Commit c5fd391e authored by Manuel Pégourié-Gonnard's avatar Manuel Pégourié-Gonnard
Browse files

Check return value of ssl_set_xxx() in programs

parent 14beb085
......@@ -855,17 +855,29 @@ int main( int argc, char *argv[] )
ssl_set_authmode( &ssl, opt.auth_mode );
#if defined(POLARSSL_SSL_MAX_FRAGMENT_LENGTH)
ssl_set_max_frag_len( &ssl, opt.mfl_code );
if( ( ret = ssl_set_max_frag_len( &ssl, opt.mfl_code ) ) != 0 )
{
printf( " failed\n ! ssl_set_max_frag_len returned %d\n\n", ret );
goto exit;
}
#endif
#if defined(POLARSSL_SSL_TRUNCATED_HMAC)
if( opt.trunc_hmac != 0 )
ssl_set_truncated_hmac( &ssl, SSL_TRUNC_HMAC_ENABLED );
if( ( ret = ssl_set_truncated_hmac( &ssl, SSL_TRUNC_HMAC_ENABLED ) ) != 0 )
{
printf( " failed\n ! ssl_set_truncated_hmac returned %d\n\n", ret );
goto exit;
}
#endif
#if defined(POLARSSL_SSL_ALPN)
if( opt.alpn_string != NULL )
ssl_set_alpn_protocols( &ssl, alpn_list );
if( ( ret = ssl_set_alpn_protocols( &ssl, alpn_list ) ) != 0 )
{
printf( " failed\n ! ssl_set_alpn_protocols returned %d\n\n", ret );
goto exit;
}
#endif
ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg );
......@@ -877,7 +889,11 @@ int main( int argc, char *argv[] )
ssl_set_bio( &ssl, net_recv, &server_fd, net_send, &server_fd );
#if defined(POLARSSL_SSL_SESSION_TICKETS)
ssl_set_session_tickets( &ssl, opt.tickets );
if( ( ret = ssl_set_session_tickets( &ssl, opt.tickets ) ) != 0 )
{
printf( " failed\n ! ssl_set_session_tickets returned %d\n\n", ret );
goto exit;
}
#endif
if( opt.force_ciphersuite[0] != DFL_FORCE_CIPHER )
......@@ -895,17 +911,30 @@ int main( int argc, char *argv[] )
if( strcmp( opt.crt_file, "none" ) != 0 &&
strcmp( opt.key_file, "none" ) != 0 )
{
ssl_set_own_cert( &ssl, &clicert, &pkey );
if( ( ret = ssl_set_own_cert( &ssl, &clicert, &pkey ) ) != 0 )
{
printf( " failed\n ! ssl_set_own_cert returned %d\n\n", ret );
goto exit;
}
}
#endif
#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED)
ssl_set_psk( &ssl, psk, psk_len, (const unsigned char *) opt.psk_identity,
strlen( opt.psk_identity ) );
if( ( ret = ssl_set_psk( &ssl, psk, psk_len,
(const unsigned char *) opt.psk_identity,
strlen( opt.psk_identity ) ) ) != 0 )
{
printf( " failed\n ! ssl_set_psk returned %d\n\n", ret );
goto exit;
}
#endif
#if defined(POLARSSL_SSL_SERVER_NAME_INDICATION)
ssl_set_hostname( &ssl, opt.server_name );
if( ( ret = ssl_set_hostname( &ssl, opt.server_name ) ) != 0 )
{
printf( " failed\n ! ssl_set_hostname returned %d\n\n", ret );
goto exit;
}
#endif
if( opt.min_version != -1 )
......@@ -1130,7 +1159,11 @@ send_request:
goto exit;
}
ssl_set_session( &ssl, &saved_session );
if( ( ret = ssl_set_session( &ssl, &saved_session ) ) != 0 )
{
printf( " failed\n ! ssl_set_session returned %d\n\n", ret );
goto exit;
}
if( ( ret = net_connect( &server_fd, opt.server_name,
opt.server_port ) ) != 0 )
......
......@@ -270,7 +270,11 @@ int main( int argc, char *argv[] )
net_send, &client_fd );
ssl_set_ca_chain( &ssl, srvcert.next, NULL, NULL );
ssl_set_own_cert( &ssl, &srvcert, &pkey );
if( ( ret = ssl_set_own_cert( &ssl, &srvcert, &pkey ) ) != 0 )
{
printf( " failed\n ! ssl_set_own_cert returned %d\n\n", ret );
goto exit;
}
/*
* 5. Handshake
......
......@@ -609,10 +609,18 @@ int main( int argc, char *argv[] )
ssl_set_ciphersuites( &ssl, opt.force_ciphersuite );
ssl_set_ca_chain( &ssl, &cacert, NULL, opt.server_name );
ssl_set_own_cert( &ssl, &clicert, &pkey );
if( ( ret = ssl_set_own_cert( &ssl, &clicert, &pkey ) ) != 0 )
{
printf( " failed\n ! ssl_set_own_cert returned %d\n\n", ret );
goto exit;
}
#if defined(POLARSSL_SSL_SERVER_NAME_INDICATION)
ssl_set_hostname( &ssl, opt.server_name );
if( ( ret = ssl_set_hostname( &ssl, opt.server_name ) ) != 0 )
{
printf( " failed\n ! ssl_set_hostname returned %d\n\n", ret );
goto exit;
}
#endif
if( opt.mode == MODE_SSL_TLS )
......
