Line | Source | Count |
1 | | - |
2 | | - |
3 | | - |
4 | | - |
5 | int | - |
6 | tls_config_load_file(struct tls_error *error, const char *filetype, | - |
7 | const char *filename, char **buf, size_t *len) | - |
8 | { | - |
9 | struct stat st; | - |
10 | int fd = -1; | - |
11 | ssize_t n; | - |
12 | | - |
13 | free(*buf); | - |
14 | *buf = | - |
15 | ((void *)0) | - |
16 | ; | - |
17 | *len = 0; | - |
18 | | - |
19 | if ((TRUE | never evaluated | FALSE | evaluated 11 times by 2 tests |
fd = open(filename, TRUE | never evaluated | FALSE | evaluated 11 times by 2 tests |
| 0-11 |
20 | 00TRUE | never evaluated | FALSE | evaluated 11 times by 2 tests |
| 0-11 |
21 | )) == -1TRUE | never evaluated | FALSE | evaluated 11 times by 2 tests |
) { | 0-11 |
22 | tls_error_set(error, "failed to open %s file '%s'", | - |
23 | filetype, filename); | - |
24 | goto never executed: goto err; err;never executed: goto err; | 0 |
25 | } | - |
26 | if (fstat(fd, &st) != 0TRUE | never evaluated | FALSE | evaluated 11 times by 2 tests |
) { | 0-11 |
27 | tls_error_set(error, "failed to stat %s file '%s'", | - |
28 | filetype, filename); | - |
29 | goto never executed: goto err; err;never executed: goto err; | 0 |
30 | } | - |
31 | if (st.st_size < 0TRUE | never evaluated | FALSE | evaluated 11 times by 2 tests |
) | 0-11 |
32 | goto never executed: goto err; err;never executed: goto err; | 0 |
33 | *len = (size_t)st.st_size; | - |
34 | if ((*TRUE | never evaluated | FALSE | evaluated 11 times by 2 tests |
buf = malloc(*len)) == TRUE | never evaluated | FALSE | evaluated 11 times by 2 tests |
| 0-11 |
35 | ((void *)0)TRUE | never evaluated | FALSE | evaluated 11 times by 2 tests |
| 0-11 |
36 | ) { | - |
37 | tls_error_set(error, "failed to allocate buffer for " | - |
38 | "%s file", filetype); | - |
39 | goto never executed: goto err; err;never executed: goto err; | 0 |
40 | } | - |
41 | n = read(fd, *buf, *len); | - |
42 | if (n < 0TRUE | never evaluated | FALSE | evaluated 11 times by 2 tests |
|| (TRUE | never evaluated | FALSE | evaluated 11 times by 2 tests |
size_t)n != *lenTRUE | never evaluated | FALSE | evaluated 11 times by 2 tests |
) { | 0-11 |
43 | tls_error_set(error, "failed to read %s file '%s'", | - |
44 | filetype, filename); | - |
45 | goto never executed: goto err; err;never executed: goto err; | 0 |
46 | } | - |
47 | close(fd); | - |
48 | returnexecuted 11 times by 2 tests: return 0; 0;executed 11 times by 2 tests: return 0; | 11 |
49 | | - |
50 | err: | - |
51 | if (fd != -1TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
52 | close(fd); never executed: close(fd); | 0 |
53 | freezero(*buf, *len); | - |
54 | *buf = | - |
55 | ((void *)0) | - |
56 | ; | - |
57 | *len = 0; | - |
58 | | - |
59 | return never executed: return -1; -1;never executed: return -1; | 0 |
60 | } | - |
61 | | - |
62 | struct tls_config * | - |
63 | tls_config_new_internal(void) | - |
64 | { | - |
65 | struct tls_config *config; | - |
66 | unsigned char sid[32]; | - |
67 | | - |
68 | if ((TRUE | never evaluated | FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
config = calloc(1, sizeof(*config))) == TRUE | never evaluated | FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 0-7 |
69 | ((void *)0)TRUE | never evaluated | FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 0-7 |
70 | ) | - |
71 | return never executed: return ( ((void *)0) ); (never executed: return ( ((void *)0) ); | 0 |
72 | ((void *)0) never executed: return ( ((void *)0) ); | 0 |
73 | ); never executed: return ( ((void *)0) ); | 0 |
74 | | - |
75 | if ((TRUE | never evaluated | FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
config->keypair = tls_keypair_new()) == TRUE | never evaluated | FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 0-7 |
76 | ((void *)0)TRUE | never evaluated | FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 0-7 |
77 | ) | - |
78 | goto never executed: goto err; err;never executed: goto err; | 0 |
79 | | - |
80 | config->refcount = 1; | - |
81 | config->session_fd = -1; | - |
82 | | - |
83 | | - |
84 | | - |
85 | | - |
86 | if (tls_config_set_dheparams(config, "none") != 0TRUE | never evaluated | FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
) | 0-7 |
87 | goto never executed: goto err; err;never executed: goto err; | 0 |
88 | if (tls_config_set_ecdhecurves(config, "default") != 0TRUE | never evaluated | FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
) | 0-7 |
89 | goto never executed: goto err; err;never executed: goto err; | 0 |
90 | if (tls_config_set_ciphers(config, "secure") != 0TRUE | never evaluated | FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
) | 0-7 |
91 | goto never executed: goto err; err;never executed: goto err; | 0 |
92 | | - |
93 | if (tls_config_set_protocols(config, (1 << 3)) != 0TRUE | never evaluated | FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
) | 0-7 |
94 | goto never executed: goto err; err;never executed: goto err; | 0 |
95 | if (tls_config_set_verify_depth(config, 6) != 0TRUE | never evaluated | FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
) | 0-7 |
96 | goto never executed: goto err; err;never executed: goto err; | 0 |
97 | | - |
98 | | - |
99 | | - |
100 | | - |
101 | | - |
102 | | - |
103 | arc4random_buf(sid, sizeof(sid)); | - |
104 | if (tls_config_set_session_id(config, sid, sizeof(sid)) != 0TRUE | never evaluated | FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
) | 0-7 |
105 | goto never executed: goto err; err;never executed: goto err; | 0 |
106 | config->ticket_keyrev = arc4random(); | - |
107 | config->ticket_autorekey = 1; | - |
108 | | - |
109 | tls_config_prefer_ciphers_server(config); | - |
110 | | - |
111 | tls_config_verify(config); | - |
112 | | - |
113 | returnexecuted 7 times by 3 tests: return (config); Executed by:- configtest
- tlstest
- verifytest
(config);executed 7 times by 3 tests: return (config); Executed by:- configtest
- tlstest
- verifytest
| 7 |
114 | | - |
115 | err: | - |
116 | tls_config_free(config); | - |
117 | return never executed: return ( ((void *)0) ); (never executed: return ( ((void *)0) ); | 0 |
118 | ((void *)0) never executed: return ( ((void *)0) ); | 0 |
119 | ); never executed: return ( ((void *)0) ); | 0 |
120 | } | - |
121 | | - |
122 | struct tls_config * | - |
123 | tls_config_new(void) | - |
124 | { | - |
125 | if (tls_init() == -1TRUE | never evaluated | FALSE | evaluated 4 times by 1 test |
) | 0-4 |
126 | return never executed: return ( ((void *)0) ); (never executed: return ( ((void *)0) ); | 0 |
127 | ((void *)0) never executed: return ( ((void *)0) ); | 0 |
128 | ); never executed: return ( ((void *)0) ); | 0 |
129 | | - |
130 | returnexecuted 4 times by 1 test: return tls_config_new_internal(); tls_config_new_internal();executed 4 times by 1 test: return tls_config_new_internal(); | 4 |
131 | } | - |
132 | | - |
133 | void | - |
134 | tls_config_free(struct tls_config *config) | - |
135 | { | - |
136 | struct tls_keypair *kp, *nkp; | - |
137 | | - |
138 | if (config == TRUE | evaluated 78 times by 2 tests | FALSE | evaluated 48 times by 2 tests |
| 48-78 |
139 | ((void *)0)TRUE | evaluated 78 times by 2 tests | FALSE | evaluated 48 times by 2 tests |
| 48-78 |
140 | ) | - |
141 | return;executed 78 times by 2 tests: return; | 78 |
142 | | - |
143 | if (--TRUE | evaluated 44 times by 2 tests | FALSE | evaluated 4 times by 1 test |
config->refcount > 0TRUE | evaluated 44 times by 2 tests | FALSE | evaluated 4 times by 1 test |
) | 4-44 |
144 | return;executed 44 times by 2 tests: return; | 44 |
145 | | - |
146 | for (kp = config->keypair; kp != TRUE | evaluated 4 times by 1 test | FALSE | evaluated 4 times by 1 test |
| 4 |
147 | ((void *)0)TRUE | evaluated 4 times by 1 test | FALSE | evaluated 4 times by 1 test |
| 4 |
148 | ; kp = nkp) { | - |
149 | nkp = kp->next; | - |
150 | tls_keypair_free(kp); | - |
151 | }executed 4 times by 1 test: end of block | 4 |
152 | | - |
153 | free(config->error.msg); | - |
154 | | - |
155 | free(config->alpn); | - |
156 | free((char *)config->ca_mem); | - |
157 | free((char *)config->ca_path); | - |
158 | free((char *)config->ciphers); | - |
159 | free((char *)config->crl_mem); | - |
160 | free(config->ecdhecurves); | - |
161 | | - |
162 | free(config); | - |
163 | }executed 4 times by 1 test: end of block | 4 |
164 | | - |
165 | static void | - |
166 | tls_config_keypair_add(struct tls_config *config, struct tls_keypair *keypair) | - |
167 | { | - |
168 | struct tls_keypair *kp; | - |
169 | | - |
170 | kp = config->keypair; | - |
171 | while (kp->next != TRUE | never evaluated | FALSE | never evaluated |
| 0 |
172 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
173 | ) | - |
174 | kp = kp->next; never executed: kp = kp->next; | 0 |
175 | | - |
176 | kp->next = keypair; | - |
177 | } never executed: end of block | 0 |
178 | | - |
179 | const char * | - |
180 | tls_config_error(struct tls_config *config) | - |
181 | { | - |
182 | return never executed: return config->error.msg; config->error.msg;never executed: return config->error.msg; | 0 |
183 | } | - |
184 | | - |
185 | void | - |
186 | tls_config_clear_keys(struct tls_config *config) | - |
187 | { | - |
188 | struct tls_keypair *kp; | - |
189 | | - |
190 | for (kp = config->keypair; kp != TRUE | never evaluated | FALSE | never evaluated |
| 0 |
191 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
192 | ; kp = kp->next) | - |
193 | tls_keypair_clear_key(kp); never executed: tls_keypair_clear_key(kp); | 0 |
194 | } never executed: end of block | 0 |
195 | | - |
196 | int | - |
197 | tls_config_parse_protocols(uint32_t *protocols, const char *protostr) | - |
