OpenCoverage

ssl_both.c

Absolute File Name:/home/opencoverage/opencoverage/guest-scripts/libressl/src/ssl/ssl_both.c
Source codeSwitch to Preprocessed file
LineSourceCount
1/* $OpenBSD: ssl_both.c,v 1.12 2018/08/24 17:30:32 jsing Exp $ */-
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)-
3 * All rights reserved.-
4 *-
5 * This package is an SSL implementation written-
6 * by Eric Young (eay@cryptsoft.com).-
7 * The implementation was written so as to conform with Netscapes SSL.-
8 *-
9 * This library is free for commercial and non-commercial use as long as-
10 * the following conditions are aheared to. The following conditions-
11 * apply to all code found in this distribution, be it the RC4, RSA,-
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation-
13 * included with this distribution is covered by the same copyright terms-
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).-
15 *-
16 * Copyright remains Eric Young's, and as such any Copyright notices in-
17 * the code are not to be removed.-
18 * If this package is used in a product, Eric Young should be given attribution-
19 * as the author of the parts of the library used.-
20 * This can be in the form of a textual message at program startup or-
21 * in documentation (online or textual) provided with the package.-
22 *-
23 * Redistribution and use in source and binary forms, with or without-
24 * modification, are permitted provided that the following conditions-
25 * are met:-
26 * 1. Redistributions of source code must retain the copyright-
27 * notice, this list of conditions and the following disclaimer.-
28 * 2. Redistributions in binary form must reproduce the above copyright-
29 * notice, this list of conditions and the following disclaimer in the-
30 * documentation and/or other materials provided with the distribution.-
31 * 3. All advertising materials mentioning features or use of this software-
32 * must display the following acknowledgement:-
33 * "This product includes cryptographic software written by-
34 * Eric Young (eay@cryptsoft.com)"-
35 * The word 'cryptographic' can be left out if the rouines from the library-
36 * being used are not cryptographic related :-).-
37 * 4. If you include any Windows specific code (or a derivative thereof) from-
38 * the apps directory (application code) you must include an acknowledgement:-
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"-
40 *-
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND-
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE-
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE-
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE-
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL-
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS-
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)-
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT-
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY-
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF-
51 * SUCH DAMAGE.-
52 *-
53 * The licence and distribution terms for any publically available version or-
54 * derivative of this code cannot be changed. i.e. this code cannot simply be-
55 * copied and put under another distribution licence-
56 * [including the GNU Public Licence.]-
57 */-
58/* ====================================================================-
59 * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.-
60 *-
61 * Redistribution and use in source and binary forms, with or without-
62 * modification, are permitted provided that the following conditions-
63 * are met:-
64 *-
65 * 1. Redistributions of source code must retain the above copyright-
66 * notice, this list of conditions and the following disclaimer.-
67 *-
68 * 2. Redistributions in binary form must reproduce the above copyright-
69 * notice, this list of conditions and the following disclaimer in-
70 * the documentation and/or other materials provided with the-
71 * distribution.-
72 *-
73 * 3. All advertising materials mentioning features or use of this-
74 * software must display the following acknowledgment:-
75 * "This product includes software developed by the OpenSSL Project-
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"-
77 *-
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to-
79 * endorse or promote products derived from this software without-
80 * prior written permission. For written permission, please contact-
81 * openssl-core@openssl.org.-
82 *-
83 * 5. Products derived from this software may not be called "OpenSSL"-
84 * nor may "OpenSSL" appear in their names without prior written-
85 * permission of the OpenSSL Project.-
86 *-
87 * 6. Redistributions of any form whatsoever must retain the following-
88 * acknowledgment:-
89 * "This product includes software developed by the OpenSSL Project-
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"-
91 *-
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY-
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE-
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR-
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR-
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,-
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT-
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;-
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)-
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,-
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)-
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED-
103 * OF THE POSSIBILITY OF SUCH DAMAGE.-
104 * ====================================================================-
105 *-
106 * This product includes cryptographic software written by Eric Young-
107 * (eay@cryptsoft.com). This product includes software written by Tim-
108 * Hudson (tjh@cryptsoft.com).-
109 *-
110 */-
111/* ====================================================================-
112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.-
113 * ECC cipher suite support in OpenSSL originally developed by-
114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.-
115 */-
116-
117#include <limits.h>-
118#include <stdio.h>-
119#include <string.h>-
120-
121#include "ssl_locl.h"-
122-
123#include <openssl/buffer.h>-
124#include <openssl/evp.h>-
125#include <openssl/objects.h>-
126#include <openssl/x509.h>-
127-
128#include "bytestring.h"-
129-
130/*-
131 * Send s->internal->init_buf in records of type 'type' (SSL3_RT_HANDSHAKE or-
132 * SSL3_RT_CHANGE_CIPHER_SPEC).-
133 */-
134int-
135ssl3_do_write(SSL *s, int type)-
136{-
137 int ret;-
138-
139 ret = ssl3_write_bytes(s, type, &s->internal->init_buf->data[s->internal->init_off],-
140 s->internal->init_num);-
141 if (ret < 0)
ret < 0Description
TRUEnever evaluated
FALSEevaluated 584 times by 4 tests
Evaluated by:
  • clienttest
  • servertest
  • ssltest
  • tlstest
0-584
142 return (-1);
never executed: return (-1);
0
143-
144 if (type == SSL3_RT_HANDSHAKE)
type == 22Description
TRUEevaluated 480 times by 4 tests
Evaluated by:
  • clienttest
  • servertest
  • ssltest
  • tlstest
FALSEevaluated 104 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
104-480
145 /*-
146 * Should not be done for 'Hello Request's, but in that case-
147 * we'll ignore the result anyway.-
148 */-
149 tls1_finish_mac(s,
executed 480 times by 4 tests: tls1_finish_mac(s, (unsigned char *)&s->internal->init_buf->data[s->internal->init_off], ret);
Executed by:
  • clienttest
  • servertest
  • ssltest
  • tlstest
480
150 (unsigned char *)&s->internal->init_buf->data[s->internal->init_off], ret);
executed 480 times by 4 tests: tls1_finish_mac(s, (unsigned char *)&s->internal->init_buf->data[s->internal->init_off], ret);
Executed by:
  • clienttest
  • servertest
  • ssltest
  • tlstest
480
151-
152 if (ret == s->internal->init_num) {
ret == s->internal->init_numDescription
TRUEevaluated 584 times by 4 tests
Evaluated by:
  • clienttest
  • servertest
  • ssltest
  • tlstest
FALSEnever evaluated
0-584
153 if (s->internal->msg_callback)
s->internal->msg_callbackDescription
TRUEnever evaluated
FALSEevaluated 584 times by 4 tests
Evaluated by:
  • clienttest
  • servertest
  • ssltest
  • tlstest
0-584
154 s->internal->msg_callback(1, s->version, type, s->internal->init_buf->data,
never executed: s->internal->msg_callback(1, s->version, type, s->internal->init_buf->data, (size_t)(s->internal->init_off + s->internal->init_num), s, s->internal->msg_callback_arg);
0
155 (size_t)(s->internal->init_off + s->internal->init_num), s,
never executed: s->internal->msg_callback(1, s->version, type, s->internal->init_buf->data, (size_t)(s->internal->init_off + s->internal->init_num), s, s->internal->msg_callback_arg);
0
156 s->internal->msg_callback_arg);
never executed: s->internal->msg_callback(1, s->version, type, s->internal->init_buf->data, (size_t)(s->internal->init_off + s->internal->init_num), s, s->internal->msg_callback_arg);
0
157 return (1);
executed 584 times by 4 tests: return (1);
Executed by:
  • clienttest
  • servertest
  • ssltest
  • tlstest
584
158 }-
159-
160 s->internal->init_off += ret;-
161 s->internal->init_num -= ret;-
162-
163 return (0);
never executed: return (0);
0
164}-
165-
166int-
167ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen)-
168{-
169 CBB cbb, finished;-
170 int md_len;-
171-
172 memset(&cbb, 0, sizeof(cbb));-
173-
174 if (S3I(s)->hs.state == a) {
(s->s3->intern...>hs.state == aDescription
TRUEevaluated 126 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
FALSEnever evaluated
0-126
175 md_len = TLS1_FINISH_MAC_LENGTH;-
176 OPENSSL_assert(md_len <= EVP_MAX_MD_SIZE);-
177-
178 if (tls1_final_finish_mac(s, sender, slen,
tls1_final_fin..._md) != md_lenDescription
TRUEnever evaluated
FALSEevaluated 126 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
0-126
179 S3I(s)->tmp.finish_md) != md_len)
tls1_final_fin..._md) != md_lenDescription
TRUEnever evaluated
FALSEevaluated 126 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
0-126
180 return (0);
never executed: return (0);
0
181 S3I(s)->tmp.finish_md_len = md_len;-
182-
183 /* Copy finished so we can use it for renegotiation checks. */-
184 if (s->internal->type == SSL_ST_CONNECT) {
s->internal->type == 0x1000Description
TRUEevaluated 63 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
FALSEevaluated 63 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
63
185 memcpy(S3I(s)->previous_client_finished,-
186 S3I(s)->tmp.finish_md, md_len);-
187 S3I(s)->previous_client_finished_len = md_len;-
188 } else {
executed 63 times by 2 tests: end of block
Executed by:
  • ssltest
  • tlstest
63
189 memcpy(S3I(s)->previous_server_finished,-
190 S3I(s)->tmp.finish_md, md_len);-
191 S3I(s)->previous_server_finished_len = md_len;-
192 }
executed 63 times by 2 tests: end of block
Executed by:
  • ssltest
  • tlstest
63
193-
194 if (!ssl3_handshake_msg_start(s, &cbb, &finished,
!ssl3_handshak...&finished, 20)Description
TRUEnever evaluated
FALSEevaluated 126 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
0-126
195 SSL3_MT_FINISHED))
!ssl3_handshak...&finished, 20)Description
TRUEnever evaluated
FALSEevaluated 126 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
0-126
196 goto err;
never executed: goto err;
0
197 if (!CBB_add_bytes(&finished, S3I(s)->tmp.finish_md, md_len))
!CBB_add_bytes...sh_md, md_len)Description
TRUEnever evaluated
FALSEevaluated 126 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
0-126
198 goto err;
never executed: goto err;
0
199 if (!ssl3_handshake_msg_finish(s, &cbb))
!ssl3_handshak...inish(s, &cbb)Description
TRUEnever evaluated
