1 1.1 christos /* 2 1.1.1.2 christos * Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved. 3 1.1 christos * 4 1.1 christos * Licensed under the OpenSSL license (the "License"). You may not use 5 1.1 christos * this file except in compliance with the License. You can obtain a copy 6 1.1 christos * in the file LICENSE in the source distribution or at 7 1.1 christos * https://www.openssl.org/source/license.html 8 1.1 christos */ 9 1.1 christos 10 1.1 christos #include <string.h> 11 1.1 christos 12 1.1.1.2 christos #include "internal/nelem.h" 13 1.1 christos #include "ssltestlib.h" 14 1.1.1.2 christos #include "testutil.h" 15 1.1.1.2 christos #include "e_os.h" 16 1.1 christos 17 1.1.1.2 christos #ifdef OPENSSL_SYS_UNIX 18 1.1.1.2 christos # include <unistd.h> 19 1.1.1.2 christos 20 1.1.1.2 christos static ossl_inline void ossl_sleep(unsigned int millis) 21 1.1.1.2 christos { 22 1.1.1.2 christos # ifdef OPENSSL_SYS_VXWORKS 23 1.1.1.2 christos struct timespec ts; 24 1.1.1.2 christos ts.tv_sec = (long int) (millis / 1000); 25 1.1.1.2 christos ts.tv_nsec = (long int) (millis % 1000) * 1000000ul; 26 1.1.1.2 christos nanosleep(&ts, NULL); 27 1.1.1.2 christos # else 28 1.1.1.2 christos usleep(millis * 1000); 29 1.1.1.2 christos # endif 30 1.1.1.2 christos } 31 1.1.1.2 christos #elif defined(_WIN32) 32 1.1.1.2 christos # include <windows.h> 33 1.1.1.2 christos 34 1.1.1.2 christos static ossl_inline void ossl_sleep(unsigned int millis) 35 1.1.1.2 christos { 36 1.1.1.2 christos Sleep(millis); 37 1.1.1.2 christos } 38 1.1.1.2 christos #else 39 1.1.1.2 christos /* Fallback to a busy wait */ 40 1.1.1.2 christos static ossl_inline void ossl_sleep(unsigned int millis) 41 1.1.1.2 christos { 42 1.1.1.2 christos struct timeval start, now; 43 1.1.1.2 christos unsigned int elapsedms; 44 1.1.1.2 christos 45 1.1.1.2 christos gettimeofday(&start, NULL); 46 1.1.1.2 christos do { 47 1.1.1.2 christos gettimeofday(&now, NULL); 48 1.1.1.2 christos elapsedms = (((now.tv_sec - start.tv_sec) * 1000000) 49 1.1.1.2 christos + now.tv_usec - start.tv_usec) / 1000; 50 1.1.1.2 christos } while (elapsedms < millis); 51 1.1.1.2 christos } 52 1.1.1.2 christos #endif 53 1.1 christos 54 1.1 christos static int tls_dump_new(BIO *bi); 55 1.1 christos static int tls_dump_free(BIO *a); 56 1.1 christos static int tls_dump_read(BIO *b, char *out, int outl); 57 1.1 christos static int tls_dump_write(BIO *b, const char *in, int inl); 58 1.1 christos static long tls_dump_ctrl(BIO *b, int cmd, long num, void *ptr); 59 1.1 christos static int tls_dump_gets(BIO *bp, char *buf, int size); 60 1.1 christos static int tls_dump_puts(BIO *bp, const char *str); 61 1.1 christos 62 1.1 christos /* Choose a sufficiently large type likely to be unused for this custom BIO */ 63 1.1.1.2 christos #define BIO_TYPE_TLS_DUMP_FILTER (0x80 | BIO_TYPE_FILTER) 64 1.1.1.2 christos #define BIO_TYPE_MEMPACKET_TEST 0x81 65 1.1.1.2 christos #define BIO_TYPE_ALWAYS_RETRY 0x82 66 1.1.1.2 christos 67 1.1.1.2 christos static BIO_METHOD *method_tls_dump = NULL; 68 1.1.1.2 christos static BIO_METHOD *meth_mem = NULL; 69 1.1.1.2 christos static BIO_METHOD *meth_always_retry = NULL; 70 1.1.1.2 christos 71 1.1.1.2 christos /* Note: Not thread safe! */ 72 1.1.1.2 christos const BIO_METHOD *bio_f_tls_dump_filter(void) 73 1.1.1.2 christos { 74 1.1.1.2 christos if (method_tls_dump == NULL) { 75 1.1.1.2 christos method_tls_dump = BIO_meth_new(BIO_TYPE_TLS_DUMP_FILTER, 76 1.1.1.2 christos "TLS dump filter"); 77 1.1.1.2 christos if ( method_tls_dump == NULL 78 1.1.1.2 christos || !BIO_meth_set_write(method_tls_dump, tls_dump_write) 79 1.1.1.2 christos || !BIO_meth_set_read(method_tls_dump, tls_dump_read) 80 1.1.1.2 christos || !BIO_meth_set_puts(method_tls_dump, tls_dump_puts) 81 1.1.1.2 christos || !BIO_meth_set_gets(method_tls_dump, tls_dump_gets) 82 1.1.1.2 christos || !BIO_meth_set_ctrl(method_tls_dump, tls_dump_ctrl) 83 1.1.1.2 christos || !BIO_meth_set_create(method_tls_dump, tls_dump_new) 84 1.1.1.2 christos || !BIO_meth_set_destroy(method_tls_dump, tls_dump_free)) 85 1.1.1.2 christos return NULL; 86 1.1.1.2 christos } 87 1.1.1.2 christos return method_tls_dump; 88 1.1.1.2 christos } 89 1.1 christos 90 1.1.1.2 christos void bio_f_tls_dump_filter_free(void) 91 1.1 christos { 92 1.1.1.2 christos BIO_meth_free(method_tls_dump); 93 1.1 christos } 94 1.1 christos 95 1.1 christos static int tls_dump_new(BIO *bio) 96 1.1 christos { 97 1.1.1.2 christos BIO_set_init(bio, 1); 98 1.1 christos return 1; 99 1.1 christos } 100 1.1 christos 101 1.1 christos static int tls_dump_free(BIO *bio) 102 1.1 christos { 103 1.1.1.2 christos BIO_set_init(bio, 0); 104 1.1 christos 105 1.1 christos return 1; 106 1.1 christos } 107 1.1 christos 108 1.1 christos static void copy_flags(BIO *bio) 109 1.1 christos { 110 1.1 christos int flags; 111 1.1 christos BIO *next = BIO_next(bio); 112 1.1 christos 113 1.1 christos flags = BIO_test_flags(next, BIO_FLAGS_SHOULD_RETRY | BIO_FLAGS_RWS); 114 1.1 christos BIO_clear_flags(bio, BIO_FLAGS_SHOULD_RETRY | BIO_FLAGS_RWS); 115 1.1 christos BIO_set_flags(bio, flags); 116 1.1 christos } 117 1.1 christos 118 1.1 christos #define RECORD_CONTENT_TYPE 0 119 1.1 christos #define RECORD_VERSION_HI 1 120 1.1 christos #define RECORD_VERSION_LO 2 121 1.1 christos #define RECORD_EPOCH_HI 3 122 1.1 christos #define RECORD_EPOCH_LO 4 123 1.1 christos #define RECORD_SEQUENCE_START 5 124 1.1 christos #define RECORD_SEQUENCE_END 10 125 1.1 christos #define RECORD_LEN_HI 11 126 1.1 christos #define RECORD_LEN_LO 12 127 1.1 christos 128 1.1 christos #define MSG_TYPE 0 129 1.1 christos #define MSG_LEN_HI 1 130 1.1 christos #define MSG_LEN_MID 2 131 1.1 christos #define MSG_LEN_LO 3 132 1.1 christos #define MSG_SEQ_HI 4 133 1.1 christos #define MSG_SEQ_LO 5 134 1.1 christos #define MSG_FRAG_OFF_HI 6 135 1.1 christos #define MSG_FRAG_OFF_MID 7 136 1.1 christos #define MSG_FRAG_OFF_LO 8 137 1.1 christos #define MSG_FRAG_LEN_HI 9 138 1.1 christos #define MSG_FRAG_LEN_MID 10 139 1.1 christos #define MSG_FRAG_LEN_LO 11 140 1.1 christos 141 1.1 christos 142 1.1 christos static void dump_data(const char *data, int len) 143 1.1 christos { 144 1.1 christos int rem, i, content, reclen, msglen, fragoff, fraglen, epoch; 145 1.1 christos unsigned char *rec; 146 1.1 christos 147 1.1 christos printf("---- START OF PACKET ----\n"); 148 1.1 christos 149 1.1 christos rem = len; 150 1.1 christos rec = (unsigned char *)data; 151 1.1 christos 152 1.1 christos while (rem > 0) { 153 1.1 christos if (rem != len) 154 1.1 christos printf("*\n"); 155 1.1 christos printf("*---- START OF RECORD ----\n"); 156 1.1 christos if (rem < DTLS1_RT_HEADER_LENGTH) { 157 1.1 christos printf("*---- RECORD TRUNCATED ----\n"); 158 1.1 christos break; 159 1.1 christos } 160 1.1 christos content = rec[RECORD_CONTENT_TYPE]; 161 1.1 christos printf("** Record Content-type: %d\n", content); 162 1.1 christos printf("** Record Version: %02x%02x\n", 163 1.1 christos rec[RECORD_VERSION_HI], rec[RECORD_VERSION_LO]); 164 1.1 christos epoch = (rec[RECORD_EPOCH_HI] << 8) | rec[RECORD_EPOCH_LO]; 165 1.1 christos printf("** Record Epoch: %d\n", epoch); 166 1.1 christos printf("** Record Sequence: "); 167 1.1 christos for (i = RECORD_SEQUENCE_START; i <= RECORD_SEQUENCE_END; i++) 168 1.1 christos printf("%02x", rec[i]); 169 1.1 christos reclen = (rec[RECORD_LEN_HI] << 8) | rec[RECORD_LEN_LO]; 170 1.1 christos printf("\n** Record Length: %d\n", reclen); 171 1.1 christos 172 1.1 christos /* Now look at message */ 173 1.1 christos rec += DTLS1_RT_HEADER_LENGTH; 174 1.1 christos rem -= DTLS1_RT_HEADER_LENGTH; 175 1.1 christos if (content == SSL3_RT_HANDSHAKE) { 176 1.1 christos printf("**---- START OF HANDSHAKE MESSAGE FRAGMENT ----\n"); 177 1.1 christos if (epoch > 0) { 178 1.1 christos printf("**---- HANDSHAKE MESSAGE FRAGMENT ENCRYPTED ----\n"); 179 1.1 christos } else if (rem < DTLS1_HM_HEADER_LENGTH 180 1.1 christos || reclen < DTLS1_HM_HEADER_LENGTH) { 181 1.1 christos printf("**---- HANDSHAKE MESSAGE FRAGMENT TRUNCATED ----\n"); 182 1.1 christos } else { 183 1.1 christos printf("*** Message Type: %d\n", rec[MSG_TYPE]); 184 1.1 christos msglen = (rec[MSG_LEN_HI] << 16) | (rec[MSG_LEN_MID] << 8) 185 1.1 christos | rec[MSG_LEN_LO]; 186 1.1 christos printf("*** Message Length: %d\n", msglen); 187 1.1 christos printf("*** Message sequence: %d\n", 188 1.1 christos (rec[MSG_SEQ_HI] << 8) | rec[MSG_SEQ_LO]); 189 1.1 christos fragoff = (rec[MSG_FRAG_OFF_HI] << 16) 190 1.1 christos | (rec[MSG_FRAG_OFF_MID] << 8) 191 1.1 christos | rec[MSG_FRAG_OFF_LO]; 192 1.1 christos printf("*** Message Fragment offset: %d\n", fragoff); 193 1.1 christos fraglen = (rec[MSG_FRAG_LEN_HI] << 16) 194 1.1 christos | (rec[MSG_FRAG_LEN_MID] << 8) 195 1.1 christos | rec[MSG_FRAG_LEN_LO]; 196 1.1 christos printf("*** Message Fragment len: %d\n", fraglen); 197 1.1 christos if (fragoff + fraglen > msglen) 198 1.1 christos printf("***---- HANDSHAKE MESSAGE FRAGMENT INVALID ----\n"); 199 1.1.1.2 christos else if (reclen < fraglen) 200 1.1 christos printf("**---- HANDSHAKE MESSAGE FRAGMENT TRUNCATED ----\n"); 201 1.1 christos else 202 1.1 christos printf("**---- END OF HANDSHAKE MESSAGE FRAGMENT ----\n"); 203 1.1 christos } 204 1.1 christos } 205 1.1 christos if (rem < reclen) { 206 1.1 christos printf("*---- RECORD TRUNCATED ----\n"); 207 1.1 christos rem = 0; 208 1.1 christos } else { 209 1.1 christos rec += reclen; 210 1.1 christos rem -= reclen; 211 1.1 christos printf("*---- END OF RECORD ----\n"); 212 1.1 christos } 213 1.1 christos } 214 1.1 christos printf("---- END OF PACKET ----\n\n"); 215 1.1 christos fflush(stdout); 216 1.1 christos } 217 1.1 christos 218 1.1 christos static int tls_dump_read(BIO *bio, char *out, int outl) 219 1.1 christos { 220 1.1 christos int ret; 221 1.1 christos BIO *next = BIO_next(bio); 222 1.1 christos 223 1.1 christos ret = BIO_read(next, out, outl); 224 1.1 christos copy_flags(bio); 225 1.1 christos 226 1.1 christos if (ret > 0) { 227 1.1 christos dump_data(out, ret); 228 1.1 christos } 229 1.1 christos 230 1.1 christos return ret; 231 1.1 christos } 232 1.1 christos 233 1.1 christos static int tls_dump_write(BIO *bio, const char *in, int inl) 234 1.1 christos { 235 1.1 christos int ret; 236 1.1 christos BIO *next = BIO_next(bio); 237 1.1 christos 238 1.1 christos ret = BIO_write(next, in, inl); 239 1.1 christos copy_flags(bio); 240 1.1 christos 241 1.1 christos return ret; 242 1.1 christos } 243 1.1 christos 244 1.1 christos static long tls_dump_ctrl(BIO *bio, int cmd, long num, void *ptr) 245 1.1 christos { 246 1.1 christos long ret; 247 1.1 christos BIO *next = BIO_next(bio); 248 1.1 christos 249 1.1 christos if (next == NULL) 250 1.1 christos return 0; 251 1.1 christos 252 1.1 christos switch (cmd) { 253 1.1 christos case BIO_CTRL_DUP: 254 1.1 christos ret = 0L; 255 1.1 christos break; 256 1.1 christos default: 257 1.1 christos ret = BIO_ctrl(next, cmd, num, ptr); 258 1.1 christos break; 259 1.1 christos } 260 1.1 christos return ret; 261 1.1 christos } 262 1.1 christos 263 1.1 christos static int tls_dump_gets(BIO *bio, char *buf, int size) 264 1.1 christos { 265 1.1 christos /* We don't support this - not needed anyway */ 266 1.1 christos return -1; 267 1.1 christos } 268 1.1 christos 269 1.1 christos static int tls_dump_puts(BIO *bio, const char *str) 270 1.1 christos { 271 1.1 christos return tls_dump_write(bio, str, strlen(str)); 272 1.1 christos } 273 1.1 christos 274 1.1 christos 275 1.1.1.2 christos struct mempacket_st { 276 1.1 christos unsigned char *data; 277 1.1 christos int len; 278 1.1 christos unsigned int num; 279 1.1 christos unsigned int type; 280 1.1.1.2 christos }; 281 1.1 christos 282 1.1 christos static void mempacket_free(MEMPACKET *pkt) 283 1.1 christos { 284 1.1 christos if (pkt->data != NULL) 285 1.1 christos OPENSSL_free(pkt->data); 286 1.1 christos OPENSSL_free(pkt); 287 1.1 christos } 288 1.1 christos 289 1.1 christos typedef struct mempacket_test_ctx_st { 290 1.1 christos STACK_OF(MEMPACKET) *pkts; 291 1.1 christos unsigned int epoch; 292 1.1 christos unsigned int currrec; 293 1.1 christos unsigned int currpkt; 294 1.1 christos unsigned int lastpkt; 295 1.1.1.2 christos unsigned int injected; 296 1.1 christos unsigned int noinject; 297 1.1.1.2 christos unsigned int dropepoch; 298 1.1.1.2 christos int droprec; 299 1.1.1.2 christos int duprec; 300 1.1 christos } MEMPACKET_TEST_CTX; 301 1.1 christos 302 1.1 christos static int mempacket_test_new(BIO *bi); 303 1.1 christos static int mempacket_test_free(BIO *a); 304 1.1 christos static int mempacket_test_read(BIO *b, char *out, int outl); 305 1.1 christos static int mempacket_test_write(BIO *b, const char *in, int inl); 306 1.1 christos static long mempacket_test_ctrl(BIO *b, int cmd, long num, void *ptr); 307 1.1 christos static int mempacket_test_gets(BIO *bp, char *buf, int size); 308 1.1 christos static int mempacket_test_puts(BIO *bp, const char *str); 309 1.1 christos 310 1.1.1.2 christos const BIO_METHOD *bio_s_mempacket_test(void) 311 1.1.1.2 christos { 312 1.1.1.2 christos if (meth_mem == NULL) { 313 1.1.1.2 christos if (!TEST_ptr(meth_mem = BIO_meth_new(BIO_TYPE_MEMPACKET_TEST, 314 1.1.1.2 christos "Mem Packet Test")) 315 1.1.1.2 christos || !TEST_true(BIO_meth_set_write(meth_mem, mempacket_test_write)) 316 1.1.1.2 christos || !TEST_true(BIO_meth_set_read(meth_mem, mempacket_test_read)) 317 1.1.1.2 christos || !TEST_true(BIO_meth_set_puts(meth_mem, mempacket_test_puts)) 318 1.1.1.2 christos || !TEST_true(BIO_meth_set_gets(meth_mem, mempacket_test_gets)) 319 1.1.1.2 christos || !TEST_true(BIO_meth_set_ctrl(meth_mem, mempacket_test_ctrl)) 320 1.1.1.2 christos || !TEST_true(BIO_meth_set_create(meth_mem, mempacket_test_new)) 321 1.1.1.2 christos || !TEST_true(BIO_meth_set_destroy(meth_mem, mempacket_test_free))) 322 1.1.1.2 christos return NULL; 323 1.1.1.2 christos } 324 1.1.1.2 christos return meth_mem; 325 1.1.1.2 christos } 326 1.1 christos 327 1.1.1.2 christos void bio_s_mempacket_test_free(void) 328 1.1 christos { 329 1.1.1.2 christos BIO_meth_free(meth_mem); 330 1.1 christos } 331 1.1 christos 332 1.1 christos static int mempacket_test_new(BIO *bio) 333 1.1 christos { 334 1.1.1.2 christos MEMPACKET_TEST_CTX *ctx; 335 1.1 christos 336 1.1.1.2 christos if (!TEST_ptr(ctx = OPENSSL_zalloc(sizeof(*ctx)))) 337 1.1.1.2 christos return 0; 338 1.1.1.2 christos if (!TEST_ptr(ctx->pkts = sk_MEMPACKET_new_null())) { 339 1.1 christos OPENSSL_free(ctx); 340 1.1 christos return 0; 341 1.1 christos } 342 1.1.1.2 christos ctx->dropepoch = 0; 343 1.1.1.2 christos ctx->droprec = -1; 344 1.1.1.2 christos BIO_set_init(bio, 1); 345 1.1.1.2 christos BIO_set_data(bio, ctx); 346 1.1 christos return 1; 347 1.1 christos } 348 1.1 christos 349 1.1 christos static int mempacket_test_free(BIO *bio) 350 1.1 christos { 351 1.1.1.2 christos MEMPACKET_TEST_CTX *ctx = BIO_get_data(bio); 352 1.1 christos 353 1.1 christos sk_MEMPACKET_pop_free(ctx->pkts, mempacket_free); 354 1.1 christos OPENSSL_free(ctx); 355 1.1.1.2 christos BIO_set_data(bio, NULL); 356 1.1.1.2 christos BIO_set_init(bio, 0); 357 1.1 christos return 1; 358 1.1 christos } 359 1.1 christos 360 1.1 christos /* Record Header values */ 361 1.1.1.2 christos #define EPOCH_HI 3 362 1.1.1.2 christos #define EPOCH_LO 4 363 1.1 christos #define RECORD_SEQUENCE 10 364 1.1 christos #define RECORD_LEN_HI 11 365 1.1 christos #define RECORD_LEN_LO 12 366 1.1 christos 367 1.1 christos #define STANDARD_PACKET 0 368 1.1 christos 369 1.1 christos static int mempacket_test_read(BIO *bio, char *out, int outl) 370 1.1 christos { 371 1.1.1.2 christos MEMPACKET_TEST_CTX *ctx = BIO_get_data(bio); 372 1.1 christos MEMPACKET *thispkt; 373 1.1 christos unsigned char *rec; 374 1.1 christos int rem; 375 1.1 christos unsigned int seq, offset, len, epoch; 376 1.1 christos 377 1.1 christos BIO_clear_retry_flags(bio); 378 1.1 christos thispkt = sk_MEMPACKET_value(ctx->pkts, 0); 379 1.1 christos if (thispkt == NULL || thispkt->num != ctx->currpkt) { 380 1.1 christos /* Probably run out of data */ 381 1.1 christos BIO_set_retry_read(bio); 382 1.1 christos return -1; 383 1.1 christos } 384 1.1 christos (void)sk_MEMPACKET_shift(ctx->pkts); 385 1.1 christos ctx->currpkt++; 386 1.1 christos 387 1.1 christos if (outl > thispkt->len) 388 1.1 christos outl = thispkt->len; 389 1.1 christos 390 1.1.1.2 christos if (thispkt->type != INJECT_PACKET_IGNORE_REC_SEQ 391 1.1.1.2 christos && (ctx->injected || ctx->droprec >= 0)) { 392 1.1 christos /* 393 1.1 christos * Overwrite the record sequence number. We strictly number them in 394 1.1 christos * the order received. Since we are actually a reliable transport 395 1.1 christos * we know that there won't be any re-ordering. We overwrite to deal 396 1.1 christos * with any packets that have been injected 397 1.1 christos */ 398 1.1.1.2 christos for (rem = thispkt->len, rec = thispkt->data; rem > 0; rem -= len) { 399 1.1.1.2 christos if (rem < DTLS1_RT_HEADER_LENGTH) 400 1.1 christos return -1; 401 1.1 christos epoch = (rec[EPOCH_HI] << 8) | rec[EPOCH_LO]; 402 1.1 christos if (epoch != ctx->epoch) { 403 1.1 christos ctx->epoch = epoch; 404 1.1 christos ctx->currrec = 0; 405 1.1 christos } 406 1.1 christos seq = ctx->currrec; 407 1.1 christos offset = 0; 408 1.1 christos do { 409 1.1 christos rec[RECORD_SEQUENCE - offset] = seq & 0xFF; 410 1.1 christos seq >>= 8; 411 1.1 christos offset++; 412 1.1 christos } while (seq > 0); 413 1.1 christos 414 1.1 christos len = ((rec[RECORD_LEN_HI] << 8) | rec[RECORD_LEN_LO]) 415 1.1 christos + DTLS1_RT_HEADER_LENGTH; 416 1.1.1.2 christos if (rem < (int)len) 417 1.1.1.2 christos return -1; 418 1.1.1.2 christos if (ctx->droprec == (int)ctx->currrec && ctx->dropepoch == epoch) { 419 1.1.1.2 christos if (rem > (int)len) 420 1.1.1.2 christos memmove(rec, rec + len, rem - len); 421 1.1.1.2 christos outl -= len; 422 1.1.1.2 christos ctx->droprec = -1; 423 1.1.1.2 christos if (outl == 0) 424 1.1.1.2 christos BIO_set_retry_read(bio); 425 1.1.1.2 christos } else { 426 1.1.1.2 christos rec += len; 427 1.1.1.2 christos } 428 1.1 christos 429 1.1.1.2 christos ctx->currrec++; 430 1.1 christos } 431 1.1 christos } 432 1.1 christos 433 1.1 christos memcpy(out, thispkt->data, outl); 434 1.1 christos mempacket_free(thispkt); 435 1.1 christos return outl; 436 1.1 christos } 437 1.1 christos 438 1.1.1.2 christos /* Take the last and penultimate packets and swap them around */ 439 1.1.1.2 christos int mempacket_swap_recent(BIO *bio) 440 1.1.1.2 christos { 441 1.1.1.2 christos MEMPACKET_TEST_CTX *ctx = BIO_get_data(bio); 442 1.1.1.2 christos MEMPACKET *thispkt; 443 1.1.1.2 christos int numpkts = sk_MEMPACKET_num(ctx->pkts); 444 1.1.1.2 christos 445 1.1.1.2 christos /* We need at least 2 packets to be able to swap them */ 446 1.1.1.2 christos if (numpkts <= 1) 447 1.1.1.2 christos return 0; 448 1.1.1.2 christos 449 1.1.1.2 christos /* Get the penultimate packet */ 450 1.1.1.2 christos thispkt = sk_MEMPACKET_value(ctx->pkts, numpkts - 2); 451 1.1.1.2 christos if (thispkt == NULL) 452 1.1.1.2 christos return 0; 453 1.1.1.2 christos 454 1.1.1.2 christos if (sk_MEMPACKET_delete(ctx->pkts, numpkts - 2) != thispkt) 455 1.1.1.2 christos return 0; 456 1.1.1.2 christos 457 1.1.1.2 christos /* Re-add it to the end of the list */ 458 1.1.1.2 christos thispkt->num++; 459 1.1.1.2 christos if (sk_MEMPACKET_insert(ctx->pkts, thispkt, numpkts - 1) <= 0) 460 1.1.1.2 christos return 0; 461 1.1.1.2 christos 462 1.1.1.2 christos /* We also have to adjust the packet number of the other packet */ 463 1.1.1.2 christos thispkt = sk_MEMPACKET_value(ctx->pkts, numpkts - 2); 464 1.1.1.2 christos if (thispkt == NULL) 465 1.1.1.2 christos return 0; 466 1.1.1.2 christos thispkt->num--; 467 1.1.1.2 christos 468 1.1.1.2 christos return 1; 469 1.1.1.2 christos } 470 1.1.1.2 christos 471 1.1 christos int mempacket_test_inject(BIO *bio, const char *in, int inl, int pktnum, 472 1.1 christos int type) 473 1.1 christos { 474 1.1.1.2 christos MEMPACKET_TEST_CTX *ctx = BIO_get_data(bio); 475 1.1.1.2 christos MEMPACKET *thispkt = NULL, *looppkt, *nextpkt, *allpkts[3]; 476 1.1.1.2 christos int i, duprec; 477 1.1.1.2 christos const unsigned char *inu = (const unsigned char *)in; 478 1.1.1.2 christos size_t len = ((inu[RECORD_LEN_HI] << 8) | inu[RECORD_LEN_LO]) 479 1.1.1.2 christos + DTLS1_RT_HEADER_LENGTH; 480 1.1 christos 481 1.1 christos if (ctx == NULL) 482 1.1 christos return -1; 483 1.1 christos 484 1.1.1.2 christos if ((size_t)inl < len) 485 1.1.1.2 christos return -1; 486 1.1.1.2 christos 487 1.1.1.2 christos if ((size_t)inl == len) 488 1.1.1.2 christos duprec = 0; 489 1.1.1.2 christos else 490 1.1.1.2 christos duprec = ctx->duprec > 0; 491 1.1.1.2 christos 492 1.1.1.2 christos /* We don't support arbitrary injection when duplicating records */ 493 1.1.1.2 christos if (duprec && pktnum != -1) 494 1.1.1.2 christos return -1; 495 1.1.1.2 christos 496 1.1 christos /* We only allow injection before we've started writing any data */ 497 1.1 christos if (pktnum >= 0) { 498 1.1 christos if (ctx->noinject) 499 1.1 christos return -1; 500 1.1.1.2 christos ctx->injected = 1; 501 1.1 christos } else { 502 1.1 christos ctx->noinject = 1; 503 1.1 christos } 504 1.1 christos 505 1.1.1.2 christos for (i = 0; i < (duprec ? 3 : 1); i++) { 506 1.1.1.2 christos if (!TEST_ptr(allpkts[i] = OPENSSL_malloc(sizeof(*thispkt)))) 507 1.1.1.2 christos goto err; 508 1.1.1.2 christos thispkt = allpkts[i]; 509 1.1 christos 510 1.1.1.2 christos if (!TEST_ptr(thispkt->data = OPENSSL_malloc(inl))) 511 1.1.1.2 christos goto err; 512 1.1.1.2 christos /* 513 1.1.1.2 christos * If we are duplicating the packet, we duplicate it three times. The 514 1.1.1.2 christos * first two times we drop the first record if there are more than one. 515 1.1.1.2 christos * In this way we know that libssl will not be able to make progress 516 1.1.1.2 christos * until it receives the last packet, and hence will be forced to 517 1.1.1.2 christos * buffer these records. 518 1.1.1.2 christos */ 519 1.1.1.2 christos if (duprec && i != 2) { 520 1.1.1.2 christos memcpy(thispkt->data, in + len, inl - len); 521 1.1.1.2 christos thispkt->len = inl - len; 522 1.1.1.2 christos } else { 523 1.1.1.2 christos memcpy(thispkt->data, in, inl); 524 1.1.1.2 christos thispkt->len = inl; 525 1.1.1.2 christos } 526 1.1.1.2 christos thispkt->num = (pktnum >= 0) ? (unsigned int)pktnum : ctx->lastpkt + i; 527 1.1.1.2 christos thispkt->type = type; 528 1.1 christos } 529 1.1 christos 530 1.1 christos for(i = 0; (looppkt = sk_MEMPACKET_value(ctx->pkts, i)) != NULL; i++) { 531 1.1 christos /* Check if we found the right place to insert this packet */ 532 1.1 christos if (looppkt->num > thispkt->num) { 533 1.1.1.2 christos if (sk_MEMPACKET_insert(ctx->pkts, thispkt, i) == 0) 534 1.1.1.2 christos goto err; 535 1.1 christos /* If we're doing up front injection then we're done */ 536 1.1 christos if (pktnum >= 0) 537 1.1 christos return inl; 538 1.1 christos /* 539 1.1 christos * We need to do some accounting on lastpkt. We increment it first, 540 1.1 christos * but it might now equal the value of injected packets, so we need 541 1.1 christos * to skip over those 542 1.1 christos */ 543 1.1 christos ctx->lastpkt++; 544 1.1 christos do { 545 1.1 christos i++; 546 1.1 christos nextpkt = sk_MEMPACKET_value(ctx->pkts, i); 547 1.1 christos if (nextpkt != NULL && nextpkt->num == ctx->lastpkt) 548 1.1 christos ctx->lastpkt++; 549 1.1 christos else 550 1.1 christos return inl; 551 1.1 christos } while(1); 552 1.1.1.2 christos } else if (looppkt->num == thispkt->num) { 553 1.1 christos if (!ctx->noinject) { 554 1.1 christos /* We injected two packets with the same packet number! */ 555 1.1.1.2 christos goto err; 556 1.1 christos } 557 1.1 christos ctx->lastpkt++; 558 1.1 christos thispkt->num++; 559 1.1 christos } 560 1.1 christos } 561 1.1 christos /* 562 1.1 christos * We didn't find any packets with a packet number equal to or greater than 563 1.1 christos * this one, so we just add it onto the end 564 1.1 christos */ 565 1.1.1.2 christos for (i = 0; i < (duprec ? 3 : 1); i++) { 566 1.1.1.2 christos thispkt = allpkts[i]; 567 1.1.1.2 christos if (!sk_MEMPACKET_push(ctx->pkts, thispkt)) 568 1.1.1.2 christos goto err; 569 1.1 christos 570 1.1.1.2 christos if (pktnum < 0) 571 1.1.1.2 christos ctx->lastpkt++; 572 1.1.1.2 christos } 573 1.1 christos 574 1.1 christos return inl; 575 1.1.1.2 christos 576 1.1.1.2 christos err: 577 1.1.1.2 christos for (i = 0; i < (ctx->duprec > 0 ? 3 : 1); i++) 578 1.1.1.2 christos mempacket_free(allpkts[i]); 579 1.1.1.2 christos return -1; 580 1.1 christos } 581 1.1 christos 582 1.1 christos static int mempacket_test_write(BIO *bio, const char *in, int inl) 583 1.1 christos { 584 1.1 christos return mempacket_test_inject(bio, in, inl, -1, STANDARD_PACKET); 585 1.1 christos } 586 1.1 christos 587 1.1 christos static long mempacket_test_ctrl(BIO *bio, int cmd, long num, void *ptr) 588 1.1 christos { 589 1.1 christos long ret = 1; 590 1.1.1.2 christos MEMPACKET_TEST_CTX *ctx = BIO_get_data(bio); 591 1.1 christos MEMPACKET *thispkt; 592 1.1 christos 593 1.1 christos switch (cmd) { 594 1.1 christos case BIO_CTRL_EOF: 595 1.1 christos ret = (long)(sk_MEMPACKET_num(ctx->pkts) == 0); 596 1.1 christos break; 597 1.1 christos case BIO_CTRL_GET_CLOSE: 598 1.1.1.2 christos ret = BIO_get_shutdown(bio); 599 1.1 christos break; 600 1.1 christos case BIO_CTRL_SET_CLOSE: 601 1.1.1.2 christos BIO_set_shutdown(bio, (int)num); 602 1.1 christos break; 603 1.1 christos case BIO_CTRL_WPENDING: 604 1.1 christos ret = 0L; 605 1.1 christos break; 606 1.1 christos case BIO_CTRL_PENDING: 607 1.1 christos thispkt = sk_MEMPACKET_value(ctx->pkts, 0); 608 1.1 christos if (thispkt == NULL) 609 1.1 christos ret = 0; 610 1.1 christos else 611 1.1 christos ret = thispkt->len; 612 1.1 christos break; 613 1.1 christos case BIO_CTRL_FLUSH: 614 1.1 christos ret = 1; 615 1.1 christos break; 616 1.1.1.2 christos case MEMPACKET_CTRL_SET_DROP_EPOCH: 617 1.1.1.2 christos ctx->dropepoch = (unsigned int)num; 618 1.1.1.2 christos break; 619 1.1.1.2 christos case MEMPACKET_CTRL_SET_DROP_REC: 620 1.1.1.2 christos ctx->droprec = (int)num; 621 1.1.1.2 christos break; 622 1.1.1.2 christos case MEMPACKET_CTRL_GET_DROP_REC: 623 1.1.1.2 christos ret = ctx->droprec; 624 1.1.1.2 christos break; 625 1.1.1.2 christos case MEMPACKET_CTRL_SET_DUPLICATE_REC: 626 1.1.1.2 christos ctx->duprec = (int)num; 627 1.1.1.2 christos break; 628 1.1 christos case BIO_CTRL_RESET: 629 1.1 christos case BIO_CTRL_DUP: 630 1.1 christos case BIO_CTRL_PUSH: 631 1.1 christos case BIO_CTRL_POP: 632 1.1 christos default: 633 1.1 christos ret = 0; 634 1.1 christos break; 635 1.1 christos } 636 1.1 christos return ret; 637 1.1 christos } 638 1.1 christos 639 1.1 christos static int mempacket_test_gets(BIO *bio, char *buf, int size) 640 1.1 christos { 641 1.1 christos /* We don't support this - not needed anyway */ 642 1.1 christos return -1; 643 1.1 christos } 644 1.1 christos 645 1.1 christos static int mempacket_test_puts(BIO *bio, const char *str) 646 1.1 christos { 647 1.1 christos return mempacket_test_write(bio, str, strlen(str)); 648 1.1 christos } 649 1.1 christos 650 1.1.1.2 christos static int always_retry_new(BIO *bi); 651 1.1.1.2 christos static int always_retry_free(BIO *a); 652 1.1.1.2 christos static int always_retry_read(BIO *b, char *out, int outl); 653 1.1.1.2 christos static int always_retry_write(BIO *b, const char *in, int inl); 654 1.1.1.2 christos static long always_retry_ctrl(BIO *b, int cmd, long num, void *ptr); 655 1.1.1.2 christos static int always_retry_gets(BIO *bp, char *buf, int size); 656 1.1.1.2 christos static int always_retry_puts(BIO *bp, const char *str); 657 1.1.1.2 christos 658 1.1.1.2 christos const BIO_METHOD *bio_s_always_retry(void) 659 1.1.1.2 christos { 660 1.1.1.2 christos if (meth_always_retry == NULL) { 661 1.1.1.2 christos if (!TEST_ptr(meth_always_retry = BIO_meth_new(BIO_TYPE_ALWAYS_RETRY, 662 1.1.1.2 christos "Always Retry")) 663 1.1.1.2 christos || !TEST_true(BIO_meth_set_write(meth_always_retry, 664 1.1.1.2 christos always_retry_write)) 665 1.1.1.2 christos || !TEST_true(BIO_meth_set_read(meth_always_retry, 666 1.1.1.2 christos always_retry_read)) 667 1.1.1.2 christos || !TEST_true(BIO_meth_set_puts(meth_always_retry, 668 1.1.1.2 christos always_retry_puts)) 669 1.1.1.2 christos || !TEST_true(BIO_meth_set_gets(meth_always_retry, 670 1.1.1.2 christos always_retry_gets)) 671 1.1.1.2 christos || !TEST_true(BIO_meth_set_ctrl(meth_always_retry, 672 1.1.1.2 christos always_retry_ctrl)) 673 1.1.1.2 christos || !TEST_true(BIO_meth_set_create(meth_always_retry, 674 1.1.1.2 christos always_retry_new)) 675 1.1.1.2 christos || !TEST_true(BIO_meth_set_destroy(meth_always_retry, 676 1.1.1.2 christos always_retry_free))) 677 1.1.1.2 christos return NULL; 678 1.1.1.2 christos } 679 1.1.1.2 christos return meth_always_retry; 680 1.1.1.2 christos } 681 1.1.1.2 christos 682 1.1.1.2 christos void bio_s_always_retry_free(void) 683 1.1.1.2 christos { 684 1.1.1.2 christos BIO_meth_free(meth_always_retry); 685 1.1.1.2 christos } 686 1.1.1.2 christos 687 1.1.1.2 christos static int always_retry_new(BIO *bio) 688 1.1.1.2 christos { 689 1.1.1.2 christos BIO_set_init(bio, 1); 690 1.1.1.2 christos return 1; 691 1.1.1.2 christos } 692 1.1.1.2 christos 693 1.1.1.2 christos static int always_retry_free(BIO *bio) 694 1.1.1.2 christos { 695 1.1.1.2 christos BIO_set_data(bio, NULL); 696 1.1.1.2 christos BIO_set_init(bio, 0); 697 1.1.1.2 christos return 1; 698 1.1.1.2 christos } 699 1.1.1.2 christos 700 1.1.1.2 christos static int always_retry_read(BIO *bio, char *out, int outl) 701 1.1.1.2 christos { 702 1.1.1.2 christos BIO_set_retry_read(bio); 703 1.1.1.2 christos return -1; 704 1.1.1.2 christos } 705 1.1.1.2 christos 706 1.1.1.2 christos static int always_retry_write(BIO *bio, const char *in, int inl) 707 1.1.1.2 christos { 708 1.1.1.2 christos BIO_set_retry_write(bio); 709 1.1.1.2 christos return -1; 710 1.1.1.2 christos } 711 1.1.1.2 christos 712 1.1.1.2 christos static long always_retry_ctrl(BIO *bio, int cmd, long num, void *ptr) 713 1.1.1.2 christos { 714 1.1.1.2 christos long ret = 1; 715 1.1.1.2 christos 716 1.1.1.2 christos switch (cmd) { 717 1.1.1.2 christos case BIO_CTRL_FLUSH: 718 1.1.1.2 christos BIO_set_retry_write(bio); 719 1.1.1.2 christos /* fall through */ 720 1.1.1.2 christos case BIO_CTRL_EOF: 721 1.1.1.2 christos case BIO_CTRL_RESET: 722 1.1.1.2 christos case BIO_CTRL_DUP: 723 1.1.1.2 christos case BIO_CTRL_PUSH: 724 1.1.1.2 christos case BIO_CTRL_POP: 725 1.1.1.2 christos default: 726 1.1.1.2 christos ret = 0; 727 1.1.1.2 christos break; 728 1.1.1.2 christos } 729 1.1.1.2 christos return ret; 730 1.1.1.2 christos } 731 1.1.1.2 christos 732 1.1.1.2 christos static int always_retry_gets(BIO *bio, char *buf, int size) 733 1.1.1.2 christos { 734 1.1.1.2 christos BIO_set_retry_read(bio); 735 1.1.1.2 christos return -1; 736 1.1.1.2 christos } 737 1.1.1.2 christos 738 1.1.1.2 christos static int always_retry_puts(BIO *bio, const char *str) 739 1.1.1.2 christos { 740 1.1.1.2 christos BIO_set_retry_write(bio); 741 1.1.1.2 christos return -1; 742 1.1.1.2 christos } 743 1.1.1.2 christos 744 1.1 christos int