198 | { | - |
199 | uint32_t proto, protos = 0; | - |
200 | char *s, *p, *q; | - |
201 | int negate; | - |
202 | | - |
203 | if (protostr == TRUE | evaluated 1 time by 1 test | FALSE | evaluated 18 times by 1 test |
| 1-18 |
204 | ((void *)0)TRUE | evaluated 1 time by 1 test | FALSE | evaluated 18 times by 1 test |
| 1-18 |
205 | ) { | - |
206 | *protocols = (1 << 3); | - |
207 | returnexecuted 1 time by 1 test: return (0); (0);executed 1 time by 1 test: return (0); | 1 |
208 | } | - |
209 | | - |
210 | if ((TRUE | never evaluated | FALSE | evaluated 18 times by 1 test |
s = TRUE | never evaluated | FALSE | evaluated 18 times by 1 test |
| 0-18 |
211 | (__extension__ (__builtin_constant_p (TRUE | never evaluated | FALSE | evaluated 18 times by 1 test |
TRUE | never evaluated | FALSE | evaluated 18 times by 1 test |
| 0-18 |
212 | protostrTRUE | never evaluated | FALSE | evaluated 18 times by 1 test |
TRUE | never evaluated | FALSE | evaluated 18 times by 1 test |
| 0-18 |
213 | )TRUE | never evaluated | FALSE | evaluated 18 times by 1 test |
&& ((TRUE | never evaluated | FALSE | never evaluated |
size_t)(const void *)((TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | evaluated 18 times by 1 test |
| 0-18 |
214 | protostrTRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | evaluated 18 times by 1 test |
| 0-18 |
215 | ) + 1) - (size_t)(const void *)(TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | evaluated 18 times by 1 test |
| 0-18 |
216 | protostrTRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | evaluated 18 times by 1 test |
| 0-18 |
217 | ) == 1)TRUE | never evaluated | FALSE | never evaluated |
? (((constTRUE | never evaluated | FALSE | never evaluated |
char *) (TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | evaluated 18 times by 1 test |
| 0-18 |
218 | protostrTRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | evaluated 18 times by 1 test |
| 0-18 |
219 | ))[0] == '\0'TRUE | never evaluated | FALSE | never evaluated |
? (char *) calloc ((size_t) 1, (size_t) 1) : ({ size_t __len = strlen (TRUE | never evaluated | FALSE | evaluated 18 times by 1 test |
| 0-18 |
220 | protostrTRUE | never evaluated | FALSE | evaluated 18 times by 1 test |
| 0-18 |
221 | ) + 1; char *__retval = (char *) malloc (__len); if (__retval != ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
) __retval = (char *) memcpy (__retval, never executed: __retval = (char *) memcpy (__retval, protostr , __len); TRUE | never evaluated | FALSE | evaluated 18 times by 1 test |
| 0-18 |
222 | protostrTRUE | never evaluated | FALSE | evaluated 18 times by 1 test |
never executed: __retval = (char *) memcpy (__retval, protostr , __len); | 0-18 |
223 | , __len);TRUE | never evaluated | FALSE | evaluated 18 times by 1 test |
never executed: __retval = (char *) memcpy (__retval, protostr , __len); __retval; })) : __strdup (TRUE | never evaluated | FALSE | evaluated 18 times by 1 test |
| 0-18 |
224 | protostrTRUE | never evaluated | FALSE | evaluated 18 times by 1 test |
| 0-18 |
225 | )))TRUE | never evaluated | FALSE | evaluated 18 times by 1 test |
| 0-18 |
226 | ) == TRUE | never evaluated | FALSE | evaluated 18 times by 1 test |
| 0-18 |
227 | ((void *)0)TRUE | never evaluated | FALSE | evaluated 18 times by 1 test |
| 0-18 |
228 | ) | - |
229 | return never executed: return (-1); (-1);never executed: return (-1); | 0 |
230 | | - |
231 | q = s; | - |
232 | while ((TRUE | evaluated 33 times by 1 test | FALSE | evaluated 14 times by 1 test |
p = TRUE | evaluated 33 times by 1 test | FALSE | evaluated 14 times by 1 test |
| 14-33 |
233 | __extension__ ({ char __r0, __r1, __r2; (__builtin_constant_p (TRUE | evaluated 33 times by 1 test | FALSE | evaluated 14 times by 1 test |
| 14-33 |
234 | ",:"TRUE | evaluated 33 times by 1 test | FALSE | evaluated 14 times by 1 test |
| 14-33 |
235 | ) && ((size_t)(const void *)((TRUE | evaluated 33 times by 1 test | FALSE | evaluated 14 times by 1 test |
| 14-33 |
236 | ",:"TRUE | evaluated 33 times by 1 test | FALSE | evaluated 14 times by 1 test |
| 14-33 |
237 | ) + 1) - (size_t)(const void *)(TRUE | evaluated 33 times by 1 test | FALSE | evaluated 14 times by 1 test |
| 14-33 |
238 | ",:"TRUE | evaluated 33 times by 1 test | FALSE | evaluated 14 times by 1 test |
| 14-33 |
239 | ) == 1) && (__r0 = ((const char *) (TRUE | evaluated 33 times by 1 test | FALSE | evaluated 14 times by 1 test |
| 14-33 |
240 | ",:"TRUE | evaluated 33 times by 1 test | FALSE | evaluated 14 times by 1 test |
| 14-33 |
241 | ))[0], ((const char *) (TRUE | evaluated 33 times by 1 test | FALSE | evaluated 14 times by 1 test |
| 14-33 |
242 | ",:"TRUE | evaluated 33 times by 1 test | FALSE | evaluated 14 times by 1 test |
| 14-33 |
243 | ))[0] != '\0') ? ((__r1 = ((const char *) (TRUE | evaluated 33 times by 1 test | FALSE | evaluated 14 times by 1 test |
| 14-33 |
244 | ",:"TRUE | evaluated 33 times by 1 test | FALSE | evaluated 14 times by 1 test |
| 14-33 |
245 | ))[1], ((const char *) (TRUE | evaluated 33 times by 1 test | FALSE | evaluated 14 times by 1 test |
| 14-33 |
246 | ",:"TRUE | evaluated 33 times by 1 test | FALSE | evaluated 14 times by 1 test |
| 14-33 |
247 | ))[1] == '\0') ? __strsep_1c (TRUE | evaluated 33 times by 1 test | FALSE | evaluated 14 times by 1 test |
| 14-33 |
248 | &qTRUE | evaluated 33 times by 1 test | FALSE | evaluated 14 times by 1 test |
| 14-33 |
249 | , __r0) : ((__r2 = ((const char *) (TRUE | evaluated 33 times by 1 test | FALSE | evaluated 14 times by 1 test |
| 14-33 |
250 | ",:"TRUE | evaluated 33 times by 1 test | FALSE | evaluated 14 times by 1 test |
| 14-33 |
251 | ))[2], __r2 == '\0') ? __strsep_2c (TRUE | evaluated 33 times by 1 test | FALSE | evaluated 14 times by 1 test |
| 14-33 |
252 | &qTRUE | evaluated 33 times by 1 test | FALSE | evaluated 14 times by 1 test |
| 14-33 |
253 | , __r0, __r1) : (((const char *) (TRUE | evaluated 33 times by 1 test | FALSE | evaluated 14 times by 1 test |
| 14-33 |
254 | ",:"TRUE | evaluated 33 times by 1 test | FALSE | evaluated 14 times by 1 test |
| 14-33 |
255 | ))[3] == '\0' ? __strsep_3c (TRUE | evaluated 33 times by 1 test | FALSE | evaluated 14 times by 1 test |
| 14-33 |
256 | &qTRUE | evaluated 33 times by 1 test | FALSE | evaluated 14 times by 1 test |
| 14-33 |
257 | , __r0, __r1, __r2) : __strsep_g (TRUE | evaluated 33 times by 1 test | FALSE | evaluated 14 times by 1 test |
| 14-33 |
258 | &qTRUE | evaluated 33 times by 1 test | FALSE | evaluated 14 times by 1 test |
| 14-33 |
259 | , TRUE | evaluated 33 times by 1 test | FALSE | evaluated 14 times by 1 test |
| 14-33 |
260 | ",:"TRUE | evaluated 33 times by 1 test | FALSE | evaluated 14 times by 1 test |
| 14-33 |
261 | )))) : __strsep_g (TRUE | evaluated 33 times by 1 test | FALSE | evaluated 14 times by 1 test |
| 14-33 |
262 | &qTRUE | evaluated 33 times by 1 test | FALSE | evaluated 14 times by 1 test |
| 14-33 |
263 | , TRUE | evaluated 33 times by 1 test | FALSE | evaluated 14 times by 1 test |
| 14-33 |
264 | ",:"TRUE | evaluated 33 times by 1 test | FALSE | evaluated 14 times by 1 test |
| 14-33 |
265 | )); })TRUE | evaluated 33 times by 1 test | FALSE | evaluated 14 times by 1 test |
| 14-33 |
266 | ) != TRUE | evaluated 33 times by 1 test | FALSE | evaluated 14 times by 1 test |
| 14-33 |
267 | ((void *)0)TRUE | evaluated 33 times by 1 test | FALSE | evaluated 14 times by 1 test |
| 14-33 |
268 | ) { | - |
269 | while (*TRUE | never evaluated | FALSE | evaluated 33 times by 1 test |
p == ' 'TRUE | never evaluated | FALSE | evaluated 33 times by 1 test |
|| *TRUE | never evaluated | FALSE | evaluated 33 times by 1 test |
p == '\t'TRUE | never evaluated | FALSE | evaluated 33 times by 1 test |
) | 0-33 |
270 | p++; never executed: p++; | 0 |
271 | | - |
272 | negate = 0; | - |
273 | if (*TRUE | evaluated 8 times by 1 test | FALSE | evaluated 25 times by 1 test |
p == '!'TRUE | evaluated 8 times by 1 test | FALSE | evaluated 25 times by 1 test |
) { | 8-25 |
274 | negate = 1; | - |
275 | p++; | - |
276 | }executed 8 times by 1 test: end of block | 8 |
277 | | - |
278 | if (negateTRUE | evaluated 8 times by 1 test | FALSE | evaluated 25 times by 1 test |
&& protos == 0TRUE | evaluated 3 times by 1 test | FALSE | evaluated 5 times by 1 test |
) | 3-25 |
279 | protos = ((1 << 1)|(1 << 2)|(1 << 3));executed 3 times by 1 test: protos = ((1 << 1)|(1 << 2)|(1 << 3)); | 3 |
280 | | - |
281 | proto = 0; | - |
282 | if (strcasecmp(p, "all") == 0TRUE | evaluated 3 times by 1 test | FALSE | evaluated 30 times by 1 test |
|| | 3-30 |
283 | strcasecmp(p, "legacy") == 0TRUE | never evaluated | FALSE | evaluated 30 times by 1 test |
) | 0-30 |
284 | proto = ((1 << 1)|(1 << 2)|(1 << 3));executed 3 times by 1 test: proto = ((1 << 1)|(1 << 2)|(1 << 3)); | 3 |
285 | else if (strcasecmp(p, "default") == 0TRUE | evaluated 1 time by 1 test | FALSE | evaluated 29 times by 1 test |
|| | 1-29 |
286 | strcasecmp(p, "secure") == 0TRUE | evaluated 1 time by 1 test | FALSE | evaluated 28 times by 1 test |
) | 1-28 |
287 | proto = (1 << 3);executed 2 times by 1 test: proto = (1 << 3); | 2 |
288 | if (strcasecmp(p, "tlsv1") == 0TRUE | evaluated 1 time by 1 test | FALSE | evaluated 32 times by 1 test |
) | 1-32 |
289 | proto = ((1 << 1)|(1 << 2)|(1 << 3));executed 1 time by 1 test: proto = ((1 << 1)|(1 << 2)|(1 << 3)); | 1 |
290 | else if (strcasecmp(p, "tlsv1.0") == 0TRUE | evaluated 7 times by 1 test | FALSE | evaluated 25 times by 1 test |
) | 7-25 |
291 | proto = (1 << 1);executed 7 times by 1 test: proto = (1 << 1); | 7 |
292 | else if (strcasecmp(p, "tlsv1.1") == 0TRUE | evaluated 9 times by 1 test | FALSE | evaluated 16 times by 1 test |
) | 9-16 |
293 | proto = (1 << 2);executed 9 times by 1 test: proto = (1 << 2); | 9 |
294 | else if (strcasecmp(p, "tlsv1.2") == 0TRUE | evaluated 7 times by 1 test | FALSE | evaluated 9 times by 1 test |
) | 7-9 |
295 | proto = (1 << 3);executed 7 times by 1 test: proto = (1 << 3); | 7 |
296 | | - |
297 | if (proto == 0TRUE | evaluated 4 times by 1 test | FALSE | evaluated 29 times by 1 test |
) { | 4-29 |
298 | free(s); | - |
299 | returnexecuted 4 times by 1 test: return (-1); (-1);executed 4 times by 1 test: return (-1); | 4 |
300 | } | - |
301 | | - |
302 | if (negateTRUE | evaluated 7 times by 1 test | FALSE | evaluated 22 times by 1 test |
) | 7-22 |
303 | protos &= ~proto;executed 7 times by 1 test: protos &= ~proto; | 7 |
304 | else | - |
305 | protos |= proto;executed 22 times by 1 test: protos |= proto; | 22 |
306 | } | - |
307 | | - |
308 | *protocols = protos; | - |
309 | | - |
310 | free(s); | - |
311 | | - |
312 | returnexecuted 14 times by 1 test: return (0); (0);executed 14 times by 1 test: return (0); | 14 |
313 | } | - |
314 | | - |
315 | static int | - |
316 | tls_config_parse_alpn(struct tls_config *config, const char *alpn, | - |
317 | char **alpn_data, size_t *alpn_len) | - |
318 | { | - |
319 | size_t buf_len, i, len; | - |
320 | char *buf = | - |
321 | ((void *)0) | - |
322 | ; | - |
323 | char *s = | - |
324 | ((void *)0) | - |
325 | ; | - |
326 | char *p, *q; | - |
327 | | - |
328 | free(*alpn_data); | - |
329 | *alpn_data = | - |
330 | ((void *)0) | - |
331 | ; | - |
332 | *alpn_len = 0; | - |
333 | | - |
334 | if ((TRUE | never evaluated | FALSE | never evaluated |
buf_len = strlen(alpn) + 1) > 65535TRUE | never evaluated | FALSE | never evaluated |
) { | 0 |
335 | tls_config_set_errorx(config, "alpn too large"); | - |
336 | goto never executed: goto err; err;never executed: goto err; | 0 |
337 | } | - |
338 | | - |
339 | if ((TRUE | never evaluated | FALSE | never evaluated |
buf = malloc(buf_len)) == TRUE | never evaluated | FALSE | never evaluated |
| 0 |
340 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
341 | ) { | - |
342 | tls_config_set_errorx(config, "out of memory"); | - |
343 | goto never executed: goto err; err;never executed: goto err; | 0 |
344 | } | - |
345 | | - |
346 | if ((TRUE | never evaluated | FALSE | never evaluated |
s = TRUE | never evaluated | FALSE | never evaluated |
| 0 |
347 | (__extension__ (__builtin_constant_p (TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
348 | alpnTRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
349 | )TRUE | never evaluated | FALSE | never evaluated |
&& ((TRUE | never evaluated | FALSE | never evaluated |
size_t)(const void *)((TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
350 | alpnTRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
351 | ) + 1) - (size_t)(const void *)(TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
352 | alpnTRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
353 | ) == 1)TRUE | never evaluated | FALSE | never evaluated |
? (((constTRUE | never evaluated | FALSE | never evaluated |
char *) (TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
354 | alpnTRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
355 | ))[0] == '\0'TRUE | never evaluated | FALSE | never evaluated |
? (char *) calloc ((size_t) 1, (size_t) 1) : ({ size_t __len = strlen (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
356 | alpnTRUE | never evaluated | FALSE | never evaluated |
| 0 |
357 | ) + 1; char *__retval = (char *) malloc (__len); if (__retval != ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
) __retval = (char *) memcpy (__retval, never executed: __retval = (char *) memcpy (__retval, alpn , __len); | 0 |
358 | alpnTRUE | never evaluated | FALSE | never evaluated |
never executed: __retval = (char *) memcpy (__retval, alpn , __len); | 0 |
359 | , __len); __retval; })) : __strdup (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
360 | alpnTRUE | never evaluated | FALSE | never evaluated |
| 0 |
361 | )))TRUE | never evaluated | FALSE | never evaluated |
| 0 |
362 | ) == TRUE | never evaluated | FALSE | never evaluated |
| 0 |
363 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
364 | ) { | - |
365 | tls_config_set_errorx(config, "out of memory"); | - |
366 | goto never executed: goto err; err;never executed: goto err; | 0 |
367 | } | - |
368 | | - |
369 | i = 0; | - |
370 | q = s; | - |
371 | while ((TRUE | never evaluated | FALSE | never evaluated |
p = TRUE | never evaluated | FALSE | never evaluated |
| 0 |
372 | __extension__ ({ char __r0, __r1, __r2; (__builtin_constant_p (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
373 | ","TRUE | never evaluated | FALSE | never evaluated |
| 0 |
374 | ) && ((size_t)(const void *)((TRUE | never evaluated | FALSE | never evaluated |
| 0 |
375 | ","TRUE | never evaluated | FALSE | never evaluated |
| 0 |
376 | ) + 1) - (size_t)(const void *)(TRUE | never evaluated | FALSE | never evaluated |
| 0 |
377 | ","TRUE | never evaluated | FALSE | never evaluated |
| 0 |
378 | ) == 1) && (__r0 = ((const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
379 | ","TRUE | never evaluated | FALSE | never evaluated |
| 0 |
380 | ))[0], ((const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
381 | ","TRUE | never evaluated | FALSE | never evaluated |
| 0 |
382 | ))[0] != '\0') ? ((__r1 = ((const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
383 | ","TRUE | never evaluated | FALSE | never evaluated |
| 0 |
384 | ))[1], ((const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
385 | ","TRUE | never evaluated | FALSE | never evaluated |
| 0 |
386 | ))[1] == '\0') ? __strsep_1c (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
387 | &qTRUE | never evaluated | FALSE | never evaluated |
| 0 |
388 | , __r0) : ((__r2 = ((const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
389 | ","TRUE | never evaluated | FALSE | never evaluated |
| 0 |
390 | ))[2], __r2 == '\0') ? __strsep_2c (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
391 | &qTRUE | never evaluated | FALSE | never evaluated |
| 0 |
392 | , __r0, __r1) : (((const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
393 | ","TRUE | never evaluated | FALSE | never evaluated |
| 0 |
394 | ))[3] == '\0' ? __strsep_3c (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
395 | &qTRUE | never evaluated | FALSE | never evaluated |
| 0 |
396 | , __r0, __r1, __r2) : __strsep_g (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
397 | &qTRUE | never evaluated | FALSE | never evaluated |
| 0 |
398 | , TRUE | never evaluated | FALSE | never evaluated |
| 0 |
399 | ","TRUE | never evaluated | FALSE | never evaluated |
| 0 |
400 | )))) : __strsep_g (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
401 | &qTRUE | never evaluated | FALSE | never evaluated |
| 0 |
402 | , TRUE | never evaluated | FALSE | never evaluated |
| 0 |
403 | ","TRUE | never evaluated | FALSE | never evaluated |
| 0 |
404 | )); })TRUE | never evaluated | FALSE | never evaluated |
| 0 |
405 | ) != TRUE | never evaluated | FALSE | never evaluated |
| 0 |
406 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
407 | ) { | - |
408 | if ((TRUE | never evaluated | FALSE | never evaluated |
len = strlen(p)) == 0TRUE | never evaluated | FALSE | never evaluated |
) { | 0 |
409 | tls_config_set_errorx(config, | - |
410 | "alpn protocol with zero length"); | - |
411 | goto never executed: goto err; err;never executed: goto err; | 0 |
412 | } | - |
413 | if (len > 255TRUE | never evaluated | FALSE | never evaluated |
) { | 0 |
414 | tls_config_set_errorx(config, | - |
415 | "alpn protocol too long"); | - |
416 | goto never executed: goto err; err;never executed: goto err; | 0 |
417 | } | - |
418 | buf[i++] = len & 0xff; | - |
419 | memcpy(&buf[i], p, len); | - |
420 | i += len; | - |
421 | } never executed: end of block | 0 |
422 | | - |
423 | free(s); | - |
424 | | - |
425 | *alpn_data = buf; | - |
426 | *alpn_len = buf_len; | - |
427 | | - |
428 | return never executed: return (0); (0);never executed: return (0); | 0 |
429 | | - |
430 | err: | - |
431 | free(buf); | - |
432 | free(s); | - |
433 | | - |
434 | return never executed: return (-1); (-1);never executed: return (-1); | 0 |
435 | } | - |
436 | | - |
437 | int | - |
438 | tls_config_set_alpn(struct tls_config *config, const char *alpn) | - |
439 | { | - |
440 | return never executed: return tls_config_parse_alpn(config, alpn, &config->alpn, &config->alpn_len); tls_config_parse_alpn(config, alpn, &config->alpn,never executed: return tls_config_parse_alpn(config, alpn, &config->alpn, &config->alpn_len); | 0 |
441 | &config->alpn_len); never executed: return tls_config_parse_alpn(config, alpn, &config->alpn, &config->alpn_len); | 0 |
442 | } | - |
443 | | - |
444 | static int | - |
445 | tls_config_add_keypair_file_internal(struct tls_config *config, | - |
446 | const char *cert_file, const char *key_file, const char *ocsp_file) | - |
447 | { | - |
448 | struct tls_keypair *keypair; | - |
449 | | - |
450 | if ((TRUE | never evaluated | FALSE | never evaluated |
keypair = tls_keypair_new()) == TRUE | never evaluated | FALSE | never evaluated |
| 0 |
451 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
452 | ) | - |
453 | return never executed: return (-1); (-1);never executed: return (-1); | 0 |
454 | if (tls_keypair_set_cert_file(keypair, &config->error, cert_file) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
455 | goto never executed: goto err; err;never executed: goto err; | 0 |
456 | if (tls_keypair_set_key_file(keypair, &config->error, key_file) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
457 | goto never executed: goto err; err;never executed: goto err; | 0 |
458 | if (ocsp_file != TRUE | never evaluated | FALSE | never evaluated |
| 0 |
459 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
460 | && | - |
461 | tls_keypair_set_ocsp_staple_file(keypair, &config->error,TRUE | never evaluated | FALSE | never evaluated |
| 0 |
462 | ocsp_file) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
463 | goto never executed: goto err; err;never executed: goto err; | 0 |
464 | | - |
465 | tls_config_keypair_add(config, keypair); | - |
466 | | - |
467 | return never executed: return (0); (0);never executed: return (0); | 0 |
468 | | - |
469 | err: | - |
470 | tls_keypair_free(keypair); | - |
471 | return never executed: return (-1); (-1);never executed: return (-1); | 0 |
472 | } | - |
473 | | - |
474 | static int | - |
475 | tls_config_add_keypair_mem_internal(struct tls_config *config, const uint8_t *cert, | - |
476 | size_t cert_len, const uint8_t *key, size_t key_len, | - |
477 | const uint8_t *staple, size_t staple_len) | - |
478 | { | - |
479 | struct tls_keypair *keypair; | - |
480 | | - |
481 | if ((TRUE | never evaluated | FALSE | never evaluated |
keypair = tls_keypair_new()) == TRUE | never evaluated | FALSE | never evaluated |
| 0 |
482 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
483 | ) | - |
484 | return never executed: return (-1); (-1);never executed: return (-1); | 0 |
485 | if (tls_keypair_set_cert_mem(keypair, &config->error, cert, cert_len) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
486 | goto never executed: goto err; err;never executed: goto err; | 0 |
487 | if (tls_keypair_set_key_mem(keypair, &config->error, key, key_len) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
488 | goto never executed: goto err; err;never executed: goto err; | 0 |
489 | if (staple != TRUE | never evaluated | FALSE | never evaluated |
| 0 |
490 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
491 | && | - |
492 | tls_keypair_set_ocsp_staple_mem(keypair, &config->error, staple,TRUE | never evaluated | FALSE | never evaluated |
| 0 |
493 | staple_len) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
494 | goto never executed: goto err; err;never executed: goto err; | 0 |
495 | | - |
496 | tls_config_keypair_add(config, keypair); | - |
497 | | - |
498 | return never executed: return (0); (0);never executed: return (0); | 0 |
499 | | - |
500 | err: | - |
501 | tls_keypair_free(keypair); | - |
502 | return never executed: return (-1); (-1);never executed: return (-1); | 0 |
503 | } | - |
504 | | - |
505 | int | - |
506 | tls_config_add_keypair_mem(struct tls_config *config, const uint8_t *cert, | - |
507 | size_t cert_len, const uint8_t *key, size_t key_len) | - |
508 | { | - |
509 | return never executed: return tls_config_add_keypair_mem_internal(config, cert, cert_len, key, key_len, ((void *)0) , 0); tls_config_add_keypair_mem_internal(config, cert, cert_len, key,never executed: return tls_config_add_keypair_mem_internal(config, cert, cert_len, key, key_len, ((void *)0) , 0); | 0 |
510 | key_len, never executed: return tls_config_add_keypair_mem_internal(config, cert, cert_len, key, key_len, ((void *)0) , 0); | 0 |
511 | ((void *)0) never executed: return tls_config_add_keypair_mem_internal(config, cert, cert_len, key, key_len, ((void *)0) , 0); | 0 |
512 | , 0); never executed: return tls_config_add_keypair_mem_internal(config, cert, cert_len, key, key_len, ((void *)0) , 0); | 0 |
513 | } | - |
514 | | - |
515 | int | - |
516 | tls_config_add_keypair_file(struct tls_config *config, | - |
517 | const char *cert_file, const char *key_file) | - |
518 | { | - |
519 | return never executed: return tls_config_add_keypair_file_internal(config, cert_file, key_file, ((void *)0) ); tls_config_add_keypair_file_internal(config, cert_file,never executed: return tls_config_add_keypair_file_internal(config, cert_file, key_file, ((void *)0) ); | 0 |
520 | key_file, never executed: return tls_config_add_keypair_file_internal(config, cert_file, key_file, ((void *)0) ); | 0 |
521 | ((void *)0) never executed: return tls_config_add_keypair_file_internal(config, cert_file, key_file, ((void *)0) ); | 0 |
522 | ); never executed: return tls_config_add_keypair_file_internal(config, cert_file, key_file, ((void *)0) ); | 0 |
523 | } | - |
524 | | - |
525 | int | - |
526 | tls_config_add_keypair_ocsp_mem(struct tls_config *config, const uint8_t *cert, | - |
527 | size_t cert_len, const uint8_t *key, size_t key_len, const uint8_t *staple, | - |
528 | size_t staple_len) | - |
529 | { | - |
530 | return never executed: return tls_config_add_keypair_mem_internal(config, cert, cert_len, key, key_len, staple, staple_len); tls_config_add_keypair_mem_internal(config, cert, cert_len, key,never executed: return tls_config_add_keypair_mem_internal(config, cert, cert_len, key, key_len, staple, staple_len); | 0 |
531 | key_len, staple, staple_len); never executed: return tls_config_add_keypair_mem_internal(config, cert, cert_len, key, key_len, staple, staple_len); | 0 |
532 | } | - |
533 | | - |
534 | int | - |
535 | tls_config_add_keypair_ocsp_file(struct tls_config *config, | - |
536 | const char *cert_file, const char *key_file, const char *ocsp_file) | - |
537 | { | - |
538 | return never executed: return tls_config_add_keypair_file_internal(config, cert_file, key_file, ocsp_file); tls_config_add_keypair_file_internal(config, cert_file,never executed: return tls_config_add_keypair_file_internal(config, cert_file, key_file, ocsp_file); | 0 |
539 | key_file, ocsp_file); never executed: return tls_config_add_keypair_file_internal(config, cert_file, key_file, ocsp_file); | 0 |
540 | } | - |
541 | | - |
542 | int | - |
543 | tls_config_set_ca_file(struct tls_config *config, const char *ca_file) | - |
544 | { | - |
545 | returnexecuted 2 times by 1 test: return tls_config_load_file(&config->error, "CA", ca_file, &config->ca_mem, &config->ca_len); tls_config_load_file(&config->error, "CA", ca_file,executed 2 times by 1 test: return tls_config_load_file(&config->error, "CA", ca_file, &config->ca_mem, &config->ca_len); | 2 |
546 | &config->ca_mem, &config->ca_len);executed 2 times by 1 test: return tls_config_load_file(&config->error, "CA", ca_file, &config->ca_mem, &config->ca_len); | 2 |
547 | } | - |
548 | | - |
549 | int | - |
550 | tls_config_set_ca_path(struct tls_config *config, const char *ca_path) | - |
551 | { | - |
552 | return never executed: return tls_set_string(&config->ca_path, ca_path); tls_set_string(&config->ca_path, ca_path);never executed: return tls_set_string(&config->ca_path, ca_path); | 0 |
553 | } | - |
554 | | - |
555 | int | - |
556 | tls_config_set_ca_mem(struct tls_config *config, const uint8_t *ca, size_t len) | - |
557 | { | - |
558 | return never executed: return tls_set_mem(&config->ca_mem, &config->ca_len, ca, len); tls_set_mem(&config->ca_mem, &config->ca_len, ca, len);never executed: return tls_set_mem(&config->ca_mem, &config->ca_len, ca, len); | 0 |
559 | } | - |
560 | | - |
561 | int | - |
562 | tls_config_set_cert_file(struct tls_config *config, const char *cert_file) | - |
563 | { | - |
564 | returnexecuted 2 times by 1 test: return tls_keypair_set_cert_file(config->keypair, &config->error, cert_file); tls_keypair_set_cert_file(config->keypair, &config->error,executed 2 times by 1 test: return tls_keypair_set_cert_file(config->keypair, &config->error, cert_file); | 2 |
565 | cert_file);executed 2 times by 1 test: return tls_keypair_set_cert_file(config->keypair, &config->error, cert_file); | 2 |
566 | } | - |
567 | | - |
568 | int | - |
569 | tls_config_set_cert_mem(struct tls_config *config, const uint8_t *cert, | - |
570 | size_t len) | - |
571 | { | - |
572 | return never executed: return tls_keypair_set_cert_mem(config->keypair, &config->error, cert, len); tls_keypair_set_cert_mem(config->keypair, &config->error,never executed: return tls_keypair_set_cert_mem(config->keypair, &config->error, cert, len); | 0 |
573 | cert, len); never executed: return tls_keypair_set_cert_mem(config->keypair, &config->error, cert, len); | 0 |
574 | } | - |
575 | | - |
576 | int | - |
577 | tls_config_set_ciphers(struct tls_config *config, const char *ciphers) | - |
578 | { | - |
579 | SSL_CTX *ssl_ctx = | - |
580 | ((void *)0) | - |
581 | ; | - |
582 | | - |
583 | if (ciphers == TRUE | never evaluated | FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 0-7 |
584 | ((void *)0)TRUE | never evaluated | FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 0-7 |
585 | || | - |
586 | strcasecmp(ciphers, "default") == 0TRUE | never evaluated | FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
|| | 0-7 |
587 | strcasecmp(ciphers, "secure") == 0TRUE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
| FALSE | never evaluated |
) | 0-7 |
588 | ciphers = "TLSv1.2+AEAD+ECDHE:TLSv1.2+AEAD+DHE";executed 7 times by 3 tests: ciphers = "TLSv1.2+AEAD+ECDHE:TLSv1.2+AEAD+DHE"; Executed by:- configtest
- tlstest
- verifytest
| 7 |
589 | else if (strcasecmp(ciphers, "compat") == 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
590 | ciphers = "HIGH:!aNULL"; never executed: ciphers = "HIGH:!aNULL"; | 0 |
591 | else if (strcasecmp(ciphers, "legacy") == 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
592 | ciphers = "HIGH:MEDIUM:!aNULL"; never executed: ciphers = "HIGH:MEDIUM:!aNULL"; | 0 |
593 | else if (strcasecmp(ciphers, "all") == 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
594 | strcasecmp(ciphers, "insecure") == 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
595 | ciphers = "ALL:!aNULL:!eNULL"; never executed: ciphers = "ALL:!aNULL:!eNULL"; | 0 |
596 | | - |
597 | if ((TRUE | never evaluated | FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
ssl_ctx = SSL_CTX_new(SSLv23_method())) == TRUE | never evaluated | FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 0-7 |
598 | ((void *)0)TRUE | never evaluated | FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 0-7 |
599 | ) { | - |
600 | tls_config_set_errorx(config, "out of memory"); | - |
601 | goto never executed: goto err; err;never executed: goto err; | 0 |
602 | } | - |
603 | if (SSL_CTX_set_cipher_list(ssl_ctx, ciphers) != 1TRUE | never evaluated | FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
) { | 0-7 |
604 | tls_config_set_errorx(config, "no ciphers for '%s'", ciphers); | - |
605 | goto never executed: goto err; err;never executed: goto err; | 0 |
606 | } | - |
607 | | - |
608 | SSL_CTX_free(ssl_ctx); | - |
609 | returnexecuted 7 times by 3 tests: return tls_set_string(&config->ciphers, ciphers); Executed by:- configtest
- tlstest
- verifytest
tls_set_string(&config->ciphers, ciphers);executed 7 times by 3 tests: return tls_set_string(&config->ciphers, ciphers); Executed by:- configtest
- tlstest
- verifytest
| 7 |
610 | | - |
611 | err: | - |
612 | SSL_CTX_free(ssl_ctx); | - |
613 | return never executed: return -1; -1;never executed: return -1; | 0 |
614 | } | - |
615 | | - |
616 | int | - |
617 | tls_config_set_crl_file(struct tls_config *config, const char *crl_file) | - |
618 | { | - |
619 | return never executed: return tls_config_load_file(&config->error, "CRL", crl_file, &config->crl_mem, &config->crl_len); tls_config_load_file(&config->error, "CRL", crl_file,never executed: return tls_config_load_file(&config->error, "CRL", crl_file, &config->crl_mem, &config->crl_len); | 0 |
620 | &config->crl_mem, &config->crl_len); never executed: return tls_config_load_file(&config->error, "CRL", crl_file, &config->crl_mem, &config->crl_len); | 0 |
621 | } | - |
622 | | - |
623 | int | - |
624 | tls_config_set_crl_mem(struct tls_config *config, const uint8_t *crl, | - |
625 | size_t len) | - |
626 | { | - |
627 | return never executed: return tls_set_mem(&config->crl_mem, &config->crl_len, crl, len); tls_set_mem(&config->crl_mem, &config->crl_len, crl, len);never executed: return tls_set_mem(&config->crl_mem, &config->crl_len, crl, len); | 0 |
628 | } | - |
629 | | - |
630 | int | - |
631 | tls_config_set_dheparams(struct tls_config *config, const char *params) | - |
632 | { | - |
633 | int keylen; | - |
634 | | - |
635 | if (params == TRUE | never evaluated | FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 0-7 |
636 | ((void *)0)TRUE | never evaluated | FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 0-7 |
637 | || strcasecmp(params, "none") == 0TRUE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
| FALSE | never evaluated |
) | 0-7 |
638 | keylen = 0;executed 7 times by 3 tests: keylen = 0; Executed by:- configtest
- tlstest
- verifytest
| 7 |
639 | else if (strcasecmp(params, "auto") == 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
640 | keylen = -1; never executed: keylen = -1; | 0 |
641 | else if (strcasecmp(params, "legacy") == 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
642 | keylen = 1024; never executed: keylen = 1024; | 0 |
643 | else { | - |
644 | tls_config_set_errorx(config, "invalid dhe param '%s'", params); | - |
645 | return never executed: return (-1); (-1);never executed: return (-1); | 0 |
646 | } | - |
647 | | - |
648 | config->dheparams = keylen; | - |
649 | | - |
650 | returnexecuted 7 times by 3 tests: return (0); Executed by:- configtest
- tlstest
- verifytest
(0);executed 7 times by 3 tests: return (0); Executed by:- configtest
- tlstest
- verifytest
| 7 |
651 | } | - |
652 | | - |
653 | int | - |
654 | tls_config_set_ecdhecurve(struct tls_config *config, const char *curve) | - |
655 | { | - |
656 | if (curve == TRUE | never evaluated | FALSE | never evaluated |
| 0 |
657 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
658 | || | - |
659 | strcasecmp(curve, "none") == 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
660 | strcasecmp(curve, "auto") == 0TRUE | never evaluated | FALSE | never evaluated |
) { | 0 |
661 | curve = "X25519,P-256,P-384"; | - |
662 | } never executed: end of block else if ( | 0 |
663 | (TRUE | never evaluated | FALSE | never evaluated |
__extension__ (__builtin_constant_p (TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
664 | ','TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
665 | )TRUE | never evaluated | FALSE | never evaluated |
&& !__builtin_constant_p (TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
666 | curveTRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
667 | )TRUE | never evaluated | FALSE | never evaluated |
&& (TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
668 | ','TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
669 | ) == '\0'TRUE | never evaluated | FALSE | never evaluated |
? (char *) __rawmemchr (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
670 | curveTRUE | never evaluated | FALSE | never evaluated |
| 0 |
671 | , TRUE | never evaluated | FALSE | never evaluated |
| 0 |
672 | ','TRUE | never evaluated | FALSE | never evaluated |
| 0 |
673 | ) : __builtin_strchr (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
674 | curveTRUE | never evaluated | FALSE | never evaluated |
| 0 |
675 | , TRUE | never evaluated | FALSE | never evaluated |
| 0 |
676 | ','TRUE | never evaluated | FALSE | never evaluated |
| 0 |
677 | ))) TRUE | never evaluated | FALSE | never evaluated |
| 0 |
678 | != TRUE | never evaluated | FALSE | never evaluated |
| 0 |
679 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
680 | || | - |
681 | (TRUE | never evaluated | FALSE | never evaluated |
__extension__ (__builtin_constant_p (TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
682 | ':'TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
683 | )TRUE | never evaluated | FALSE | never evaluated |
&& !__builtin_constant_p (TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
684 | curveTRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
685 | )TRUE | never evaluated | FALSE | never evaluated |
&& (TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
686 | ':'TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
687 | ) == '\0'TRUE | never evaluated | FALSE | never evaluated |
? (char *) __rawmemchr (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
688 | curveTRUE | never evaluated | FALSE | never evaluated |
| 0 |
689 | , TRUE | never evaluated | FALSE | never evaluated |
| 0 |
690 | ':'TRUE | never evaluated | FALSE | never evaluated |
| 0 |
691 | ) : __builtin_strchr (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
692 | curveTRUE | never evaluated | FALSE | never evaluated |
| 0 |
693 | , TRUE | never evaluated | FALSE | never evaluated |
| 0 |
694 | ':'TRUE | never evaluated | FALSE | never evaluated |
| 0 |
695 | ))) TRUE | never evaluated | FALSE | never evaluated |
| 0 |
696 | != TRUE | never evaluated | FALSE | never evaluated |
| 0 |
697 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
698 | ) { | - |
699 | tls_config_set_errorx(config, "invalid ecdhe curve '%s'", | - |
700 | curve); | - |
701 | return never executed: return (-1); (-1);never executed: return (-1); | 0 |
702 | } | - |
703 | | - |
704 | return never executed: return tls_config_set_ecdhecurves(config, curve); tls_config_set_ecdhecurves(config, curve);never executed: return tls_config_set_ecdhecurves(config, curve); | 0 |
705 | } | - |
706 | | - |
707 | int | - |
708 | tls_config_set_ecdhecurves(struct tls_config *config, const char *curves) | - |
709 | { | - |
710 | int *curves_list = | - |
711 | ((void *)0) | - |
712 | , *curves_new; | - |
713 | size_t curves_num = 0; | - |
714 | char *cs = | - |
715 | ((void *)0) | - |
716 | ; | - |
717 | char *p, *q; | - |
718 | int rv = -1; | - |
719 | int nid; | - |
720 | | - |
721 | free(config->ecdhecurves); | - |
722 | config->ecdhecurves = | - |
723 | ((void *)0) | - |
724 | ; | - |
725 | config->ecdhecurves_len = 0; | - |
726 | | - |
727 | if (curves == TRUE | never evaluated | FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 0-7 |
728 | ((void *)0)TRUE | never evaluated | FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 0-7 |
729 | || strcasecmp(curves, "default") == 0TRUE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
| FALSE | never evaluated |
) | 0-7 |
730 | curves = "X25519,P-256,P-384";executed 7 times by 3 tests: curves = "X25519,P-256,P-384"; Executed by:- configtest
- tlstest
- verifytest
| 7 |
731 | | - |
732 | if ((TRUE | never evaluated | FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
cs = TRUE | never evaluated | FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 0-7 |
733 | (__extension__ (__builtin_constant_p (TRUE | never evaluated | FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
TRUE | never evaluated | FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 0-7 |
734 | curvesTRUE | never evaluated | FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
TRUE | never evaluated | FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 0-7 |
735 | )TRUE | never evaluated | FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
&& ((TRUE | never evaluated | FALSE | never evaluated |
size_t)(const void *)((TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 0-7 |
736 | curvesTRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 0-7 |
737 | ) + 1) - (size_t)(const void *)(TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 0-7 |
738 | curvesTRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 0-7 |
739 | ) == 1)TRUE | never evaluated | FALSE | never evaluated |
? (((constTRUE | never evaluated | FALSE | never evaluated |
char *) (TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 0-7 |
740 | curvesTRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 0-7 |
741 | ))[0] == '\0'TRUE | never evaluated | FALSE | never evaluated |
? (char *) calloc ((size_t) 1, (size_t) 1) : ({ size_t __len = strlen (TRUE | never evaluated | FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 0-7 |
742 | curvesTRUE | never evaluated | FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 0-7 |
743 | ) + 1; char *__retval = (char *) malloc (__len); if (__retval != ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
) __retval = (char *) memcpy (__retval, never executed: __retval = (char *) memcpy (__retval, curves , __len); TRUE | never evaluated | FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 0-7 |
744 | curvesTRUE | never evaluated | FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
never executed: __retval = (char *) memcpy (__retval, curves , __len); | 0-7 |
745 | , __len);TRUE | never evaluated | FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
never executed: __retval = (char *) memcpy (__retval, curves , __len); __retval; })) : __strdup (TRUE | never evaluated | FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 0-7 |
746 | curvesTRUE | never evaluated | FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 0-7 |
747 | )))TRUE | never evaluated | FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 0-7 |
748 | ) == TRUE | never evaluated | FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 0-7 |
749 | ((void *)0)TRUE | never evaluated | FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 0-7 |
750 | ) { | - |
751 | tls_config_set_errorx(config, "out of memory"); | - |
752 | goto never executed: goto err; err;never executed: goto err; | 0 |
753 | } | - |
754 | | - |
755 | q = cs; | - |
756 | while ((TRUE | evaluated 21 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
| FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
p = TRUE | evaluated 21 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
| FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 7-21 |
757 | __extension__ ({ char __r0, __r1, __r2; (__builtin_constant_p (TRUE | evaluated 21 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
| FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 7-21 |
758 | ",:"TRUE | evaluated 21 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
| FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 7-21 |
759 | ) && ((size_t)(const void *)((TRUE | evaluated 21 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
| FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 7-21 |
760 | ",:"TRUE | evaluated 21 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
| FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 7-21 |
761 | ) + 1) - (size_t)(const void *)(TRUE | evaluated 21 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
| FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 7-21 |
762 | ",:"TRUE | evaluated 21 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
| FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 7-21 |
763 | ) == 1) && (__r0 = ((const char *) (TRUE | evaluated 21 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
| FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 7-21 |
764 | ",:"TRUE | evaluated 21 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
| FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 7-21 |
765 | ))[0], ((const char *) (TRUE | evaluated 21 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
| FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 7-21 |
766 | ",:"TRUE | evaluated 21 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
| FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 7-21 |
767 | ))[0] != '\0') ? ((__r1 = ((const char *) (TRUE | evaluated 21 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
| FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 7-21 |
768 | ",:"TRUE | evaluated 21 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
| FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 7-21 |
769 | ))[1], ((const char *) (TRUE | evaluated 21 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
| FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 7-21 |
770 | ",:"TRUE | evaluated 21 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
| FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 7-21 |
771 | ))[1] == '\0') ? __strsep_1c (TRUE | evaluated 21 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
| FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 7-21 |
772 | &qTRUE | evaluated 21 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
| FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 7-21 |
773 | , __r0) : ((__r2 = ((const char *) (TRUE | evaluated 21 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
| FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 7-21 |
774 | ",:"TRUE | evaluated 21 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
| FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 7-21 |
775 | ))[2], __r2 == '\0') ? __strsep_2c (TRUE | evaluated 21 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
| FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 7-21 |
776 | &qTRUE | evaluated 21 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
| FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 7-21 |
777 | , __r0, __r1) : (((const char *) (TRUE | evaluated 21 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
| FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 7-21 |
778 | ",:"TRUE | evaluated 21 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
| FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 7-21 |
779 | ))[3] == '\0' ? __strsep_3c (TRUE | evaluated 21 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
| FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 7-21 |
780 | &qTRUE | evaluated 21 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
| FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 7-21 |
781 | , __r0, __r1, __r2) : __strsep_g (TRUE | evaluated 21 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
| FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 7-21 |
782 | &qTRUE | evaluated 21 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
| FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 7-21 |
783 | , TRUE | evaluated 21 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
| FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 7-21 |
784 | ",:"TRUE | evaluated 21 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
| FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 7-21 |
785 | )))) : __strsep_g (TRUE | evaluated 21 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
| FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 7-21 |
786 | &qTRUE | evaluated 21 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
| FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 7-21 |
787 | , TRUE | evaluated 21 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
| FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 7-21 |
788 | ",:"TRUE | evaluated 21 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
| FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 7-21 |
789 | )); })TRUE | evaluated 21 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
| FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 7-21 |
790 | ) != TRUE | evaluated 21 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
| FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 7-21 |
791 | ((void *)0)TRUE | evaluated 21 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
| FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 7-21 |
792 | ) { | - |
793 | while (*TRUE | never evaluated | FALSE | evaluated 21 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
p == ' 'TRUE | never evaluated | FALSE | evaluated 21 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
|| *TRUE | never evaluated | FALSE | evaluated 21 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
p == '\t'TRUE | never evaluated | FALSE | evaluated 21 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
) | 0-21 |
794 | p++; never executed: p++; | 0 |
795 | | - |
796 | nid = OBJ_sn2nid(p); | - |
797 | if (nid == 0TRUE | evaluated 14 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
| FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
) | 7-14 |
798 | nid = OBJ_ln2nid(p);executed 14 times by 3 tests: nid = OBJ_ln2nid(p); Executed by:- configtest
- tlstest
- verifytest
| 14 |
799 | if (nid == 0TRUE | evaluated 14 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
| FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
) | 7-14 |
800 | nid = EC_curve_nist2nid(p);executed 14 times by 3 tests: nid = EC_curve_nist2nid(p); Executed by:- configtest
- tlstest
- verifytest
| 14 |
801 | if (nid == 0TRUE | never evaluated | FALSE | evaluated 21 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
) { | 0-21 |
802 | tls_config_set_errorx(config, | - |
803 | "invalid ecdhe curve '%s'", p); | - |
804 | goto never executed: goto err; err;never executed: goto err; | 0 |
805 | } | - |
806 | | - |
807 | if ((TRUE | never evaluated | FALSE | evaluated 21 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
curves_new = reallocarray(curves_list, curves_num + 1,TRUE | never evaluated | FALSE | evaluated 21 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 0-21 |
808 | sizeof(int))) == TRUE | never evaluated | FALSE | evaluated 21 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 0-21 |