......@@ -173,7 +173,11 @@ static void *handle_ssl_connection( void *data )
#endif
ssl_set_ca_chain( &ssl, thread_info->ca_chain, NULL, NULL );
ssl_set_own_cert( &ssl, thread_info->server_cert, thread_info->server_key );
if( ( ret = ssl_set_own_cert( &ssl, thread_info->server_cert, thread_info->server_key ) ) != 0 )
{
printf( " failed\n ! ssl_set_own_cert returned %d\n\n", ret );
goto exit;
}
printf( " [ #%d ] ok\n", thread_id );
......
......@@ -207,7 +207,11 @@ int main( int argc, char *argv[] )
#endif
ssl_set_ca_chain( &ssl, srvcert.next, NULL, NULL );
ssl_set_own_cert( &ssl, &srvcert, &pkey );
if( ( ret = ssl_set_own_cert( &ssl, &srvcert, &pkey ) ) != 0 )
{
printf( " failed\n ! ssl_set_own_cert returned %d\n\n", ret );
goto exit;
}
printf( " ok\n" );
......
......@@ -426,8 +426,7 @@ int sni_callback( void *p_info, ssl_context *ssl,
if( name_len == strlen( cur->name ) &&
memcmp( name, cur->name, name_len ) == 0 )
{
ssl_set_own_cert( ssl, cur->cert, cur->key );
return( 0 );
return( ssl_set_own_cert( ssl, cur->cert, cur->key ) );
}
cur = cur->next;
......@@ -1219,12 +1218,20 @@ int main( int argc, char *argv[] )
ssl_set_authmode( &ssl, opt.auth_mode );
#if defined(POLARSSL_SSL_MAX_FRAGMENT_LENGTH)
ssl_set_max_frag_len( &ssl, opt.mfl_code );
if( ( ret = ssl_set_max_frag_len( &ssl, opt.mfl_code ) ) != 0 )
{
printf( " failed\n ! ssl_set_max_frag_len returned %d\n\n", ret );
goto exit;
};
#endif
#if defined(POLARSSL_SSL_ALPN)
if( opt.alpn_string != NULL )
ssl_set_alpn_protocols( &ssl, alpn_list );
if( ( ret = ssl_set_alpn_protocols( &ssl, alpn_list ) ) != 0 )
{
printf( " failed\n ! ssl_set_alpn_protocols returned %d\n\n", ret );
goto exit;
}
#endif
ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg );
......@@ -1242,7 +1249,11 @@ int main( int argc, char *argv[] )
#endif
#if defined(POLARSSL_SSL_SESSION_TICKETS)
ssl_set_session_tickets( &ssl, opt.tickets );
if( ( ret = ssl_set_session_tickets( &ssl, opt.tickets ) ) != 0 )
{
printf( " failed\n ! ssl_set_session_tickets returned %d\n\n", ret );
goto exit;
}
if( opt.ticket_timeout != -1 )
ssl_set_session_ticket_lifetime( &ssl, opt.ticket_timeout );
......@@ -1279,9 +1290,17 @@ int main( int argc, char *argv[] )
ssl_set_ca_chain( &ssl, &cacert, NULL, NULL );
}
if( key_cert_init )
ssl_set_own_cert( &ssl, &srvcert, &pkey );
if( ( ret = ssl_set_own_cert( &ssl, &srvcert, &pkey ) ) != 0 )
{
printf( " failed\n ! ssl_set_own_cert returned %d\n\n", ret );
goto exit;
}
if( key_cert_init2 )
ssl_set_own_cert( &ssl, &srvcert2, &pkey2 );
if( ( ret = ssl_set_own_cert( &ssl, &srvcert2, &pkey2 ) ) != 0 )
{
printf( " failed\n ! ssl_set_own_cert returned %d\n\n", ret );
goto exit;
}
#endif
#if defined(POLARSSL_SNI)
......
......@@ -265,7 +265,11 @@ static int ssl_test( struct options *opt )
ssl_set_endpoint( &ssl, SSL_IS_SERVER );
ssl_set_ca_chain( &ssl, srvcert.next, NULL, NULL );
ssl_set_own_cert( &ssl, &srvcert, &pkey );
if( ( ret = ssl_set_own_cert( &ssl, &srvcert, &pkey ) ) != 0 )
{
printf( " failed\n ! ssl_set_own_cert returned %d\n\n", ret );
goto exit;
}
}
ssl_set_authmode( &ssl, SSL_VERIFY_NONE );
......
......@@ -432,10 +432,18 @@ int main( int argc, char *argv[] )
ssl_set_bio( &ssl, net_recv, &server_fd,
net_send, &server_fd );
ssl_set_own_cert( &ssl, &clicert, &pkey );
if( ( ret = ssl_set_own_cert( &ssl, &clicert, &pkey ) ) != 0 )
{
printf( " failed\n ! ssl_set_own_cert returned %d\n\n", ret );
goto exit;
}
#if defined(POLARSSL_SSL_SERVER_NAME_INDICATION)
ssl_set_hostname( &ssl, opt.server_name );
if( ( ret = ssl_set_hostname( &ssl, opt.server_name ) ) != 0 )
{
printf( " failed\n ! ssl_set_hostname returned %d\n\n", ret );
goto exit;
}
#endif
/*
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment