest
tlstest

2163

} else if (alg_a & SSL_aGOST01) {

alg_a & 0x00000200L	Description
TRUE	never evaluated
FALSE	never evaluated

2164 i = SSL_PKEY_GOST01; -

2165

} else { /* if (alg_a & SSL_aNULL) */

never executed: end of block

2166 SSLerror(s, ERR_R_INTERNAL_ERROR); -

2167

return (NULL);

never executed: return ( ((void *)0) );

2168 } -

2169 -

2170

return (c->pkeys + i);

executed 61 times by 3 tests: return (c->pkeys + i);

Executed by:

servertest
ssltest
tlstest

2171 } -

2172 -

2173 X509 * -

2174 ssl_get_server_send_cert(const SSL *s) -

2175 { -

2176 CERT_PKEY *cpk; -

2177 -

2178 cpk = ssl_get_server_send_pkey(s); -

2179

if (!cpk)

!cpk	Description
TRUE	never evaluated
FALSE	evaluated 55 times by 3 tests Evaluated by: servertest ssltest tlstest

0-55

2180

return (NULL);

never executed: return ( ((void *)0) );

2181

return (cpk->x509);

executed 55 times by 3 tests: return (cpk->x509);

Executed by:

servertest
ssltest
tlstest

2182 } -

2183 -

2184 EVP_PKEY * -

2185 ssl_get_sign_pkey(SSL *s, const SSL_CIPHER *cipher, const EVP_MD **pmd) -

2186 { -

2187 unsigned long alg_a; -

2188 CERT *c; -

2189 int idx = -1; -

2190 -

2191 alg_a = cipher->algorithm_auth; -

2192 c = s->cert; -

2193 -

2194

if (alg_a & SSL_aRSA) {

alg_a & 0x00000001L	Description
TRUE	evaluated 41 times by 3 tests Evaluated by: servertest ssltest tlstest
FALSE	never evaluated

0-41

2195

if (c->pkeys[SSL_PKEY_RSA_SIGN].privatekey != NULL)

c->pkeys[1].pr...!= ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 41 times by 3 tests Evaluated by: servertest ssltest tlstest

0-41

2196

idx = SSL_PKEY_RSA_SIGN;

never executed: idx = 1;

2197

else if (c->pkeys[SSL_PKEY_RSA_ENC].privatekey != NULL)

c->pkeys[0].pr...!= ((void *)0)	Description
TRUE	evaluated 41 times by 3 tests Evaluated by: servertest ssltest tlstest
FALSE	never evaluated

0-41

2198

idx = SSL_PKEY_RSA_ENC;

executed 41 times by 3 tests: idx = 0;

Executed by:

servertest
ssltest
tlstest

2199

} else if ((alg_a & SSL_aECDSA) &&

executed 41 times by 3 tests: end of block

Executed by:

servertest
ssltest
tlstest

(alg_a & 0x00000040L)	Description
TRUE	never evaluated
FALSE	never evaluated

0-41

2200

(c->pkeys[SSL_PKEY_ECC].privatekey != NULL))

(c->pkeys[3].p... ((void *)0) )	Description
TRUE	never evaluated
FALSE	never evaluated

2201

idx = SSL_PKEY_ECC;

never executed: idx = 3;

2202

if (idx == -1) {

idx == -1	Description
TRUE	never evaluated
FALSE	evaluated 41 times by 3 tests Evaluated by: servertest ssltest tlstest

0-41

2203 SSLerror(s, ERR_R_INTERNAL_ERROR); -

2204

return (NULL);

never executed: return ( ((void *)0) );

2205 } -

2206

if (pmd)

pmd	Description
TRUE	evaluated 41 times by 3 tests Evaluated by: servertest ssltest tlstest
FALSE	never evaluated

0-41

2207

*pmd = c->pkeys[idx].digest;

executed 41 times by 3 tests: *pmd = c->pkeys[idx].digest;

Executed by:

servertest
ssltest
tlstest

2208

return (c->pkeys[idx].privatekey);

executed 41 times by 3 tests: return (c->pkeys[idx].privatekey);

Executed by:

servertest
ssltest
tlstest

2209 } -

2210 -

2211 DH * -

2212 ssl_get_auto_dh(SSL *s) -

2213 { -

2214 CERT_PKEY *cpk; -

2215 int keylen; -

2216 DH *dhp; -

2217 -

2218

if (s->cert->dh_tmp_auto == 2) {

s->cert->dh_tmp_auto == 2	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: servertest

0-2

2219 keylen = 1024; -

2220

} else if (S3I(s)->hs.new_cipher->algorithm_auth & SSL_aNULL) {

never executed: end of block

(s->s3->intern... & 0x00000004L	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: servertest

0-2

2221 keylen = 1024; -

2222

if (S3I(s)->hs.new_cipher->strength_bits == 256)

(s->s3->intern...th_bits == 256	Description
TRUE	never evaluated
FALSE	never evaluated

2223

keylen = 3072;

never executed: keylen = 3072;

2224

} else {

never executed: end of block

2225

if ((cpk = ssl_get_server_send_pkey(s)) == NULL)

(cpk = ssl_get...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: servertest

0-2

2226

return (NULL);

never executed: return ( ((void *)0) );

2227

if (cpk->privatekey == NULL || cpk->privatekey->pkey.dh == NULL)

cpk->privatekey == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: servertest

cpk->privateke...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: servertest

0-2

2228

return (NULL);

never executed: return ( ((void *)0) );

2229 keylen = EVP_PKEY_bits(cpk->privatekey); -

2230

}

executed 2 times by 1 test: end of block

Executed by:

servertest

2231 -

2232

if ((dhp = DH_new()) == NULL)

(dhp = DH_new(...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: servertest

0-2

2233

return (NULL);

never executed: return ( ((void *)0) );

2234 -

2235 dhp->g = BN_new(); -

2236

if (dhp->g != NULL)

dhp->g != ((void *)0)	Description
TRUE	evaluated 2 times by 1 test Evaluated by: servertest
FALSE	never evaluated

0-2

2237

BN_set_word(dhp->g, 2);

executed 2 times by 1 test: BN_set_word(dhp->g, 2);

Executed by:

servertest

2238 -

2239

if (keylen >= 8192)

keylen >= 8192	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: servertest

0-2

2240

dhp->p = get_rfc3526_prime_8192(NULL);

never executed: dhp->p = get_rfc3526_prime_8192( ((void *)0) );

2241

else if (keylen >= 4096)

keylen >= 4096	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: servertest

0-2

2242

dhp->p = get_rfc3526_prime_4096(NULL);

never executed: dhp->p = get_rfc3526_prime_4096( ((void *)0) );

2243

else if (keylen >= 3072)

keylen >= 3072	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: servertest

0-2

2244

dhp->p = get_rfc3526_prime_3072(NULL);

never executed: dhp->p = get_rfc3526_prime_3072( ((void *)0) );

2245

else if (keylen >= 2048)

keylen >= 2048	Description
TRUE	evaluated 2 times by 1 test Evaluated by: servertest
FALSE	never evaluated

0-2

2246

dhp->p = get_rfc3526_prime_2048(NULL);

executed 2 times by 1 test: dhp->p = get_rfc3526_prime_2048( ((void *)0) );

Executed by:

servertest

2247

else if (keylen >= 1536)

keylen >= 1536	Description
TRUE	never evaluated
FALSE	never evaluated

2248

dhp->p = get_rfc3526_prime_1536(NULL);

never executed: dhp->p = get_rfc3526_prime_1536( ((void *)0) );

2249 else -

2250

dhp->p = get_rfc2409_prime_1024(NULL);

never executed: dhp->p = get_rfc2409_prime_1024( ((void *)0) );

2251 -

2252

if (dhp->p == NULL || dhp->g == NULL) {

dhp->p == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: servertest

dhp->g == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: servertest

0-2

2253 DH_free(dhp); -

2254

return (NULL);

never executed: return ( ((void *)0) );

2255 } -

2256

return (dhp);

executed 2 times by 1 test: return (dhp);

Executed by:

servertest

2257 } -

2258 -

2259 void -

2260 ssl_update_cache(SSL *s, int mode) -

2261 { -

2262 int i; -

2263 -

2264 /* -

2265 * If the session_id_length is 0, we are not supposed to cache it, -

2266 * and it would be rather hard to do anyway :-) -

2267 */ -

2268

if (s->session->session_id_length == 0)

s->session->se...id_length == 0	Description
TRUE	evaluated 67 times by 2 tests Evaluated by: ssltest tlstest
FALSE	evaluated 59 times by 1 test Evaluated by: ssltest

59-67

2269

return;

executed 67 times by 2 tests: return;

Executed by:

ssltest
tlstest

2270 -

2271 i = s->session_ctx->internal->session_cache_mode; -

2272

if ((i & mode) && (!s->internal->hit) && ((i & SSL_SESS_CACHE_NO_INTERNAL_STORE)

(i & mode)	Description
TRUE	never evaluated
FALSE	evaluated 59 times by 1 test Evaluated by: ssltest

(!s->internal->hit)	Description
TRUE	never evaluated
FALSE	never evaluated

(i & 0x0200)	Description
TRUE	never evaluated
FALSE	never evaluated

0-59

2273

|| SSL_CTX_add_session(s->session_ctx, s->session))

SSL_CTX_add_se...x, s->session)	Description
TRUE	never evaluated
FALSE	never evaluated

2274

&& (s->session_ctx->internal->new_session_cb != NULL)) {

(s->initial_ct... ((void *)0) )	Description
TRUE	never evaluated
FALSE	never evaluated

2275 CRYPTO_add(&s->session->references, 1, CRYPTO_LOCK_SSL_SESSION); -

2276

if (!s->session_ctx->internal->new_session_cb(s, s->session))

!s->initial_ct...s, s->session)	Description
TRUE	never evaluated
FALSE	never evaluated

2277

SSL_SESSION_free(s->session);

never executed: SSL_SESSION_free(s->session);

2278

}

never executed: end of block

2279 -

2280 /* auto flush every 255 connections */ -

2281

if ((!(i & SSL_SESS_CACHE_NO_AUTO_CLEAR)) &&

(!(i & 0x0080))	Description
TRUE	evaluated 59 times by 1 test Evaluated by: ssltest
FALSE	never evaluated

0-59

2282

((i & mode) == mode)) {

((i & mode) == mode)	Description
TRUE	never evaluated
FALSE	evaluated 59 times by 1 test Evaluated by: ssltest

0-59

2283

if ((((mode & SSL_SESS_CACHE_CLIENT) ?

(((mode & 0x00... 0xff) == 0xff	Description
TRUE	never evaluated
FALSE	never evaluated

(mode & 0x0001)	Description
TRUE	never evaluated
FALSE	never evaluated

2284

s->session_ctx->internal->stats.sess_connect_good :

(((mode & 0x00... 0xff) == 0xff	Description
TRUE	never evaluated
FALSE	never evaluated

2285

s->session_ctx->internal->stats.sess_accept_good) & 0xff) == 0xff) {

(((mode & 0x00... 0xff) == 0xff	Description
TRUE	never evaluated
FALSE	never evaluated

2286 SSL_CTX_flush_sessions(s->session_ctx, time(NULL)); -

2287

}

never executed: end of block

2288

}

never executed: end of block

2289

}

executed 59 times by 1 test: end of block

Executed by:

ssltest

2290 -

2291 const SSL_METHOD * -

2292 SSL_get_ssl_method(SSL *s) -

2293 { -

2294

return (s->method);

never executed: return (s->method);

2295 } -

2296 -

2297 int -

2298 SSL_set_ssl_method(SSL *s, const SSL_METHOD *meth) -

2299 { -

2300 int conn = -1; -

2301 int ret = 1; -

2302 -

2303

if (s->method != meth) {

s->method != meth	Description
TRUE	evaluated 9 times by 1 test Evaluated by: ssltest
FALSE	never evaluated

0-9

2304

if (s->internal->handshake_func != NULL)

s->internal->h...!= ((void *)0)	Description
TRUE	evaluated 9 times by 1 test Evaluated by: ssltest
FALSE	never evaluated

0-9

2305

conn = (s->internal->handshake_func == s->method->internal->ssl_connect);

executed 9 times by 1 test: conn = (s->internal->handshake_func == s->method->internal->ssl_connect);

Executed by:

ssltest

2306 -

2307

if (s->method->internal->version == meth->internal->version)

s->method->int...ernal->version	Description
TRUE	evaluated 9 times by 1 test Evaluated by: ssltest
FALSE	never evaluated

0-9

2308

s->method = meth;

executed 9 times by 1 test: s->method = meth;

Executed by:

ssltest

2309 else { -

2310 s->method->internal->ssl_free(s); -

2311 s->method = meth; -

2312 ret = s->method->internal->ssl_new(s); -

2313

}

never executed: end of block

2314 -

2315

if (conn == 1)

conn == 1	Description
TRUE	evaluated 9 times by 1 test Evaluated by: ssltest
FALSE	never evaluated

0-9

2316

s->internal->handshake_func = meth->internal->ssl_connect;

executed 9 times by 1 test: s->internal->handshake_func = meth->internal->ssl_connect;

Executed by:

ssltest

2317

else if (conn == 0)

conn == 0	Description
TRUE	never evaluated
FALSE	never evaluated

2318

s->internal->handshake_func = meth->internal->ssl_accept;

never executed: s->internal->handshake_func = meth->internal->ssl_accept;

2319

}

executed 9 times by 1 test: end of block

Executed by:

ssltest

2320

return (ret);

executed 9 times by 1 test: return (ret);

Executed by:

ssltest

2321 } -

2322 -

2323 int -

2324 SSL_get_error(const SSL *s, int i) -

2325 { -

2326 int reason; -

2327 unsigned long l; -

2328 BIO *bio; -

2329 -

2330

if (i > 0)

i > 0	Description
TRUE	evaluated 236 times by 1 test Evaluated by: ssltest
FALSE	evaluated 2908 times by 2 tests Evaluated by: ssltest tlstest

236-2908

2331

return (SSL_ERROR_NONE);

executed 236 times by 1 test: return (0);

Executed by:

ssltest

236

2332 -

2333 /* Make things return SSL_ERROR_SYSCALL when doing SSL_do_handshake -

2334 * etc, where we do encode the error */ -

2335

if ((l = ERR_peek_error()) != 0) {

(l = ERR_peek_error()) != 0	Description
TRUE	never evaluated
FALSE	evaluated 2908 times by 2 tests Evaluated by: ssltest tlstest

0-2908

2336

if (ERR_GET_LIB(l) == ERR_LIB_SYS)

(int)((((unsig...L)&0xffL) == 2	Description
TRUE	never evaluated
FALSE	never evaluated

2337

return (SSL_ERROR_SYSCALL);

never executed: return (5);

2338 else -

2339

return (SSL_ERROR_SSL);

never executed: return (1);

2340 } -

2341 -

2342

if ((i < 0) && SSL_want_read(s)) {

(i < 0)	Description
TRUE	evaluated 2908 times by 2 tests Evaluated by: ssltest tlstest
FALSE	never evaluated

(SSL_want(s) == 3)	Description
TRUE	evaluated 2346 times by 2 tests Evaluated by: ssltest tlstest
FALSE	evaluated 562 times by 2 tests Evaluated by: ssltest tlstest

0-2908

2343 bio = SSL_get_rbio(s); -

2344

if (BIO_should_read(bio)) {

BIO_test_flags(bio, 0x01)	Description
TRUE	evaluated 2346 times by 2 tests Evaluated by: ssltest tlstest
FALSE	never evaluated

0-2346

2345

return (SSL_ERROR_WANT_READ);

executed 2346 times by 2 tests: return (2);

Executed by:

ssltest
tlstest

2346

} else if (BIO_should_write(bio)) {

BIO_test_flags(bio, 0x02)	Description
TRUE	never evaluated
FALSE	never evaluated

2347 /* -

2348 * This one doesn't make too much sense... We never -

2349 * try to write to the rbio, and an application -

2350 * program where rbio and wbio are separate couldn't -

2351 * even know what it should wait for. However if we -

2352 * ever set s->internal->rwstate incorrectly (so that we have -

2353 * SSL_want_read(s) instead of SSL_want_write(s)) -

2354 * and rbio and wbio *are* the same, this test works -

2355 * around that bug; so it might be safer to keep it. -

2356 */ -

2357

return (SSL_ERROR_WANT_WRITE);

never executed: return (3);

2358

} else if (BIO_should_io_special(bio)) {

BIO_test_flags(bio, 0x04)	Description
TRUE	never evaluated
FALSE	never evaluated

2359 reason = BIO_get_retry_reason(bio); -

2360

if (reason == BIO_RR_CONNECT)

reason == 0x02	Description
TRUE	never evaluated
FALSE	never evaluated

2361

return (SSL_ERROR_WANT_CONNECT);

never executed: return (7);

2362

else if (reason == BIO_RR_ACCEPT)

reason == 0x03	Description
TRUE	never evaluated
FALSE	never evaluated

2363

return (SSL_ERROR_WANT_ACCEPT);

never executed: return (8);

2364 else -

2365

return (SSL_ERROR_SYSCALL); /* unknown */

never executed: return (5);

2366 } -

2367

}

never executed: end of block

2368 -

2369

if ((i < 0) && SSL_want_write(s)) {

(i < 0)	Description
TRUE	evaluated 562 times by 2 tests Evaluated by: ssltest tlstest
FALSE	never evaluated

(SSL_want(s) == 2)	Description
TRUE	evaluated 562 times by 2 tests Evaluated by: ssltest tlstest
FALSE	never evaluated

0-562

2370 bio = SSL_get_wbio(s); -

2371

if (BIO_should_write(bio)) {

BIO_test_flags(bio, 0x02)	Description
TRUE	evaluated 562 times by 2 tests Evaluated by: ssltest tlstest
FALSE	never evaluated

0-562

2372

return (SSL_ERROR_WANT_WRITE);

executed 562 times by 2 tests: return (3);

Executed by:

ssltest
tlstest

562

2373

} else if (BIO_should_read(bio)) {

BIO_test_flags(bio, 0x01)	Description
TRUE	never evaluated
FALSE	never evaluated

2374 /* -

2375 * See above (SSL_want_read(s) with -

2376 * BIO_should_write(bio)) -

2377 */ -

2378

return (SSL_ERROR_WANT_READ);

never executed: return (2);

2379

} else if (BIO_should_io_special(bio)) {

BIO_test_flags(bio, 0x04)	Description
TRUE	never evaluated
FALSE	never evaluated

2380 reason = BIO_get_retry_reason(bio); -

2381

if (reason == BIO_RR_CONNECT)

reason == 0x02	Description
TRUE	never evaluated
FALSE	never evaluated

2382

return (SSL_ERROR_WANT_CONNECT);

never executed: return (7);

2383

else if (reason == BIO_RR_ACCEPT)

reason == 0x03	Description
TRUE	never evaluated
FALSE	never evaluated

2384

return (SSL_ERROR_WANT_ACCEPT);

never executed: return (8);

2385 else -

2386

return (SSL_ERROR_SYSCALL);

never executed: return (5);

2387 } -

2388

}

never executed: end of block

2389

if ((i < 0) && SSL_want_x509_lookup(s)) {

(i < 0)	Description
TRUE	never evaluated
FALSE	never evaluated

(SSL_want(s) == 4)	Description
TRUE	never evaluated
FALSE	never evaluated

2390

return (SSL_ERROR_WANT_X509_LOOKUP);

never executed: return (4);

2391 } -

2392 -

2393

if (i == 0) {

i == 0	Description
TRUE	never evaluated
FALSE	never evaluated

2394

if ((s->internal->shutdown & SSL_RECEIVED_SHUTDOWN) &&

(s->internal->shutdown & 2)	Description
TRUE	never evaluated
FALSE	never evaluated

2395

(S3I(s)->warn_alert == SSL_AD_CLOSE_NOTIFY))

((s->s3->inter...rn_alert == 0)	Description
TRUE	never evaluated
FALSE	never evaluated

2396

return (SSL_ERROR_ZERO_RETURN);

never executed: return (6);

2397

}

never executed: end of block

2398

return (SSL_ERROR_SYSCALL);

never executed: return (5);

2399 } -

2400 -

2401 int -

2402 SSL_do_handshake(SSL *s) -

2403 { -

2404 int ret = 1; -

2405 -

2406

if (s->internal->handshake_func == NULL) {

s->internal->h...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

2407 SSLerror(s, SSL_R_CONNECTION_TYPE_NOT_SET); -

2408

return (-1);

never executed: return (-1);

2409 } -

2410 -

2411 s->method->internal->ssl_renegotiate_check(s); -

2412 -

2413

if (SSL_in_init(s) || SSL_in_before(s)) {

(SSL_state((s)...x1000\|0x2000))	Description
TRUE	never evaluated
FALSE	never evaluated

(SSL_state((s))&0x4000)	Description
TRUE	never evaluated
FALSE	never evaluated

2414 ret = s->internal->handshake_func(s); -

2415

}

never executed: end of block

2416

return (ret);

never executed: return (ret);

2417 } -

2418 -

2419 /* -

2420 * For the next 2 functions, SSL_clear() sets shutdown and so -

2421 * one of these calls will reset it -

2422 */ -

2423 void -

2424 SSL_set_accept_state(SSL *s) -

2425 { -

2426 s->server = 1; -

2427 s->internal->shutdown = 0; -

2428 S3I(s)->hs.state = SSL_ST_ACCEPT|SSL_ST_BEFORE; -

2429 s->internal->handshake_func = s->method->internal->ssl_accept; -

2430 ssl_clear_cipher_state(s); -

2431

}

executed 65 times by 3 tests: end of block

Executed by:

servertest
ssltest
tlstest

2432 -

2433 void -

2434 SSL_set_connect_state(SSL *s) -

2435 { -

2436 s->server = 0; -

2437 s->internal->shutdown = 0; -

2438 S3I(s)->hs.state = SSL_ST_CONNECT|SSL_ST_BEFORE; -

2439 s->internal->handshake_func = s->method->internal->ssl_connect; -

2440 ssl_clear_cipher_state(s); -

2441

}

executed 74 times by 3 tests: end of block

Executed by:

clienttest
ssltest
tlstest

2442 -

2443 int -

2444 ssl_undefined_function(SSL *s) -

2445 { -

2446 SSLerror(s, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); -

2447

return (0);

never executed: return (0);

2448 } -

2449 -

2450 int -

2451 ssl_undefined_void_function(void) -

2452 { -

2453 SSLerrorx(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); -

2454

return (0);

never executed: return (0);

2455 } -

2456 -

2457 int -

2458 ssl_undefined_const_function(const SSL *s) -

2459 { -

2460 SSLerror(s, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); -

2461

return (0);

never executed: return (0);

2462 } -

2463 -

2464 const char * -

2465 ssl_version_string(int ver) -

2466 { -

2467 switch (ver) { -

2468

case DTLS1_VERSION:

executed 11 times by 1 test: case 0xFEFF:

Executed by:

ssltest

2469

return (SSL_TXT_DTLS1);

executed 11 times by 1 test: return ("DTLSv1");

Executed by:

ssltest

2470

case TLS1_VERSION:

executed 18 times by 1 test: case 0x0301:

Executed by:

ssltest

2471

return (SSL_TXT_TLSV1);

executed 18 times by 1 test: return ("TLSv1");

Executed by:

ssltest

2472

case TLS1_1_VERSION:

never executed: case 0x0302:

2473

return (SSL_TXT_TLSV1_1);

never executed: return ("TLSv1.1");

2474

case TLS1_2_VERSION:

executed 38 times by 2 tests: case 0x0303:

Executed by:

ssltest
tlstest

2475

return (SSL_TXT_TLSV1_2);

executed 38 times by 2 tests: return ("TLSv1.2");

Executed by:

ssltest
tlstest

2476

default:

never executed: default:

2477

return ("unknown");

never executed: return ("unknown");

2478 } -

2479 } -

2480 -

2481 const char * -

2482 SSL_get_version(const SSL *s) -

2483 { -

2484

return ssl_version_string(s->version);

executed 67 times by 2 tests: return ssl_version_string(s->version);

Executed by:

ssltest
tlstest

2485 } -

2486 -

2487 SSL * -

2488 SSL_dup(SSL *s) -

2489 { -

2490 STACK_OF(X509_NAME) *sk; -

2491 X509_NAME *xn; -

2492 SSL *ret; -

2493 int i; -

2494 -

2495

if ((ret = SSL_new(SSL_get_SSL_CTX(s))) == NULL)

(ret = SSL_new...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

2496

goto err;

never executed: goto err;

2497 -

2498 ret->version = s->version; -

2499 ret->internal->type = s->internal->type; -

2500 ret->method = s->method; -

2501 -

2502

if (s->session != NULL) {

s->session != ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

2503

if (!SSL_copy_session_id(ret, s))

!SSL_copy_session_id(ret, s)	Description
TRUE	never evaluated
FALSE	never evaluated

2504

goto err;

never executed: goto err;

2505

} else {

never executed: end of block

2506 /* -

2507 * No session has been established yet, so we have to expect -

2508 * that s->cert or ret->cert will be changed later -- -

2509 * they should not both point to the same object, -

2510 * and thus we can't use SSL_copy_session_id. -

2511 */ -

2512 -

2513 ret->method->internal->ssl_free(ret); -

2514 ret->method = s->method; -

2515 ret->method->internal->ssl_new(ret); -

2516 -

2517

if (s->cert != NULL) {

s->cert != ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

2518 ssl_cert_free(ret->cert); -

2519 ret->cert = ssl_cert_dup(s->cert); -

2520

if (ret->cert == NULL)

ret->cert == ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

2521

goto err;

never executed: goto err;

2522

}

never executed: end of block

2523 -

2524

if (!SSL_set_session_id_context(ret, s->sid_ctx,

!SSL_set_sessi...id_ctx_length)	Description
TRUE	never evaluated
FALSE	never evaluated

2525

s->sid_ctx_length))

!SSL_set_sessi...id_ctx_length)	Description
TRUE	never evaluated
FALSE	never evaluated

2526

goto err;

never executed: goto err;

2527

}

never executed: end of block

2528 -

2529 ret->internal->options = s->internal->options; -

2530 ret->internal->mode = s->internal->mode; -

2531 SSL_set_max_cert_list(ret, SSL_get_max_cert_list(s)); -

2532 SSL_set_read_ahead(ret, SSL_get_read_ahead(s)); -

2533 ret->internal->msg_callback = s->internal->msg_callback; -

2534 ret->internal->msg_callback_arg = s->internal->msg_callback_arg; -

2535 SSL_set_verify(ret, SSL_get_verify_mode(s), -

2536 SSL_get_verify_callback(s)); -

2537 SSL_set_verify_depth(ret, SSL_get_verify_depth(s)); -

2538 ret->internal->generate_session_id = s->internal->generate_session_id; -

2539 -

2540 SSL_set_info_callback(ret, SSL_get_info_callback(s)); -

2541 -

2542 ret->internal->debug = s->internal->debug; -

2543 -

2544 /* copy app data, a little dangerous perhaps */ -

2545

if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_SSL,

!CRYPTO_dup_ex...rnal->ex_data)	Description
TRUE	never evaluated
FALSE	never evaluated

2546

&ret->internal->ex_data, &s->internal->ex_data))

!CRYPTO_dup_ex...rnal->ex_data)	Description
TRUE	never evaluated
FALSE	never evaluated

2547

goto err;

never executed: goto err;

2548 -

2549 /* setup rbio, and wbio */ -

2550

if (s->rbio != NULL) {

s->rbio != ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

2551

if (!BIO_dup_state(s->rbio,(char *)&ret->rbio))

!BIO_ctrl(s->r...*)&ret->rbio))	Description
TRUE	never evaluated
FALSE	never evaluated

2552

goto err;

never executed: goto err;

2553

}

never executed: end of block

2554

if (s->wbio != NULL) {

s->wbio != ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

2555

if (s->wbio != s->rbio) {

s->wbio != s->rbio	Description
TRUE	never evaluated
FALSE	never evaluated

2556

if (!BIO_dup_state(s->wbio,(char *)&ret->wbio))

!BIO_ctrl(s->w...*)&ret->wbio))	Description
TRUE	never evaluated
FALSE	never evaluated

2557

goto err;

never executed: goto err;

2558

} else

never executed: end of block

2559

ret->wbio = ret->rbio;

never executed: ret->wbio = ret->rbio;

2560 } -

2561 ret->internal->rwstate = s->internal->rwstate; -

2562 ret->internal->in_handshake = s->internal->in_handshake; -

2563 ret->internal->handshake_func = s->internal->handshake_func; -

2564 ret->server = s->server; -

2565 ret->internal->renegotiate = s->internal->renegotiate; -

2566 ret->internal->new_session = s->internal->new_session; -

2567 ret->internal->quiet_shutdown = s->internal->quiet_shutdown; -

2568 ret->internal->shutdown = s->internal->shutdown; -

2569 /* SSL_dup does not really work at any state, though */ -

2570 S3I(ret)->hs.state = S3I(s)->hs.state; -

2571 ret->internal->rstate = s->internal->rstate; -

2572 -

2573 /* -

2574 * Would have to copy ret->init_buf, ret->init_msg, ret->init_num, -

2575 * ret->init_off -

2576 */ -

2577 ret->internal->init_num = 0; -

2578 -

2579 ret->internal->hit = s->internal->hit; -

2580 -

2581 X509_VERIFY_PARAM_inherit(ret->param, s->param); -

2582 -

2583 /* dup the cipher_list and cipher_list_by_id stacks */ -

2584

if (s->cipher_list != NULL) {

s->cipher_list != ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

2585

if ((ret->cipher_list =

(ret->cipher_l...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

2586

sk_SSL_CIPHER_dup(s->cipher_list)) == NULL)

(ret->cipher_l...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

2587

goto err;

never executed: goto err;

2588

}

never executed: end of block

2589

if (s->internal->cipher_list_by_id != NULL) {

s->internal->c...!= ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

2590

if ((ret->internal->cipher_list_by_id =

(ret->internal...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

2591

sk_SSL_CIPHER_dup(s->internal->cipher_list_by_id)) == NULL)

(ret->internal...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

2592

goto err;

never executed: goto err;

2593

}

never executed: end of block

2594 -

2595 /* Dup the client_CA list */ -

2596

if (s->internal->client_CA != NULL) {

s->internal->c...!= ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

2597

if ((sk = sk_X509_NAME_dup(s->internal->client_CA)) == NULL) goto err;

never executed: goto err;

(sk = (struct ...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

2598 ret->internal->client_CA = sk; -

2599

for (i = 0; i < sk_X509_NAME_num(sk); i++) {

i < sk_num(((_...509_NAME*)0)))	Description
TRUE	never evaluated
FALSE	never evaluated

2600 xn = sk_X509_NAME_value(sk, i); -

2601

if (sk_X509_NAME_set(sk, i,

sk_set(((_STAC...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

2602

X509_NAME_dup(xn)) == NULL) {

sk_set(((_STAC...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

2603 X509_NAME_free(xn); -

2604

goto err;

never executed: goto err;

2605 } -

2606

}

never executed: end of block

2607

}

never executed: end of block

2608 -

2609

return ret;

never executed: return ret;

2610 err: -

2611 SSL_free(ret); -

2612

return NULL;

never executed: return ((void *)0) ;

2613 } -

2614 -

2615 void -

2616 ssl_clear_cipher_state(SSL *s) -

2617 { -

2618 ssl_clear_cipher_read_state(s); -

2619 ssl_clear_cipher_write_state(s); -

2620

}

executed 675 times by 11 tests: end of block

Executed by:

cipher_list
cipherstest
clienttest
libssl.so.46.0.1
servertest
ssl_versions
ssltest
tls_ext_alpn
tls_prf
tlsexttest
tlstest

675

2621 -

2622 void -

2623 ssl_clear_cipher_read_state(SSL *s) -

2624 { -

2625 EVP_CIPHER_CTX_free(s->enc_read_ctx); -

2626 s->enc_read_ctx = NULL; -

2627 EVP_MD_CTX_free(s->read_hash); -

2628 s->read_hash = NULL; -

2629 -

2630

if (s->internal->aead_read_ctx != NULL) {

s->internal->a...!= ((void *)0)	Description
TRUE	evaluated 46 times by 2 tests Evaluated by: ssltest tlstest
FALSE	evaluated 755 times by 11 tests Evaluated by: cipher_list cipherstest clienttest libssl.so.46.0.1 servertest ssl_versions ssltest tls_ext_alpn tls_prf tlsexttest tlstest

46-755

2631 EVP_AEAD_CTX_cleanup(&s->internal->aead_read_ctx->ctx); -

2632 free(s->internal->aead_read_ctx); -

2633 s->internal->aead_read_ctx = NULL; -

2634

}

executed 46 times by 2 tests: end of block

Executed by:

ssltest
tlstest

2635

}

executed 801 times by 11 tests: end of block

Executed by:

cipher_list
cipherstest
clienttest
libssl.so.46.0.1
servertest
ssl_versions
ssltest
tls_ext_alpn
tls_prf
tlsexttest
tlstest

801

2636 -

2637 void -

2638 ssl_clear_cipher_write_state(SSL *s) -

2639 { -

2640 EVP_CIPHER_CTX_free(s->internal->enc_write_ctx); -

2641 s->internal->enc_write_ctx = NULL; -

2642 EVP_MD_CTX_free(s->internal->write_hash); -

2643 s->internal->write_hash = NULL; -

2644 -

2645

if (s->internal->aead_write_ctx != NULL) {

s->internal->a...!= ((void *)0)	Description
TRUE	evaluated 46 times by 2 tests Evaluated by: ssltest tlstest
FALSE	evaluated 733 times by 11 tests Evaluated by: cipher_list cipherstest clienttest libssl.so.46.0.1 servertest ssl_versions ssltest tls_ext_alpn tls_prf tlsexttest tlstest

46-733

2646 EVP_AEAD_CTX_cleanup(&s->internal->aead_write_ctx->ctx); -

2647 free(s->internal->aead_write_ctx); -

2648 s->internal->aead_write_ctx = NULL; -

2649

}

executed 46 times by 2 tests: end of block

Executed by:

ssltest
tlstest

2650

}

executed 779 times by 11 tests: end of block

Executed by:

cipher_list
cipherstest
clienttest
libssl.so.46.0.1
servertest
ssl_versions
ssltest
tls_ext_alpn
tls_prf
tlsexttest
tlstest

779

2651 -

2652 /* Fix this function so that it takes an optional type parameter */ -

2653 X509 * -

2654 SSL_get_certificate(const SSL *s) -

2655 { -

2656

if (s->cert != NULL)

s->cert != ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

2657

return (s->cert->key->x509);

never executed: return (s->cert->key->x509);

2658 else -

2659

return (NULL);

never executed: return ( ((void *)0) );

2660 } -

2661 -

2662 /* Fix this function so that it takes an optional type parameter */ -

2663 EVP_PKEY * -

2664 SSL_get_privatekey(const SSL *s) -

2665 { -

2666

if (s->cert != NULL)

s->cert != ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

2667

return (s->cert->key->privatekey);

never executed: return (s->cert->key->privatekey);

2668 else -

2669

return (NULL);

never executed: return ( ((void *)0) );

2670 } -

2671 -

2672 const SSL_CIPHER * -

2673 SSL_get_current_cipher(const SSL *s) -

2674 { -

2675

if ((s->session != NULL) && (s->session->cipher != NULL))

(s->session != ((void *)0) )	Description
TRUE	evaluated 67 times by 2 tests Evaluated by: ssltest tlstest
FALSE	never evaluated

(s->session->c... ((void *)0) )	Description
TRUE	evaluated 67 times by 2 tests Evaluated by: ssltest tlstest
FALSE	never evaluated

0-67

2676

return (s->session->cipher);

executed 67 times by 2 tests: return (s->session->cipher);

Executed by:

ssltest
tlstest

2677

return (NULL);

never executed: return ( ((void *)0) );

2678 } -

2679 const void * -

2680 SSL_get_current_compression(SSL *s) -

2681 { -

2682

return (NULL);

never executed: return ( ((void *)0) );

2683 } -

2684 -

2685 const void * -

2686 SSL_get_current_expansion(SSL *s) -

2687 { -

2688

return (NULL);

never executed: return ( ((void *)0) );

2689 } -

2690 -

2691 size_t -

2692 SSL_get_client_random(const SSL *s, unsigned char *out, size_t max_out) -

2693 { -

2694 size_t len = sizeof(s->s3->client_random); -

2695 -

2696

if (out == NULL)

out == ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

2697

return len;

never executed: return len;

2698 -

2699

if (len > max_out)

len > max_out	Description
TRUE	never evaluated
FALSE	never evaluated

2700

len = max_out;

never executed: len = max_out;

2701 -

2702 memcpy(out, s->s3->client_random, len); -

2703 -

2704

return len;

never executed: return len;

2705 } -

2706 -

2707 size_t -

2708 SSL_get_server_random(const SSL *s, unsigned char *out, size_t max_out) -

2709 { -

2710 size_t len = sizeof(s->s3->server_random); -

2711 -

2712

if (out == NULL)

out == ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

2713

return len;

never executed: return len;

2714 -

2715

if (len > max_out)

len > max_out	Description
TRUE	never evaluated
FALSE	never evaluated

2716

len = max_out;

never executed: len = max_out;

2717 -

2718 memcpy(out, s->s3->server_random, len); -

2719 -

2720

return len;

never executed: return len;

2721 } -

2722 -

2723 int -

2724 ssl_init_wbio_buffer(SSL *s, int push) -

2725 { -

2726 BIO *bbio; -

2727 -

2728

if (s->bbio == NULL) {

s->bbio == ((void *)0)	Description
TRUE	evaluated 139 times by 4 tests Evaluated by: clienttest servertest ssltest tlstest
FALSE	never evaluated

0-139

2729 bbio = BIO_new(BIO_f_buffer()); -

2730

if (bbio == NULL)

bbio == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 139 times by 4 tests Evaluated by: clienttest servertest ssltest tlstest

0-139

2731

return (0);

never executed: return (0);

2732 s->bbio = bbio; -

2733

} else {

executed 139 times by 4 tests: end of block

Executed by:

clienttest
servertest
ssltest
tlstest

139

2734 bbio = s->bbio; -

2735

if (s->bbio == s->wbio)

s->bbio == s->wbio	Description
TRUE	never evaluated
FALSE	never evaluated

2736

s->wbio = BIO_pop(s->wbio);

never executed: s->wbio = BIO_pop(s->wbio);

2737

}

never executed: end of block

2738 (void)BIO_reset(bbio); -

2739 /* if (!BIO_set_write_buffer_size(bbio,16*1024)) */ -

2740

if (!BIO_set_read_buffer_size(bbio, 1)) {

!BIO_int_ctrl(bbio,117,1,0)	Description
TRUE	never evaluated
FALSE	evaluated 139 times by 4 tests Evaluated by: clienttest servertest ssltest tlstest

0-139

2741 SSLerror(s, ERR_R_BUF_LIB); -

2742

return (0);

never executed: return (0);

2743 } -

2744

if (push) {

push	Description
TRUE	evaluated 65 times by 3 tests Evaluated by: servertest ssltest tlstest
FALSE	evaluated 74 times by 3 tests Evaluated by: clienttest ssltest tlstest

65-74

2745

if (s->wbio != bbio)

s->wbio != bbio	Description
TRUE	evaluated 65 times by 3 tests Evaluated by: servertest ssltest tlstest
FALSE	never evaluated

0-65

2746

s->wbio = BIO_push(bbio, s->wbio);

executed 65 times by 3 tests: s->wbio = BIO_push(bbio, s->wbio);

Executed by:

servertest
ssltest
tlstest

2747

} else {

executed 65 times by 3 tests: end of block

Executed by:

servertest
ssltest
tlstest

2748

if (s->wbio == bbio)

s->wbio == bbio	Description
TRUE	never evaluated
FALSE	evaluated 74 times by 3 tests Evaluated by: clienttest ssltest tlstest

0-74

2749

s->wbio = BIO_pop(bbio);

never executed: s->wbio = BIO_pop(bbio);

2750

}

executed 74 times by 3 tests: end of block

Executed by:

clienttest
ssltest
tlstest

2751

return (1);

executed 139 times by 4 tests: return (1);

Executed by:

clienttest
servertest
ssltest
tlstest

139

2752 } -

2753 -

2754 void -

2755 ssl_free_wbio_buffer(SSL *s) -

2756 { -

2757

if (s == NULL)

s == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 871 times by 11 tests Evaluated by: cipher_list cipherstest clienttest libssl.so.46.0.1 servertest ssl_versions ssltest tls_ext_alpn tls_prf tlsexttest tlstest

0-871

2758

return;

never executed: return;

2759 -

2760

if (s->bbio == NULL)

s->bbio == ((void *)0)	Description
TRUE	evaluated 745 times by 11 tests Evaluated by: cipher_list cipherstest clienttest libssl.so.46.0.1 servertest ssl_versions ssltest tls_ext_alpn tls_prf tlsexttest tlstest
FALSE	evaluated 126 times by 2 tests Evaluated by: ssltest tlstest

126-745

2761

return;

executed 745 times by 11 tests: return;

Executed by:

cipher_list
cipherstest
clienttest
libssl.so.46.0.1
servertest
ssl_versions
ssltest
tls_ext_alpn
tls_prf
tlsexttest
tlstest

745

2762 -

2763

if (s->bbio == s->wbio) {

s->bbio == s->wbio	Description
TRUE	evaluated 126 times by 2 tests Evaluated by: ssltest tlstest
FALSE	never evaluated

0-126

2764 /* remove buffering */ -

2765 s->wbio = BIO_pop(s->wbio); -

2766

}

executed 126 times by 2 tests: end of block

Executed by:

ssltest
tlstest

126

2767 BIO_free(s->bbio); -

2768 s->bbio = NULL; -

2769

}

executed 126 times by 2 tests: end of block

Executed by:

ssltest
tlstest

126

2770 -

2771 void -

2772 SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx, int mode) -

2773 { -

2774 ctx->internal->quiet_shutdown = mode; -

2775

}

never executed: end of block

2776 -

2777 int -

2778 SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx) -

2779 { -

2780

return (ctx->internal->quiet_shutdown);

never executed: return (ctx->internal->quiet_shutdown);

2781 } -

2782 -

2783 void -

2784 SSL_set_quiet_shutdown(SSL *s, int mode) -

2785 { -

2786 s->internal->quiet_shutdown = mode; -

2787

}

never executed: end of block

2788 -

2789 int -

2790 SSL_get_quiet_shutdown(const SSL *s) -

2791 { -

2792

return (s->internal->quiet_shutdown);

never executed: return (s->internal->quiet_shutdown);

2793 } -

2794 -

2795 void -

2796 SSL_set_shutdown(SSL *s, int mode) -

2797 { -

2798 s->internal->shutdown = mode; -

2799

}

never executed: end of block

2800 -

2801 int -

2802 SSL_get_shutdown(const SSL *s) -

2803 { -

2804

return (s->internal->shutdown);

never executed: return (s->internal->shutdown);

2805 } -

2806 -

2807 int -

2808 SSL_version(const SSL *s) -

2809 { -

2810

return (s->version);

never executed: return (s->version);

2811 } -

2812 -

2813 SSL_CTX * -

2814 SSL_get_SSL_CTX(const SSL *ssl) -

2815 { -

2816

return (ssl->ctx);

never executed: return (ssl->ctx);

2817 } -

2818 -

2819 SSL_CTX * -

2820 SSL_set_SSL_CTX(SSL *ssl, SSL_CTX* ctx) -

2821 { -

2822 CERT *ocert = ssl->cert; -

2823 -

2824

if (ssl->ctx == ctx)

ssl->ctx == ctx	Description
TRUE	never evaluated
FALSE	never evaluated

2825

return (ssl->ctx);

never executed: return (ssl->ctx);

2826

if (ctx == NULL)

ctx == ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

2827

ctx = ssl->initial_ctx;

never executed: ctx = ssl->initial_ctx;

2828 ssl->cert = ssl_cert_dup(ctx->internal->cert); -

2829

if (ocert != NULL) {

ocert != ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

2830 int i; -

2831 /* Copy negotiated digests from original certificate. */ -

2832

for (i = 0; i < SSL_PKEY_NUM; i++)

i < 5	Description
TRUE	never evaluated
FALSE	never evaluated

2833

ssl->cert->pkeys[i].digest = ocert->pkeys[i].digest;

never executed: ssl->cert->pkeys[i].digest = ocert->pkeys[i].digest;

2834 ssl_cert_free(ocert); -

2835

}

never executed: end of block

2836 CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX); -

2837 SSL_CTX_free(ssl->ctx); /* decrement reference count */ -

2838 ssl->ctx = ctx; -

2839

return (ssl->ctx);

never executed: return (ssl->ctx);

2840 } -

2841 -

2842 int -

2843 SSL_CTX_set_default_verify_paths(SSL_CTX *ctx) -

2844 { -

2845

return (X509_STORE_set_default_paths(ctx->cert_store));

executed 20 times by 1 test: return (X509_STORE_set_default_paths(ctx->cert_store));

Executed by:

ssltest

2846 } -

2847 -

2848 int -

2849 SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile, -

2850 const char *CApath) -

2851 { -

2852

return (X509_STORE_load_locations(ctx->cert_store, CAfile, CApath));

executed 60 times by 1 test: return (X509_STORE_load_locations(ctx->cert_store, CAfile, CApath));

Executed by:

ssltest

2853 } -

2854 -

2855 int -

2856 SSL_CTX_load_verify_mem(SSL_CTX *ctx, void *buf, int len) -

2857 { -

2858

return (X509_STORE_load_mem(ctx->cert_store, buf, len));

executed 4 times by 1 test: return (X509_STORE_load_mem(ctx->cert_store, buf, len));

Executed by:

tlstest

2859 } -

2860 -

2861 void -

2862 SSL_set_info_callback(SSL *ssl, void (*cb)(const SSL *ssl, int type, int val)) -

2863 { -

2864 ssl->internal->info_callback = cb; -

2865

}

never executed: end of block

2866 -

2867 void (*SSL_get_info_callback(const SSL *ssl))(const SSL *ssl, int type, int val) -

2868 { -

2869

return (ssl->internal->info_callback);

never executed: return (ssl->internal->info_callback);

2870 } -

2871 -

2872 int -

2873 SSL_state(const SSL *ssl) -

2874 { -

2875

return (S3I(ssl)->hs.state);

executed 10305 times by 5 tests: return ((ssl->s3->internal)->hs.state);

Executed by:

clienttest
servertest
ssltest
tlsexttest
tlstest

10305

2876 } -

2877 -

2878 void -

2879 SSL_set_state(SSL *ssl, int state) -

2880 { -

2881 S3I(ssl)->hs.state = state; -

2882

}

never executed: end of block

2883 -

2884 void -

2885 SSL_set_verify_result(SSL *ssl, long arg) -

2886 { -

2887 ssl->verify_result = arg; -

2888

}

never executed: end of block

2889 -

2890 long -

2891 SSL_get_verify_result(const SSL *ssl) -

2892 { -

2893

return (ssl->verify_result);

never executed: return (ssl->verify_result);

2894 } -

2895 -

2896 int -

2897 SSL_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, -

2898 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) -

2899 { -

2900

return (CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL, argl, argp,

never executed: return (CRYPTO_get_ex_new_index(1, argl, argp, new_func, dup_func, free_func));

2901

new_func, dup_func, free_func));

never executed: return (CRYPTO_get_ex_new_index(1, argl, argp, new_func, dup_func, free_func));

2902 } -

2903 -

2904 int -

2905 SSL_set_ex_data(SSL *s, int idx, void *arg) -

2906 { -

2907

return (CRYPTO_set_ex_data(&s->internal->ex_data, idx, arg));

executed 8 times by 1 test: return (CRYPTO_set_ex_data(&s->internal->ex_data, idx, arg));

Executed by:

tlstest

2908 } -

2909 -

2910 void * -

2911 SSL_get_ex_data(const SSL *s, int idx) -

2912 { -

2913

return (CRYPTO_get_ex_data(&s->internal->ex_data, idx));

executed 12 times by 1 test: return (CRYPTO_get_ex_data(&s->internal->ex_data, idx));

Executed by:

tlstest

2914 } -

2915 -

2916 int -

2917 SSL_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, -

2918 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) -

2919 { -

2920

return (CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_CTX, argl, argp,

never executed: return (CRYPTO_get_ex_new_index(2, argl, argp, new_func, dup_func, free_func));

2921

new_func, dup_func, free_func));

never executed: return (CRYPTO_get_ex_new_index(2, argl, argp, new_func, dup_func, free_func));

2922 } -

2923 -

2924 int -

2925 SSL_CTX_set_ex_data(SSL_CTX *s, int idx, void *arg) -

2926 { -

2927

return (CRYPTO_set_ex_data(&s->internal->ex_data, idx, arg));

never executed: return (CRYPTO_set_ex_data(&s->internal->ex_data, idx, arg));

2928 } -

2929 -

2930 void * -

2931 SSL_CTX_get_ex_data(const SSL_CTX *s, int idx) -

2932 { -

2933

return (CRYPTO_get_ex_data(&s->internal->ex_data, idx));

never executed: return (CRYPTO_get_ex_data(&s->internal->ex_data, idx));

2934 } -

2935 -

2936 int -

2937 ssl_ok(SSL *s) -

2938 { -

2939

return (1);

never executed: return (1);

2940 } -

2941 -

2942 X509_STORE * -

2943 SSL_CTX_get_cert_store(const SSL_CTX *ctx) -

2944 { -

2945

return (ctx->cert_store);

never executed: return (ctx->cert_store);

2946 } -

2947 -

2948 void -

2949 SSL_CTX_set_cert_store(SSL_CTX *ctx, X509_STORE *store) -

2950 { -

2951 X509_STORE_free(ctx->cert_store); -

2952 ctx->cert_store = store; -

2953

}

never executed: end of block

2954 -

2955 X509 * -

2956 SSL_CTX_get0_certificate(const SSL_CTX *ctx) -

2957 { -

2958

if (ctx->internal->cert == NULL)

ctx->internal-...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

2959

return NULL;

never executed: return ((void *)0) ;

2960 -

2961

return ctx->internal->cert->key->x509;

never executed: return ctx->internal->cert->key->x509;

2962 } -

2963 -

2964 int -

2965 SSL_want(const SSL *s) -

2966 { -

2967

return (s->internal->rwstate);

executed 3470 times by 2 tests: return (s->internal->rwstate);

