OpenCoverage

tls_client.c

Absolute File Name:

/home/opencoverage/opencoverage/guest-scripts/libressl/src/tls/tls_client.c

Source code

Switch to Preprocessed file

Line Source Count

1 /* $OpenBSD: tls_client.c,v 1.45 2018/03/19 16:34:47 jsing Exp $ */ -

2 /* -

4 * -

5 * Permission to use, copy, modify, and distribute this software for any -

6 * purpose with or without fee is hereby granted, provided that the above -

7 * copyright notice and this permission notice appear in all copies. -

8 * -

9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -

10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -

11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -

12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -

13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -

14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -

15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -

16 */ -

17 -

18 #include <sys/types.h> -

19 #include <sys/socket.h> -

20 #include <sys/stat.h> -

21 -

22 #include <arpa/inet.h> -

23 #include <netinet/in.h> -

24 -

25 #include <limits.h> -

26 #include <netdb.h> -

27 #include <stdlib.h> -

28 #include <unistd.h> -

29 -

30 #include <openssl/err.h> -

31 #include <openssl/x509.h> -

32 -

33 #include <tls.h> -

34 #include "tls_internal.h" -

35 -

36 struct tls * -

37 tls_client(void) -

38 { -

39 struct tls *ctx; -

40 -

if (tls_init() == -1)

tls_init() == -1	Description
TRUE	never evaluated
FALSE	evaluated 30 times by 2 tests Evaluated by: tlstest verifytest

0-30

return (NULL);

never executed: return ( ((void *)0) );

43 -

if ((ctx = tls_new()) == NULL)

(ctx = tls_new...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 30 times by 2 tests Evaluated by: tlstest verifytest

0-30

return (NULL);

never executed: return ( ((void *)0) );

46 -

47 ctx->flags |= TLS_CLIENT; -

48 -

return (ctx);

executed 30 times by 2 tests: return (ctx);

Executed by:

tlstest
verifytest

50 } -

51 -

52 int -

53 tls_connect(struct tls *ctx, const char *host, const char *port) -

54 { -

return tls_connect_servername(ctx, host, port, NULL);

never executed: return tls_connect_servername(ctx, host, port, ((void *)0) );

56 } -

57 -

58 int -

59 tls_connect_servername(struct tls *ctx, const char *host, const char *port, -

60 const char *servername) -

61 { -

62 struct addrinfo hints, *res, *res0; -

63 const char *h = NULL, *p = NULL; -

64 char *hs = NULL, *ps = NULL; -

65 int rv = -1, s = -1, ret; -

66 -

if ((ctx->flags & TLS_CLIENT) == 0) {

(ctx->flags & (1 << 0)) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

68 tls_set_errorx(ctx, "not a client context"); -

goto err;

never executed: goto err;

70 } -

71 -

if (host == NULL) {

host == ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

73 tls_set_errorx(ctx, "host not specified"); -

goto err;

never executed: goto err;

75 } -

76 -

77 /* -

78 * If port is NULL try to extract a port from the specified host, -

79 * otherwise use the default. -

80 */ -

if ((p = (char *)port) == NULL) {

(p = (char )p...== ((void )0)	Description
TRUE	never evaluated
FALSE	never evaluated

82 ret = tls_host_port(host, &hs, &ps); -

if (ret == -1) {

ret == -1	Description
TRUE	never evaluated
FALSE	never evaluated

84 tls_set_errorx(ctx, "memory allocation failure"); -

goto err;

never executed: goto err;

86 } -

if (ret != 0) {

ret != 0	Description
TRUE	never evaluated
FALSE	never evaluated

88 tls_set_errorx(ctx, "no port provided"); -

goto err;

never executed: goto err;

90 } -

}

never executed: end of block

92 -

h = (hs != NULL) ? hs : host;

(hs != ((void *)0) )	Description
TRUE	never evaluated
FALSE	never evaluated

p = (ps != NULL) ? ps : port;

