Commit 29dc4419 authored by Jannik Hoelling's avatar Jannik Hoelling
Browse files

return codes

parent 35751270
......@@ -95,7 +95,9 @@ int main(int argc, char *argv[]) {
err = br_ssl_engine_last_error(&sc.eng);
if (alpn_received == NULL || strcmp(alpn_ptr[0], alpn_received) != 0) {
printf("Invalid ALPN received: %s\n", alpn_received);
return BR_OPT_FAIL_ON_ALPN_MISMATCH;
br_sslio_close(&ioc);
close(fd);
return 120;
} else {
printf("ALPN negotiatiated: %s\n", alpn_received);
}
......@@ -147,14 +149,17 @@ int main(int argc, char *argv[]) {
return EXIT_SUCCESS;
} else if (err == BR_ERR_X509_BAD_SERVER_NAME) {
fprintf(stderr, "ERROR BR_ERR_X509_BAD_SERVER_NAME\n");
return 112;
} else if (err == BR_ALERT_BAD_CERTIFICATE) {
fprintf(stderr, "ERROR BR_ALERT_BAD_CERTIFICATE\n");
} else if (err == BR_ALERT_CERTIFICATE_UNKNOWN) {
fprintf(stderr, "ERROR BR_ALERT_CERTIFICATE_UNKNOWN\n");
} else if (err == BR_ALERT_NO_APPLICATION_PROTOCOL) {
fprintf(stderr, "ERROR BR_ALERT_NO_APPLICATION_PROTOCOL\n");
return 120;
} else if (err == BR_OPT_FAIL_ON_ALPN_MISMATCH) {
fprintf(stderr, "ERROR BR_OPT_FAIL_ON_ALPN_MISMATCH\n");
return 120;
} else if (err == BR_ERR_BAD_SNI) {
fprintf(stderr, "ERROR BR_ERR_BAD_SNI\n");
} else {
......
#!/bin/bash
for library in baseimage openssl bearssl botan gnutls golang mbedtls wolfssl ; do
for library in baseimage openssl bearssl botan java gnutls golang mbedtls wolfssl ; do
(cd "$library"
./build.sh);
done
......@@ -63,9 +63,9 @@ func main() {
if err != nil {
log.Println(err)
if strings.Contains(err.Error(), "server selected unadvertised ALPN protocol") {
os.Exit(134)
os.Exit(120)
} else if strings.Contains(err.Error(), "x509: certificate is valid for") {
os.Exit(112)
os.Exit(42)
}
os.Exit(1)
}
......
......@@ -101,7 +101,7 @@ public class Client {
String peerCNname = getCommonName((X509Certificate) sslSocket.getSession().getPeerCertificates()[0]);
if (!peerCNname.equals(servername)) {
System.out.println("Hostname Verification failed: " + peerCNname);
System.exit(112);
System.exit(42);
}
System.out.println("Hostname Verification succeded: " + peerCNname);
......@@ -109,7 +109,7 @@ public class Client {
String ap = sslSocket.getApplicationProtocol();
if (!ap.equals(alpn[0])) {
System.out.println("INVALID ALPN: \"" + ap + "\"");
System.exit(1);
System.exit(120);
}
System.out.println("ALPN: \"" + ap + "\"");
......
......@@ -197,7 +197,7 @@ cleanup:
char error_buf[100];
mbedtls_strerror(ret, error_buf, 100);
if (strstr(error_buf, "X509 - Certificate verification failed") != NULL) {
ret = 134;
ret = 42;
} else if (strstr(error_buf, "Processing of the ServerHello handshake message failed") != NULL) {
ret = 120;
}
......
......@@ -199,7 +199,7 @@ static int error_callback(const char *str, size_t len, void *err) {
} else if (strstr(str, "CERTIFICATE_VERIFY_FAILED") != NULL || strstr(str, "certificate verify failed") != NULL) {
printf("CERTIFICATE_VERIFY_FAILED \n");
//err = 1;
(*(int *)err) = SSL_R_CERTIFICATE_VERIFY_FAILED;
(*(int *)err) = SSL3_AD_BAD_CERTIFICATE;
} else if (strstr(str, "TLSV1_ALERT_UNRECOGNIZED_NAME") != NULL || strstr(str, "tlsv1 unrecognized name") != NULL) {
printf("TLSV1_ALERT_UNRECOGNIZED_NAME \n");
//err = 1;
......
......@@ -20,7 +20,7 @@ NC='\033[0m' # No Color
# 2. get results file from docker container
# 3. append them to the results file on the host
rm results
for library in bearssl botan gnutls golang mbedtls openssl wolfssl ; do
for library in bearssl botan gnutls java golang mbedtls openssl wolfssl ; do
(cd "$library"
./run.sh
containerid=$(docker-compose ps -q $library-client)
......
......@@ -138,7 +138,7 @@ int main(int argc, char **argv) {
ret = 120;
}
if (strstr(error_string, "peer subject name mismatch") != NULL) {
ret = 134;
ret = 42;
}
goto cleanup;
}
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment