OpenCoverage

tls_server.c

Absolute File Name:/home/opencoverage/opencoverage/guest-scripts/libressl/src/tls/tls_server.c
Switch to Source codePreprocessed file
LineSourceCount
1-
2-
3-
4-
5struct tls *-
6tls_server(void)-
7{-
8 struct tls *ctx;-
9-
10 if (tls_init() == -1
tls_init() == -1Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • tlstest
)		0-2
11 return
never executed: return ( ((void *)0) );
 (
never executed: return ( ((void *)0) );
0
12 ((void *)0)
never executed: return ( ((void *)0) );
0
13 );
never executed: return ( ((void *)0) );
0
14-
15 if ((
(ctx = tls_new...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • tlstest
ctx = tls_new()) ==
(ctx = tls_new...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • tlstest
0-2
16 ((void *)0)
(ctx = tls_new...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • tlstest
0-2
17 )-
18 return
never executed: return ( ((void *)0) );
 (
never executed: return ( ((void *)0) );
0
19 ((void *)0)
never executed: return ( ((void *)0) );
0
20 );
never executed: return ( ((void *)0) );
0
21-
22 ctx->flags |= (1 << 1);-
23-
24 return
executed 2 times by 1 test: return (ctx);
Executed by:
  • tlstest
 (ctx);
executed 2 times by 1 test: return (ctx);
Executed by:
  • tlstest
2
25}-
26-
27struct tls *-
28tls_server_conn(struct tls *ctx)-
29{-
30 struct tls *conn_ctx;-
31-
32 if ((
(conn_ctx = tl...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
conn_ctx = tls_new()) ==
(conn_ctx = tl...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
0-4
33 ((void *)0)
(conn_ctx = tl...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
0-4
34 )-
35 return
never executed: return ( ((void *)0) );
 (
never executed: return ( ((void *)0) );
0
36 ((void *)0)
never executed: return ( ((void *)0) );
0
37 );
never executed: return ( ((void *)0) );
0
38-
39 conn_ctx->flags |= (1 << 2);-
40-
41 ctx->config->refcount++;-
42-
43 conn_ctx->config = ctx->config;-
44 conn_ctx->keypair = ctx->config->keypair;-
45-
46 return
executed 4 times by 1 test: return (conn_ctx);
Executed by:
  • tlstest
 (conn_ctx);
executed 4 times by 1 test: return (conn_ctx);
Executed by:
  • tlstest
4
47}-
48-
49static int-
50tls_server_alpn_cb(SSL *ssl, const unsigned char **out, unsigned char *outlen,-
51 const unsigned char *in, unsigned int inlen, void *arg)-
52{-
53 struct tls *ctx = arg;-
54-
55 if (SSL_select_next_proto((unsigned char**)out, outlen,
SSL_select_nex...n, inlen) == 1Description
TRUEnever evaluated
FALSEnever evaluated
0
56 ctx->config->alpn, ctx->config->alpn_len, in, inlen) ==
SSL_select_nex...n, inlen) == 1Description
TRUEnever evaluated
FALSEnever evaluated
0
57 1
SSL_select_nex...n, inlen) == 1Description
TRUEnever evaluated
FALSEnever evaluated
)		0
58 return
never executed: return (0);
 (0);
never executed: return (0);
0
59-
60 return
never executed: return (3);
 (3);
never executed: return (3);
0
61}-
62-
63static int-
64tls_servername_cb(SSL *ssl, int *al, void *arg)-
65{-
66 struct tls *ctx = (struct tls *)arg;-
67 struct tls_sni_ctx *sni_ctx;-
68 union tls_addr addrbuf;-
69 struct tls *conn_ctx;-
70 const char *name;-
71 int match;-
72-
73 if ((
(conn_ctx = (S...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
conn_ctx = (SSL_get_ex_data(ssl,0))) ==
(conn_ctx = (S...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
0-4
74 ((void *)0)
(conn_ctx = (S...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
0-4
75 )-
76 goto
never executed: goto err;
 err;
never executed: goto err;
0
77-
78 if ((
(name = SSL_ge...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
name = SSL_get_servername(ssl, 0)) ==
(name = SSL_ge...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
0-4
79
(name = SSL_ge...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
0-4
80 ((void *)0)
(name = SSL_ge...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
0-4
81 ) {-
82-
83-
84-
85-
86 return
never executed: return (3);
 (3);
never executed: return (3);
0
87 }-
88 if (inet_pton(
inet_pton( 2 ,...&addrbuf) == 1Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
0-4
89 2
inet_pton( 2 ,...&addrbuf) == 1Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
0-4
90 , name, &addrbuf) == 1
inet_pton( 2 ,...&addrbuf) == 1Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
 ||		0-4
91 inet_pton(
inet_pton( 10 ...&addrbuf) == 1Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
0-4
92 10
inet_pton( 10 ...&addrbuf) == 1Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
0-4
93 , name, &addrbuf) == 1
inet_pton( 10 ...&addrbuf) == 1Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
)		0-4
94 return
never executed: return (3);
 (3);
never executed: return (3);
0
95-
96 free((char *)conn_ctx->servername);-
97 if ((
(conn_ctx->ser...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
conn_ctx->servername =
(conn_ctx->ser...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
0-4
98 (__extension__ (__builtin_constant_p (
__builtin_constant_p ( name )Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
(conn_ctx->ser...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
0-4
99 name
__builtin_constant_p ( name )Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
(conn_ctx->ser...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
0-4
100 )
__builtin_constant_p ( name )Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
 && ((
((size_t)(cons...( name ) == 1)Description
TRUEnever evaluated
FALSEnever evaluated
size_t)(const void *)((
((size_t)(cons...( name ) == 1)Description
TRUEnever evaluated
FALSEnever evaluated
(conn_ctx->ser...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
0-4
101 name
((size_t)(cons...( name ) == 1)Description
TRUEnever evaluated
FALSEnever evaluated
(conn_ctx->ser...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
0-4
102 ) + 1) - (size_t)(const void *)(
((size_t)(cons...( name ) == 1)Description
TRUEnever evaluated
FALSEnever evaluated
(conn_ctx->ser...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
0-4
103 name
((size_t)(cons...( name ) == 1)Description
TRUEnever evaluated
FALSEnever evaluated
(conn_ctx->ser...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
0-4
104 ) == 1)
((size_t)(cons...( name ) == 1)Description
TRUEnever evaluated
FALSEnever evaluated
 ? (((const
((const char *... ))[0] == '\0'Description
TRUEnever evaluated
FALSEnever evaluated
 char *) (
((const char *... ))[0] == '\0'Description
TRUEnever evaluated
FALSEnever evaluated
(conn_ctx->ser...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
0-4
105 name
((const char *... ))[0] == '\0'Description
TRUEnever evaluated
FALSEnever evaluated
(conn_ctx->ser...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
0-4
106 ))[0] == '\0'
((const char *... ))[0] == '\0'Description
TRUEnever evaluated
FALSEnever evaluated
 ? (char *) calloc ((size_t) 1, (size_t) 1) : ({ size_t __len = strlen (
(conn_ctx->ser...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
0-4
107 name
(conn_ctx->ser...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
0-4
108 ) + 1; char *__retval = (char *) malloc (__len); if (__retval != ((void *)0)
__retval != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
) __retval = (char *) memcpy (__retval,
never executed: __retval = (char *) memcpy (__retval, name , __len);
(conn_ctx->ser...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
0-4
109 name
(conn_ctx->ser...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
never executed: __retval = (char *) memcpy (__retval, name , __len);
0-4
110 , __len);
(conn_ctx->ser...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
never executed: __retval = (char *) memcpy (__retval, name , __len);
 __retval; })) : __strdup (
(conn_ctx->ser...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
0-4
111 name
(conn_ctx->ser...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
0-4
112 )))
(conn_ctx->ser...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
0-4
113 ) ==
(conn_ctx->ser...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
0-4
114 ((void *)0)
(conn_ctx->ser...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
0-4
115 )-
116 goto
never executed: goto err;
 err;
never executed: goto err;
0
117-
118-
119 for (sni_ctx = ctx->sni_ctx; sni_ctx !=
sni_ctx != ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
0-4
120 ((void *)0)
sni_ctx != ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
0-4
121 ; sni_ctx = sni_ctx->next) {-
122 if (tls_check_name(ctx, sni_ctx->ssl_cert, name,
tls_check_name... &match) == -1Description
TRUEnever evaluated
FALSEnever evaluated
0
123 &match) == -1
tls_check_name... &match) == -1Description
TRUEnever evaluated
FALSEnever evaluated
)		0
124 goto
never executed: goto err;
 err;
never executed: goto err;
0
125 if (match
matchDescription
TRUEnever evaluated
FALSEnever evaluated
) {		0
126 conn_ctx->keypair = sni_ctx->keypair;-
127 SSL_set_SSL_CTX(conn_ctx->ssl_conn, sni_ctx->ssl_ctx);-
128 return
never executed: return (0);
 (0);
never executed: return (0);
0
129 }-
130 }
never executed: end of block
0
131-
132-
133 return
executed 4 times by 1 test: return (0);
Executed by:
  • tlstest
 (0);
executed 4 times by 1 test: return (0);
Executed by:
  • tlstest
4
134-
135 err:-
136-
137-
138-
139-
140 *al = 80;-
141 return
never executed: return (2);
 (2);
never executed: return (2);
0
142}-
143-
144static struct tls_ticket_key *-
145tls_server_ticket_key(struct tls_config *config, unsigned char *keyname)-
146{-
147 struct tls_ticket_key *key = -
148 ((void *)0)-
149 ;-
150 time_t now;-
151 int i;-
152-
153 now = time(-
154 ((void *)0)-
155 );-
156 if (config->ticket_autorekey == 1
config->ticket_autorekey == 1Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
157 if (now - 3 * (config->session_lifetime / 4) >
now - 3 * (con...t_keys[0].timeDescription
TRUEnever evaluated
FALSEnever evaluated
0
158 config->ticket_keys[0].time
now - 3 * (con...t_keys[0].timeDescription
TRUEnever evaluated
FALSEnever evaluated
) {		0
159 if (tls_config_ticket_autorekey(config) == -1
tls_config_tic...(config) == -1Description
TRUEnever evaluated
FALSEnever evaluated
)		0
160 return
never executed: return ( ((void *)0) );
 (
never executed: return ( ((void *)0) );
0
161 ((void *)0)
never executed: return ( ((void *)0) );
0
162 );
never executed: return ( ((void *)0) );
0
163 }
never executed: end of block
0
164 }
never executed: end of block
0
165 for (i = 0; i < 4
i < 4Description
TRUEnever evaluated
FALSEnever evaluated
; i++) {		0
166 struct tls_ticket_key *tk = &config->ticket_keys[i];-
167 if (now - config->session_lifetime > tk->time
now - config->...ime > tk->timeDescription
TRUEnever evaluated
FALSEnever evaluated
)		0
168 continue;
never executed: continue;
0
169 if (keyname ==
keyname == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
170 ((void *)0)
keyname == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
 		0
171 || timingsafe_memcmp(keyname,
timingsafe_mem...ey_name)) == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
172 tk->key_name, sizeof(tk->key_name)) == 0
timingsafe_mem...ey_name)) == 0Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
173 key = tk;-
174 break;
never executed: break;
0
175 }-
176 }
never executed: end of block
0
177 return
never executed: return (key);
 (key);
never executed: return (key);
0
178}-
179-
180static int-
181tls_server_ticket_cb(SSL *ssl, unsigned char *keyname, unsigned char *iv,-
182 EVP_CIPHER_CTX *ctx, HMAC_CTX *hctx, int mode)-
183{-
184 struct tls_ticket_key *key;-
185 struct tls *tls_ctx;-
186-
187 if ((
(tls_ctx = (SS...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
tls_ctx = (SSL_get_ex_data(ssl,0))) ==
(tls_ctx = (SS...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
188 ((void *)0)
(tls_ctx = (SS...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
189 )-
190 return
never executed: return (-1);
 (-1);
never executed: return (-1);
0
191-
192 if (mode == 1
mode == 1Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
193-
194 key = tls_server_ticket_key(tls_ctx->config, -
195 ((void *)0)-
196 );-
197 if (key ==
key == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
198 ((void *)0)
key == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
199 ) {-
200 tls_set_errorx(tls_ctx, "no valid ticket key found");-
201 return
never executed: return (-1);
 (-1);
never executed: return (-1);
0
202 }-
203-
204 memcpy(keyname, key->key_name, sizeof(key->key_name));-
205 arc4random_buf(iv, 16);-
206 EVP_EncryptInit_ex(ctx, EVP_aes_256_cbc(), -
207 ((void *)0)-
208 ,-
209 key->aes_key, iv);-
210 HMAC_Init_ex(hctx, key->hmac_key, sizeof(key->hmac_key),-
211 EVP_sha256(), -
212 ((void *)0)-
213 );-
214 return
never executed: return (0);
 (0);
never executed: return (0);
0
215 } else {-
216-
217 key = tls_server_ticket_key(tls_ctx->config, keyname);-
218 if (key ==
key == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
219 ((void *)0)
key == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
220 )-
221 return
never executed: return (0);
 (0);
never executed: return (0);
0
222-
223 EVP_DecryptInit_ex(ctx, EVP_aes_256_cbc(), -
224 ((void *)0)-
225 ,-
226 key->aes_key, iv);-
227 HMAC_Init_ex(hctx, key->hmac_key, sizeof(key->hmac_key),-
228 EVP_sha256(), -
229 ((void *)0)-
230 );-
231-
232-
233 if (key != &tls_ctx->config->ticket_keys[0]
key != &tls_ct...ticket_keys[0]Description
TRUEnever evaluated
FALSEnever evaluated
)		0
234 return
never executed: return (2);
 (2);
never executed: return (2);
0
235 return
never executed: return (1);
 (1);
never executed: return (1);
0
236 }-
237}-
238-
239static int-
240tls_configure_server_ssl(struct tls *ctx, SSL_CTX **ssl_ctx,-
241 struct tls_keypair *keypair)-
242{-
243 SSL_CTX_free(*ssl_ctx);-
244-
245 if ((*
(*ssl_ctx = SS...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
ssl_ctx = SSL_CTX_new(SSLv23_server_method())) ==
(*ssl_ctx = SS...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
0-4
246 ((void *)0)
(*ssl_ctx = SS...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
0-4
247 ) {-
248 tls_set_errorx(ctx, "ssl context failure");-
249 goto
never executed: goto err;
 err;
never executed: goto err;
0
250 }-
251-
252 SSL_CTX_ctrl((*ssl_ctx),32,(0x00020000L),-
253((void *)0)-
254);-
255-
256 if (SSL_CTX_callback_ctrl(*ssl_ctx,53,(void (*)(void))tls_servername_cb)
SSL_CTX_callba...rname_cb) != 1Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
0-4
257 != 1
SSL_CTX_callba...rname_cb) != 1Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
) {		0-4
258 tls_set_error(ctx, "failed to set servername callback");-
259 goto
never executed: goto err;
 err;
never executed: goto err;
0
260 }-
261 if (SSL_CTX_ctrl(*ssl_ctx,54,0, (void *)ctx) != 1
SSL_CTX_ctrl(*...id *)ctx) != 1Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
) {		0-4
262 tls_set_error(ctx, "failed to set servername callback arg");-
263 goto
never executed: goto err;
 err;
never executed: goto err;
0
264 }-
265-
266 if (tls_configure_ssl(ctx, *ssl_ctx) != 0
tls_configure_...*ssl_ctx) != 0Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
)		0-4
267 goto
never executed: goto err;
 err;
never executed: goto err;
0
268 if (tls_configure_ssl_keypair(ctx, *ssl_ctx, keypair, 1) != 0
tls_configure_...ypair, 1) != 0Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
)		0-4
269 goto
never executed: goto err;
 err;
never executed: goto err;
0
270 if (ctx->config->verify_client != 0
ctx->config->v...fy_client != 0Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
) {		0-4
271 int verify = 0x01;-
272 if (ctx->config->verify_client == 1
ctx->config->v...fy_client == 1Description
TRUEnever evaluated
FALSEnever evaluated
)		0
273 verify |= 0x02;
never executed: verify |= 0x02;
0
274 if (tls_configure_ssl_verify(ctx, *ssl_ctx, verify) == -1
tls_configure_... verify) == -1Description
TRUEnever evaluated
FALSEnever evaluated
)		0
275 goto
never executed: goto err;
 err;
never executed: goto err;
0
276 }
never executed: end of block
0
277-
278 if (ctx->config->alpn !=
ctx->config->a...!= ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
0-4
279 ((void *)0)
ctx->config->a...!= ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
0-4
280 )-
281 SSL_CTX_set_alpn_select_cb(*ssl_ctx, tls_server_alpn_cb,
never executed: SSL_CTX_set_alpn_select_cb(*ssl_ctx, tls_server_alpn_cb, ctx);
0
282 ctx);
never executed: SSL_CTX_set_alpn_select_cb(*ssl_ctx, tls_server_alpn_cb, ctx);
0
283-
284 if (ctx->config->dheparams == -1
ctx->config->dheparams == -1Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
)		0-4
285 SSL_CTX_ctrl(*ssl_ctx,118,1,
never executed: SSL_CTX_ctrl(*ssl_ctx,118,1, ((void *)0) );
0
286 ((void *)0)
never executed: SSL_CTX_ctrl(*ssl_ctx,118,1, ((void *)0) );
0
287 );
never executed: SSL_CTX_ctrl(*ssl_ctx,118,1, ((void *)0) );
0
288 else if (ctx->config->dheparams == 1024
ctx->config->dheparams == 1024Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
)		0-4
289 SSL_CTX_ctrl(*ssl_ctx,118,2,
never executed: SSL_CTX_ctrl(*ssl_ctx,118,2, ((void *)0) );
0
290 ((void *)0)
never executed: SSL_CTX_ctrl(*ssl_ctx,118,2, ((void *)0) );
0
291 );
never executed: SSL_CTX_ctrl(*ssl_ctx,118,2, ((void *)0) );
0
292-
293 if (ctx->config->ecdhecurves !=
ctx->config->e...!= ((void *)0)Description
TRUEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
FALSEnever evaluated
0-4
294 ((void *)0)
ctx->config->e...!= ((void *)0)Description
TRUEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
FALSEnever evaluated
0-4
295 ) {-
296 SSL_CTX_ctrl(*ssl_ctx,94,1,-
297 ((void *)0)-
298 );-
299 if (SSL_CTX_set1_groups(*ssl_ctx, ctx->config->ecdhecurves,
SSL_CTX_set1_g...rves_len) != 1Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
0-4
300 ctx->config->ecdhecurves_len) != 1
SSL_CTX_set1_g...rves_len) != 1Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
) {		0-4
301 tls_set_errorx(ctx, "failed to set ecdhe curves");-
302 goto
never executed: goto err;
 err;
never executed: goto err;
0
303 }-
304 }
executed 4 times by 1 test: end of block
Executed by:
  • tlstest
4
305-
306 if (ctx->config->ciphers_server == 1
ctx->config->c...rs_server == 1Description
TRUEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
FALSEnever evaluated
)		0-4
307 SSL_CTX_ctrl((*ssl_ctx),32,(0x00400000L),
executed 4 times by 1 test: SSL_CTX_ctrl((*ssl_ctx),32,(0x00400000L), ((void *)0) );
Executed by:
  • tlstest
4
308 ((void *)0)
executed 4 times by 1 test: SSL_CTX_ctrl((*ssl_ctx),32,(0x00400000L), ((void *)0) );
Executed by:
  • tlstest
4
309 );
executed 4 times by 1 test: SSL_CTX_ctrl((*ssl_ctx),32,(0x00400000L), ((void *)0) );
Executed by:
  • tlstest
4
310-
311 if (SSL_CTX_callback_ctrl(*ssl_ctx,63,(void (*)(void))tls_ocsp_stapling_cb) != 1
SSL_CTX_callba...pling_cb) != 1Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
) {		0-4
312 tls_set_errorx(ctx, "failed to add OCSP stapling callback");-
313 goto
never executed: goto err;
 err;
never executed: goto err;
0
314 }-
315-
316 if (ctx->config->session_lifetime > 0
ctx->config->s...n_lifetime > 0Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
) {		0-4
317-
318 SSL_CTX_set_timeout(*ssl_ctx, ctx->config->session_lifetime);-
319 SSL_CTX_ctrl((*ssl_ctx),77,(0x00004000L),-
320 ((void *)0)-
321 );-
322 if (!SSL_CTX_callback_ctrl(*ssl_ctx,72,(void (*)(void))tls_server_ticket_cb)
!SSL_CTX_callb...ver_ticket_cb)Description
TRUEnever evaluated
FALSEnever evaluated
0
323 ) {-
324 tls_set_error(ctx,-
325 "failed to set the TLS ticket callback");-
326 goto
never executed: goto err;
 err;
never executed: goto err;
0
327 }-
328 }
never executed: end of block
0
329-
330 if (SSL_CTX_set_session_id_context(*ssl_ctx, ctx->config->session_id,
SSL_CTX_set_se...sion_id)) != 1Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
0-4
331 sizeof(ctx->config->session_id)) != 1
SSL_CTX_set_se...sion_id)) != 1Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
) {		0-4
332 tls_set_error(ctx, "failed to set session id context");-
333 goto
never executed: goto err;
 err;
never executed: goto err;
0
334 }-
335-
336 return
executed 4 times by 1 test: return (0);
Executed by:
  • tlstest
 (0);
executed 4 times by 1 test: return (0);
Executed by:
  • tlstest
4
337-
338 err:-
339 SSL_CTX_free(*ssl_ctx);-
340 *ssl_ctx = -
341 ((void *)0)-
342 ;-
343-
344 return
never executed: return (-1);
 (-1);
never executed: return (-1);
0
345}-
346-
347static int-
348tls_configure_server_sni(struct tls *ctx)-
349{-
350 struct tls_sni_ctx **sni_ctx;-
351 struct tls_keypair *kp;-
352-
353 if (ctx->config->keypair->next ==
ctx->config->k...== ((void *)0)Description
TRUEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
FALSEnever evaluated
0-4
354 ((void *)0)
ctx->config->k...== ((void *)0)Description
TRUEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
FALSEnever evaluated
0-4
355 )-
356 return
executed 4 times by 1 test: return (0);
Executed by:
  • tlstest
 (0);
executed 4 times by 1 test: return (0);
Executed by:
  • tlstest
4
357-
358-
359 sni_ctx = &ctx->sni_ctx;-
360 for (kp = ctx->config->keypair->next; kp !=
kp != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
361 ((void *)0)
kp != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
362 ; kp = kp->next) {-
363 if ((*
(*sni_ctx = tl...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
sni_ctx = tls_sni_ctx_new()) ==
(*sni_ctx = tl...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
364 ((void *)0)
(*sni_ctx = tl...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
365 ) {-
366 tls_set_errorx(ctx, "out of memory");-
367 goto
never executed: goto err;
 err;
never executed: goto err;
0
368 }-
369 (*sni_ctx)->keypair = kp;-
370 if (tls_configure_server_ssl(ctx, &(*sni_ctx)->ssl_ctx, kp) == -1
tls_configure_...ctx, kp) == -1Description
TRUEnever evaluated
FALSEnever evaluated
)		0
371 goto
never executed: goto err;
 err;
never executed: goto err;
0
372 if (tls_keypair_load_cert(kp, &ctx->error,
tls_keypair_lo...sl_cert) == -1Description
TRUEnever evaluated
FALSEnever evaluated
0
373 &(*sni_ctx)->ssl_cert) == -1
tls_keypair_lo...sl_cert) == -1Description
TRUEnever evaluated
FALSEnever evaluated
)		0
374 goto
never executed: goto err;
 err;
never executed: goto err;
0
375 sni_ctx = &(*sni_ctx)->next;-
376 }
never executed: end of block
0
377-
378 return
never executed: return (0);
 (0);
never executed: return (0);
0
379-
380 err:-
381 return
never executed: return (-1);
 (-1);
never executed: return (-1);
0
382}-
383-
384int-
385tls_configure_server(struct tls *ctx)-
386{-
387 if (tls_configure_server_ssl(ctx, &ctx->ssl_ctx,
tls_configure_...keypair) == -1Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
0-4
388 ctx->config->keypair) == -1
tls_configure_...keypair) == -1Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
)		0-4
389 goto
never executed: goto err;
 err;
never executed: goto err;
0
390 if (tls_configure_server_sni(ctx) == -1
tls_configure_...sni(ctx) == -1Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
)		0-4
391 goto
never executed: goto err;
 err;
never executed: goto err;
0
392-
393 return
executed 4 times by 1 test: return (0);
Executed by:
  • tlstest
 (0);
executed 4 times by 1 test: return (0);
Executed by:
  • tlstest
4
394-
395 err:-
396 return
never executed: return (-1);
 (-1);
never executed: return (-1);
0
397}-
398-
399static struct tls *-
400tls_accept_common(struct tls *ctx)-
401{-
402 struct tls *conn_ctx = -
403 ((void *)0)-
404 ;-
405-
406 if ((
(ctx->flags & (1 << 1)) == 0Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
ctx->flags & (1 << 1)) == 0
(ctx->flags & (1 << 1)) == 0Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
) {		0-4
407 tls_set_errorx(ctx, "not a server context");-
408 goto
never executed: goto err;
 err;
never executed: goto err;
0
409 }-
410-
411 if ((
(conn_ctx = tl...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
conn_ctx = tls_server_conn(ctx)) ==
(conn_ctx = tl...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
0-4
412 ((void *)0)
(conn_ctx = tl...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
0-4
413 ) {-
414 tls_set_errorx(ctx, "connection context failure");-
415 goto
never executed: goto err;
 err;
never executed: goto err;
0
416 }-
417-
418 if ((
(conn_ctx->ssl...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
conn_ctx->ssl_conn = SSL_new(ctx->ssl_ctx)) ==
(conn_ctx->ssl...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
0-4
419 ((void *)0)
(conn_ctx->ssl...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
0-4
420 ) {-
421 tls_set_errorx(ctx, "ssl failure");-
422 goto
never executed: goto err;
 err;
never executed: goto err;
0
423 }-
424-
425 if ((
(SSL_set_ex_da...onn_ctx)) != 1Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
SSL_set_ex_data(conn_ctx->ssl_conn,0,(char *)conn_ctx)) != 1
(SSL_set_ex_da...onn_ctx)) != 1Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
) {		0-4
426 tls_set_errorx(ctx, "ssl application data failure");-
427 goto
never executed: goto err;
 err;
never executed: goto err;
0
428 }-
429-
430 return
executed 4 times by 1 test: return conn_ctx;
Executed by:
  • tlstest
 conn_ctx;
executed 4 times by 1 test: return conn_ctx;
Executed by:
  • tlstest
4
431-
432 err:-
433 tls_free(conn_ctx);-
434-
435 return
never executed: return ( ((void *)0) );
 (
never executed: return ( ((void *)0) );
0
436 ((void *)0)
never executed: return ( ((void *)0) );
0
437 );
never executed: return ( ((void *)0) );
0
438}-
439-
440int-
441tls_accept_socket(struct tls *ctx, struct tls **cctx, int s)-
442{-
443 return
executed 1 time by 1 test: return (tls_accept_fds(ctx, cctx, s, s));
Executed by:
  • tlstest
 (tls_accept_fds(ctx, cctx, s, s));
executed 1 time by 1 test: return (tls_accept_fds(ctx, cctx, s, s));
Executed by:
  • tlstest
1
444}-
445-
446int-
447tls_accept_fds(struct tls *ctx, struct tls **cctx, int fd_read, int fd_write)-
448{-
449 struct tls *conn_ctx;-
450-
451 if ((
(conn_ctx = tl...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • tlstest
conn_ctx = tls_accept_common(ctx)) ==
(conn_ctx = tl...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • tlstest
0-2
452 ((void *)0)
(conn_ctx = tl...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • tlstest
0-2
453 )-
454 goto
never executed: goto err;
 err;
never executed: goto err;
0
455-
456 if (SSL_set_rfd(conn_ctx->ssl_conn, fd_read) != 1
SSL_set_rfd(co... fd_read) != 1Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • tlstest
 ||		0-2
457 SSL_set_wfd(conn_ctx->ssl_conn, fd_write) != 1
SSL_set_wfd(co...fd_write) != 1Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • tlstest
) {		0-2
458 tls_set_errorx(ctx, "ssl file descriptor failure");-
459 goto
never executed: goto err;
 err;
never executed: goto err;
0
460 }-
461-
462 *cctx = conn_ctx;-
463-
464 return
executed 2 times by 1 test: return (0);
Executed by:
  • tlstest
 (0);
executed 2 times by 1 test: return (0);
Executed by:
  • tlstest
2
465 err:-
466 tls_free(conn_ctx);-
467 *cctx = -
468 ((void *)0)-
469 ;-
470-
471 return
never executed: return (-1);
 (-1);
never executed: return (-1);
0
472}-
473-
474int-
475tls_accept_cbs(struct tls *ctx, struct tls **cctx,-
476 tls_read_cb read_cb, tls_write_cb write_cb, void *cb_arg)-
477{-
478 struct tls *conn_ctx;-
479-
480 if ((
(conn_ctx = tl...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • tlstest
conn_ctx = tls_accept_common(ctx)) ==
(conn_ctx = tl...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • tlstest
0-2
481 ((void *)0)
(conn_ctx = tl...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • tlstest
0-2
482 )-
483 goto
never executed: goto err;
 err;
never executed: goto err;
0
484-
485 if (tls_set_cbs(conn_ctx, read_cb, write_cb, cb_arg) != 0
tls_set_cbs(co..., cb_arg) != 0Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • tlstest
)		0-2
486 goto
never executed: goto err;
 err;
never executed: goto err;
0
487-
488 *cctx = conn_ctx;-
489-
490 return
executed 2 times by 1 test: return (0);
Executed by:
  • tlstest
 (0);
executed 2 times by 1 test: return (0);
Executed by:
  • tlstest
2
491 err:-
492 tls_free(conn_ctx);-
493 *cctx = -
494 ((void *)0)-
495 ;-
496-
497 return
never executed: return (-1);
 (-1);
never executed: return (-1);
0
498}-
499-
500int-
501tls_handshake_server(struct tls *ctx)-
502{-
503 int ssl_ret;-
504 int rv = -1;-
505-
506 if ((
(ctx->flags & (1 << 2)) == 0Description
TRUEnever evaluated
FALSEevaluated 12 times by 1 test
Evaluated by:
  • tlstest
ctx->flags & (1 << 2)) == 0
(ctx->flags & (1 << 2)) == 0Description
TRUEnever evaluated
FALSEevaluated 12 times by 1 test
Evaluated by:
  • tlstest
) {		0-12
507 tls_set_errorx(ctx, "not a server connection context");-
508 goto
never executed: goto err;
 err;
never executed: goto err;
0
509 }-
510-
511 ctx->state |= (1 << 3);-
512-
513 ERR_clear_error();-
514 if ((
(ssl_ret = SSL...sl_conn)) != 1Description
TRUEevaluated 8 times by 1 test
Evaluated by:
  • tlstest
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
ssl_ret = SSL_accept(ctx->ssl_conn)) != 1
(ssl_ret = SSL...sl_conn)) != 1Description
TRUEevaluated 8 times by 1 test
Evaluated by:
  • tlstest
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
) {		4-8
515 rv = tls_ssl_error(ctx, ctx->ssl_conn, ssl_ret, "handshake");-
516 goto
executed 8 times by 1 test: goto err;
Executed by:
  • tlstest
 err;
executed 8 times by 1 test: goto err;
Executed by:
  • tlstest
8
517 }-
518-
519 ctx->state |= (1 << 2);-
520 rv = 0;-
521-
522 err:
code before this statement executed 4 times by 1 test: err:
Executed by:
  • tlstest
4
523 return
executed 12 times by 1 test: return (rv);
Executed by:
  • tlstest
 (rv);
executed 12 times by 1 test: return (rv);
Executed by:
  • tlstest
12
524}-
Switch to Source codePreprocessed file
Generated by Squish Coco 4.2.2