]> git.ipfire.org Git - thirdparty/openssl.git/blame - test/quic_multistream_test.c
projects / thirdparty / openssl.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
QUIC APL: Support waiting for peer-initiated shutdown
[thirdparty/openssl.git] / test / quic_multistream_test.c
CommitLineData
ed835673
HL		 1/*
2 * Copyright 2023 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9#include <openssl/ssl.h>
10#include <openssl/quic.h>
11#include <openssl/bio.h>
12#include <openssl/lhash.h>
13#include "internal/quic_tserver.h"
de521629 14#include "internal/quic_ssl.h"
e26dc8e3 15#include "internal/quic_error.h"
ed835673 16#include "testutil.h"
e26dc8e3 17#include "helpers/quictestlib.h"
a350db73
HL		 18#if defined(OPENSSL_THREADS)
19# include "internal/thread_arch.h"
20#endif
ed835673
HL		 21
22static const char *certfile, *keyfile;
23
a350db73
HL		 24#if defined(OPENSSL_THREADS)
25struct child_thread_args {
26 struct helper *h;
27 const struct script_op *script;
0786483a 28 const char *script_name;
a350db73
HL		 29 int thread_idx;
30
31 CRYPTO_THREAD *t;
32 CRYPTO_MUTEX *m;
33 int testresult;
34 int done;
35};
36#endif
37
ed835673
HL		 38typedef struct stream_info {
39 const char *name;
40 SSL *c_stream;
41 uint64_t s_stream_id;
42} STREAM_INFO;
43
44DEFINE_LHASH_OF_EX(STREAM_INFO);
45
46struct helper {
47 int s_fd;
e26dc8e3 48 BIO *s_net_bio, *s_net_bio_own, *s_qtf_wbio, *s_qtf_wbio_own;
ed835673
HL		 49 BIO_ADDR *s_net_bio_addr;
50 QUIC_TSERVER *s;
51 LHASH_OF(STREAM_INFO) *s_streams;
52
53 int c_fd;
54 BIO *c_net_bio, *c_net_bio_own;
55 SSL_CTX *c_ctx;
56 SSL *c_conn;
57 LHASH_OF(STREAM_INFO) *c_streams;
58
a350db73
HL		 59#if defined(OPENSSL_THREADS)
60 struct child_thread_args *threads;
61 size_t num_threads;
62#endif
63
ed835673 64 OSSL_TIME start_time;
693b23e3
HL		 65
66 /*
67 * This is a duration recording the amount of time we have skipped forwards
68 * for testing purposes relative to the real ossl_time_now() clock. We add
69 * a quantity of time to this every time we skip some time.
70 */
71 CRYPTO_RWLOCK *time_lock;
72 OSSL_TIME time_slip; /* protected by time_lock */
73
e26dc8e3
HL		 74 QTEST_FAULT *qtf;
75
9715e3aa 76 int init, blocking, check_spin_again;
e26dc8e3
HL		 77 int free_order, need_injector;
78
79 int (*qtf_packet_plain_cb)(struct helper *h, QUIC_PKT_HDR *hdr,
80 unsigned char *buf, size_t buf_len);
de56eebd
HL		 81 int (*qtf_handshake_cb)(struct helper *h,
82 unsigned char *buf, size_t buf_len);
69169cd9
HL		 83 int (*qtf_datagram_cb)(struct helper *h,
84 BIO_MSG *m, size_t stride);
e26dc8e3 85 uint64_t inject_word0, inject_word1;
14551f1e 86 uint64_t scratch0, scratch1, fail_count;
ed835673
HL		 87};
88
a350db73
HL		 89struct helper_local {
90 struct helper *h;
91 LHASH_OF(STREAM_INFO) *c_streams;
92 int thread_idx;
93};
94
ed835673
HL		 95struct script_op {
96 uint32_t op;
97 const void *arg0;
98 size_t arg1;
99 int (*check_func)(struct helper *h, const struct script_op *op);
100 const char *stream_name;
101 uint64_t arg2;
e26dc8e3
HL		 102 int (*qtf_packet_plain_cb)(struct helper *h, QUIC_PKT_HDR *hdr,
103 unsigned char *buf, size_t buf_len);
de56eebd
HL		 104 int (*qtf_handshake_cb)(struct helper *h,
105 unsigned char *buf, size_t buf_len);
69169cd9
HL		 106 int (*qtf_datagram_cb)(struct helper *h,
107 BIO_MSG *m, size_t stride);
ed835673
HL		 108};
109
110#define OPK_END 0
111#define OPK_CHECK 1
112#define OPK_C_SET_ALPN 2
113#define OPK_C_CONNECT_WAIT 3
114#define OPK_C_WRITE 4
115#define OPK_S_WRITE 5
116#define OPK_C_READ_EXPECT 6
117#define OPK_S_READ_EXPECT 7
118#define OPK_C_EXPECT_FIN 8
119#define OPK_S_EXPECT_FIN 9
120#define OPK_C_CONCLUDE 10
121#define OPK_S_CONCLUDE 11
122#define OPK_C_DETACH 12
123#define OPK_C_ATTACH 13
124#define OPK_C_NEW_STREAM 14
125#define OPK_S_NEW_STREAM 15
a350db73 126#define OPK_C_ACCEPT_STREAM_WAIT 16
ed835673
HL		 127#define OPK_C_ACCEPT_STREAM_NONE 17
128#define OPK_C_FREE_STREAM 18
129#define OPK_C_SET_DEFAULT_STREAM_MODE 19
83df44ae 130#define OPK_C_SET_INCOMING_STREAM_POLICY 20
cd5e4380 131#define OPK_C_SHUTDOWN_WAIT 21
ed835673
HL		 132#define OPK_C_EXPECT_CONN_CLOSE_INFO 22
133#define OPK_S_EXPECT_CONN_CLOSE_INFO 23
134#define OPK_S_BIND_STREAM_ID 24
135#define OPK_C_WAIT_FOR_DATA 25
136#define OPK_C_WRITE_FAIL 26
137#define OPK_S_WRITE_FAIL 27
138#define OPK_C_READ_FAIL 28
139#define OPK_C_STREAM_RESET 29
