search

enarx-archive / tlssock

A library exposing TLS/DTLS sockets using the POSIX networking APIs
Apache License 2.0
18 stars 7 forks source link

Fix gnutls-cli client tests #7

Open npmccallum opened 5 years ago

npmccallum commented 5 years ago

We should be able to use gnutls-cli as a client in our tests. However, it doesn't appear to work. When run manually it works. But when run in the test harness it does not. We need to debug this.

DK-DARKmatter commented 5 years ago

screenshot from 2019-02-15 14-33-29 I added some output to check our program, as shown in the screenshot. I added these output to both ts-gnutls and ts-openssl. Then I check the output log: screenshot from 2019-02-15 14-35-22

screenshot from 2019-02-15 14-35-50 First, I think I should not have a output that indicate the reference decreased to 1, because the statement should be greater than one. Then I did not see any output that indicates tls_clear() or SSL_free() function is called, I cannot find them in some OK tests. At last, the output that indicates Failed to get the lock is too many, maybe I have hundreds of them in one test case, this also happens in some OK tests. screenshot from 2019-02-15 14-35-36

frozencemetery commented 5 years ago

Hi, in the future please post text logs, not screenshots. I'd recommend not using eclipse either, but that part is on you.

Next, you're not on master right now - latest commit is c1d9eb78f811b1fed08ff4ac1af604ceebc7a4fb. You probably need to git pull. Locking infrastructure has changed slightly, and while it's probably not the difference, it's good to be sure.

First, I think I should not have a output that indicate the reference decreased to 1, because the statement should be greater than one.

That's not what the statement says. It says if (tls->ref-- > 1). This means that the value will be checked prior to performing the decrement.

Then I did not see any output that indicates tls_clear() or SSL_free() function is called, I cannot find them in some OK tests.

Well, that's consistent with never seeing "SSL is free", isn't it?

At last, the output that indicates Failed to get the lock is too many, maybe I have hundreds of them in one test case, this also happens in some OK tests.

Sounds like you should go look with gdb and see what's up.

DK-DARKmatter commented 5 years ago

Sorry I did not notice the update. I updated the code and apply similar checks to it.

tls_t *
tls_decref(tls_t *tls)
{
    fprintf(stderr,"Entering tls_decref function!\n");
  if (!tls)
    return NULL;

  {
    rwhold_auto_t *hold = rwlock_wrlock(tls->lock);
    if (!hold){
        fprintf(stderr,"SSL-Fail to get the lock?\n");
      return NULL;
    }
    if (tls->ref-- > 1)
      return tls;
    fprintf(stderr,"SSL_free is called!\n");
    SSL_free(tls->ssl);
  }

  rwlock_free(tls->lock);
  fprintf(stderr,"SSL-rwlock is freed!\n");
  memset(tls, 0, sizeof(*tls));
  free(tls);
  return NULL;
}

and in the log I can only find

Entering tls_decref function!

In some cases there are tens of this and some cases maybe hundreds of this. But nothing else. I will go look with gdb and see what's up.