min
/
boring2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

add test for psk; deprecated set_psk_callback

This commit is contained in:
Benjamin Cheng 2018-06-02 13:47:52 -04:00
parent b1eb1224f5
commit 5d8a44612d
No known key found for this signature in database
GPG Key ID: 4FE22E7528E97BD8
2 changed files with 47 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
openssl/src/ssl/mod.rs
View File

@ -1240,6 +1240,18 @@ impl SslContextBuilder {
} }
} }
#[deprecated(since = "0.10.10", note = "renamed to `set_psk_client_callback`")]
#[cfg(not(osslconf = "OPENSSL_NO_PSK"))]
pub fn set_psk_callback<F>(&mut self, callback: F)
where
F: Fn(&mut SslRef, Option<&[u8]>, &mut [u8], &mut [u8]) -> Result<usize, ErrorStack>
+ 'static
+ Sync
+ Send,
{
self.set_psk_client_callback(callback)
}
/// Sets the callback for providing an identity and pre-shared key for a TLS-PSK server. /// Sets the callback for providing an identity and pre-shared key for a TLS-PSK server.
/// ///
/// The callback will be called with the SSL context, an identity provided by the client, /// The callback will be called with the SSL context, an identity provided by the client,

35
openssl/src/ssl/test.rs
View File

@ -1536,3 +1536,38 @@ fn stateless() {
send(client_stream.get_mut(), server_stream.get_mut()); send(client_stream.get_mut(), server_stream.get_mut());
hs(server_stream.handshake()).unwrap(); hs(server_stream.handshake()).unwrap();
} }
#[cfg(not(osslconf = "OPENSSL_NO_PSK"))]
#[test]
fn psk_ciphers() {
const PSK: &[u8] = b"thisisaverysecurekey";
const CLIENT_IDENT: &[u8] = b"thisisaclient";
let listener = TcpListener::bind("127.0.0.1:0").unwrap();
let port = listener.local_addr().unwrap().port();
thread::spawn(move || {
let stream = listener.accept().unwrap().0;
let mut ctx = SslContext::builder(SslMethod::tls()).unwrap();
ctx.set_cipher_list("ECDHE-PSK-CHACHA20-POLY1305").unwrap();
ctx.set_psk_server_callback(move |_, identity, psk| {
assert!(identity.unwrap_or(&[]) == CLIENT_IDENT);
psk[..PSK.len()].copy_from_slice(&PSK);
Ok(PSK.len())
});
let ssl = Ssl::new(&ctx.build()).unwrap();
ssl.accept(stream).unwrap();
});
let stream = TcpStream::connect(("127.0.0.1", port)).unwrap();
let mut ctx = SslContext::builder(SslMethod::tls()).unwrap();
ctx.set_cipher_list("ECDHE-PSK-CHACHA20-POLY1305").unwrap();
ctx.set_psk_client_callback(move |_, _, identity, psk| {
identity[..CLIENT_IDENT.len()].copy_from_slice(&CLIENT_IDENT);
identity[CLIENT_IDENT.len()] = 0;
psk[..PSK.len()].copy_from_slice(&PSK);
Ok(PSK.len())
});
let ssl = Ssl::new(&ctx.build()).unwrap();
ssl.connect(stream).unwrap();
}