(ps != ((void *)0) )	Description
TRUE	never evaluated
FALSE	never evaluated

95 -

96 /* -

97 * First check if the host is specified as a numeric IP address, -

98 * either IPv4 or IPv6, before trying to resolve the host. -

99 * The AI_ADDRCONFIG resolver option will not return IPv4 or IPv6 -

100 * records if it is not configured on an interface; not considering -

101 * loopback addresses. Checking the numeric addresses first makes -

102 * sure that connection attempts to numeric addresses and especially -

103 * 127.0.0.1 or ::1 loopback addresses are always possible. -

104 */ -

105 memset(&hints, 0, sizeof(hints)); -

106 hints.ai_socktype = SOCK_STREAM; -

107 -

108 /* try as an IPv4 literal */ -

109 hints.ai_family = AF_INET; -

110 hints.ai_flags = AI_NUMERICHOST; -

111

if (getaddrinfo(h, p, &hints, &res0) != 0) {

getaddrinfo(h,...s, &res0) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

112 /* try again as an IPv6 literal */ -

113 hints.ai_family = AF_INET6; -

114

if (getaddrinfo(h, p, &hints, &res0) != 0) {

getaddrinfo(h,...s, &res0) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

115 /* last try, with name resolution and save the error */ -

116 hints.ai_family = AF_UNSPEC; -

117 hints.ai_flags = AI_ADDRCONFIG; -

118

if ((s = getaddrinfo(h, p, &hints, &res0)) != 0) {

(s = getaddrin..., &res0)) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

119 tls_set_error(ctx, "%s", gai_strerror(s)); -

120

goto err;

never executed: goto err;

121 } -

122

}

never executed: end of block

123

}

never executed: end of block

124 -

125 /* It was resolved somehow; now try connecting to what we got */ -

126 s = -1; -

127

for (res = res0; res; res = res->ai_next) {

res	Description
TRUE	never evaluated
FALSE	never evaluated

128 s = socket(res->ai_family, res->ai_socktype, res->ai_protocol); -

129

if (s == -1) {

s == -1	Description
TRUE	never evaluated
FALSE	never evaluated

130 tls_set_error(ctx, "socket"); -

131

continue;

never executed: continue;

132 } -

133

if (connect(s, res->ai_addr, res->ai_addrlen) == -1) {

connect(s, res...addrlen) == -1	Description
TRUE	never evaluated
FALSE	never evaluated

134 tls_set_error(ctx, "connect"); -

135 close(s); -

136 s = -1; -

137

continue;

never executed: continue;

138 } -

139 -

140

break; /* Connected. */

never executed: break;

141 } -

142 freeaddrinfo(res0); -

143 -

144

if (s == -1)

s == -1	Description
TRUE	never evaluated
FALSE	never evaluated

145

goto err;

never executed: goto err;

146 -

147

if (servername == NULL)

servername == ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

148

servername = h;

never executed: servername = h;

149 -

150

if (tls_connect_socket(ctx, s, servername) != 0) {

tls_connect_so...rvername) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

151 close(s); -

152

goto err;

never executed: goto err;

153 } -

154 -

155 ctx->socket = s; -

156 -

157 rv = 0; -

158 -

159

err:

code before this statement never executed: err:

160 free(hs); -

161 free(ps); -

162 -

163

return (rv);

never executed: return (rv);

164 } -

165 -

166 static int -

167 tls_client_read_session(struct tls *ctx) -

168 { -

169 int sfd = ctx->config->session_fd; -

170 uint8_t *session = NULL; -

171 size_t session_len = 0; -

172 SSL_SESSION *ss = NULL; -

173 BIO *bio = NULL; -

174 struct stat sb; -

175 ssize_t n; -

176 int rv = -1; -

177 -

178

if (fstat(sfd, &sb) == -1) {

fstat(sfd, &sb) == -1	Description
TRUE	never evaluated
FALSE	never evaluated

179 tls_set_error(ctx, "failed to stat session file"); -

180

goto err;

never executed: goto err;