create_ssl_ctx_pair(const SSL_METHOD *sm, const SSL_METHOD *cm, 745 1.1.1.2 christos int min_proto_version, int max_proto_version, 746 1.1 christos SSL_CTX **sctx, SSL_CTX **cctx, char *certfile, 747 1.1 christos char *privkeyfile) 748 1.1 christos { 749 1.1 christos SSL_CTX *serverctx = NULL; 750 1.1 christos SSL_CTX *clientctx = NULL; 751 1.1 christos 752 1.1.1.2 christos if (!TEST_ptr(serverctx = SSL_CTX_new(sm)) 753 1.1.1.2 christos || (cctx != NULL && !TEST_ptr(clientctx = SSL_CTX_new(cm)))) 754 1.1 christos goto err; 755 1.1 christos 756 1.1.1.2 christos if ((min_proto_version > 0 757 1.1.1.2 christos && !TEST_true(SSL_CTX_set_min_proto_version(serverctx, 758 1.1.1.2 christos min_proto_version))) 759 1.1.1.2 christos || (max_proto_version > 0 760 1.1.1.2 christos && !TEST_true(SSL_CTX_set_max_proto_version(serverctx, 761 1.1.1.2 christos max_proto_version)))) 762 1.1 christos goto err; 763 1.1.1.2 christos if (clientctx != NULL 764 1.1.1.2 christos && ((min_proto_version > 0 765 1.1.1.2 christos && !TEST_true(SSL_CTX_set_min_proto_version(clientctx, 766 1.1.1.2 christos min_proto_version))) 767 1.1.1.2 christos || (max_proto_version > 0 768 1.1.1.2 christos && !TEST_true(SSL_CTX_set_max_proto_version(clientctx, 769 1.1.1.2 christos max_proto_version))))) 770 1.1 christos goto err; 771 1.1.1.2 christos 772 1.1.1.2 christos if (certfile != NULL && privkeyfile != NULL) { 773 1.1.1.2 christos if (!TEST_int_eq(SSL_CTX_use_certificate_file(serverctx, certfile, 774 1.1.1.2 christos SSL_FILETYPE_PEM), 1) 775 1.1.1.2 christos || !TEST_int_eq(SSL_CTX_use_PrivateKey_file(serverctx, 776 1.1.1.2 christos privkeyfile, 777 1.1.1.2 christos SSL_FILETYPE_PEM), 1) 778 1.1.1.2 christos || !TEST_int_eq(SSL_CTX_check_private_key(serverctx), 1)) 779 1.1.1.2 christos goto err; 780 1.1 christos } 781 1.1 christos 782 1.1.1.2 christos #ifndef OPENSSL_NO_DH 783 1.1.1.2 christos SSL_CTX_set_dh_auto(serverctx, 1); 784 1.1.1.2 christos #endif 785 1.1 christos 786 1.1.1.2 christos *sctx = serverctx; 787 1.1.1.2 christos if (cctx != NULL) 788 1.1.1.2 christos *cctx = clientctx; 789 1.1 christos return 1; 790 1.1.1.2 christos 791 1.1 christos err: 792 1.1 christos SSL_CTX_free(serverctx); 793 1.1 christos SSL_CTX_free(clientctx); 794 1.1 christos return 0; 795 1.1 christos } 796 1.1 christos 797 1.1.1.2 christos #define MAXLOOPS 1000000 798 1.1 christos 799 1.1 christos /* 800 1.1 christos * NOTE: Transfers control of the BIOs - this function will free them on error 801 1.1 christos */ 802 1.1 christos int create_ssl_objects(SSL_CTX *serverctx, SSL_CTX *clientctx, SSL **sssl, 803 1.1 christos SSL **cssl, BIO *s_to_c_fbio, BIO *c_to_s_fbio) 804 1.1 christos { 805 1.1.1.2 christos SSL *serverssl = NULL, *clientssl = NULL; 806 1.1 christos BIO *s_to_c_bio = NULL, *c_to_s_bio = NULL; 807 1.1 christos 808 1.1.1.2 christos if (*sssl != NULL) 809 1.1.1.2 christos serverssl = *sssl; 810 1.1.1.2 christos else if (!TEST_ptr(serverssl = SSL_new(serverctx))) 811 1.1.1.2 christos goto error; 812 1.1.1.2 christos if (*cssl != NULL) 813 1.1.1.2 christos clientssl = *cssl; 814 1.1.1.2 christos else if (!TEST_ptr(clientssl = SSL_new(clientctx))) 815 1.1 christos goto error; 816 1.1 christos 817 1.1.1.2 christos if (SSL_is_dtls(clientssl)) { 818 1.1.1.2 christos if (!TEST_ptr(s_to_c_bio = BIO_new(bio_s_mempacket_test())) 819 1.1.1.2 christos || !TEST_ptr(c_to_s_bio = BIO_new(bio_s_mempacket_test()))) 820 1.1.1.2 christos goto error; 821 1.1 christos } else { 822 1.1.1.2 christos if (!TEST_ptr(s_to_c_bio = BIO_new(BIO_s_mem())) 823 1.1.1.2 christos || !TEST_ptr(c_to_s_bio = BIO_new(BIO_s_mem()))) 824 1.1.1.2 christos goto error; 825 1.1 christos } 826 1.1 christos 827 1.1.1.2 christos if (s_to_c_fbio != NULL 828 1.1.1.2 christos && !TEST_ptr(s_to_c_bio = BIO_push(s_to_c_fbio, s_to_c_bio))) 829 1.1.1.2 christos goto error; 830 1.1.1.2 christos if (c_to_s_fbio != NULL 831 1.1.1.2 christos && !TEST_ptr(c_to_s_bio = BIO_push(c_to_s_fbio, c_to_s_bio))) 832 1.1 christos goto error; 833 1.1 christos 834 1.1 christos /* Set Non-blocking IO behaviour */ 835 1.1 christos BIO_set_mem_eof_return(s_to_c_bio, -1); 836 1.1 christos BIO_set_mem_eof_return(c_to_s_bio, -1); 837 1.1 christos 838 1.1 christos /* Up ref these as we are passing them to two SSL objects */ 839 1.1 christos SSL_set_bio(serverssl, c_to_s_bio, s_to_c_bio); 840 1.1.1.2 christos BIO_up_ref(s_to_c_bio); 841 1.1.1.2 christos BIO_up_ref(c_to_s_bio); 842 1.1 christos SSL_set_bio(clientssl, s_to_c_bio, c_to_s_bio); 843 1.1 christos *sssl = serverssl; 844 1.1 christos *cssl = clientssl; 845 1.1 christos return 1; 846 1.1 christos 847 1.1 christos error: 848 1.1 christos SSL_free(serverssl); 849 1.1 christos SSL_free(clientssl); 850 1.1 christos BIO_free(s_to_c_bio); 851 1.1 christos BIO_free(c_to_s_bio); 852 1.1 christos BIO_free(s_to_c_fbio); 853 1.1 christos BIO_free(c_to_s_fbio); 854 1.1 christos 855 1.1 christos return 0; 856 1.1 christos } 857 1.1 christos 858 1.1.1.2 christos /* 859 1.1.1.2 christos * Create an SSL connection, but does not ready any post-handshake 860 1.1.1.2 christos * NewSessionTicket messages. 