FALSEevaluated 126 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
0-126
200 goto err;
never executed: goto err;
0
201-
202 S3I(s)->hs.state = b;-
203 }
executed 126 times by 2 tests: end of block
Executed by:
  • ssltest
  • tlstest
126
204-
205 return (ssl3_handshake_write(s));
executed 126 times by 2 tests: return (ssl3_handshake_write(s));
Executed by:
  • ssltest
  • tlstest
126
206-
207 err:-
208 CBB_cleanup(&cbb);-
209-
210 return (-1);
never executed: return (-1);
0
211}-
212-
213/*-
214 * ssl3_take_mac calculates the Finished MAC for the handshakes messages seen-
215 * so far.-
216 */-
217static void-
218ssl3_take_mac(SSL *s)-
219{-
220 const char *sender;-
221 int slen;-
222-
223 /*-
224 * If no new cipher setup return immediately: other functions will-
225 * set the appropriate error.-
226 */-
227 if (S3I(s)->hs.new_cipher == NULL)
(s->s3->intern...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 104 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
0-104
228 return;
never executed: return;
0
229-
230 if (S3I(s)->hs.state & SSL_ST_CONNECT) {
(s->s3->intern...state & 0x1000Description
TRUEevaluated 52 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
FALSEevaluated 52 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
52
231 sender = TLS_MD_SERVER_FINISH_CONST;-
232 slen = TLS_MD_SERVER_FINISH_CONST_SIZE;-
233 } else {
executed 52 times by 2 tests: end of block
Executed by:
  • ssltest
  • tlstest
52
234 sender = TLS_MD_CLIENT_FINISH_CONST;-
235 slen = TLS_MD_CLIENT_FINISH_CONST_SIZE;-
236 }
executed 52 times by 2 tests: end of block
Executed by:
  • ssltest
  • tlstest
52
237-
238 S3I(s)->tmp.peer_finish_md_len =-
239 tls1_final_finish_mac(s, sender, slen,-
240 S3I(s)->tmp.peer_finish_md);-
241}
executed 104 times by 2 tests: end of block
Executed by:
  • ssltest
  • tlstest
104
242-
243int-
244ssl3_get_finished(SSL *s, int a, int b)-
245{-
246 int al, ok, md_len;-
247 long n;-
248 CBS cbs;-
249-
250 /* should actually be 36+4 :-) */-
251 n = s->method->internal->ssl_get_message(s, a, b, SSL3_MT_FINISHED, 64, &ok);-
252 if (!ok)
!okDescription
TRUEevaluated 46 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
FALSEevaluated 126 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
46-126
253 return ((int)n);
executed 46 times by 2 tests: return ((int)n);
Executed by:
  • ssltest
  • tlstest
46
254-
255 /* If this occurs, we have missed a message */-
256 if (!S3I(s)->change_cipher_spec) {
!(s->s3->inter...ge_cipher_specDescription
TRUEnever evaluated
FALSEevaluated 126 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
0-126
257 al = SSL_AD_UNEXPECTED_MESSAGE;-
258 SSLerror(s, SSL_R_GOT_A_FIN_BEFORE_A_CCS);-
259 goto f_err;
never executed: goto f_err;
0
260 }-
261 S3I(s)->change_cipher_spec = 0;-
262-
263 md_len = TLS1_FINISH_MAC_LENGTH;-
264-
265 if (n < 0) {
n < 0Description
TRUEnever evaluated
FALSEevaluated 126 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
0-126
266 al = SSL_AD_DECODE_ERROR;-
267 SSLerror(s, SSL_R_BAD_DIGEST_LENGTH);-
268 goto f_err;
never executed: goto f_err;
0
269 }-
270-
271 CBS_init(&cbs, s->internal->init_msg, n);-
272-
273 if (S3I(s)->tmp.peer_finish_md_len != md_len ||
(s->s3->intern..._len != md_lenDescription
TRUEnever evaluated
FALSEevaluated 126 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
0-126
274 CBS_len(&cbs) != md_len) {
CBS_len(&cbs) != md_lenDescription
TRUEnever evaluated
FALSEevaluated 126 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
0-126
275 al = SSL_AD_DECODE_ERROR;-
276 SSLerror(s, SSL_R_BAD_DIGEST_LENGTH);-
277 goto f_err;
never executed: goto f_err;
0
278 }-
279-
280 if (!CBS_mem_equal(&cbs, S3I(s)->tmp.peer_finish_md, CBS_len(&cbs))) {
!CBS_mem_equal...CBS_len(&cbs))Description
TRUEnever evaluated
FALSEevaluated 126 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
0-126
281 al = SSL_AD_DECRYPT_ERROR;-
282 SSLerror(s, SSL_R_DIGEST_CHECK_FAILED);-
283 goto f_err;
never executed: goto f_err;
0
284 }-
285-
286 /* Copy finished so we can use it for renegotiation checks. */-
287 OPENSSL_assert(md_len <= EVP_MAX_MD_SIZE);-
288 if (s->internal->type == SSL_ST_ACCEPT) {
s->internal->type == 0x2000Description
TRUEevaluated 63 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
FALSEevaluated 63 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
63
289 memcpy(S3I(s)->previous_client_finished,-
290 S3I(s)->tmp.peer_finish_md, md_len);-
291 S3I(s)->previous_client_finished_len = md_len;-
292 } else {
executed 63 times by 2 tests: end of block
Executed by:
  • ssltest
  • tlstest
63
293 memcpy(S3I(s)->previous_server_finished,-
294 S3I(s)->tmp.peer_finish_md, md_len);-
295 S3I(s)->previous_server_finished_len = md_len;-
296 }
executed 63 times by 2 tests: end of block
Executed by:
  • ssltest
  • tlstest
63
297-
298 return (1);
executed 126 times by 2 tests: return (1);
Executed by:
  • ssltest
  • tlstest
126
299f_err:-
300 ssl3_send_alert(s, SSL3_AL_FATAL, al);-
301 return (0);
never executed: return (0);
0
302}-
303-
304/* for these 2 messages, we need to-
305 * ssl->enc_read_ctx re-init-
306 * ssl->s3->internal->read_sequence zero-
307 * ssl->s3->internal->read_mac_secret re-init-
308 * ssl->session->read_sym_enc assign-
309 * ssl->session->read_hash assign-
310 */-
311int-
312ssl3_send_change_cipher_spec(SSL *s, int a, int b)-
313{-
314 size_t outlen;-
315 CBB cbb;-
316-
317 memset(&cbb, 0, sizeof(cbb));-
318-
319 if (S3I(s)->hs.state == a) {
(s->s3->intern...>hs.state == aDescription
TRUEevaluated 126 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
FALSEnever evaluated
0-126
320 if (!CBB_init_fixed(&cbb, s->internal->init_buf->data,
!CBB_init_fixe...t_buf->length)Description
TRUEnever evaluated
FALSEevaluated 126 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
0-126
321 s->internal->init_buf->length))
!CBB_init_fixe...t_buf->length)Description
TRUEnever evaluated
FALSEevaluated 126 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
0-126
322 goto err;
never executed: goto err;
0
323 if (!CBB_add_u8(&cbb, SSL3_MT_CCS))
!CBB_add_u8(&cbb, 1)Description
TRUEnever evaluated
FALSEevaluated 126 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
0-126
324 goto err;
never executed: goto err;
0
325 if (!CBB_finish(&cbb, NULL, &outlen))
!CBB_finish(&c...)0) , &outlen)Description
TRUEnever evaluated
FALSEevaluated 126 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
0-126
326 goto err;
never executed: goto err;
0
327-
328 if (outlen > INT_MAX)
outlen > 0x7fffffffDescription
TRUEnever evaluated
FALSEevaluated 126 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
0-126
329 goto err;
never executed: goto err;
0
330-
331 s->internal->init_num = (int)outlen;-
332 s->internal->init_off = 0;-
333-
334 if (SSL_IS_DTLS(s)) {
(s->method->in...ion == 0xFEFF)Description
TRUEevaluated 22 times by 1 test
Evaluated by:
  • ssltest
FALSEevaluated 104 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
22-104
335 D1I(s)->handshake_write_seq =-
336 D1I(s)->next_handshake_write_seq;-
337 dtls1_set_message_header_int(s, SSL3_MT_CCS, 0,-
338 D1I(s)->handshake_write_seq, 0, 0);-
339 dtls1_buffer_message(s, 1);-
340 }
executed 22 times by 1 test: end of block
Executed by:
  • ssltest
22
341-
342 S3I(s)->hs.state = b;-
343 }
executed 126 times by 2 tests: end of block
Executed by:
  • ssltest
  • tlstest
126
344-
345 /* SSL3_ST_CW_CHANGE_B */-
346 return ssl3_record_write(s, SSL3_RT_CHANGE_CIPHER_SPEC);
executed 126 times by 2 tests: return ssl3_record_write(s, 20);
Executed by:
  • ssltest
  • tlstest
126
347-
348 err:-
349 CBB_cleanup(&cbb);-
350-
351 return -1;
never executed: return -1;
0
352}-
353-
354static int-
355ssl3_add_cert(CBB *cbb, X509 *x)-
356{-
357 unsigned char *data;-
358 int cert_len;-
359 int ret = 0;-
360 CBB cert;-
361-
362 if ((cert_len = i2d_X509(x, NULL)) < 0)
(cert_len = i2...id *)0) )) < 0Description
TRUEnever evaluated
FALSEevaluated 96 times by 3 tests
Evaluated by:
  • servertest
  • ssltest
  • tlstest
0-96
363 goto err;
never executed: goto err;
0
364-
365 if (!CBB_add_u24_length_prefixed(cbb, &cert))
!CBB_add_u24_l...ed(cbb, &cert)Description
TRUEnever evaluated
FALSEevaluated 96 times by 3 tests
Evaluated by:
  • servertest
  • ssltest
  • tlstest
0-96
366 goto err;
never executed: goto err;
0
367 if (!CBB_add_space(&cert, &data, cert_len))
!CBB_add_space...ata, cert_len)Description
TRUEnever evaluated
FALSEevaluated 96 times by 3 tests
Evaluated by:
  • servertest
  • ssltest
  • tlstest
0-96
368 goto err;
never executed: goto err;
0
369 if (i2d_X509(x, &data) < 0)
i2d_X509(x, &data) < 0Description
TRUEnever evaluated
FALSEevaluated 96 times by 3 tests
Evaluated by:
  • servertest
  • ssltest
  • tlstest
0-96
370 goto err;
never executed: goto err;
0
371 if (!CBB_flush(cbb))
!CBB_flush(cbb)Description
TRUEnever evaluated
FALSEevaluated 96 times by 3 tests
Evaluated by:
  • servertest
  • ssltest
  • tlstest
0-96
372 goto err;
never executed: goto err;
0
373-
374 ret = 1;-
375-
376 err:
code before this statement executed 96 times by 3 tests: err:
Executed by:
  • servertest
  • ssltest
  • tlstest
96
377 return (ret);
executed 96 times by 3 tests: return (ret);
Executed by:
  • servertest
  • ssltest
  • tlstest
96
378}-
379-
380int-
381ssl3_output_cert_chain(SSL *s, CBB *cbb, X509 *x)-
382{-
383 int no_chain = 0;-
384 CBB cert_list;-
385 int ret = 0;-
386 int i;-
387-
388 if (!CBB_add_u24_length_prefixed(cbb, &cert_list))
!CBB_add_u24_l...b, &cert_list)Description
TRUEnever evaluated
FALSEevaluated 62 times by 3 tests
Evaluated by:
  • servertest
  • ssltest
  • tlstest
0-62
389 goto err;
never executed: goto err;
0
390-
391 if ((s->internal->mode & SSL_MODE_NO_AUTO_CHAIN) || s->ctx->extra_certs)
(s->internal->...& 0x00000008L)Description
TRUEnever evaluated
FALSEevaluated 62 times by 3 tests
Evaluated by:
  • servertest
  • ssltest
  • tlstest
s->ctx->extra_certsDescription
TRUEnever evaluated
FALSEevaluated 62 times by 3 tests
Evaluated by:
  • servertest
  • ssltest
  • tlstest
0-62
392 no_chain = 1;
never executed: no_chain = 1;
0
393-
394 /* TLSv1 sends a chain with nothing in it, instead of an alert. */-
395 if (x != NULL) {
x != ((void *)0)Description
TRUEevaluated 62 times by 3 tests
Evaluated by:
  • servertest
  • ssltest
  • tlstest
FALSEnever evaluated
0-62
396 if (no_chain) {
no_chainDescription
TRUEnever evaluated
FALSEevaluated 62 times by 3 tests
Evaluated by:
  • servertest
  • ssltest
  • tlstest
0-62
397 if (!ssl3_add_cert(&cert_list, x))
!ssl3_add_cert(&cert_list, x)Description
TRUEnever evaluated
FALSEnever evaluated
0
398 goto err;
never executed: goto err;
0
399 } else {
never executed: end of block
0
400 X509_STORE_CTX xs_ctx;-
401-
402 if (!X509_STORE_CTX_init(&xs_ctx, s->ctx->cert_store,
!X509_STORE_CT... ((void *)0) )Description
TRUEnever evaluated
FALSEevaluated 62 times by 3 tests
Evaluated by:
  • servertest
  • ssltest
  • tlstest
0-62
403 x, NULL)) {
!X509_STORE_CT... ((void *)0) )Description
TRUEnever evaluated
FALSEevaluated 62 times by 3 tests
Evaluated by:
  • servertest
  • ssltest
  • tlstest
0-62
404 SSLerror(s, ERR_R_X509_LIB);-
405 goto err;
never executed: goto err;
0
406 }-
407 X509_verify_cert(&xs_ctx);-
408-
409 /* Don't leave errors in the queue. */-
410 ERR_clear_error();-
411 for (i = 0; i < sk_X509_num(xs_ctx.chain); i++) {
i < sk_num(((_..._st_X509*)0)))Description
TRUEevaluated 96 times by 3 tests
Evaluated by:
  • servertest
  • ssltest
  • tlstest
FALSEevaluated 62 times by 3 tests
Evaluated by:
  • servertest
  • ssltest
  • tlstest
62-96
412 x = sk_X509_value(xs_ctx.chain, i);-
413 if (!ssl3_add_cert(&cert_list, x)) {
!ssl3_add_cert(&cert_list, x)Description
TRUEnever evaluated
FALSEevaluated 96 times by 3 tests
Evaluated by:
  • servertest
  • ssltest
  • tlstest
0-96
414 X509_STORE_CTX_cleanup(&xs_ctx);-
415 goto err;
never executed: goto err;
0
416 }-
417 }
executed 96 times by 3 tests: end of block
Executed by:
  • servertest
  • ssltest
  • tlstest
96
418 X509_STORE_CTX_cleanup(&xs_ctx);-
419 }
executed 62 times by 3 tests: end of block
Executed by:
  • servertest
  • ssltest
  • tlstest
62
420 }-
421-
422 /* Thawte special :-) */-
423 for (i = 0; i < sk_X509_num(s->ctx->extra_certs); i++) {
i < sk_num(((_..._st_X509*)0)))Description
TRUEnever evaluated
FALSEevaluated 62 times by 3 tests
Evaluated by:
  • servertest
  • ssltest
  • tlstest
0-62
424 x = sk_X509_value(s->ctx->extra_certs, i);-
425 if (!ssl3_add_cert(&cert_list, x))
!ssl3_add_cert(&cert_list, x)Description
TRUEnever evaluated
FALSEnever evaluated
0
426 goto err;
never executed: goto err;
0
427 }
never executed: end of block
0
428-
429 if (!CBB_flush(cbb))
!CBB_flush(cbb)Description
TRUEnever evaluated
FALSEevaluated 62 times by 3 tests
Evaluated by:
  • servertest
  • ssltest
  • tlstest
0-62
430 goto err;
never executed: goto err;
0
431-
432 ret = 1;-
433-
434 err:
code before this statement executed 62 times by 3 tests: err:
Executed by:
  • servertest
  • ssltest
  • tlstest
62
435 return (ret);
executed 62 times by 3 tests: return (ret);
Executed by:
  • servertest
  • ssltest
  • tlstest
62
436}-
437-
438/*-
439 * Obtain handshake message of message type 'mt' (any if mt == -1),-
440 * maximum acceptable body length 'max'.-
441 * The first four bytes (msg_type and length) are read in state 'st1',-
442 * the body is read in state 'stn'.-
443 */-
444long-
445ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)-
446{-
447 unsigned char *p;-
448 uint32_t l;-
449 long n;-
450 int i, al;-
451 CBS cbs;-
452 uint8_t u8;-
453-
454 if (S3I(s)->tmp.reuse_message) {
(s->s3->intern....reuse_messageDescription
TRUEevaluated 101 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
FALSEevaluated 2496 times by 4 tests
Evaluated by:
  • clienttest
  • servertest
  • ssltest
  • tlstest
101-2496
455 S3I(s)->tmp.reuse_message = 0;-
456 if ((mt >= 0) && (S3I(s)->tmp.message_type != mt)) {
(mt >= 0)Description
TRUEevaluated 94 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
FALSEevaluated 7 times by 1 test
Evaluated by:
  • ssltest
((s->s3->inter...ge_type != mt)Description
TRUEnever evaluated
FALSEevaluated 94 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
0-94
457 al = SSL_AD_UNEXPECTED_MESSAGE;-
458 SSLerror(s, SSL_R_UNEXPECTED_MESSAGE);-
459 goto f_err;
never executed: goto f_err;
0
460 }-
461 *ok = 1;-
462 s->internal->init_msg = s->internal->init_buf->data + 4;-
463 s->internal->init_num = (int)S3I(s)->tmp.message_size;-
464 return s->internal->init_num;
executed 101 times by 2 tests: return s->internal->init_num;
Executed by:
  • ssltest
  • tlstest
101
465 }-
466-
467 p = (unsigned char *)s->internal->init_buf->data;-
468-
469 /* s->internal->init_num < 4 */-
470 if (S3I(s)->hs.state == st1) {
(s->s3->intern...s.state == st1Description
TRUEevaluated 2496 times by 4 tests
Evaluated by:
  • clienttest
  • servertest
  • ssltest
  • tlstest
FALSEnever evaluated
0-2496
471 int skip_message;-
472-
473 do {-
474 while (s->internal->init_num < 4) {
s->internal->init_num < 4Description
TRUEevaluated 2496 times by 4 tests
Evaluated by:
  • clienttest
  • servertest
  • ssltest
  • tlstest
FALSEevaluated 464 times by 3 tests
Evaluated by:
  • servertest
  • ssltest
  • tlstest
464-2496
475 i = s->method->internal->ssl_read_bytes(s,-
476 SSL3_RT_HANDSHAKE, &p[s->internal->init_num],-
477 4 - s->internal->init_num, 0);-
478 if (i <= 0) {
i <= 0Description
TRUEevaluated 2032 times by 4 tests
Evaluated by:
  • clienttest
  • servertest
  • ssltest
  • tlstest
FALSEevaluated 464 times by 3 tests
Evaluated by:
  • servertest
  • ssltest
  • tlstest
464-2032
479 s->internal->rwstate = SSL_READING;-
480 *ok = 0;-
481 return i;
executed 2032 times by 4 tests: return i;
Executed by:
  • clienttest
  • servertest
  • ssltest
  • tlstest
2032
482 }-
483 s->internal->init_num += i;-
484 }
executed 464 times by 3 tests: end of block
Executed by:
  • servertest
  • ssltest
  • tlstest
464
485-
486 skip_message = 0;-
487 if (!s->server && p[0] == SSL3_MT_HELLO_REQUEST) {
!s->serverDescription
TRUEevaluated 296 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
FALSEevaluated 168 times by 3 tests
Evaluated by:
  • servertest
  • ssltest
  • tlstest
p[0] == 0Description
TRUEnever evaluated
FALSEevaluated 296 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
0-296
488 /*-
489 * The server may always send 'Hello Request'-
490 * messages -- we are doing a handshake anyway-
491 * now, so ignore them if their format is-
492 * correct. Does not count for 'Finished' MAC.-
493 */-
494 if (p[1] == 0 && p[2] == 0 &&p[3] == 0) {
p[1] == 0Description
TRUEnever evaluated
FALSEnever evaluated
p[2] == 0Description
TRUEnever evaluated
FALSEnever evaluated
p[3] == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
495 s->internal->init_num = 0;-
496 skip_message = 1;-
497-
498 if (s->internal->msg_callback)
s->internal->msg_callbackDescription
TRUEnever evaluated
FALSEnever evaluated
0
499 s->internal->msg_callback(0, s->version,
never executed: s->internal->msg_callback(0, s->version, 22, p, 4, s, s->internal->msg_callback_arg);
0
500 SSL3_RT_HANDSHAKE, p, 4, s,
never executed: s->internal->msg_callback(0, s->version, 22, p, 4, s, s->internal->msg_callback_arg);
0
501 s->internal->msg_callback_arg);
never executed: s->internal->msg_callback(0, s->version, 22, p, 4, s, s->internal->msg_callback_arg);
0
502 }
never executed: end of block
0
503 }
never executed: end of block
0
504 } while (skip_message);
executed 464 times by 3 tests: end of block
Executed by:
  • servertest
  • ssltest
  • tlstest
skip_messageDescription
TRUEnever evaluated
FALSEevaluated 464 times by 3 tests
Evaluated by:
  • servertest
  • ssltest
  • tlstest
0-464
505-
506 /* s->internal->init_num == 4 */-
507-
508 if ((mt >= 0) && (*p != mt)) {
(mt >= 0)Description
TRUEevaluated 168 times by 3 tests
Evaluated by:
  • servertest
  • ssltest
  • tlstest
FALSEevaluated 296 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
(*p != mt)Description
TRUEnever evaluated
FALSEevaluated 168 times by 3 tests
Evaluated by:
  • servertest
  • ssltest
  • tlstest
0-296
509 al = SSL_AD_UNEXPECTED_MESSAGE;-
510 SSLerror(s, SSL_R_UNEXPECTED_MESSAGE);-
511 goto f_err;
never executed: goto f_err;
0
512 }-
513-
514 CBS_init(&cbs, p, 4);-
515 if (!CBS_get_u8(&cbs, &u8) ||
!CBS_get_u8(&cbs, &u8)Description
TRUEnever evaluated
FALSEevaluated 464 times by 3 tests
Evaluated by:
  • servertest
  • ssltest
  • tlstest
0-464
516 !CBS_get_u24(&cbs, &l)) {
!CBS_get_u24(&cbs, &l)Description
TRUEnever evaluated
FALSEevaluated 464 times by 3 tests
Evaluated by:
  • servertest
  • ssltest
  • tlstest
0-464
517 SSLerror(s, ERR_R_BUF_LIB);-
518 goto err;
never executed: goto err;
0
519 }-
520 S3I(s)->tmp.message_type = u8;-
521-
522 if (l > (unsigned long)max) {
l > (unsigned long)maxDescription
TRUEnever evaluated
FALSEevaluated 464 times by 3 tests
Evaluated by:
  • servertest
  • ssltest
  • tlstest
0-464
523 al = SSL_AD_ILLEGAL_PARAMETER;-
524 SSLerror(s, SSL_R_EXCESSIVE_MESSAGE_SIZE);-
525 goto f_err;
never executed: goto f_err;
0
526 }-
527 if (l && !BUF_MEM_grow_clean(s->internal->init_buf, l + 4)) {
lDescription
TRUEevaluated 412 times by 3 tests
Evaluated by:
  • servertest
  • ssltest
  • tlstest
FALSEevaluated 52 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
!BUF_MEM_grow_...it_buf, l + 4)Description
TRUEnever evaluated
FALSEevaluated 412 times by 3 tests
Evaluated by:
  • servertest
  • ssltest
  • tlstest
0-412
528 SSLerror(s, ERR_R_BUF_LIB);-
529 goto err;
never executed: goto err;
0
530 }-
531 S3I(s)->tmp.message_size = l;-
532 S3I(s)->hs.state = stn;-
533-
534 s->internal->init_msg = s->internal->init_buf->data + 4;-
535 s->internal->init_num = 0;-
536 }
executed 464 times by 3 tests: end of block
Executed by:
  • servertest
  • ssltest
  • tlstest
464
537-
538 /* next state (stn) */-
539 p = s->internal->init_msg;-
540 n = S3I(s)->tmp.message_size - s->internal->init_num;-
541 while (n > 0) {
n > 0Description
TRUEevaluated 412 times by 3 tests
Evaluated by:
  • servertest
  • ssltest
  • tlstest
FALSEevaluated 464 times by 3 tests
Evaluated by:
  • servertest
  • ssltest
  • tlstest
412-464
542 i = s->method->internal->ssl_read_bytes(s, SSL3_RT_HANDSHAKE,-
543 &p[s->internal->init_num], n, 0);-
544 if (i <= 0) {
i <= 0Description
TRUEnever evaluated
FALSEevaluated 412 times by 3 tests
Evaluated by:
  • servertest
  • ssltest
  • tlstest
0-412
545 s->internal->rwstate = SSL_READING;-
546 *ok = 0;-
547 return i;
never executed: return i;
0
548 }-
549 s->internal->init_num += i;-
550 n -= i;-
551 }
executed 412 times by 3 tests: end of block
Executed by:
  • servertest
  • ssltest
  • tlstest
412
552-
553 /* If receiving Finished, record MAC of prior handshake messages for-
554 * Finished verification. */-
555 if (*s->internal->init_buf->data == SSL3_MT_FINISHED)
*s->internal->...uf->data == 20Description
TRUEevaluated 104 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
FALSEevaluated 360 times by 3 tests
Evaluated by:
  • servertest
  • ssltest
  • tlstest
104-360
556 ssl3_take_mac(s);
executed 104 times by 2 tests: ssl3_take_mac(s);
Executed by:
  • ssltest
  • tlstest
104
557-
558 /* Feed this message into MAC computation. */-
559 if (s->internal->mac_packet) {
s->internal->mac_packetDescription
TRUEevaluated 462 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
FALSEevaluated 2 times by 1 test
Evaluated by:
  • servertest
2-462
560 tls1_finish_mac(s, (unsigned char *)s->internal->init_buf->data,-
561 s->internal->init_num + 4);-
562-
563 if (s->internal->msg_callback)
s->internal->msg_callbackDescription
TRUEnever evaluated
FALSEevaluated 462 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
0-462
564 s->internal->msg_callback(0, s->version,
never executed: s->internal->msg_callback(0, s->version, 22, s->internal->init_buf->data, (size_t)s->internal->init_num + 4, s, s->internal->msg_callback_arg);
0
565 SSL3_RT_HANDSHAKE, s->internal->init_buf->data,
never executed: s->internal->msg_callback(0, s->version, 22, s->internal->init_buf->data, (size_t)s->internal->init_num + 4, s, s->internal->msg_callback_arg);
0
566 (size_t)s->internal->init_num + 4, s,
never executed: s->internal->msg_callback(0, s->version, 22, s->internal->init_buf->data, (size_t)s->internal->init_num + 4, s, s->internal->msg_callback_arg);
0
567 s->internal->msg_callback_arg);
never executed: s->internal->msg_callback(0, s->version, 22, s->internal->init_buf->data, (size_t)s->internal->init_num + 4, s, s->internal->msg_callback_arg);
0
568 }
executed 462 times by 2 tests: end of block
Executed by:
  • ssltest
  • tlstest
462
569-
570 *ok = 1;-
571 return (s->internal->init_num);
executed 464 times by 3 tests: return (s->internal->init_num);
Executed by:
  • servertest
  • ssltest
  • tlstest
464
572-
573f_err:-
574 ssl3_send_alert(s, SSL3_AL_FATAL, al);-
575err:
code before this statement never executed: err:
0
576 *ok = 0;-
577 return (-1);
never executed: return (-1);
0
578}-
579-
580int-
581ssl_cert_type(X509 *x, EVP_PKEY *pkey)-
582{-
583 EVP_PKEY *pk;-
584 int ret = -1, i;-
585-
586 if (pkey == NULL)
pkey == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 179 times by 3 tests
Evaluated by:
  • servertest
  • ssltest
  • tlstest
0-179
587 pk = X509_get_pubkey(x);
never executed: pk = X509_get_pubkey(x);
0
588 else-
589 pk = pkey;
executed 179 times by 3 tests: pk = pkey;
Executed by:
  • servertest
  • ssltest
  • tlstest
179
590 if (pk == NULL)
pk == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 179 times by 3 tests
Evaluated by:
  • servertest
  • ssltest
  • tlstest
0-179
591 goto err;
never executed: goto err;
0
592-
593 i = pk->type;-
594 if (i == EVP_PKEY_RSA) {
i == 6Description
TRUEevaluated 179 times by 3 tests
Evaluated by:
  • servertest
  • ssltest
  • tlstest
FALSEnever evaluated
0-179
595 ret = SSL_PKEY_RSA_ENC;-
596 } else if (i == EVP_PKEY_EC) {
executed 179 times by 3 tests: end of block
Executed by:
  • servertest
  • ssltest
  • tlstest
i == 408Description
TRUEnever evaluated
FALSEnever evaluated
0-179
597 ret = SSL_PKEY_ECC;-
598 } else if (i == NID_id_GostR3410_2001 ||
never executed: end of block
i == 811Description
TRUEnever evaluated
FALSEnever evaluated
0
599 i == NID_id_GostR3410_2001_cc) {
i == 851Description
TRUEnever evaluated
FALSEnever evaluated
0
600 ret = SSL_PKEY_GOST01;-
601 }
never executed: end of block
0
602-
603err:
code before this statement executed 179 times by 3 tests: err:
Executed by:
  • servertest
  • ssltest
  • tlstest
179
604 if (!pkey)
!pkeyDescription
TRUEnever evaluated
FALSEevaluated 179 times by 3 tests
Evaluated by:
  • servertest
  • ssltest
  • tlstest
0-179
605 EVP_PKEY_free(pk);
never executed: EVP_PKEY_free(pk);
0
606 return (ret);
executed 179 times by 3 tests: return (ret);
Executed by:
  • servertest
  • ssltest
  • tlstest
179
607}-
608-
609int-
610ssl_verify_alarm_type(long type)-
611{-
612 int al;-
613-
614 switch (type) {-
615 case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
never executed: case 2:
0
616 case X509_V_ERR_UNABLE_TO_GET_CRL:
never executed: case 3:
0
617 case X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER:
never executed: case 33:
0
618 al = SSL_AD_UNKNOWN_CA;-
619 break;
never executed: break;
0
620 case X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE:
never executed: case 4:
0
621 case X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE:
never executed: case 5:
0
622 case X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY:
never executed: case 6:
0
623 case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
never executed: case 13:
0
624 case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
never executed: case 14:
0
625 case X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD:
never executed: case 15:
0
626 case X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD:
never executed: case 16:
0
627 case X509_V_ERR_CERT_NOT_YET_VALID:
never executed: case 9:
0
628 case X509_V_ERR_CRL_NOT_YET_VALID:
never executed: case 11:
0
629 case X509_V_ERR_CERT_UNTRUSTED:
never executed: case 27:
0
630 case X509_V_ERR_CERT_REJECTED:
never executed: case 28:
0
631 al = SSL_AD_BAD_CERTIFICATE;-
632 break;
never executed: break;
0
633 case X509_V_ERR_CERT_SIGNATURE_FAILURE:
never executed: case 7:
0
634 case X509_V_ERR_CRL_SIGNATURE_FAILURE:
never executed: case 8:
0
635 al = SSL_AD_DECRYPT_ERROR;-
636 break;
never executed: break;
0
637 case X509_V_ERR_CERT_HAS_EXPIRED:
never executed: case 10:
0
638 case X509_V_ERR_CRL_HAS_EXPIRED:
never executed: case 12:
0
639 al = SSL_AD_CERTIFICATE_EXPIRED;-
640 break;
never executed: break;
0
641 case X509_V_ERR_CERT_REVOKED:
never executed: case 23:
0
642 al = SSL_AD_CERTIFICATE_REVOKED;-
643 break;
never executed: break;
0
644 case X509_V_ERR_OUT_OF_MEM:
never executed: case 17:
0
645 al = SSL_AD_INTERNAL_ERROR;-
646 break;
never executed: break;
0
647 case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
never executed: case 18:
0
648 case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN:
never executed: case 19:
0
649 case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY:
never executed: case 20:
0
650 case X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE:
never executed: case 21:
0
651 case X509_V_ERR_CERT_CHAIN_TOO_LONG:
never executed: case 22:
0
652 case X509_V_ERR_PATH_LENGTH_EXCEEDED:
never executed: case 25:
0
653 case X509_V_ERR_INVALID_CA:
never executed: case 24:
0
654 al = SSL_AD_UNKNOWN_CA;-
655 break;
never executed: break;
0
656 case X509_V_ERR_APPLICATION_VERIFICATION:
never executed: case 50:
0
657 al = SSL_AD_HANDSHAKE_FAILURE;-
658 break;
never executed: break;
0
659 case X509_V_ERR_INVALID_PURPOSE:
never executed: case 26:
0
660 al = SSL_AD_UNSUPPORTED_CERTIFICATE;-
661 break;
never executed: break;
0
662 default:
never executed: default:
0
663 al = SSL_AD_CERTIFICATE_UNKNOWN;-
664 break;
never executed: break;
0
665 }-
666 return (al);
never executed: return (al);
0
667}-
668-
669int-
670ssl3_setup_init_buffer(SSL *s)-
671{-
672 BUF_MEM *buf = NULL;-
673-
674 if (s->internal->init_buf != NULL)
s->internal->i...!= ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 139 times by 4 tests
Evaluated by:
  • clienttest
  • servertest
  • ssltest
  • tlstest
0-139
675 return (1);
never executed: return (1);
0
676-
677 if ((buf = BUF_MEM_new()) == NULL)
(buf = BUF_MEM...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 139 times by 4 tests
Evaluated by:
  • clienttest
  • servertest
  • ssltest
  • tlstest
0-139
678 goto err;
never executed: goto err;
0
679 if (!BUF_MEM_grow(buf, SSL3_RT_MAX_PLAIN_LENGTH))
!BUF_MEM_grow(buf, 16384)Description
TRUEnever evaluated
FALSEevaluated 139 times by 4 tests
Evaluated by:
  • clienttest
  • servertest
  • ssltest
  • tlstest
0-139
680 goto err;
never executed: goto err;
0
681-
682 s->internal->init_buf = buf;-
683 return (1);
executed 139 times by 4 tests: return (1);
Executed by:
  • clienttest
  • servertest
  • ssltest
  • tlstest
139
684-
685err:-
686 BUF_MEM_free(buf);-
687 return (0);
never executed: return (0);
0
688}-
689-
690int-
691ssl3_setup_read_buffer(SSL *s)-
692{-
693 unsigned char *p;-
694 size_t len, align, headerlen;-
695-
696 if (SSL_IS_DTLS(s))
(s->method->in...ion == 0xFEFF)Description
TRUEevaluated 34 times by 2 tests
Evaluated by:
  • clienttest
  • ssltest
FALSEevaluated 140 times by 4 tests
Evaluated by:
  • clienttest
  • servertest
  • ssltest
  • tlstest
34-140
697 headerlen = DTLS1_RT_HEADER_LENGTH;
executed 34 times by 2 tests: headerlen = 13;
Executed by:
  • clienttest
  • ssltest
34
698 else-
699 headerlen = SSL3_RT_HEADER_LENGTH;
executed 140 times by 4 tests: headerlen = 5;
Executed by:
  • clienttest
  • servertest
  • ssltest
  • tlstest
140
700-
701 align = (-SSL3_RT_HEADER_LENGTH) & (SSL3_ALIGN_PAYLOAD - 1);-
702-
703 if (s->s3->rbuf.buf == NULL) {
s->s3->rbuf.buf == ((void *)0)Description
TRUEevaluated 121 times by 4 tests
Evaluated by:
  • clienttest
  • servertest
  • ssltest
  • tlstest
FALSEevaluated 53 times by 1 test
Evaluated by:
  • ssltest
53-121
704 len = SSL3_RT_MAX_PLAIN_LENGTH +-
705 SSL3_RT_MAX_ENCRYPTED_OVERHEAD + headerlen + align;-
706 if ((p = malloc(len)) == NULL)
(p = malloc(le...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 121 times by 4 tests
Evaluated by:
  • clienttest
  • servertest
  • ssltest
  • tlstest
0-121
707 goto err;
never executed: goto err;
0
708 s->s3->rbuf.buf = p;-
709 s->s3->rbuf.len = len;-
710 }
executed 121 times by 4 tests: end of block
Executed by:
  • clienttest
  • servertest
  • ssltest
  • tlstest
121
711-
712 s->internal->packet = &(s->s3->rbuf.buf[0]);-
713 return 1;
executed 174 times by 4 tests: return 1;
Executed by:
  • clienttest
  • servertest
  • ssltest
  • tlstest
174
714-
715err:-
716 SSLerror(s, ERR_R_MALLOC_FAILURE);-
717 return 0;
never executed: return 0;
0
718}-
719-
720int-
721ssl3_setup_write_buffer(SSL *s)-
722{-
723 unsigned char *p;-
724 size_t len, align, headerlen;-
725-
726 if (SSL_IS_DTLS(s))
(s->method->in...ion == 0xFEFF)Description
TRUEevaluated 34 times by 2 tests
Evaluated by:
  • clienttest
  • ssltest
FALSEevaluated 116 times by 4 tests
Evaluated by:
  • clienttest
  • servertest
  • ssltest
  • tlstest
34-116
727 headerlen = DTLS1_RT_HEADER_LENGTH + 1;
executed 34 times by 2 tests: headerlen = 13 + 1;
Executed by:
  • clienttest
  • ssltest
34
728 else-
729 headerlen = SSL3_RT_HEADER_LENGTH;
executed 116 times by 4 tests: headerlen = 5;
Executed by:
  • clienttest
  • servertest
  • ssltest
  • tlstest
116
730-
731 align = (-SSL3_RT_HEADER_LENGTH) & (SSL3_ALIGN_PAYLOAD - 1);-
732-
733 if (s->s3->wbuf.buf == NULL) {
s->s3->wbuf.buf == ((void *)0)Description
TRUEevaluated 121 times by 4 tests
Evaluated by:
  • clienttest
  • servertest
  • ssltest
  • tlstest
FALSEevaluated 29 times by 1 test
Evaluated by:
  • ssltest
29-121
734 len = s->max_send_fragment +-
735 SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD + headerlen + align;-
736 if (!(s->internal->options & SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS))
!(s->internal-...& 0x00000800L)Description
TRUEevaluated 121 times by 4 tests
Evaluated by:
  • clienttest
  • servertest
  • ssltest
  • tlstest
FALSEnever evaluated
0-121
737 len += headerlen + align +
executed 121 times by 4 tests: len += headerlen + align + (16 + 64);
Executed by:
  • clienttest
  • servertest
  • ssltest
  • tlstest
121
738 SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD;
executed 121 times by 4 tests: len += headerlen + align + (16 + 64);
Executed by:
  • clienttest
  • servertest
  • ssltest
  • tlstest
121
739-
740 if ((p = malloc(len)) == NULL)
(p = malloc(le...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 121 times by 4 tests
Evaluated by:
  • clienttest
  • servertest
  • ssltest
  • tlstest
0-121
741 goto err;
never executed: goto err;
0
742 s->s3->wbuf.buf = p;-
743 s->s3->wbuf.len = len;-
744 }
executed 121 times by 4 tests: end of block
Executed by:
  • clienttest
  • servertest
  • ssltest
  • tlstest
121
745-
746 return 1;
executed 150 times by 4 tests: return 1;
Executed by:
  • clienttest
  • servertest
  • ssltest
  • tlstest
150
747-
748err:-
749 SSLerror(s, ERR_R_MALLOC_FAILURE);-
750 return 0;
never executed: return 0;
0
751}-
752-
753int-
754ssl3_setup_buffers(SSL *s)-
755{-
756 if (!ssl3_setup_read_buffer(s))
!ssl3_setup_read_buffer(s)Description
TRUEnever evaluated
FALSEevaluated 150 times by 4 tests
Evaluated by:
  • clienttest
  • servertest
  • ssltest
  • tlstest
0-150
757 return 0;
never executed: return 0;
0
758 if (!ssl3_setup_write_buffer(s))
!ssl3_setup_write_buffer(s)Description
TRUEnever evaluated
FALSEevaluated 150 times by 4 tests
Evaluated by:
  • clienttest
  • servertest
  • ssltest
  • tlstest
0-150
759 return 0;
never executed: return 0;
0
760 return 1;
executed 150 times by 4 tests: return 1;
Executed by:
  • clienttest
  • servertest
  • ssltest
  • tlstest
150
761}-
762-
763int-
764ssl3_release_write_buffer(SSL *s)-
765{-
766 free(s->s3->wbuf.buf);-
767 s->s3->wbuf.buf = NULL;-
768 return 1;
executed 195 times by 11 tests: return 1;
Executed by:
  • cipher_list
  • cipherstest
  • clienttest
  • libssl.so.46.0.1
  • servertest
  • ssl_versions
  • ssltest
  • tls_ext_alpn
  • tls_prf
  • tlsexttest
  • tlstest
195
769}-
770-
771int-
772ssl3_release_read_buffer(SSL *s)-
773{-
774 free(s->s3->rbuf.buf);-
775 s->s3->rbuf.buf = NULL;-
776 return 1;
executed 195 times by 11 tests: return 1;
Executed by:
  • cipher_list
  • cipherstest
  • clienttest
  • libssl.so.46.0.1
  • servertest
  • ssl_versions
  • ssltest
  • tls_ext_alpn
  • tls_prf
  • tlsexttest
  • tlstest
195
777}-
Source codeSwitch to Preprocessed file
Generated by Squish Coco 4.2.2