a350db73
HL		 140#define OPK_S_ACCEPT_STREAM_WAIT 30
141#define OPK_NEW_THREAD 31
fca44cfc
HL		 142#define OPK_BEGIN_REPEAT 32
143#define OPK_END_REPEAT 33
144#define OPK_S_UNBIND_STREAM_ID 34
0345cac6
TM		 145#define OPK_C_READ_FAIL_WAIT 35
146#define OPK_C_CLOSE_SOCKET 36
147#define OPK_C_EXPECT_SSL_ERR 37
148#define OPK_EXPECT_ERR_REASON 38
149#define OPK_EXPECT_ERR_LIB 39
150#define OPK_SLEEP 40
2f018d14 151#define OPK_S_READ_FAIL 41
e26dc8e3
HL		 152#define OPK_S_SET_INJECT_PLAIN 42
153#define OPK_SET_INJECT_WORD 43
cd5e4380
HL		 154#define OPK_C_INHIBIT_TICK 44
155#define OPK_C_SET_WRITE_BUF_SIZE 45
de56eebd 156#define OPK_S_SET_INJECT_HANDSHAKE 46
614c08c2 157#define OPK_S_NEW_TICKET 47
14551f1e 158#define OPK_C_SKIP_IF_UNBOUND 48
69169cd9 159#define OPK_S_SET_INJECT_DATAGRAM 49
ed835673
HL		 160
161#define EXPECT_CONN_CLOSE_APP (1U << 0)
162#define EXPECT_CONN_CLOSE_REMOTE (1U << 1)
163
14551f1e
HL		 164/* OPK_C_NEW_STREAM */
165#define ALLOW_FAIL (1U << 16)
166
ed835673
HL		 167#define C_BIDI_ID(ordinal) \
168 (((ordinal) << 2) | QUIC_STREAM_INITIATOR_CLIENT | QUIC_STREAM_DIR_BIDI)
169#define S_BIDI_ID(ordinal) \
170 (((ordinal) << 2) | QUIC_STREAM_INITIATOR_SERVER | QUIC_STREAM_DIR_BIDI)
171#define C_UNI_ID(ordinal) \
172 (((ordinal) << 2) | QUIC_STREAM_INITIATOR_CLIENT | QUIC_STREAM_DIR_UNI)
173#define S_UNI_ID(ordinal) \
174 (((ordinal) << 2) | QUIC_STREAM_INITIATOR_SERVER | QUIC_STREAM_DIR_UNI)
175
a350db73
HL		 176#define ANY_ID UINT64_MAX
177
ed835673
HL		 178#define OP_END \
179 {OPK_END}
180#define OP_CHECK(func, arg2) \
181 {OPK_CHECK, NULL, 0, (func), NULL, (arg2)},
182#define OP_C_SET_ALPN(alpn) \
183 {OPK_C_SET_ALPN, (alpn), 0, NULL, NULL},
184#define OP_C_CONNECT_WAIT() \
185 {OPK_C_CONNECT_WAIT, NULL, 0, NULL, NULL},
e26dc8e3
HL		 186#define OP_C_CONNECT_WAIT_OR_FAIL() \
187 {OPK_C_CONNECT_WAIT, NULL, 1, NULL, NULL},
ed835673
HL		 188#define OP_C_WRITE(stream_name, buf, buf_len) \
189 {OPK_C_WRITE, (buf), (buf_len), NULL, #stream_name},
190#define OP_S_WRITE(stream_name, buf, buf_len) \
191 {OPK_S_WRITE, (buf), (buf_len), NULL, #stream_name},
192#define OP_C_READ_EXPECT(stream_name, buf, buf_len) \
193 {OPK_C_READ_EXPECT, (buf), (buf_len), NULL, #stream_name},
194#define OP_S_READ_EXPECT(stream_name, buf, buf_len) \
195 {OPK_S_READ_EXPECT, (buf), (buf_len), NULL, #stream_name},
196#define OP_C_EXPECT_FIN(stream_name) \
197 {OPK_C_EXPECT_FIN, NULL, 0, NULL, #stream_name},
198#define OP_S_EXPECT_FIN(stream_name) \
199 {OPK_S_EXPECT_FIN, NULL, 0, NULL, #stream_name},
200#define OP_C_CONCLUDE(stream_name) \
201 {OPK_C_CONCLUDE, NULL, 0, NULL, #stream_name},
202#define OP_S_CONCLUDE(stream_name) \
203 {OPK_S_CONCLUDE, NULL, 0, NULL, #stream_name},
204#define OP_C_DETACH(stream_name) \
205 {OPK_C_DETACH, NULL, 0, NULL, #stream_name},
206#define OP_C_ATTACH(stream_name) \
207 {OPK_C_ATTACH, NULL, 0, NULL, #stream_name},
208#define OP_C_NEW_STREAM_BIDI(stream_name, expect_id) \
209 {OPK_C_NEW_STREAM, NULL, 0, NULL, #stream_name, (expect_id)},
14551f1e
HL		 210#define OP_C_NEW_STREAM_BIDI_EX(stream_name, expect_id, flags) \
211 {OPK_C_NEW_STREAM, NULL, (flags), NULL, #stream_name, (expect_id)},
ed835673 212#define OP_C_NEW_STREAM_UNI(stream_name, expect_id) \
14551f1e
HL		 213 {OPK_C_NEW_STREAM, NULL, SSL_STREAM_FLAG_UNI, \
214 NULL, #stream_name, (expect_id)},
215#define OP_C_NEW_STREAM_UNI_EX(stream_name, expect_id, flags) \
216 {OPK_C_NEW_STREAM, NULL, (flags) | SSL_STREAM_FLAG_UNI, \
217 NULL, #stream_name, (expect_id)},
ed835673
HL		 218#define OP_S_NEW_STREAM_BIDI(stream_name, expect_id) \
219 {OPK_S_NEW_STREAM, NULL, 0, NULL, #stream_name, (expect_id)},
220#define OP_S_NEW_STREAM_UNI(stream_name, expect_id) \
221 {OPK_S_NEW_STREAM, NULL, 1, NULL, #stream_name, (expect_id)},
a350db73
HL		 222#define OP_C_ACCEPT_STREAM_WAIT(stream_name) \
223 {OPK_C_ACCEPT_STREAM_WAIT, NULL, 0, NULL, #stream_name},
ed835673
HL		 224#define OP_C_ACCEPT_STREAM_NONE() \
225 {OPK_C_ACCEPT_STREAM_NONE, NULL, 0, NULL, NULL},
226#define OP_C_FREE_STREAM(stream_name) \
227 {OPK_C_FREE_STREAM, NULL, 0, NULL, #stream_name},
228#define OP_C_SET_DEFAULT_STREAM_MODE(mode) \
229 {OPK_C_SET_DEFAULT_STREAM_MODE, NULL, (mode), NULL, NULL},
83df44ae
HL		 230#define OP_C_SET_INCOMING_STREAM_POLICY(policy) \
231 {OPK_C_SET_INCOMING_STREAM_POLICY, NULL, (policy), NULL, NULL},
d49a1634