861 1.1.1.2 christos * If |read| is set and we're using DTLS then we will attempt to SSL_read on 862 1.1.1.2 christos * the connection once we've completed one half of it, to ensure any retransmits 863 1.1.1.2 christos * get triggered. 864 1.1.1.2 christos */ 865 1.1.1.2 christos int create_bare_ssl_connection(SSL *serverssl, SSL *clientssl, int want, 866 1.1.1.2 christos int read) 867 1.1 christos { 868 1.1 christos int retc = -1, rets = -1, err, abortctr = 0; 869 1.1.1.2 christos int clienterr = 0, servererr = 0; 870 1.1.1.2 christos int isdtls = SSL_is_dtls(serverssl); 871 1.1 christos 872 1.1 christos do { 873 1.1 christos err = SSL_ERROR_WANT_WRITE; 874 1.1.1.2 christos while (!clienterr && retc <= 0 && err == SSL_ERROR_WANT_WRITE) { 875 1.1 christos retc = SSL_connect(clientssl); 876 1.1 christos if (retc <= 0) 877 1.1 christos err = SSL_get_error(clientssl, retc); 878 1.1 christos } 879 1.1 christos 880 1.1.1.2 christos if (!clienterr && retc <= 0 && err != SSL_ERROR_WANT_READ) { 881 1.1.1.2 christos TEST_info("SSL_connect() failed %d, %d", retc, err); 882 1.1.1.2 christos clienterr = 1; 883 1.1 christos } 884 1.1.1.2 christos if (want != SSL_ERROR_NONE && err == want) 885 1.1.1.2 christos return 0; 886 1.1 christos 887 1.1 christos err = SSL_ERROR_WANT_WRITE; 888 1.1.1.2 christos while (!servererr && rets <= 0 && err == SSL_ERROR_WANT_WRITE) { 889 1.1 christos rets = SSL_accept(serverssl); 890 1.1 christos if (rets <= 0) 891 1.1 christos err = SSL_get_error(serverssl, rets); 892 1.1 christos } 893 1.1 christos 894 1.1.1.2 christos if (!servererr && rets <= 0 895 1.1.1.2 christos && err != SSL_ERROR_WANT_READ 896 1.1.1.2 christos && err != SSL_ERROR_WANT_X509_LOOKUP) { 897 1.1.1.2 christos TEST_info("SSL_accept() failed %d, %d", rets, err); 898 1.1.1.2 christos servererr = 1; 899 1.1.1.2 christos } 900 1.1.1.2 christos if (want != SSL_ERROR_NONE && err == want) 901 1.1.1.2 christos return 0; 902 1.1.1.2 christos if (clienterr && servererr) 903 1.1 christos return 0; 904 1.1.1.2 christos if (isdtls && read) { 905 1.1.1.2 christos unsigned char buf[20]; 906 1.1.1.2 christos 907 1.1.1.2 christos /* Trigger any retransmits that may be appropriate */ 908 1.1.1.2 christos if (rets > 0 && retc <= 0) { 909 1.1.1.2 christos if (SSL_read(serverssl, buf, sizeof(buf)) > 0) { 910 1.1.1.2 christos /* We don't expect this to succeed! */ 911 1.1.1.2 christos TEST_info("Unexpected SSL_read() success!"); 912 1.1.1.2 christos return 0; 913 1.1.1.2 christos } 914 1.1.1.2 christos } 915 1.1.1.2 christos if (retc > 0 && rets <= 0) { 916 1.1.1.2 christos if (SSL_read(clientssl, buf, sizeof(buf)) > 0) { 917 1.1.1.2 christos /* We don't expect this to succeed! */ 918 1.1.1.2 christos TEST_info("Unexpected SSL_read() success!"); 919 1.1.1.2 christos return 0; 920 1.1.1.2 christos } 921 1.1.1.2 christos } 922 1.1 christos } 923 1.1 christos if (++abortctr == MAXLOOPS) { 924 1.1.1.2 christos TEST_info("No progress made"); 925 1.1 christos return 0; 926 1.1 christos } 927 1.1.1.2 christos if (isdtls && abortctr <= 50 && (abortctr % 10) == 0) { 928 1.1.1.2 christos /* 929 1.1.1.2 christos * It looks like we're just spinning. Pause for a short period to 930 1.1.1.2 christos * give the DTLS timer a chance to do something. We only do this for 931 1.1.1.2 christos * the first few times to prevent hangs. 932 1.1.1.2 christos */ 933 1.1.1.2 christos ossl_sleep(50); 934 1.1.1.2 christos } 935 1.1 christos } while (retc <=0 || rets <= 0); 936 1.1 christos 937 1.1 christos return 1; 938 1.1 christos } 939 1.1.1.2 christos 940 1.1.1.2 christos /* 941 1.1.1.2 christos * Create an SSL connection including any post handshake NewSessionTicket 942 1.1.1.2 christos * messages. 943 1.1.1.2 christos */ 944 1.1.1.2 christos int create_ssl_connection(SSL *serverssl, SSL *clientssl, int want) 945 1.1.1.2 christos { 946 1.1.1.2 christos int i; 947 1.1.1.2 christos unsigned char buf; 948 1.1.1.2 christos size_t readbytes; 949 1.1.1.2 christos 950 1.1.1.2 christos if (!create_bare_ssl_connection(serverssl, clientssl, want, 1)) 951 1.1.1.2 christos return 0; 952 1.1.1.2 christos 953 1.1.1.2 christos /* 954 1.1.1.2 christos * We attempt to read some data on the client side which we expect to fail. 955 1.1.1.2 christos * This will ensure we have received the NewSessionTicket in TLSv1.3 where 956 1.1.1.2 christos * appropriate. We do this twice because there are 2 NewSessionTickets. 957 1.1.1.2 christos */ 958 1.1.1.2 christos for (i = 0; i < 2; i++) { 959 1.1.1.2 christos if (SSL_read_ex(clientssl, &buf, sizeof(buf), &readbytes) > 0) { 960 1.1.1.2 christos if (!TEST_ulong_eq(readbytes, 0)) 961 1.1.1.2 christos return 0; 962 1.1.1.2 christos } else if (!TEST_int_eq(SSL_get_error(clientssl, 0), 963 1.1.1.2 christos SSL_ERROR_WANT_READ)) { 964 1.1.1.2 christos return 0; 965 1.1.1.2 christos } 966 1.1.1.2 christos } 967 1.1.1.2 christos 968 1.1.1.2 christos return 1; 969 1.1.1.2 christos } 970 1.1.1.2 christos 971 1.1.1.2 christos void shutdown_ssl_connection(SSL *serverssl, SSL *clientssl) 972 1.1.1.2 christos { 973 1.1.1.2 christos SSL_shutdown(clientssl); 974 1.1.1.2 christos SSL_shutdown(serverssl); 975 1.1.1.2 christos SSL_free(serverssl); 976 1.1.1.2 christos SSL_free(clientssl); 977 1.1.1.2 christos } 978
Indexes created Mon Mar 02 05:31:46 UTC 2026