Executed by:

ssltest
tlstest

3470

2968 } -

2969 -

2970 void -

2971 SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx, RSA *(*cb)(SSL *ssl, int is_export, -

2972 int keylength)) -

2973 { -

2974 SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_RSA_CB,(void (*)(void))cb); -

2975

}

executed 50 times by 1 test: end of block

Executed by:

ssltest

2976 -

2977 void -

2978 SSL_set_tmp_rsa_callback(SSL *ssl, RSA *(*cb)(SSL *ssl, int is_export, -

2979 int keylength)) -

2980 { -

2981 SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_RSA_CB,(void (*)(void))cb); -

2982

}

never executed: end of block

2983 -

2984 void -

2985 SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx, DH *(*dh)(SSL *ssl, int is_export, -

2986 int keylength)) -

2987 { -

2988 SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_DH_CB,(void (*)(void))dh); -

2989

}

never executed: end of block

2990 -

2991 void -

2992 SSL_set_tmp_dh_callback(SSL *ssl, DH *(*dh)(SSL *ssl, int is_export, -

2993 int keylength)) -

2994 { -

2995 SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_DH_CB,(void (*)(void))dh); -

2996

}

never executed: end of block

2997 -

2998 void -

2999 SSL_CTX_set_tmp_ecdh_callback(SSL_CTX *ctx, EC_KEY *(*ecdh)(SSL *ssl, -

3000 int is_export, int keylength)) -

3001 { -

3002 SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_ECDH_CB, -

3003 (void (*)(void))ecdh); -

3004

}

never executed: end of block

3005 -

3006 void -

3007 SSL_set_tmp_ecdh_callback(SSL *ssl, EC_KEY *(*ecdh)(SSL *ssl, int is_export, -

3008 int keylength)) -

3009 { -

3010 SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_ECDH_CB,(void (*)(void))ecdh); -

3011

}

never executed: end of block

3012 -

3013 -

3014 void -

3015 SSL_CTX_set_msg_callback(SSL_CTX *ctx, void (*cb)(int write_p, int version, -

3016 int content_type, const void *buf, size_t len, SSL *ssl, void *arg)) -

3017 { -

3018 SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_MSG_CALLBACK, -

3019 (void (*)(void))cb); -

3020

}

never executed: end of block

3021 -

3022 void -

3023 SSL_set_msg_callback(SSL *ssl, void (*cb)(int write_p, int version, -

3024 int content_type, const void *buf, size_t len, SSL *ssl, void *arg)) -

3025 { -

3026 SSL_callback_ctrl(ssl, SSL_CTRL_SET_MSG_CALLBACK, (void (*)(void))cb); -

3027

}

never executed: end of block

3028 -

3029 void -

3030 SSL_set_debug(SSL *s, int debug) -

3031 { -

3032 s->internal->debug = debug; -

3033

}

never executed: end of block

3034 -

3035 int -

3036 SSL_cache_hit(SSL *s) -

3037 { -

3038

return (s->internal->hit);

never executed: return (s->internal->hit);

3039 } -

3040 -

3041 int -

3042 SSL_CTX_get_min_proto_version(SSL_CTX *ctx) -

3043 { -

3044

return ctx->internal->min_version;

executed 15 times by 1 test: return ctx->internal->min_version;

Executed by:

ssl_versions

3045 } -

3046 -

3047 int -

3048 SSL_CTX_set_min_proto_version(SSL_CTX *ctx, uint16_t version) -

3049 { -

3050

return ssl_version_set_min(ctx->method, version,

executed 20 times by 1 test: return ssl_version_set_min(ctx->method, version, ctx->internal->max_version, &ctx->internal->min_version);

Executed by:

ssl_versions

3051

ctx->internal->max_version, &ctx->internal->min_version);

executed 20 times by 1 test: return ssl_version_set_min(ctx->method, version, ctx->internal->max_version, &ctx->internal->min_version);

Executed by:

ssl_versions

3052 } -

3053 -

3054 int -

3055 SSL_CTX_get_max_proto_version(SSL_CTX *ctx) -

3056 { -

3057

return ctx->internal->max_version;

executed 15 times by 1 test: return ctx->internal->max_version;

Executed by:

ssl_versions

3058 } -

3059 -

3060 int -

3061 SSL_CTX_set_max_proto_version(SSL_CTX *ctx, uint16_t version) -

3062 { -

3063

return ssl_version_set_max(ctx->method, version,

executed 18 times by 1 test: return ssl_version_set_max(ctx->method, version, ctx->internal->min_version, &ctx->internal->max_version);

Executed by:

ssl_versions

3064

ctx->internal->min_version, &ctx->internal->max_version);

executed 18 times by 1 test: return ssl_version_set_max(ctx->method, version, ctx->internal->min_version, &ctx->internal->max_version);

Executed by:

ssl_versions

3065 } -

3066 -

3067 int -

3068 SSL_get_min_proto_version(SSL *ssl) -

3069 { -

3070

return ssl->internal->min_version;

executed 30 times by 1 test: return ssl->internal->min_version;

Executed by:

ssl_versions

3071 } -

3072 -

3073 int -

3074 SSL_set_min_proto_version(SSL *ssl, uint16_t version) -

3075 { -

3076

return ssl_version_set_min(ssl->method, version,

executed 15 times by 1 test: return ssl_version_set_min(ssl->method, version, ssl->internal->max_version, &ssl->internal->min_version);

Executed by:

ssl_versions

3077

ssl->internal->max_version, &ssl->internal->min_version);

executed 15 times by 1 test: return ssl_version_set_min(ssl->method, version, ssl->internal->max_version, &ssl->internal->min_version);

Executed by:

ssl_versions

3078 } -

3079 int -

3080 SSL_get_max_proto_version(SSL *ssl) -

3081 { -

3082

return ssl->internal->max_version;

executed 30 times by 1 test: return ssl->internal->max_version;

Executed by:

ssl_versions

3083 } -

3084 -

3085 int -

3086 SSL_set_max_proto_version(SSL *ssl, uint16_t version) -

3087 { -

3088

return ssl_version_set_max(ssl->method, version,

executed 15 times by 1 test: return ssl_version_set_max(ssl->method, version, ssl->internal->min_version, &ssl->internal->max_version);

Executed by:

ssl_versions

3089

ssl->internal->min_version, &ssl->internal->max_version);

executed 15 times by 1 test: return ssl_version_set_max(ssl->method, version, ssl->internal->min_version, &ssl->internal->max_version);

Executed by:

ssl_versions

3090 } -

3091 -

3092 static int -

3093 ssl_cipher_id_cmp_BSEARCH_CMP_FN(const void *a_, const void *b_) -

3094 { -

3095 SSL_CIPHER const *a = a_; -

3096 SSL_CIPHER const *b = b_; -

3097

return ssl_cipher_id_cmp(a, b);

executed 9335 times by 7 tests: return ssl_cipher_id_cmp(a, b);

Executed by:

cipher_list
cipherstest
servertest
ssltest
tls_prf
tlsexttest
tlstest

9335

3098 } -

3099 -

3100 SSL_CIPHER * -

3101 OBJ_bsearch_ssl_cipher_id(SSL_CIPHER *key, SSL_CIPHER const *base, int num) -

3102 { -

3103

return (SSL_CIPHER *)OBJ_bsearch_(key, base, num, sizeof(SSL_CIPHER),

executed 1778 times by 7 tests: return (SSL_CIPHER *)OBJ_bsearch_(key, base, num, sizeof(SSL_CIPHER), ssl_cipher_id_cmp_BSEARCH_CMP_FN);

Executed by:

cipher_list
cipherstest
servertest
ssltest
tls_prf
tlsexttest
tlstest

1778

3104

ssl_cipher_id_cmp_BSEARCH_CMP_FN);

executed 1778 times by 7 tests: return (SSL_CIPHER *)OBJ_bsearch_(key, base, num, sizeof(SSL_CIPHER), ssl_cipher_id_cmp_BSEARCH_CMP_FN);

Executed by:

cipher_list
cipherstest
servertest
ssltest
tls_prf
tlsexttest
tlstest

1778

3105 } -

Source code

Switch to Preprocessed file

Generated by Squish Coco 4.2.2