1 1.1 christos /* 2 1.1 christos * Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved. 3 1.1 christos * 4 1.1 christos * Licensed under the Apache License 2.0 (the "License"). You may not use 5 1.1 christos * this file except in compliance with the License. You can obtain a copy 6 1.1 christos * in the file LICENSE in the source distribution or at 7 1.1 christos * https://www.openssl.org/source/license.html 8 1.1 christos */ 9 1.1 christos 10 1.1 christos /* 11 1.1 christos * Ideally, CONF should offer standard parsing methods and cover them 12 1.1 christos * in tests. But since we have no CONF tests, we use a custom test for now. 13 1.1 christos */ 14 1.1 christos 15 1.1 christos #include <stdio.h> 16 1.1 christos #include <string.h> 17 1.1 christos 18 1.1 christos #include "internal/nelem.h" 19 1.1 christos #include "helpers/ssl_test_ctx.h" 20 1.1 christos #include "testutil.h" 21 1.1 christos #include <openssl/e_os2.h> 22 1.1 christos #include <openssl/err.h> 23 1.1 christos #include <openssl/conf.h> 24 1.1 christos #include <openssl/ssl.h> 25 1.1 christos 26 1.1 christos static CONF *conf = NULL; 27 1.1 christos 28 1.1 christos typedef struct ssl_test_ctx_test_fixture { 29 1.1 christos const char *test_case_name; 30 1.1 christos const char *test_section; 31 1.1 christos /* Expected parsed configuration. */ 32 1.1 christos SSL_TEST_CTX *expected_ctx; 33 1.1 christos } SSL_TEST_CTX_TEST_FIXTURE; 34 1.1 christos 35 1.1 christos static int clientconf_eq(SSL_TEST_CLIENT_CONF *conf1, 36 1.1.1.2 christos SSL_TEST_CLIENT_CONF *conf2) 37 1.1 christos { 38 1.1 christos if (!TEST_int_eq(conf1->verify_callback, conf2->verify_callback) 39 1.1.1.2 christos || !TEST_int_eq(conf1->servername, conf2->servername) 40 1.1.1.2 christos || !TEST_str_eq(conf1->npn_protocols, conf2->npn_protocols) 41 1.1.1.2 christos || !TEST_str_eq(conf1->alpn_protocols, conf2->alpn_protocols) 42 1.1.1.2 christos || !TEST_int_eq(conf1->ct_validation, conf2->ct_validation) 43 1.1.1.2 christos || !TEST_int_eq(conf1->max_fragment_len_mode, 44 1.1.1.2 christos conf2->max_fragment_len_mode)) 45 1.1 christos return 0; 46 1.1 christos return 1; 47 1.1 christos } 48 1.1 christos 49 1.1 christos static int serverconf_eq(SSL_TEST_SERVER_CONF *serv, 50 1.1.1.2 christos SSL_TEST_SERVER_CONF *serv2) 51 1.1 christos { 52 1.1 christos if (!TEST_int_eq(serv->servername_callback, serv2->servername_callback) 53 1.1.1.2 christos || !TEST_str_eq(serv->npn_protocols, serv2->npn_protocols) 54 1.1.1.2 christos || !TEST_str_eq(serv->alpn_protocols, serv2->alpn_protocols) 55 1.1.1.2 christos || !TEST_int_eq(serv->broken_session_ticket, 56 1.1.1.2 christos serv2->broken_session_ticket) 57 1.1.1.2 christos || !TEST_str_eq(serv->session_ticket_app_data, 58 1.1.1.2 christos serv2->session_ticket_app_data) 59 1.1.1.2 christos || !TEST_int_eq(serv->cert_status, serv2->cert_status)) 60 1.1 christos return 0; 61 1.1 christos return 1; 62 1.1 christos } 63 1.1 christos 64 1.1 christos static int extraconf_eq(SSL_TEST_EXTRA_CONF *extra, 65 1.1.1.2 christos SSL_TEST_EXTRA_CONF *extra2) 66 1.1 christos { 67 1.1 christos if (!TEST_true(clientconf_eq(&extra->client, &extra2->client)) 68 1.1.1.2 christos || !TEST_true(serverconf_eq(&extra->server, &extra2->server)) 69 1.1.1.2 christos || !TEST_true(serverconf_eq(&extra->server2, &extra2->server2))) 70 1.1 christos return 0; 71 1.1 christos return 1; 72 1.1 christos } 73 1.1 christos 74 1.1 christos static int testctx_eq(SSL_TEST_CTX *ctx, SSL_TEST_CTX *ctx2) 75 1.1 christos { 76 1.1 christos if (!TEST_int_eq(ctx->method, ctx2->method) 77 1.1.1.2 christos || !TEST_int_eq(ctx->handshake_mode, ctx2->handshake_mode) 78 1.1.1.2 christos || !TEST_int_eq(ctx->app_data_size, ctx2->app_data_size) 79 1.1.1.2 christos || !TEST_int_eq(ctx->max_fragment_size, ctx2->max_fragment_size) 80 1.1.1.2 christos || !extraconf_eq(&ctx->extra, &ctx2->extra) 81 1.1.1.2 christos || !extraconf_eq(&ctx->resume_extra, &ctx2->resume_extra) 82 1.1.1.2 christos || !TEST_int_eq(ctx->expected_result, ctx2->expected_result) 83 1.1.1.2 christos || !TEST_int_eq(ctx->expected_client_alert, 84 1.1.1.2 christos ctx2->expected_client_alert) 85 1.1.1.2 christos || !TEST_int_eq(ctx->expected_server_alert, 86 1.1.1.2 christos ctx2->expected_server_alert) 87 1.1.1.2 christos || !TEST_int_eq(ctx->expected_protocol, ctx2->expected_protocol) 88 1.1.1.2 christos || !TEST_int_eq(ctx->expected_servername, ctx2->expected_servername) 89 1.1.1.2 christos || !TEST_int_eq(ctx->session_ticket_expected, 90 1.1.1.2 christos ctx2->session_ticket_expected) 91 1.1.1.2 christos || !TEST_int_eq(ctx->compression_expected, 92 1.1.1.2 christos ctx2->compression_expected) 93 1.1.1.2 christos || !TEST_str_eq(ctx->expected_npn_protocol, 94 1.1.1.2 christos ctx2->expected_npn_protocol) 95 1.1.1.2 christos || !TEST_str_eq(ctx->expected_alpn_protocol, 96 1.1.1.2 christos ctx2->expected_alpn_protocol) 97 1.1.1.2 christos || !TEST_str_eq(ctx->expected_cipher, 98 1.1.1.2 christos ctx2->expected_cipher) 99 1.1.1.2 christos || !TEST_str_eq(ctx->expected_session_ticket_app_data, 100 1.1.1.2 christos ctx2->expected_session_ticket_app_data) 101 1.1.1.2 christos || !TEST_int_eq(ctx->resumption_expected, 102 1.1.1.2 christos ctx2->resumption_expected) 103 1.1.1.2 christos || !TEST_int_eq(ctx->session_id_expected, 104 1.1.1.2 christos ctx2->session_id_expected)) 105 1.1 christos return 0; 106 1.1 christos return 1; 107 1.1 christos } 108 1.1 christos 109 1.1 christos static SSL_TEST_CTX_TEST_FIXTURE *set_up(const char *const test_case_name) 110 1.1 christos { 111 1.1 christos SSL_TEST_CTX_TEST_FIXTURE *fixture; 112 1.1 christos 113 1.1 christos if (!TEST_ptr(fixture = OPENSSL_zalloc(sizeof(*fixture)))) 114 1.1 christos return NULL; 115 1.1 christos fixture->test_case_name = test_case_name; 116 1.1 christos if (!TEST_ptr(fixture->expected_ctx = SSL_TEST_CTX_new(NULL))) { 117 1.1 christos OPENSSL_free(fixture); 118 1.1 christos return NULL; 119 1.1 christos } 120 1.1 christos return fixture; 121 1.1 christos } 122 1.1 christos 123 1.1 christos static int execute_test(SSL_TEST_CTX_TEST_FIXTURE *fixture) 124 1.1 christos { 125 1.1 christos int success = 0; 126 1.1 christos SSL_TEST_CTX *ctx; 127 1.1 christos 128 1.1 christos if (!TEST_ptr(ctx = SSL_TEST_CTX_create(conf, fixture->test_section, 129 1.1.1.2 christos fixture->expected_ctx->libctx)) 130 1.1.1.2 christos || !testctx_eq(ctx, fixture->expected_ctx)) 131 1.1 christos goto err; 132 1.1 christos 133 1.1 christos success = 1; 134 1.1.1.2 christos err: 135 1.1 christos SSL_TEST_CTX_free(ctx); 136 1.1 christos return success; 137 1.1 christos } 138 1.1 christos 139 1.1 christos static void tear_down(SSL_TEST_CTX_TEST_FIXTURE *fixture) 140 1.1 christos { 141 1.1 christos SSL_TEST_CTX_free(fixture->expected_ctx); 142 1.1 christos OPENSSL_free(fixture); 143 1.1 christos } 144 1.1 christos 145 1.1 christos #define SETUP_SSL_TEST_CTX_TEST_FIXTURE() \ 146 1.1 christos SETUP_TEST_FIXTURE(SSL_TEST_CTX_TEST_FIXTURE, set_up); 147 1.1 christos #define EXECUTE_SSL_TEST_CTX_TEST() \ 148 1.1 christos EXECUTE_TEST(execute_test, tear_down) 149 1.1 christos 150 1.1 christos static int test_empty_configuration(void) 151 1.1 christos { 152 1.1 christos SETUP_SSL_TEST_CTX_TEST_FIXTURE(); 153 1.1 christos fixture->test_section = "ssltest_default"; 154 1.1 christos fixture->expected_ctx->expected_result = SSL_TEST_SUCCESS; 155 1.1 christos EXECUTE_SSL_TEST_CTX_TEST(); 156 1.1 christos return result; 157 1.1 christos } 158 1.1 christos 159 1.1 christos static int test_good_configuration(void) 160 1.1 christos { 161 1.1 christos SETUP_SSL_TEST_CTX_TEST_FIXTURE(); 162 1.1 christos fixture->test_section = "ssltest_good"; 163 1.1 christos fixture->expected_ctx->method = SSL_TEST_METHOD_DTLS; 164 1.1 christos fixture->expected_ctx->handshake_mode = SSL_TEST_HANDSHAKE_RESUME; 165 1.1 christos fixture->expected_ctx->app_data_size = 1024; 166 1.1 christos fixture->expected_ctx->max_fragment_size = 2048; 167 1.1 christos 168 1.1 christos fixture->expected_ctx->expected_result = SSL_TEST_SERVER_FAIL; 169 1.1 christos fixture->expected_ctx->expected_client_alert = SSL_AD_UNKNOWN_CA; 170 1.1.1.2 christos fixture->expected_ctx->expected_server_alert = 0; /* No alert. */ 171 1.1 christos fixture->expected_ctx->expected_protocol = TLS1_1_VERSION; 172 1.1 christos fixture->expected_ctx->expected_servername = SSL_TEST_SERVERNAME_SERVER2; 173 1.1 christos fixture->expected_ctx->session_ticket_expected = SSL_TEST_SESSION_TICKET_YES; 174 1.1 christos fixture->expected_ctx->compression_expected = SSL_TEST_COMPRESSION_NO; 175 1.1 christos fixture->expected_ctx->session_id_expected = SSL_TEST_SESSION_ID_IGNORE; 176 1.1 christos fixture->expected_ctx->resumption_expected = 1; 177 1.1 christos 178 1.1.1.2 christos fixture->expected_ctx->extra.client.verify_callback = SSL_TEST_VERIFY_REJECT_ALL; 179 1.1 christos fixture->expected_ctx->extra.client.servername = SSL_TEST_SERVERNAME_SERVER2; 180 1.1.1.2 christos fixture->expected_ctx->extra.client.npn_protocols = OPENSSL_strdup("foo,bar"); 181 1.1 christos if (!TEST_ptr(fixture->expected_ctx->extra.client.npn_protocols)) 182 1.1 christos goto err; 183 1.1 christos fixture->expected_ctx->extra.client.max_fragment_len_mode = 0; 184 1.1 christos 185 1.1.1.2 christos fixture->expected_ctx->extra.server.servername_callback = SSL_TEST_SERVERNAME_IGNORE_MISMATCH; 186 1.1 christos fixture->expected_ctx->extra.server.broken_session_ticket = 1; 187 1.1 christos 188 1.1.1.2 christos fixture->expected_ctx->resume_extra.server2.alpn_protocols = OPENSSL_strdup("baz"); 189 1.1 christos if (!TEST_ptr(fixture->expected_ctx->resume_extra.server2.alpn_protocols)) 190 1.1 christos goto err; 191 1.1 christos 192 1.1.1.2 christos fixture->expected_ctx->resume_extra.client.ct_validation = SSL_TEST_CT_VALIDATION_STRICT; 193 1.1 christos 194 1.1 christos EXECUTE_SSL_TEST_CTX_TEST(); 195 1.1 christos return result; 196 1.1 christos 197 1.1 christos err: 198 1.1 christos tear_down(fixture); 199 1.1 christos return 0; 200 1.1 christos } 201 1.1 christos 202 1.1 christos static const char *bad_configurations[] = { 203 1.1 christos "ssltest_unknown_option", 204 1.1 christos "ssltest_wrong_section", 205 1.1 christos "ssltest_unknown_expected_result", 206 1.1 christos "ssltest_unknown_alert", 207 1.1 christos "ssltest_unknown_protocol", 208 1.1 christos "ssltest_unknown_verify_callback", 209 1.1 christos "ssltest_unknown_servername", 210 1.1 christos "ssltest_unknown_servername_callback", 211 1.1 christos "ssltest_unknown_session_ticket_expected", 212 1.1 christos "ssltest_unknown_compression_expected", 213 1.1 christos "ssltest_unknown_session_id_expected", 214 1.1 christos "ssltest_unknown_method", 215 1.1 christos "ssltest_unknown_handshake_mode", 216 1.1 christos "ssltest_unknown_resumption_expected", 217 1.1 christos "ssltest_unknown_ct_validation", 218 1.1 christos "ssltest_invalid_max_fragment_len", 219 1.1 christos }; 220 1.1 christos 221 1.1 christos static int test_bad_configuration(int idx) 222 1.1 christos { 223 1.1 christos SSL_TEST_CTX *ctx; 224 1.1 christos 225 1.1 christos if (!TEST_ptr_null(ctx = SSL_TEST_CTX_create(conf, 226 1.1.1.2 christos bad_configurations[idx], NULL))) { 227 1.1 christos SSL_TEST_CTX_free(ctx); 228 1.1 christos return 0; 229 1.1 christos } 230 1.1 christos 231 1.1 christos return 1; 232 1.1 christos } 233 1.1 christos 234 1.1 christos OPT_TEST_DECLARE_USAGE("conf_file\n") 235 1.1 christos 236 1.1 christos int setup_tests(void) 237 1.1 christos { 238 1.1 christos if (!test_skip_common_options()) { 239 1.1 christos TEST_error("Error parsing test options\n"); 240 1.1 christos return 0; 241 1.1 christos } 242 1.1 christos 243 1.1 christos if (!TEST_ptr(conf = NCONF_new(NULL))) 244 1.1 christos return 0; 245 1.1 christos /* argument should point to test/ssl_test_ctx_test.cnf */ 246 1.1 christos if (!TEST_int_gt(NCONF_load(conf, test_get_argument(0), NULL), 0)) 247 1.1 christos return 0; 248 1.1 christos 249 1.1 christos ADD_TEST(test_empty_configuration); 250 1.1 christos ADD_TEST(test_good_configuration); 251 1.1 christos ADD_ALL_TESTS(test_bad_configuration, OSSL_NELEM(bad_configurations)); 252 1.1 christos return 1; 253 1.1 christos } 254 1.1 christos 255 1.1 christos void cleanup_tests(void) 256 1.1 christos { 257 1.1 christos NCONF_free(conf); 258 1.1 christos } 259
Indexes created Tue Mar 03 05:31:39 UTC 2026