809 | ((void *)0)TRUE | never evaluated | FALSE | evaluated 21 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
| 0-21 |
810 | ) { | - |
811 | tls_config_set_errorx(config, "out of memory"); | - |
812 | goto never executed: goto err; err;never executed: goto err; | 0 |
813 | } | - |
814 | curves_list = curves_new; | - |
815 | curves_list[curves_num] = nid; | - |
816 | curves_num++; | - |
817 | }executed 21 times by 3 tests: end of block Executed by:- configtest
- tlstest
- verifytest
| 21 |
818 | | - |
819 | config->ecdhecurves = curves_list; | - |
820 | config->ecdhecurves_len = curves_num; | - |
821 | curves_list = | - |
822 | ((void *)0) | - |
823 | ; | - |
824 | | - |
825 | rv = 0; | - |
826 | | - |
827 | err:code before this statement executed 7 times by 3 tests: err: Executed by:- configtest
- tlstest
- verifytest
| 7 |
828 | free(cs); | - |
829 | free(curves_list); | - |
830 | | - |
831 | returnexecuted 7 times by 3 tests: return (rv); Executed by:- configtest
- tlstest
- verifytest
(rv);executed 7 times by 3 tests: return (rv); Executed by:- configtest
- tlstest
- verifytest
| 7 |
832 | } | - |
833 | | - |
834 | int | - |
835 | tls_config_set_key_file(struct tls_config *config, const char *key_file) | - |
836 | { | - |
837 | returnexecuted 4 times by 1 test: return tls_keypair_set_key_file(config->keypair, &config->error, key_file); tls_keypair_set_key_file(config->keypair, &config->error,executed 4 times by 1 test: return tls_keypair_set_key_file(config->keypair, &config->error, key_file); | 4 |
838 | key_file);executed 4 times by 1 test: return tls_keypair_set_key_file(config->keypair, &config->error, key_file); | 4 |
839 | } | - |
840 | | - |
841 | int | - |
842 | tls_config_set_key_mem(struct tls_config *config, const uint8_t *key, | - |
843 | size_t len) | - |
844 | { | - |
845 | return never executed: return tls_keypair_set_key_mem(config->keypair, &config->error, key, len); tls_keypair_set_key_mem(config->keypair, &config->error,never executed: return tls_keypair_set_key_mem(config->keypair, &config->error, key, len); | 0 |
846 | key, len); never executed: return tls_keypair_set_key_mem(config->keypair, &config->error, key, len); | 0 |
847 | } | - |
848 | | - |
849 | static int | - |
850 | tls_config_set_keypair_file_internal(struct tls_config *config, | - |
851 | const char *cert_file, const char *key_file, const char *ocsp_file) | - |
852 | { | - |
853 | if (tls_config_set_cert_file(config, cert_file) != 0TRUE | never evaluated | FALSE | evaluated 2 times by 1 test |
) | 0-2 |
854 | return never executed: return (-1); (-1);never executed: return (-1); | 0 |
855 | if (tls_config_set_key_file(config, key_file) != 0TRUE | never evaluated | FALSE | evaluated 2 times by 1 test |
) | 0-2 |
856 | return never executed: return (-1); (-1);never executed: return (-1); | 0 |
857 | if (tls_config_set_key_file(config, key_file) != 0TRUE | never evaluated | FALSE | evaluated 2 times by 1 test |
) | 0-2 |
858 | return never executed: return (-1); (-1);never executed: return (-1); | 0 |
859 | if (ocsp_file != TRUE | never evaluated | FALSE | evaluated 2 times by 1 test |
| 0-2 |
860 | ((void *)0)TRUE | never evaluated | FALSE | evaluated 2 times by 1 test |
| 0-2 |
861 | && | - |
862 | tls_config_set_ocsp_staple_file(config, ocsp_file) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
863 | return never executed: return (-1); (-1);never executed: return (-1); | 0 |
864 | | - |
865 | returnexecuted 2 times by 1 test: return (0); (0);executed 2 times by 1 test: return (0); | 2 |
866 | } | - |
867 | | - |
868 | static int | - |
869 | tls_config_set_keypair_mem_internal(struct tls_config *config, const uint8_t *cert, | - |
870 | size_t cert_len, const uint8_t *key, size_t key_len, | - |
871 | const uint8_t *staple, size_t staple_len) | - |
872 | { | - |
873 | if (tls_config_set_cert_mem(config, cert, cert_len) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
874 | return never executed: return (-1); (-1);never executed: return (-1); | 0 |
875 | if (tls_config_set_key_mem(config, key, key_len) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
876 | return never executed: return (-1); (-1);never executed: return (-1); | 0 |
877 | if ((TRUE | never evaluated | FALSE | never evaluated |
staple != TRUE | never evaluated | FALSE | never evaluated |
| 0 |
878 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
879 | )TRUE | never evaluated | FALSE | never evaluated |
&& | 0 |
880 | (TRUE | never evaluated | FALSE | never evaluated |
tls_config_set_ocsp_staple_mem(config, staple, staple_len) != 0)TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
881 | return never executed: return (-1); (-1);never executed: return (-1); | 0 |
882 | | - |
883 | return never executed: return (0); (0);never executed: return (0); | 0 |
884 | } | - |
885 | | - |
886 | int | - |
887 | tls_config_set_keypair_file(struct tls_config *config, | - |
888 | const char *cert_file, const char *key_file) | - |
889 | { | - |
890 | returnexecuted 2 times by 1 test: return tls_config_set_keypair_file_internal(config, cert_file, key_file, ((void *)0) ); tls_config_set_keypair_file_internal(config, cert_file, key_file,executed 2 times by 1 test: return tls_config_set_keypair_file_internal(config, cert_file, key_file, ((void *)0) ); | 2 |
891 | executed 2 times by 1 test: return tls_config_set_keypair_file_internal(config, cert_file, key_file, ((void *)0) ); | 2 |
892 | ((void *)0)executed 2 times by 1 test: return tls_config_set_keypair_file_internal(config, cert_file, key_file, ((void *)0) ); | 2 |
893 | );executed 2 times by 1 test: return tls_config_set_keypair_file_internal(config, cert_file, key_file, ((void *)0) ); | 2 |
894 | } | - |
895 | | - |
896 | int | - |
897 | tls_config_set_keypair_mem(struct tls_config *config, const uint8_t *cert, | - |
898 | size_t cert_len, const uint8_t *key, size_t key_len) | - |
899 | { | - |
900 | return never executed: return tls_config_set_keypair_mem_internal(config, cert, cert_len, key, key_len, ((void *)0) , 0); tls_config_set_keypair_mem_internal(config, cert, cert_len,never executed: return tls_config_set_keypair_mem_internal(config, cert, cert_len, key, key_len, ((void *)0) , 0); | 0 |
901 | key, key_len, never executed: return tls_config_set_keypair_mem_internal(config, cert, cert_len, key, key_len, ((void *)0) , 0); | 0 |
902 | ((void *)0) never executed: return tls_config_set_keypair_mem_internal(config, cert, cert_len, key, key_len, ((void *)0) , 0); | 0 |
903 | , 0); never executed: return tls_config_set_keypair_mem_internal(config, cert, cert_len, key, key_len, ((void *)0) , 0); | 0 |
904 | } | - |
905 | | - |
906 | int | - |
907 | tls_config_set_keypair_ocsp_file(struct tls_config *config, | - |
908 | const char *cert_file, const char *key_file, const char *ocsp_file) | - |
909 | { | - |
910 | return never executed: return tls_config_set_keypair_file_internal(config, cert_file, key_file, ocsp_file); tls_config_set_keypair_file_internal(config, cert_file, key_file,never executed: return tls_config_set_keypair_file_internal(config, cert_file, key_file, ocsp_file); | 0 |
911 | ocsp_file); never executed: return tls_config_set_keypair_file_internal(config, cert_file, key_file, ocsp_file); | 0 |
912 | } | - |
913 | | - |
914 | int | - |
915 | tls_config_set_keypair_ocsp_mem(struct tls_config *config, const uint8_t *cert, | - |
916 | size_t cert_len, const uint8_t *key, size_t key_len, | - |
917 | const uint8_t *staple, size_t staple_len) | - |
918 | { | - |
919 | return never executed: return tls_config_set_keypair_mem_internal(config, cert, cert_len, key, key_len, staple, staple_len); tls_config_set_keypair_mem_internal(config, cert, cert_len,never executed: return tls_config_set_keypair_mem_internal(config, cert, cert_len, key, key_len, staple, staple_len); | 0 |
920 | key, key_len, staple, staple_len); never executed: return tls_config_set_keypair_mem_internal(config, cert, cert_len, key, key_len, staple, staple_len); | 0 |
921 | } | - |
922 | | - |
923 | | - |
924 | int | - |
925 | tls_config_set_protocols(struct tls_config *config, uint32_t protocols) | - |
926 | { | - |
927 | config->protocols = protocols; | - |
928 | | - |
929 | returnexecuted 7 times by 3 tests: return (0); Executed by:- configtest
- tlstest
- verifytest
(0);executed 7 times by 3 tests: return (0); Executed by:- configtest
- tlstest
- verifytest
| 7 |
930 | } | - |
931 | | - |
932 | int | - |
933 | tls_config_set_session_fd(struct tls_config *config, int session_fd) | - |
934 | { | - |
935 | struct stat sb; | - |
936 | mode_t mugo; | - |
937 | | - |
938 | if (session_fd == -1TRUE | never evaluated | FALSE | never evaluated |
) { | 0 |
939 | config->session_fd = session_fd; | - |
940 | return never executed: return (0); (0);never executed: return (0); | 0 |
941 | } | - |
942 | | - |
943 | if (fstat(session_fd, &sb) == -1TRUE | never evaluated | FALSE | never evaluated |
) { | 0 |
944 | tls_config_set_error(config, "failed to stat session file"); | - |
945 | return never executed: return (-1); (-1);never executed: return (-1); | 0 |
946 | } | - |
947 | if (!TRUE | never evaluated | FALSE | never evaluated |
| 0 |
948 | ((((TRUE | never evaluated | FALSE | never evaluated |
| 0 |
949 | sb.st_modeTRUE | never evaluated | FALSE | never evaluated |
| 0 |
950 | )) & 0170000) == (0100000))TRUE | never evaluated | FALSE | never evaluated |
| 0 |
951 | ) { | - |
952 | tls_config_set_errorx(config, | - |
953 | "session file is not a regular file"); | - |
954 | return never executed: return (-1); (-1);never executed: return (-1); | 0 |
955 | } | - |
956 | | - |
957 | if (sb.st_uid != getuid()TRUE | never evaluated | FALSE | never evaluated |
) { | 0 |
958 | tls_config_set_errorx(config, "session file has incorrect " | - |
959 | "owner (uid %i != %i)", sb.st_uid, getuid()); | - |
960 | return never executed: return (-1); (-1);never executed: return (-1); | 0 |
961 | } | - |
962 | mugo = sb.st_mode & ( | - |
963 | (0400|0200|0100) | - |
964 | | | - |
965 | ((0400|0200|0100) >> 3) | - |
966 | | | - |
967 | (((0400|0200|0100) >> 3) >> 3) | - |
968 | ); | - |
969 | if (mugo != (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
970 | 0400TRUE | never evaluated | FALSE | never evaluated |
| 0 |
971 | |TRUE | never evaluated | FALSE | never evaluated |
| 0 |
972 | 0200TRUE | never evaluated | FALSE | never evaluated |
| 0 |
973 | )TRUE | never evaluated | FALSE | never evaluated |
) { | 0 |
974 | tls_config_set_errorx(config, "session file has incorrect " | - |
975 | "permissions (%o != 600)", mugo); | - |
976 | return never executed: return (-1); (-1);never executed: return (-1); | 0 |
977 | } | - |
978 | | - |
979 | config->session_fd = session_fd; | - |
980 | | - |
981 | return never executed: return (0); (0);never executed: return (0); | 0 |
982 | } | - |
983 | | - |
984 | int | - |
985 | tls_config_set_verify_depth(struct tls_config *config, int verify_depth) | - |
986 | { | - |
987 | config->verify_depth = verify_depth; | - |
988 | | - |
989 | returnexecuted 7 times by 3 tests: return (0); Executed by:- configtest
- tlstest
- verifytest
(0);executed 7 times by 3 tests: return (0); Executed by:- configtest
- tlstest
- verifytest
| 7 |
990 | } | - |
991 | | - |
992 | void | - |
993 | tls_config_prefer_ciphers_client(struct tls_config *config) | - |
994 | { | - |
995 | config->ciphers_server = 0; | - |
996 | } never executed: end of block | 0 |
997 | | - |
998 | void | - |
999 | tls_config_prefer_ciphers_server(struct tls_config *config) | - |
1000 | { | - |
1001 | config->ciphers_server = 1; | - |
1002 | }executed 7 times by 3 tests: end of block Executed by:- configtest
- tlstest
- verifytest
| 7 |
1003 | | - |
1004 | void | - |
1005 | tls_config_insecure_noverifycert(struct tls_config *config) | - |
1006 | { | - |
1007 | config->verify_cert = 0; | - |
1008 | } never executed: end of block | 0 |
1009 | | - |
1010 | void | - |
1011 | tls_config_insecure_noverifyname(struct tls_config *config) | - |
1012 | { | - |
1013 | config->verify_name = 0; | - |
1014 | }executed 2 times by 1 test: end of block | 2 |
1015 | | - |
1016 | void | - |
1017 | tls_config_insecure_noverifytime(struct tls_config *config) | - |
1018 | { | - |
1019 | config->verify_time = 0; | - |
1020 | } never executed: end of block | 0 |
1021 | | - |
1022 | void | - |
1023 | tls_config_verify(struct tls_config *config) | - |
1024 | { | - |
1025 | config->verify_cert = 1; | - |
1026 | config->verify_name = 1; | - |
1027 | config->verify_time = 1; | - |
1028 | }executed 7 times by 3 tests: end of block Executed by:- configtest
- tlstest
- verifytest
| 7 |
1029 | | - |
1030 | void | - |
1031 | tls_config_ocsp_require_stapling(struct tls_config *config) | - |
1032 | { | - |
1033 | config->ocsp_require_stapling = 1; | - |
1034 | } never executed: end of block | 0 |
1035 | | - |
1036 | void | - |
1037 | tls_config_verify_client(struct tls_config *config) | - |
1038 | { | - |
1039 | config->verify_client = 1; | - |
1040 | } never executed: end of block | 0 |
1041 | | - |
1042 | void | - |
1043 | tls_config_verify_client_optional(struct tls_config *config) | - |
1044 | { | - |
1045 | config->verify_client = 2; | - |
1046 | } never executed: end of block | 0 |
1047 | | - |
1048 | void | - |
1049 | tls_config_skip_private_key_check(struct tls_config *config) | - |
1050 | { | - |
1051 | config->skip_private_key_check = 1; | - |
1052 | } never executed: end of block | 0 |
1053 | | - |
1054 | int | - |
1055 | tls_config_set_ocsp_staple_file(struct tls_config *config, const char *staple_file) | - |
1056 | { | - |
1057 | return never executed: return tls_keypair_set_ocsp_staple_file(config->keypair, &config->error, staple_file); tls_keypair_set_ocsp_staple_file(config->keypair, &config->error,never executed: return tls_keypair_set_ocsp_staple_file(config->keypair, &config->error, staple_file); | 0 |
1058 | staple_file); never executed: return tls_keypair_set_ocsp_staple_file(config->keypair, &config->error, staple_file); | 0 |
1059 | } | - |
1060 | | - |
1061 | int | - |
1062 | tls_config_set_ocsp_staple_mem(struct tls_config *config, const uint8_t *staple, | - |
1063 | size_t len) | - |
1064 | { | - |
1065 | return never executed: return tls_keypair_set_ocsp_staple_mem(config->keypair, &config->error, staple, len); tls_keypair_set_ocsp_staple_mem(config->keypair, &config->error,never executed: return tls_keypair_set_ocsp_staple_mem(config->keypair, &config->error, staple, len); | 0 |
1066 | staple, len); never executed: return tls_keypair_set_ocsp_staple_mem(config->keypair, &config->error, staple, len); | 0 |
1067 | } | - |
1068 | | - |
1069 | int | - |
1070 | tls_config_set_session_id(struct tls_config *config, | - |
1071 | const unsigned char *session_id, size_t len) | - |
1072 | { | - |
1073 | if (len > 32TRUE | never evaluated | FALSE | evaluated 7 times by 3 testsEvaluated by:- configtest
- tlstest
- verifytest
|
) { | 0-7 |
1074 | tls_config_set_errorx(config, "session ID too large"); | - |
1075 | return never executed: return (-1); (-1);never executed: return (-1); | 0 |
1076 | } | - |
1077 | memset(config->session_id, 0, sizeof(config->session_id)); | - |
1078 | memcpy(config->session_id, session_id, len); | - |
1079 | returnexecuted 7 times by 3 tests: return (0); Executed by:- configtest
- tlstest
- verifytest
(0);executed 7 times by 3 tests: return (0); Executed by:- configtest
- tlstest
- verifytest
| 7 |
1080 | } | - |
1081 | | - |
1082 | int | - |
1083 | tls_config_set_session_lifetime(struct tls_config *config, int lifetime) | - |
1084 | { | - |
1085 | if (lifetime > (24 * 60 * 60)TRUE | never evaluated | FALSE | never evaluated |
) { | 0 |
1086 | tls_config_set_errorx(config, "session lifetime too large"); | - |
1087 | return never executed: return (-1); (-1);never executed: return (-1); | 0 |
1088 | } | - |
1089 | if (lifetime != 0TRUE | never evaluated | FALSE | never evaluated |
&& lifetime < (4)TRUE | never evaluated | FALSE | never evaluated |
) { | 0 |
1090 | tls_config_set_errorx(config, "session lifetime too small"); | - |
1091 | return never executed: return (-1); (-1);never executed: return (-1); | 0 |
1092 | } | - |
1093 | | - |
1094 | config->session_lifetime = lifetime; | - |
1095 | return never executed: return (0); (0);never executed: return (0); | 0 |
1096 | } | - |
1097 | | - |
1098 | int | - |
1099 | tls_config_add_ticket_key(struct tls_config *config, uint32_t keyrev, | - |
1100 | unsigned char *key, size_t keylen) | - |
1101 | { | - |
1102 | struct tls_ticket_key newkey; | - |
1103 | int i; | - |
1104 | | - |
1105 | if (48 != keylenTRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
1106 | sizeof(newkey.aes_key) + sizeof(newkey.hmac_key) > keylenTRUE | never evaluated | FALSE | never evaluated |
) { | 0 |
1107 | tls_config_set_errorx(config, | - |
1108 | "wrong amount of ticket key data"); | - |
1109 | return never executed: return (-1); (-1);never executed: return (-1); | 0 |
1110 | } | - |
1111 | | - |
1112 | keyrev = | - |
1113 | __bswap_32 ( | - |
1114 | keyrev | - |
1115 | ) | - |
1116 | ; | - |
1117 | memset(&newkey, 0, sizeof(newkey)); | - |
1118 | memcpy(newkey.key_name, &keyrev, sizeof(keyrev)); | - |
1119 | memcpy(newkey.aes_key, key, sizeof(newkey.aes_key)); | - |
1120 | memcpy(newkey.hmac_key, key + sizeof(newkey.aes_key), | - |
1121 | sizeof(newkey.hmac_key)); | - |
1122 | newkey.time = time( | - |
1123 | ((void *)0) | - |
1124 | ); | - |
1125 | | - |
1126 | for (i = 0; i < 4TRUE | never evaluated | FALSE | never evaluated |
; i++) { | 0 |
1127 | struct tls_ticket_key *tk = &config->ticket_keys[i]; | - |
1128 | if (memcmp(newkey.key_name, tk->key_name,TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1129 | sizeof(tk->key_name)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
1130 | continue; never executed: continue; | 0 |
1131 | | - |
1132 | | - |
1133 | if (i == 0TRUE | never evaluated | FALSE | never evaluated |
&& memcmp(newkey.aes_key, tk->aes_key,TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1134 | sizeof(tk->aes_key)) == 0TRUE | never evaluated | FALSE | never evaluated |
&& memcmp(newkey.hmac_key,TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1135 | tk->hmac_key, sizeof(tk->hmac_key)) == 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
1136 | return never executed: return (0); (0);never executed: return (0); | 0 |
1137 | tls_config_set_errorx(config, "ticket key already present"); | - |
1138 | return never executed: return (-1); (-1);never executed: return (-1); | 0 |
1139 | } | - |
1140 | | - |
1141 | memmove(&config->ticket_keys[1], &config->ticket_keys[0], | - |
1142 | sizeof(config->ticket_keys) - sizeof(config->ticket_keys[0])); | - |
1143 | config->ticket_keys[0] = newkey; | - |
1144 | | - |
1145 | config->ticket_autorekey = 0; | - |
1146 | | - |
1147 | return never executed: return (0); (0);never executed: return (0); | 0 |
1148 | } | - |
1149 | | - |
1150 | int | - |
1151 | tls_config_ticket_autorekey(struct tls_config *config) | - |
1152 | { | - |
1153 | unsigned char key[48]; | - |
1154 | int rv; | - |
1155 | | - |
1156 | arc4random_buf(key, sizeof(key)); | - |
1157 | rv = tls_config_add_ticket_key(config, config->ticket_keyrev++, key, | - |
1158 | sizeof(key)); | - |
1159 | config->ticket_autorekey = 1; | - |
1160 | return never executed: return (rv); (rv);never executed: return (rv); | 0 |
1161 | } | - |
| | |