181 } -

182

if (sb.st_size < 0 || sb.st_size > INT_MAX) {

sb.st_size < 0	Description
TRUE	never evaluated
FALSE	never evaluated

sb.st_size > 0x7fffffff	Description
TRUE	never evaluated
FALSE	never evaluated

183 tls_set_errorx(ctx, "invalid session file size"); -

184

goto err;

never executed: goto err;

185 } -

186 session_len = (size_t)sb.st_size; -

187 -

188 /* A zero size file means that we do not yet have a valid session. */ -

189

if (session_len == 0)

session_len == 0	Description
TRUE	never evaluated
FALSE	never evaluated

190

goto done;

never executed: goto done;

191 -

192

if ((session = malloc(session_len)) == NULL)

(session = mal...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

193

goto err;

never executed: goto err;

194 -

195 n = pread(sfd, session, session_len, 0); -

196

if (n < 0 || (size_t)n != session_len) {

n < 0	Description
TRUE	never evaluated
FALSE	never evaluated

(size_t)n != session_len	Description
TRUE	never evaluated
FALSE	never evaluated

197 tls_set_error(ctx, "failed to read session file"); -

198

goto err;

never executed: goto err;

199 } -

200

if ((bio = BIO_new_mem_buf(session, session_len)) == NULL)

(bio = BIO_new...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

201

goto err;

never executed: goto err;

202

if ((ss = PEM_read_bio_SSL_SESSION(bio, NULL, tls_password_cb,

(ss = PEM_read...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

203

NULL)) == NULL) {

(ss = PEM_read...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

204 tls_set_errorx(ctx, "failed to parse session"); -

205

goto err;

never executed: goto err;

206 } -

207 -

208

if (SSL_set_session(ctx->ssl_conn, ss) != 1) {

SSL_set_sessio...conn, ss) != 1	Description
TRUE	never evaluated
FALSE	never evaluated

209 tls_set_errorx(ctx, "failed to set session"); -

210

goto err;

never executed: goto err;

211 } -

212 -

213

done:

code before this statement never executed: done:

214 rv = 0; -

215 -

216

err:

code before this statement never executed: err:

217 freezero(session, session_len); -

218 SSL_SESSION_free(ss); -

219 BIO_free(bio); -

220 -

221

return rv;

never executed: return rv;

222 } -

223 -

224 static int -

225 tls_client_write_session(struct tls *ctx) -

226 { -

227 int sfd = ctx->config->session_fd; -

228 SSL_SESSION *ss = NULL; -

229 BIO *bio = NULL; -

230 long data_len; -

231 char *data; -

232 off_t offset; -

233 size_t len; -

234 ssize_t n; -

235 int rv = -1; -

236 -

237

if ((ss = SSL_get1_session(ctx->ssl_conn)) == NULL) {

(ss = SSL_get1...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

238

if (ftruncate(sfd, 0) == -1) {

ftruncate(sfd, 0) == -1	Description
TRUE	never evaluated
FALSE	never evaluated

239 tls_set_error(ctx, "failed to truncate session file"); -

240

goto err;

never executed: goto err;

241 } -

242

goto done;

never executed: goto done;

243 } -

244 -

245

if ((bio = BIO_new(BIO_s_mem())) == NULL)

(bio = BIO_new...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

246

goto err;

never executed: goto err;

247

if (PEM_write_bio_SSL_SESSION(bio, ss) == 0)

PEM_write_bio_...(bio, ss) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

248

goto err;

never executed: goto err;

249

if ((data_len = BIO_get_mem_data(bio, &data)) <= 0)

(data_len = BI...*)&data)) <= 0	Description
TRUE	never evaluated
FALSE	never evaluated

250

goto err;

never executed: goto err;

251 -

252 len = (size_t)data_len; -

253 offset = 0; -

254 -

255

if (ftruncate(sfd, len) == -1) {

ftruncate(sfd, len) == -1	Description
TRUE	never evaluated
FALSE	never evaluated

256 tls_set_error(ctx, "failed to truncate session file"); -

257

goto err;

never executed: goto err;

258 } -

259

while (len > 0) {

len > 0	Description
TRUE	never evaluated
FALSE	never evaluated

260

if ((n = pwrite(sfd, data + offset, len, offset)) == -1) {

(n = pwrite(sf...offset)) == -1	Description
TRUE	never evaluated
FALSE	never evaluated

261 tls_set_error(ctx, "failed to write session file"); -

262

goto err;

never executed: goto err;

263 } -

264 offset += n; -

265 len -= n; -

266

}

never executed: end of block

267 -

268

done:

code before this statement never executed: done:

269 rv = 0; -

270 -

271

err:

code before this statement never executed: err:

272 SSL_SESSION_free(ss); -

273 BIO_free_all(bio); -

274 -

275

return (rv);

never executed: return (rv);

276 } -

277 -

278 static int -

279 tls_connect_common(struct tls *ctx, const char *servername) -

280 { -

281 union tls_addr addrbuf; -

282 int rv = -1; -

283 -

284

if ((ctx->flags & TLS_CLIENT) == 0) {

(ctx->flags & (1 << 0)) == 0	Description
TRUE	never evaluated
FALSE	evaluated 4 times by 1 test Evaluated by: tlstest

0-4

285 tls_set_errorx(ctx, "not a client context"); -

286

goto err;

never executed: goto err;

287 } -

288 -

289

if (servername != NULL) {

servername != ((void *)0)	Description
TRUE	evaluated 4 times by 1 test Evaluated by: tlstest
FALSE	never evaluated

0-4

290

if ((ctx->servername = strdup(servername)) == NULL) {

never executed: __retval = (char *) memcpy (__retval, servername , __len);

(ctx->serverna...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 4 times by 1 test Evaluated by: tlstest

__retval != ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

((const char *... ))[0] == '\0'	Description
TRUE	never evaluated
FALSE	never evaluated

__builtin_cons...( servername )	Description
TRUE	never evaluated
FALSE	evaluated 4 times by 1 test Evaluated by: tlstest

((size_t)(cons...ername ) == 1)	Description
TRUE	never evaluated
FALSE	never evaluated

0-4

291 tls_set_errorx(ctx, "out of memory"); -

292

goto err;

never executed: goto err;

293 } -

294

}

executed 4 times by 1 test: end of block

Executed by:

tlstest

295 -

296

if ((ctx->ssl_ctx = SSL_CTX_new(SSLv23_client_method())) == NULL) {

(ctx->ssl_ctx ...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 4 times by 1 test Evaluated by: tlstest

0-4

297 tls_set_errorx(ctx, "ssl context failure"); -

298

goto err;

never executed: goto err;

299 } -

300 -

301

if (tls_configure_ssl(ctx, ctx->ssl_ctx) != 0)

tls_configure_...>ssl_ctx) != 0	Description
TRUE	never evaluated
FALSE	evaluated 4 times by 1 test Evaluated by: tlstest

0-4

302

goto err;

never executed: goto err;

303 -

304

if (tls_configure_ssl_keypair(ctx, ctx->ssl_ctx,

tls_configure_...ypair, 0) != 0	Description
TRUE	never evaluated
FALSE	evaluated 4 times by 1 test Evaluated by: tlstest

0-4

305

ctx->config->keypair, 0) != 0)

tls_configure_...ypair, 0) != 0	Description
TRUE	never evaluated
FALSE	evaluated 4 times by 1 test Evaluated by: tlstest

0-4

306

goto err;

never executed: goto err;

307 -

308

if (ctx->config->verify_name) {

ctx->config->verify_name	Description
TRUE	never evaluated
FALSE	evaluated 4 times by 1 test Evaluated by: tlstest

0-4

309

if (servername == NULL) {

servername == ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

310 tls_set_errorx(ctx, "server name not specified"); -

311

goto err;

never executed: goto err;

312 } -

313

}

never executed: end of block

314 -

315

if (tls_configure_ssl_verify(ctx, ctx->ssl_ctx, SSL_VERIFY_PEER) == -1)

tls_configure_...x, 0x01) == -1	Description
TRUE	never evaluated
FALSE	evaluated 4 times by 1 test Evaluated by: tlstest

0-4

316

goto err;

never executed: goto err;

317 -

318

if (ctx->config->ecdhecurves != NULL) {

ctx->config->e...!= ((void *)0)	Description
TRUE	evaluated 4 times by 1 test Evaluated by: tlstest
FALSE	never evaluated

0-4

319

if (SSL_CTX_set1_groups(ctx->ssl_ctx, ctx->config->ecdhecurves,

SSL_CTX_set1_g...rves_len) != 1	Description
TRUE	never evaluated
FALSE	evaluated 4 times by 1 test Evaluated by: tlstest

0-4

320

ctx->config->ecdhecurves_len) != 1) {

SSL_CTX_set1_g...rves_len) != 1	Description
TRUE	never evaluated
FALSE	evaluated 4 times by 1 test Evaluated by: tlstest

0-4

321 tls_set_errorx(ctx, "failed to set ecdhe curves"); -

322

goto err;

never executed: goto err;

323 } -

324

}

executed 4 times by 1 test: end of block

Executed by:

tlstest

325 -

326

if (SSL_CTX_set_tlsext_status_cb(ctx->ssl_ctx, tls_ocsp_verify_cb) != 1) {

SSL_CTX_callba...erify_cb) != 1	Description
TRUE	never evaluated
FALSE	evaluated 4 times by 1 test Evaluated by: tlstest

0-4

327 tls_set_errorx(ctx, "ssl OCSP verification setup failure"); -

328

goto err;

never executed: goto err;

329 } -

330 -

331

if ((ctx->ssl_conn = SSL_new(ctx->ssl_ctx)) == NULL) {

(ctx->ssl_conn...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 4 times by 1 test Evaluated by: tlstest

0-4

332 tls_set_errorx(ctx, "ssl connection failure"); -

333

goto err;

never executed: goto err;

334 } -

335 -

336

if (SSL_set_app_data(ctx->ssl_conn, ctx) != 1) {

(SSL_set_ex_da...r *)ctx)) != 1	Description
TRUE	never evaluated
FALSE	evaluated 4 times by 1 test Evaluated by: tlstest

0-4

337 tls_set_errorx(ctx, "ssl application data failure"); -

338

goto err;

never executed: goto err;

339 } -

340 -

341

if (ctx->config->session_fd != -1) {

ctx->config->session_fd != -1	Description
TRUE	never evaluated
FALSE	evaluated 4 times by 1 test Evaluated by: tlstest

0-4

342 SSL_clear_options(ctx->ssl_conn, SSL_OP_NO_TICKET); -

343

if (tls_client_read_session(ctx) == -1)

tls_client_rea...ion(ctx) == -1	Description
TRUE	never evaluated
FALSE	never evaluated

344

goto err;

never executed: goto err;

345

}

never executed: end of block

346 -

347

if (SSL_set_tlsext_status_type(ctx->ssl_conn, TLSEXT_STATUSTYPE_ocsp) != 1) {

SSL_ctrl(ctx->...id *)0) ) != 1	Description
TRUE	never evaluated
FALSE	evaluated 4 times by 1 test Evaluated by: tlstest

0-4

348 tls_set_errorx(ctx, "ssl OCSP extension setup failure"); -

349

goto err;

never executed: goto err;

350 } -

351 -

352 /* -

353 * RFC4366 (SNI): Literal IPv4 and IPv6 addresses are not -

354 * permitted in "HostName". -

355 */ -

356

if (servername != NULL &&

servername != ((void *)0)	Description
TRUE	evaluated 4 times by 1 test Evaluated by: tlstest
FALSE	never evaluated

0-4

357

inet_pton(AF_INET, servername, &addrbuf) != 1 &&

inet_pton( 2 ,...&addrbuf) != 1	Description
TRUE	evaluated 4 times by 1 test Evaluated by: tlstest
FALSE	never evaluated

0-4

358

inet_pton(AF_INET6, servername, &addrbuf) != 1) {

inet_pton( 10 ...&addrbuf) != 1	Description
TRUE	evaluated 4 times by 1 test Evaluated by: tlstest
FALSE	never evaluated

0-4

359

if (SSL_set_tlsext_host_name(ctx->ssl_conn, servername) == 0) {

SSL_ctrl(ctx->...rvername) == 0	Description
TRUE	never evaluated
FALSE	evaluated 4 times by 1 test Evaluated by: tlstest

0-4

360 tls_set_errorx(ctx, "server name indication failure"); -

361

goto err;

never executed: goto err;

362 } -

363

}

executed 4 times by 1 test: end of block

Executed by:

tlstest

364 -

365 ctx->state |= TLS_CONNECTED; -

366 rv = 0; -

367 -

368

err:

code before this statement executed 4 times by 1 test: err:

Executed by:

tlstest

369

return (rv);

executed 4 times by 1 test: return (rv);

Executed by:

tlstest

370 } -

371 -

372 int -

373 tls_connect_socket(struct tls *ctx, int s, const char *servername) -

374 { -

375

return tls_connect_fds(ctx, s, s, servername);

executed 1 time by 1 test: return tls_connect_fds(ctx, s, s, servername);

Executed by:

tlstest

376 } -

377 -

378 int -

379 tls_connect_fds(struct tls *ctx, int fd_read, int fd_write, -

380 const char *servername) -

381 { -

382 int rv = -1; -

383 -

384

if (fd_read < 0 || fd_write < 0) {

fd_read < 0	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: tlstest

fd_write < 0	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: tlstest

0-2

385 tls_set_errorx(ctx, "invalid file descriptors"); -

386

goto err;

never executed: goto err;

387 } -

388 -

389

if (tls_connect_common(ctx, servername) != 0)

tls_connect_co...rvername) != 0	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: tlstest

0-2

390

goto err;

never executed: goto err;

391 -

392

if (SSL_set_rfd(ctx->ssl_conn, fd_read) != 1 ||

SSL_set_rfd(ct... fd_read) != 1	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: tlstest

0-2

393

SSL_set_wfd(ctx->ssl_conn, fd_write) != 1) {

SSL_set_wfd(ct...fd_write) != 1	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: tlstest

0-2

394 tls_set_errorx(ctx, "ssl file descriptor failure"); -

395

goto err;

never executed: goto err;

396 } -

397 -

398 rv = 0; -

399

err:

code before this statement executed 2 times by 1 test: err:

Executed by:

tlstest

400

return (rv);

executed 2 times by 1 test: return (rv);

Executed by:

tlstest

401 } -

402 -

403 int -

404 tls_connect_cbs(struct tls *ctx, tls_read_cb read_cb, -

405 tls_write_cb write_cb, void *cb_arg, const char *servername) -

406 { -

407 int rv = -1; -

408 -

409

if (tls_connect_common(ctx, servername) != 0)

tls_connect_co...rvername) != 0	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: tlstest

0-2

410

goto err;

never executed: goto err;

411 -

412

if (tls_set_cbs(ctx, read_cb, write_cb, cb_arg) != 0)

tls_set_cbs(ct..., cb_arg) != 0	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: tlstest