HL		 232#define OP_C_SHUTDOWN_WAIT(reason) \
233 {OPK_C_SHUTDOWN_WAIT, (reason), 0, NULL, NULL},
ed835673
HL		 234#define OP_C_EXPECT_CONN_CLOSE_INFO(ec, app, remote) \
235 {OPK_C_EXPECT_CONN_CLOSE_INFO, NULL, \
236 ((app) ? EXPECT_CONN_CLOSE_APP : 0) | \
237 ((remote) ? EXPECT_CONN_CLOSE_REMOTE : 0), \
238 NULL, NULL, (ec)},
239#define OP_S_EXPECT_CONN_CLOSE_INFO(ec, app, remote) \
240 {OPK_S_EXPECT_CONN_CLOSE_INFO, NULL, \
241 ((app) ? EXPECT_CONN_CLOSE_APP : 0) | \
242 ((remote) ? EXPECT_CONN_CLOSE_REMOTE : 0), \
243 NULL, NULL, (ec)},
244#define OP_S_BIND_STREAM_ID(stream_name, stream_id) \
245 {OPK_S_BIND_STREAM_ID, NULL, 0, NULL, #stream_name, (stream_id)},
246#define OP_C_WAIT_FOR_DATA(stream_name) \
247 {OPK_C_WAIT_FOR_DATA, NULL, 0, NULL, #stream_name},
248#define OP_C_WRITE_FAIL(stream_name) \
249 {OPK_C_WRITE_FAIL, NULL, 0, NULL, #stream_name},
250#define OP_S_WRITE_FAIL(stream_name) \
251 {OPK_S_WRITE_FAIL, NULL, 0, NULL, #stream_name},
252#define OP_C_READ_FAIL(stream_name) \
253 {OPK_C_READ_FAIL, NULL, 0, NULL, #stream_name},
2f018d14
HL		 254#define OP_S_READ_FAIL(stream_name) \
255 {OPK_S_READ_FAIL, NULL, 0, NULL, #stream_name},
ed835673
HL		 256#define OP_C_STREAM_RESET(stream_name, aec) \
257 {OPK_C_STREAM_RESET, NULL, 0, NULL, #stream_name, (aec)},
a350db73
HL		 258#define OP_S_ACCEPT_STREAM_WAIT(stream_name) \
259 {OPK_S_ACCEPT_STREAM_WAIT, NULL, 0, NULL, #stream_name},
260#define OP_NEW_THREAD(num_threads, script) \
fca44cfc
HL		 261 {OPK_NEW_THREAD, (script), (num_threads), NULL, NULL, 0 },
262#define OP_BEGIN_REPEAT(n) \
263 {OPK_BEGIN_REPEAT, NULL, (n)},
264#define OP_END_REPEAT() \
265 {OPK_END_REPEAT},
266#define OP_S_UNBIND_STREAM_ID(stream_name) \
267 {OPK_S_UNBIND_STREAM_ID, NULL, 0, NULL, #stream_name},
0345cac6
TM		 268#define OP_C_READ_FAIL_WAIT(stream_name) \
269 {OPK_C_READ_FAIL_WAIT, NULL, 0, NULL, #stream_name},
270#define OP_C_CLOSE_SOCKET() \
271 {OPK_C_CLOSE_SOCKET},
272#define OP_C_EXPECT_SSL_ERR(stream_name, err) \
273 {OPK_C_EXPECT_SSL_ERR, NULL, (err), NULL, #stream_name},
274#define OP_EXPECT_ERR_REASON(err) \
275 {OPK_EXPECT_ERR_REASON, NULL, (err)},
276#define OP_EXPECT_ERR_LIB(lib) \
277 {OPK_EXPECT_ERR_LIB, NULL, (lib)},
278#define OP_SLEEP(ms) \
279 {OPK_SLEEP, NULL, 0, NULL, NULL, (ms)},
e26dc8e3
HL		 280#define OP_S_SET_INJECT_PLAIN(f) \
281 {OPK_S_SET_INJECT_PLAIN, NULL, 0, NULL, NULL, 0, (f)},
282#define OP_SET_INJECT_WORD(w0, w1) \
283 {OPK_SET_INJECT_WORD, NULL, (w0), NULL, NULL, (w1), NULL},
cd5e4380
HL		 284#define OP_C_INHIBIT_TICK(inhibit) \
285 {OPK_C_INHIBIT_TICK, NULL, (inhibit), NULL, NULL, 0, NULL},
286#define OP_C_SET_WRITE_BUF_SIZE(stream_name, size) \
287 {OPK_C_SET_WRITE_BUF_SIZE, NULL, (size), NULL, #stream_name},
de56eebd
HL		 288#define OP_S_SET_INJECT_HANDSHAKE(f) \
289 {OPK_S_SET_INJECT_HANDSHAKE, NULL, 0, NULL, NULL, 0, NULL, (f)},
614c08c2
MC		 290#define OP_S_NEW_TICKET() \
291 {OPK_S_NEW_TICKET},
14551f1e
HL		 292#define OP_C_SKIP_IF_UNBOUND(stream_name, n) \
293 {OPK_C_SKIP_IF_UNBOUND, NULL, (n), NULL, #stream_name},
69169cd9
HL		 294#define OP_S_SET_INJECT_DATAGRAM(f) \
295 {OPK_S_SET_INJECT_DATAGRAM, NULL, 0, NULL, NULL, 0, NULL, NULL, (f)},
ed835673 296
693b23e3
HL		 297static OSSL_TIME get_time(void *arg)
298{
299 struct helper *h = arg;
300 OSSL_TIME t;
301
302 if (!TEST_true(CRYPTO_THREAD_read_lock(h->time_lock)))
303 return ossl_time_zero();
304
305 t = ossl_time_add(ossl_time_now(), h->time_slip);
306
307 CRYPTO_THREAD_unlock(h->time_lock);
308 return t;
309}
310
311static int skip_time_ms(struct helper *h, const struct script_op *op)
312{
313 if (!TEST_true(CRYPTO_THREAD_write_lock(h->time_lock)))
314 return 0;
315
316 h->time_slip = ossl_time_add(h->time_slip, ossl_ms2time(op->arg2));
317
318 CRYPTO_THREAD_unlock(h->time_lock);
319 return 1;
320}
321
ed835673
HL		 322static int check_rejected(struct helper *h, const struct script_op *op)
323{
324 uint64_t stream_id = op->arg2;
325
9715e3aa
HL		 326 if (!ossl_quic_tserver_stream_has_peer_stop_sending(h->s, stream_id, NULL)
327 || !ossl_quic_tserver_stream_has_peer_reset_stream(h->s, stream_id, NULL)) {
328 h->check_spin_again = 1;
ed835673 329 return 0;
9715e3aa 330 }
ed835673
HL		 331
332 return 1;
333}
334
335static int check_stream_reset(struct helper *h, const struct script_op *op)
336{
337 uint64_t stream_id = op->arg2, aec = 0;
338
9715e3aa
HL		 339 if (!ossl_quic_tserver_stream_has_peer_reset_stream(h->s, stream_id, &aec)) {
340 h->check_spin_again = 1;
341 return 0;
342 }
343
344 return TEST_uint64_t_eq(aec, 42);
ed835673
HL		 345}
346
347static int check_stream_stopped(struct helper *h, const struct script_op *op)
348{
349 uint64_t stream_id = op->arg2;
350
9715e3aa
HL		 351 if (!ossl_quic_tserver_stream_has_peer_stop_sending(h->s, stream_id, NULL)) {
352 h->check_spin_again = 1;
353 return 0;
354 }
355
356 return 1;
ed835673
HL		 357}
358
693b23e3
HL		 359static int override_key_update(struct helper *h, const struct script_op *op)
360{
361 QUIC_CHANNEL *ch = ossl_quic_conn_get_channel(h->c_conn);
362
363 ossl_quic_channel_set_txku_threshold_override(ch, op->arg2);
364 return 1;
365}
366
2525109f
HL		 367static int trigger_key_update(struct helper *h, const struct script_op *op)
368{
369 if (!TEST_true(SSL_key_update(h->c_conn, SSL_KEY_UPDATE_REQUESTED)))
370 return 0;
371
372 return 1;
373}
374
693b23e3
HL		 375static int check_key_update_ge(struct helper *h, const struct script_op *op)
376{
377 QUIC_CHANNEL *ch = ossl_quic_conn_get_channel(h->c_conn);
378 int64_t txke = (int64_t)ossl_quic_channel_get_tx_key_epoch(ch);
379 int64_t rxke = (int64_t)ossl_quic_channel_get_rx_key_epoch(ch);
380 int64_t diff = txke - rxke;
381
382 /*
383 * TXKE must always be equal to or ahead of RXKE.
384 * It can be ahead of RXKE by at most 1.
385 */
386 if (!TEST_int64_t_ge(diff, 0) || !TEST_int64_t_le(diff, 1))
387 return 0;
388
389 /* Caller specifies a minimum number of RXKEs which must have happened. */
390 if (!TEST_uint64_t_ge((uint64_t)rxke, op->arg2))
391 return 0;
392
393 return 1;
394}
395
396static int check_key_update_lt(struct helper *h, const struct script_op *op)
397{
398 QUIC_CHANNEL *ch = ossl_quic_conn_get_channel(h->c_conn);
399 uint64_t txke = ossl_quic_channel_get_tx_key_epoch(ch);
400
401 /* Caller specifies a maximum number of TXKEs which must have happened. */
402 if (!TEST_uint64_t_lt(txke, op->arg2))
403 return 0;
404
405 return 1;
406}
407
ed835673
HL		 408static unsigned long stream_info_hash(const STREAM_INFO *info)
409{
410 return OPENSSL_LH_strhash(info->name);
411}
412
413static int stream_info_cmp(const STREAM_INFO *a, const STREAM_INFO *b)
414{
415 return strcmp(a->name, b->name);
416}
417
418static void cleanup_stream(STREAM_INFO *info)
419{
420 SSL_free(info->c_stream);
421 OPENSSL_free(info);
422}
423
424static void helper_cleanup_streams(LHASH_OF(STREAM_INFO) **lh)
425{
426 if (*lh == NULL)
427 return;
428
429 lh_STREAM_INFO_doall(*lh, cleanup_stream);
430 lh_STREAM_INFO_free(*lh);
431 *lh = NULL;
432}
433
a350db73
HL		 434#if defined(OPENSSL_THREADS)
435static CRYPTO_THREAD_RETVAL run_script_child_thread(void *arg);
436
437static int join_threads(struct child_thread_args *threads, size_t num_threads)
438{
439 int ok = 1;
440 size_t i;
441 CRYPTO_THREAD_RETVAL rv;
442
443 for (i = 0; i < num_threads; ++i) {
444 if (threads[i].t != NULL) {
445 ossl_crypto_thread_native_join(threads[i].t, &rv);
446
447 if (!threads[i].testresult)
448 /* Do not log failure here, worker will do it. */
449 ok = 0;
450
451 ossl_crypto_thread_native_clean(threads[i].t);
452 threads[i].t = NULL;
453 }
454
455 ossl_crypto_mutex_free(&threads[i].m);
456 }
457
458 return ok;
459}
460#endif
461
ed835673
HL		 462static void helper_cleanup(struct helper *h)
463{
a350db73
HL		 464#if defined(OPENSSL_THREADS)
465 join_threads(h->threads, h->num_threads);
466 OPENSSL_free(h->threads);
467 h->threads = NULL;
468 h->num_threads = 0;
469#endif
470
97f30fd5
HL		 471 if (h->free_order == 0) {
472 /* order 0: streams, then conn */
473 helper_cleanup_streams(&h->c_streams);
474
475 SSL_free(h->c_conn);
476 h->c_conn = NULL;
477 } else {
478 /* order 1: conn, then streams */
479 SSL_free(h->c_conn);
480 h->c_conn = NULL;
481
482 helper_cleanup_streams(&h->c_streams);
483 }
ed835673 484
97f30fd5 485 helper_cleanup_streams(&h->s_streams);
ed835673
HL		 486 ossl_quic_tserver_free(h->s);
487 h->s = NULL;
488
489 BIO_free(h->s_net_bio_own);
490 h->s_net_bio_own = NULL;
491
492 BIO_free(h->c_net_bio_own);
493 h->c_net_bio_own = NULL;
494
e26dc8e3
HL		 495 BIO_free(h->s_qtf_wbio_own);
496 h->s_qtf_wbio_own = NULL;
497
1d547f8f
HL		 498 qtest_fault_free(h->qtf);
499 h->qtf = NULL;
7eebc354 500
ed835673
HL		 501 if (h->s_fd >= 0) {
502 BIO_closesocket(h->s_fd);
503 h->s_fd = -1;
504 }
505
506 if (h->c_fd >= 0) {
507 BIO_closesocket(h->c_fd);
508 h->c_fd = -1;
509 }
510
511 BIO_ADDR_free(h->s_net_bio_addr);
512 h->s_net_bio_addr = NULL;
513
514 SSL_CTX_free(h->c_ctx);
515 h->c_ctx = NULL;
693b23e3
HL		 516
517 CRYPTO_THREAD_lock_free(h->time_lock);
518 h->time_lock = NULL;
ed835673
HL		 519}
520
e26dc8e3 521static int helper_init(struct helper *h, int free_order, int need_injector)
ed835673
HL		 522{
523 short port = 8186;
524 struct in_addr ina = {0};
525 QUIC_TSERVER_ARGS s_args = {0};
526
527 memset(h, 0, sizeof(*h));
528 h->c_fd = -1;
529 h->s_fd = -1;
97f30fd5 530 h->free_order = free_order;
e26dc8e3 531 h->need_injector = need_injector;
693b23e3
HL		 532 h->time_slip = ossl_time_zero();
533
534 if (!TEST_ptr(h->time_lock = CRYPTO_THREAD_lock_new()))
535 goto err;
ed835673
HL		 536
537 if (!TEST_ptr(h->s_streams = lh_STREAM_INFO_new(stream_info_hash,
538 stream_info_cmp)))
539 goto err;
540
541 if (!TEST_ptr(h->c_streams = lh_STREAM_INFO_new(stream_info_hash,
542 stream_info_cmp)))
543 goto err;
544
545 ina.s_addr = htonl(0x7f000001UL);
546
547 h->s_fd = BIO_socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP, 0);
548 if (!TEST_int_ge(h->s_fd, 0))
549 goto err;
550
551 if (!TEST_true(BIO_socket_nbio(h->s_fd, 1)))
552 goto err;
553
554 if (!TEST_ptr(h->s_net_bio_addr = BIO_ADDR_new()))
555 goto err;
556
557 if (!TEST_true(BIO_ADDR_rawmake(h->s_net_bio_addr, AF_INET, &ina, sizeof(ina),
558 htons(port))))
559 goto err;
560
561 if (!TEST_true(BIO_bind(h->s_fd, h->s_net_bio_addr, 0)))
562 goto err;
563
564 if (!TEST_int_gt(BIO_ADDR_rawport(h->s_net_bio_addr), 0))
565 goto err;
566
567 if (!TEST_ptr(h->s_net_bio = h->s_net_bio_own = BIO_new_dgram(h->s_fd, 0)))
568 goto err;
569
570 if (!BIO_up_ref(h->s_net_bio))
571 goto err;
572
e26dc8e3
HL		 573 if (need_injector) {
574 h->s_qtf_wbio = h->s_qtf_wbio_own = BIO_new(qtest_get_bio_method());
575 if (!TEST_ptr(h->s_qtf_wbio))
576 goto err;
577
578 if (!TEST_ptr(BIO_push(h->s_qtf_wbio, h->s_net_bio)))
579 goto err;
580
581 s_args.net_wbio = h->s_qtf_wbio;
582 } else {
583 s_args.net_wbio = h->s_net_bio;
584 }
585
693b23e3 586 s_args.net_rbio = h->s_net_bio;
37f27b91 587 s_args.alpn = NULL;
693b23e3
HL		 588 s_args.now_cb = get_time;
589 s_args.now_cb_arg = h;
829eec9f 590 s_args.ctx = NULL;
ed835673
HL		 591
592 if (!TEST_ptr(h->s = ossl_quic_tserver_new(&s_args, certfile, keyfile)))
593 goto err;
594
e26dc8e3
HL		 595 if (need_injector) {
596 h->qtf = qtest_create_injector(h->s);
597 if (!TEST_ptr(h->qtf))
598 goto err;
599
600 BIO_set_data(h->s_qtf_wbio, h->qtf);
601 }
602
7eebc354
HL		 603 if (!need_injector)
604 h->s_net_bio_own = NULL;
605
e26dc8e3 606 h->s_qtf_wbio_own = NULL;
ed835673
HL		 607
608 h->c_fd = BIO_socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP, 0);
609 if (!TEST_int_ge(h->c_fd, 0))
610 goto err;
611
612 if (!TEST_true(BIO_socket_nbio(h->c_fd, 1)))
613 goto err;
614
615 if (!TEST_ptr(h->c_net_bio = h->c_net_bio_own = BIO_new_dgram(h->c_fd, 0)))
616 goto err;
617
618 if (!TEST_true(BIO_dgram_set_peer(h->c_net_bio, h->s_net_bio_addr)))
619 goto err;
620
ed835673
HL		 621 if (!TEST_ptr(h->c_ctx = SSL_CTX_new(OSSL_QUIC_client_method())))
622 goto err;
623
624 if (!TEST_ptr(h->c_conn = SSL_new(h->c_ctx)))
625 goto err;
626
693b23e3
HL		 627 /* Use custom time function for virtual time skip. */
628 if (!TEST_true(ossl_quic_conn_set_override_now_cb(h->c_conn, get_time, h)))
629 goto err;
630
ed835673
HL		 631 /* Takes ownership of our reference to the BIO. */
632 SSL_set0_rbio(h->c_conn, h->c_net_bio);
633 h->c_net_bio_own = NULL;
634
635 if (!TEST_true(BIO_up_ref(h->c_net_bio)))
636 goto err;
637
638 SSL_set0_wbio(h->c_conn, h->c_net_bio);
639
640 if (!TEST_true(SSL_set_blocking_mode(h->c_conn, 0)))
641 goto err;
642
643 h->start_time = ossl_time_now();
644 h->init = 1;
645 return 1;
646
647err:
648 helper_cleanup(h);
649 return 0;
650}
651
a350db73
HL		 652static int helper_local_init(struct helper_local *hl, struct helper *h,
653 int thread_idx)
654{
655 hl->h = h;
656 hl->c_streams = NULL;
657 hl->thread_idx = thread_idx;
658
659 if (!TEST_ptr(h))
660 return 0;
661
662 if (thread_idx < 0) {
663 hl->c_streams = h->c_streams;
664 } else {
665 if (!TEST_ptr(hl->c_streams = lh_STREAM_INFO_new(stream_info_hash,
666 stream_info_cmp)))
667 return 0;
668 }
669
670 return 1;
