Changeset 2971


Ignore:
Timestamp:
Oct 27, 2009 2:21:28 AM (10 years ago)
Author:
nanang
Message:

Ticket #957:

  • Fixed SSL socket unit test issues (mostly on Linux platform): let OS manage the binding port (specify port to 0), use pj_sockaddr_get_len() instead of sizeof() for sockaddr size, DOS eol format for certificate and private key files.
  • Temporary fix for SSL_CTX_use_certificate_chain_file() false error alarm (after previous OpenSSL handshake error), by clearing OpenSSL thread error queue in reset_ssl_sock_state()
Location:
pjproject/trunk/pjlib
Files:
4 edited

Legend:

Unmodified
Added
Removed
  • pjproject/trunk/pjlib/build/cacert.pem

    • Property svn:eol-style deleted
  • pjproject/trunk/pjlib/build/privkey.pem

    • Property svn:eol-style deleted
  • pjproject/trunk/pjlib/src/pj/ssl_sock_ossl.c

    r2970 r2971  
    480480        ssock->sock = PJ_INVALID_SOCKET; 
    481481    } 
     482 
     483    /* Upon error, OpenSSL may leave any error description in the thread  
     484     * error queue, which sometime may cause next call to SSL API returning 
     485     * false error alarm, e.g: in Linux, SSL_CTX_use_certificate_chain_file() 
     486     * returning false error after a handshake error (in different SSL_CTX!). 
     487     * For now, just clear thread error queue here. 
     488     */ 
     489    ERR_clear_error(); 
    482490} 
    483491 
  • pjproject/trunk/pjlib/src/pjlib-test/ssl_sock.c

    r2970 r2971  
    2121#include <pjlib.h> 
    2222 
    23 #define ECHO_SERVER_NAME            "localhost" 
    24 #define ECHO_SERVER_ADDR            "localhost" 
    25 #define ECHO_SERVER_PORT            12345 
    26  
    27 #define CERT_DIR                    "..\\build\\" 
     23 
     24#define CERT_DIR                    "../build/" 
    2825#define CERT_CA_FILE                NULL 
    2926#define CERT_FILE                   CERT_DIR "cacert.pem" 
     
    5047    if (status != PJ_SUCCESS) { 
    5148        app_perror("...FAILED to get available ciphers", status); 
    52         return -10; 
     49        return status; 
    5350    } 
    5451 
     
    455452    struct test_state state_serv = { 0 }; 
    456453    struct test_state state_cli = { 0 }; 
    457     pj_sockaddr local_addr, rem_addr; 
     454    pj_sockaddr laddr, raddr; 
    458455    pj_str_t tmp_st; 
    459456    pj_ssl_cipher ciphers[1]; 
     
    510507    } 
    511508 
    512     pj_sockaddr_init(PJ_AF_INET, &local_addr, pj_strset2(&tmp_st, ECHO_SERVER_ADDR), ECHO_SERVER_PORT); 
    513     status = pj_ssl_sock_start_accept(ssock_serv, pool, &local_addr, sizeof(local_addr)); 
     509    pj_sockaddr_init(PJ_AF_INET, &laddr, pj_strset2(&tmp_st, "127.0.0.1"), 0); 
     510    status = pj_ssl_sock_start_accept(ssock_serv, pool, &laddr, pj_sockaddr_get_len(&laddr)); 
    514511    if (status != PJ_SUCCESS) { 
    515512        goto on_return; 
     
    542539    } 
    543540 
    544     pj_sockaddr_init(PJ_AF_INET, &local_addr, pj_strset2(&tmp_st, "0.0.0.0"), 0); 
    545     pj_sockaddr_init(PJ_AF_INET, &rem_addr, pj_strset2(&tmp_st, ECHO_SERVER_ADDR), ECHO_SERVER_PORT); 
    546     status = pj_ssl_sock_start_connect(ssock_cli, pool, &local_addr, &rem_addr, sizeof(rem_addr)); 
     541    { 
     542        pj_ssl_sock_info info; 
     543 
     544        pj_ssl_sock_get_info(ssock_serv, &info); 
     545        pj_sockaddr_cp(&raddr, &info.local_addr); 
     546    } 
     547 
     548    status = pj_ssl_sock_start_connect(ssock_cli, pool, &laddr, &raddr, pj_sockaddr_get_len(&raddr)); 
    547549    if (status == PJ_SUCCESS) { 
    548550        ssl_on_connect_complete(ssock_cli, PJ_SUCCESS); 
     
    684686    param.cb.on_data_sent = &ssl_on_data_sent; 
    685687    param.ioqueue = ioqueue; 
     688    param.timer_heap = timer; 
    686689    param.timeout.sec = 0; 
    687690    param.timeout.msec = ms_timeout; 
    688     param.timer_heap = timer; 
    689691    pj_time_val_normalize(&param.timeout); 
    690692 
     
    703705    } 
    704706 
    705     pj_sockaddr_init(PJ_AF_INET, &listen_addr, pj_strset2(&tmp_st, ECHO_SERVER_ADDR), ECHO_SERVER_PORT); 
    706     status = pj_ssl_sock_start_accept(ssock_serv, pool, &listen_addr, sizeof(listen_addr)); 
    707     if (status != PJ_SUCCESS) { 
    708         goto on_return; 
     707    pj_sockaddr_init(PJ_AF_INET, &listen_addr, pj_strset2(&tmp_st, "127.0.0.1"), 0); 
     708    status = pj_ssl_sock_start_accept(ssock_serv, pool, &listen_addr, pj_sockaddr_get_len(&listen_addr)); 
     709    if (status != PJ_SUCCESS) { 
     710        goto on_return; 
     711    } 
     712 
     713    { 
     714        pj_ssl_sock_info info; 
     715 
     716        pj_ssl_sock_get_info(ssock_serv, &info); 
     717        pj_sockaddr_cp(&listen_addr, &info.local_addr); 
    709718    } 
    710719 
     
    801810    PJ_LOG(3,("", "..echo test w/ incompatible ciphers")); 
    802811    ret = echo_test(PJ_SSL_SOCK_PROTO_DEFAULT, TLS_RSA_WITH_DES_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA); 
    803     if (ret == 0) 
    804         return -10; 
     812    if (ret != PJ_EEOF) 
     813        return ret; 
    805814 
    806815    PJ_LOG(3,("", "..client non-SSL timeout in 5 secs")); 
Note: See TracChangeset for help on using the changeset viewer.