0-2

413

goto err;

never executed: goto err;

414 -

415 rv = 0; -

416 -

417

err:

code before this statement executed 2 times by 1 test: err:

Executed by:

tlstest

418

return (rv);

executed 2 times by 1 test: return (rv);

Executed by:

tlstest

419 } -

420 -

421 int -

422 tls_handshake_client(struct tls *ctx) -

423 { -

424 X509 *cert = NULL; -

425 int match, ssl_ret; -

426 int rv = -1; -

427 -

428

if ((ctx->flags & TLS_CLIENT) == 0) {

(ctx->flags & (1 << 0)) == 0	Description
TRUE	never evaluated
FALSE	evaluated 17 times by 1 test Evaluated by: tlstest

0-17

429 tls_set_errorx(ctx, "not a client context"); -

430

goto err;

never executed: goto err;

431 } -

432 -

433

if ((ctx->state & TLS_CONNECTED) == 0) {

(ctx->state & (1 << 1)) == 0	Description
TRUE	evaluated 1 time by 1 test Evaluated by: tlstest
FALSE	evaluated 16 times by 1 test Evaluated by: tlstest

1-16

434 tls_set_errorx(ctx, "context not connected"); -

435

goto err;

executed 1 time by 1 test: goto err;

Executed by:

tlstest

436 } -

437 -

438 ctx->state |= TLS_SSL_NEEDS_SHUTDOWN; -

439 -

440 ERR_clear_error(); -

441

if ((ssl_ret = SSL_connect(ctx->ssl_conn)) != 1) {

(ssl_ret = SSL...sl_conn)) != 1	Description
TRUE	evaluated 12 times by 1 test Evaluated by: tlstest
FALSE	evaluated 4 times by 1 test Evaluated by: tlstest

4-12

442 rv = tls_ssl_error(ctx, ctx->ssl_conn, ssl_ret, "handshake"); -

443

goto err;

executed 12 times by 1 test: goto err;

Executed by:

tlstest

444 } -

445 -

446

if (ctx->config->verify_name) {

ctx->config->verify_name	Description
TRUE	never evaluated
FALSE	evaluated 4 times by 1 test Evaluated by: tlstest

0-4

447 cert = SSL_get_peer_certificate(ctx->ssl_conn); -

448

if (cert == NULL) {

cert == ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

449 tls_set_errorx(ctx, "no server certificate"); -

450

goto err;

never executed: goto err;

451 } -

452

if (tls_check_name(ctx, cert, ctx->servername, &match) == -1)

tls_check_name... &match) == -1	Description
TRUE	never evaluated
FALSE	never evaluated

453

goto err;

never executed: goto err;

454

if (!match) {

!match	Description
TRUE	never evaluated
FALSE	never evaluated

455 tls_set_errorx(ctx, "name `%s' not present in" -

456 " server certificate", ctx->servername); -

457

goto err;

never executed: goto err;

458 } -

459

}

never executed: end of block

460 -

461 ctx->state |= TLS_HANDSHAKE_COMPLETE; -

462 -

463

if (ctx->config->session_fd != -1) {

ctx->config->session_fd != -1	Description
TRUE	never evaluated
FALSE	evaluated 4 times by 1 test Evaluated by: tlstest

0-4

464

if (tls_client_write_session(ctx) == -1)

tls_client_wri...ion(ctx) == -1	Description
TRUE	never evaluated
FALSE	never evaluated

465

goto err;

never executed: goto err;

466

}

never executed: end of block

467 -

468 rv = 0; -

469 -

470

err:

code before this statement executed 4 times by 1 test: err:

Executed by:

tlstest

471 X509_free(cert); -

472 -

473

return (rv);

executed 17 times by 1 test: return (rv);

Executed by:

tlstest

474 } -

Source code

Switch to Preprocessed file

Generated by Squish Coco 4.2.2