671}
672
673static void helper_local_cleanup(struct helper_local *hl)
674{
675 if (hl->h == NULL)
676 return;
677
678 if (hl->thread_idx >= 0)
679 helper_cleanup_streams(&hl->c_streams);
680
681 hl->h = NULL;
682}
683
ed835673
HL		 684static STREAM_INFO *get_stream_info(LHASH_OF(STREAM_INFO) *lh,
685 const char *stream_name)
686{
687 STREAM_INFO key, *info;
688
689 if (!TEST_ptr(stream_name))
690 return NULL;
691
692 if (!strcmp(stream_name, "DEFAULT"))
693 return NULL;
694
695 key.name = stream_name;
696 info = lh_STREAM_INFO_retrieve(lh, &key);
697 if (info == NULL) {
698 info = OPENSSL_zalloc(sizeof(*info));
699 if (info == NULL)
700 return NULL;
701
702 info->name = stream_name;
703 info->s_stream_id = UINT64_MAX;
704 lh_STREAM_INFO_insert(lh, info);
705 }
706
707 return info;
708}
709
a350db73
HL		 710static int helper_local_set_c_stream(struct helper_local *hl,
711 const char *stream_name,
712 SSL *c_stream)
ed835673 713{
a350db73 714 STREAM_INFO *info = get_stream_info(hl->c_streams, stream_name);
ed835673
HL		 715
716 if (info == NULL)
717 return 0;
718
719 info->c_stream = c_stream;
720 info->s_stream_id = UINT64_MAX;
721 return 1;
722}
723
a350db73
HL		 724static SSL *helper_local_get_c_stream(struct helper_local *hl,
725 const char *stream_name)
ed835673
HL		 726{
727 STREAM_INFO *info;
728
729 if (!strcmp(stream_name, "DEFAULT"))
a350db73 730 return hl->h->c_conn;
ed835673 731
a350db73 732 info = get_stream_info(hl->c_streams, stream_name);
ed835673
HL		 733 if (info == NULL)
734 return NULL;
735
736 return info->c_stream;
737}
738
739static int
740helper_set_s_stream(struct helper *h, const char *stream_name,
741 uint64_t s_stream_id)
742{
743 STREAM_INFO *info;
744
745 if (!strcmp(stream_name, "DEFAULT"))
746 return 0;
747
748 info = get_stream_info(h->s_streams, stream_name);
749 if (info == NULL)
750 return 0;
751
752 info->c_stream = NULL;
753 info->s_stream_id = s_stream_id;
754 return 1;
755}
756
757static uint64_t helper_get_s_stream(struct helper *h, const char *stream_name)
758{
759 STREAM_INFO *info;
760
761 if (!strcmp(stream_name, "DEFAULT"))
762 return UINT64_MAX;
763
764 info = get_stream_info(h->s_streams, stream_name);
765 if (info == NULL)
766 return UINT64_MAX;
767
768 return info->s_stream_id;
769}
770
e26dc8e3
HL		 771static int helper_packet_plain_listener(QTEST_FAULT *qtf, QUIC_PKT_HDR *hdr,
772 unsigned char *buf, size_t buf_len,
773 void *arg)
774{
775 struct helper *h = arg;
776
777 return h->qtf_packet_plain_cb(h, hdr, buf, buf_len);
778}
779
de56eebd
HL		 780static int helper_handshake_listener(QTEST_FAULT *fault,
781 unsigned char *buf, size_t buf_len,
782 void *arg)
783{
784 struct helper *h = arg;
785
786 return h->qtf_handshake_cb(h, buf, buf_len);
787}
788
69169cd9
HL		 789static int helper_datagram_listener(QTEST_FAULT *fault,
790 BIO_MSG *msg, size_t stride,
791 void *arg)
792{
793 struct helper *h = arg;
794
795 return h->qtf_datagram_cb(h, msg, stride);
796}
797
ed835673
HL		 798static int is_want(SSL *s, int ret)
799{
800 int ec = SSL_get_error(s, ret);
801
802 return ec == SSL_ERROR_WANT_READ || ec == SSL_ERROR_WANT_WRITE;
803}
804
a350db73 805static int run_script_worker(struct helper *h, const struct script_op *script,
0786483a 806 const char *script_name,
a350db73 807 int thread_idx)
ed835673 808{
ed835673 809 int testresult = 0;
ed835673
HL		 810 unsigned char *tmp_buf = NULL;
811 int connect_started = 0;
9715e3aa 812 size_t offset = 0;
a350db73
HL		 813 size_t op_idx = 0;
814 const struct script_op *op = NULL;
629b408c
HL		 815 int no_advance = 0, first = 1;
816#if defined(OPENSSL_THREADS)
817 int end_wait_warning = 0;
818#endif
a350db73
HL		 819 OSSL_TIME op_start_time = ossl_time_zero(), op_deadline = ossl_time_zero();
820 struct helper_local hl;
fca44cfc
HL		 821#define REPEAT_SLOTS 8
822 size_t repeat_stack_idx[REPEAT_SLOTS], repeat_stack_done[REPEAT_SLOTS];
823 size_t repeat_stack_limit[REPEAT_SLOTS];
824 size_t repeat_stack_len = 0;
ed835673 825
a350db73 826 if (!TEST_true(helper_local_init(&hl, h, thread_idx)))
ed835673
HL		 827 goto out;
828
2525109f 829#define SPIN_AGAIN() { OSSL_sleep(1); no_advance = 1; continue; }
ed835673 830
9715e3aa 831 for (;;) {
a350db73 832 SSL *c_tgt = h->c_conn;
ed835673
HL		 833 uint64_t s_stream_id = UINT64_MAX;
834
9715e3aa
HL		 835 if (no_advance) {
836 no_advance = 0;
837 } else {
838 if (!first)
839 ++op_idx;
840
841 first = 0;
4f2d32d6 842 offset = 0;
9715e3aa 843 op_start_time = ossl_time_now();
cd5e4380 844 op_deadline = ossl_time_add(op_start_time, ossl_ms2time(8000));
9715e3aa
HL		 845 }
846
847 if (!TEST_int_le(ossl_time_compare(ossl_time_now(), op_deadline), 0)) {
a350db73 848 TEST_error("op %zu timed out on thread %d", op_idx + 1, thread_idx);
9715e3aa
HL		 849 goto out;
850 }
851
ed835673
HL		 852 op = &script[op_idx];
853
854 if (op->stream_name != NULL) {
a350db73
HL		 855 c_tgt = helper_local_get_c_stream(&hl, op->stream_name);
856 if (thread_idx < 0)
857 s_stream_id = helper_get_s_stream(h, op->stream_name);
858 else
859 s_stream_id = UINT64_MAX;
860 }
861
7ba8f79a 862 if (thread_idx < 0)
a350db73 863 ossl_quic_tserver_tick(h->s);
7ba8f79a
HL		 864
865 if (thread_idx >= 0 || connect_started)
6084e04b 866 SSL_handle_events(h->c_conn);
ed835673 867
a350db73
HL		 868 if (thread_idx >= 0) {
869 /* Only allow certain opcodes on child threads. */
870 switch (op->op) {
871 case OPK_END:
872 case OPK_C_ACCEPT_STREAM_WAIT:
873 case OPK_C_NEW_STREAM:
874 case OPK_C_READ_EXPECT:
875 case OPK_C_EXPECT_FIN:
876 case OPK_C_WRITE:
877 case OPK_C_CONCLUDE:
878 case OPK_C_FREE_STREAM:
fca44cfc
HL		 879 case OPK_BEGIN_REPEAT:
880 case OPK_END_REPEAT:
0345cac6
TM		 881 case OPK_C_READ_FAIL_WAIT:
882 case OPK_C_EXPECT_SSL_ERR:
883 case OPK_EXPECT_ERR_REASON:
884 case OPK_EXPECT_ERR_LIB:
885 case OPK_SLEEP:
a350db73
HL		 886 break;
887
888 default:
0cea6df2
MC		 889 TEST_error("opcode %lu not allowed on child thread",
890 (unsigned long)op->op);
a350db73
HL		 891 goto out;
892 }
893 }
ed835673
HL		 894
895 switch (op->op) {
896 case OPK_END:
fca44cfc
HL		 897 if (!TEST_size_t_eq(repeat_stack_len, 0))
898 goto out;
899
629b408c 900#if defined(OPENSSL_THREADS)
a350db73
HL		 901 if (thread_idx < 0) {
902 int done;
903 size_t i;
904
905 for (i = 0; i < h->num_threads; ++i) {
906 if (h->threads[i].m == NULL)
907 continue;
908
909 ossl_crypto_mutex_lock(h->threads[i].m);
910 done = h->threads[i].done;
911 ossl_crypto_mutex_unlock(h->threads[i].m);
912
913 if (!done) {
914 if (!end_wait_warning) {
915 TEST_info("still waiting for other threads to finish (%zu)", i);
916 end_wait_warning = 1;
917 }
918
919 SPIN_AGAIN();
920 }
921 }
922 }
629b408c 923#endif
a350db73 924
0786483a 925 TEST_info("script \"%s\" finished on thread %d", script_name, thread_idx);
ed835673
HL		 926 testresult = 1;
927 goto out;
928
fca44cfc
HL		 929 case OPK_BEGIN_REPEAT:
930 if (!TEST_size_t_lt(repeat_stack_len, OSSL_NELEM(repeat_stack_idx)))
931 goto out;
932
933 if (!TEST_size_t_gt(op->arg1, 0))
934 goto out;
935
936 repeat_stack_idx[repeat_stack_len] = op_idx + 1;
937 repeat_stack_done[repeat_stack_len] = 0;
938 repeat_stack_limit[repeat_stack_len] = op->arg1;
939 ++repeat_stack_len;
940 break;
941
14551f1e
HL		 942 case OPK_C_SKIP_IF_UNBOUND:
943 if (c_tgt != NULL)
944 break;
945
946 op_idx += op->arg1;
947 break;
948
fca44cfc
HL		 949 case OPK_END_REPEAT:
950 if (!TEST_size_t_gt(repeat_stack_len, 0))
951 goto out;
952
953 if (++repeat_stack_done[repeat_stack_len - 1]
954 == repeat_stack_limit[repeat_stack_len - 1]) {
955 --repeat_stack_len;
956 } else {
957 op_idx = repeat_stack_idx[repeat_stack_len - 1];
958 no_advance = 1;
959 continue;
960 }
961
962 break;
963
ed835673 964 case OPK_CHECK:
9715e3aa 965 {
a350db73
HL		 966 int ok = op->check_func(h, op);
967 if (h->check_spin_again) {
968 h->check_spin_again = 0;
9715e3aa
HL		 969 SPIN_AGAIN();
970 }
ed835673 971
9715e3aa
HL		 972 if (!TEST_true(ok))
973 goto out;
974 }
ed835673
HL		 975 break;
976
977 case OPK_C_SET_ALPN:
978 {
979 const char *alpn = op->arg0;
980 size_t alpn_len = strlen(alpn);
981
982 if (!TEST_size_t_le(alpn_len, UINT8_MAX)
983 || !TEST_ptr(tmp_buf = (unsigned char *)OPENSSL_malloc(alpn_len + 1)))
984 goto out;
985
986 memcpy(tmp_buf + 1, alpn, alpn_len);
987 tmp_buf[0] = (unsigned char)alpn_len;
988
989 /* 0 is the success case for SSL_set_alpn_protos(). */
a350db73 990 if (!TEST_false(SSL_set_alpn_protos(h->c_conn, tmp_buf,
ed835673
HL		 991 alpn_len + 1)))
992 goto out;
993
994 OPENSSL_free(tmp_buf);
995 tmp_buf = NULL;
996 }
997 break;
998
999 case OPK_C_CONNECT_WAIT:
1000 {
1001 int ret;
1002
1003 connect_started = 1;
1004
a350db73 1005 ret = SSL_connect(h->c_conn);
a1d2a9d1
HL		 1006 if (ret != 1) {
1007 if (!h->blocking && is_want(h->c_conn, ret))
1008 SPIN_AGAIN();
ed835673 1009
a1d2a9d1
HL		 1010 if (op->arg1 == 0 && !TEST_int_eq(ret, 1))
1011 goto out;
1012 }
ed835673
HL		 1013 }
1014 break;
1015
1016 case OPK_C_WRITE:
1017 {
1018 size_t bytes_written = 0;
1019
1020 if (!TEST_ptr(c_tgt))
1021 goto out;
1022
1023 if (!TEST_true(SSL_write_ex(c_tgt, op->arg0, op->arg1,
1024 &bytes_written))
1025 || !TEST_size_t_eq(bytes_written, op->arg1))
1026 goto out;
1027 }
1028 break;
1029
1030 case OPK_S_WRITE:
1031 {
1032 size_t bytes_written = 0;
1033
1034 if (!TEST_uint64_t_ne(s_stream_id, UINT64_MAX))
1035 goto out;
1036
a350db73 1037 if (!TEST_true(ossl_quic_tserver_write(h->s, s_stream_id,
ed835673
HL		 1038 op->arg0, op->arg1,
1039 &bytes_written))
1040 || !TEST_size_t_eq(bytes_written, op->arg1))
1041 goto out;
1042 }
1043 break;
1044
1045 case OPK_C_CONCLUDE:
1046 {
1047 if (!TEST_true(SSL_stream_conclude(c_tgt, 0)))
1048 goto out;
1049 }
1050 break;
1051
1052 case OPK_S_CONCLUDE:
1053 {
1054 if (!TEST_uint64_t_ne(s_stream_id, UINT64_MAX))
1055 goto out;
1056
a350db73 1057 ossl_quic_tserver_conclude(h->s, s_stream_id);
ed835673
HL		 1058 }
1059 break;
1060
1061 case OPK_C_WAIT_FOR_DATA:
1062 {
1063 char buf[1];
1064 size_t bytes_read = 0;
1065
1066 if (!TEST_ptr(c_tgt))
1067 goto out;
1068
1069 if (!SSL_peek_ex(c_tgt, buf, sizeof(buf), &bytes_read)
1070 || bytes_read == 0)
1071 SPIN_AGAIN();
1072 }
1073 break;
1074
1075 case OPK_C_READ_EXPECT:
1076 {
1077 size_t bytes_read = 0;
1078
9715e3aa
HL		 1079 if (op->arg1 > 0 && tmp_buf == NULL
1080 && !TEST_ptr(tmp_buf = OPENSSL_malloc(op->arg1)))
ed835673
HL		 1081 goto out;
1082
9715e3aa
HL		 1083 if (!SSL_read_ex(c_tgt, tmp_buf + offset, op->arg1 - offset,
1084 &bytes_read))
1085 SPIN_AGAIN();
ed835673 1086
9715e3aa
HL		 1087 if (bytes_read + offset != op->arg1) {
1088 offset += bytes_read;
1089 SPIN_AGAIN();
1090 }
1091
1092 if (op->arg1 > 0
1093 && !TEST_mem_eq(tmp_buf, op->arg1, op->arg0, op->arg1))
ed835673
HL		 1094 goto out;
1095
1096 OPENSSL_free(tmp_buf);
1097 tmp_buf = NULL;
1098 }
1099 break;
1100
1101 case OPK_S_READ_EXPECT:
1102 {
1103 size_t bytes_read = 0;
1104
1105 if (!TEST_uint64_t_ne(s_stream_id, UINT64_MAX))
1106 goto out;
1107
9715e3aa 1108 if (op->arg1 > 0 && tmp_buf == NULL
ed835673
HL		 1109 && !TEST_ptr(tmp_buf = OPENSSL_malloc(op->arg1)))
1110 goto out;
1111
a350db73 1112 if (!TEST_true(ossl_quic_tserver_read(h->s, s_stream_id,
9715e3aa
HL		 1113 tmp_buf + offset,
1114 op->arg1 - offset,
1115 &bytes_read)))
ed835673
HL		 1116 goto out;
1117
9715e3aa
HL		 1118 if (bytes_read + offset != op->arg1) {
1119 offset += bytes_read;
1120 SPIN_AGAIN();
1121 }
1122
ed835673
HL		 1123 if (op->arg1 > 0
1124 && !TEST_mem_eq(tmp_buf, op->arg1, op->arg0, op->arg1))
1125 goto out;
1126
1127 OPENSSL_free(tmp_buf);
1128 tmp_buf = NULL;
1129 }
1130 break;
1131
1132 case OPK_C_EXPECT_FIN:
1133 {
1134 char buf[1];
1135 size_t bytes_read = 0;
1136
1137 if (!TEST_false(SSL_read_ex(c_tgt, buf, sizeof(buf),
1138 &bytes_read))
9715e3aa
HL		 1139 || !TEST_size_t_eq(bytes_read, 0))
1140 goto out;
1141
1142 if (is_want(c_tgt, 0))
1143 SPIN_AGAIN();
1144
1145 if (!TEST_int_eq(SSL_get_error(c_tgt, 0),
1146 SSL_ERROR_ZERO_RETURN))
1147 goto out;
ed835673
HL		 1148 }
1149 break;
1150
1151 case OPK_S_EXPECT_FIN:
1152 {
9715e3aa 1153 if (!TEST_uint64_t_ne(s_stream_id, UINT64_MAX))
ed835673 1154 goto out;
9715e3aa 1155
a350db73 1156 if (!ossl_quic_tserver_has_read_ended(h->s, s_stream_id))
9715e3aa 1157 SPIN_AGAIN();
ed835673
HL		 1158 }
1159 break;
1160
1161 case OPK_C_DETACH:
1162 {
1163 SSL *c_stream;
1164
1165 if (!TEST_ptr_null(c_tgt))
1166 goto out; /* don't overwrite existing stream with same name */
1167
dbf247ad
HL		 1168 if (!TEST_ptr(op->stream_name))
1169 goto out;
1170
a350db73 1171 if (!TEST_ptr(c_stream = ossl_quic_detach_stream(h->c_conn)))
ed835673
HL		 1172 goto out;
1173
a350db73 1174 if (!TEST_true(helper_local_set_c_stream(&hl, op->stream_name, c_stream)))
ed835673
HL		 1175 goto out;
1176 }
1177 break;
1178
1179 case OPK_C_ATTACH:
1180 {
1181 if (!TEST_ptr(c_tgt))
1182 goto out;
1183
dbf247ad
HL		 1184 if (!TEST_ptr(op->stream_name))
1185 goto out;
1186
a350db73 1187 if (!TEST_true(ossl_quic_attach_stream(h->c_conn, c_tgt)))
ed835673
HL		 1188 goto out;
1189
a350db73 1190 if (!TEST_true(helper_local_set_c_stream(&hl, op->stream_name, NULL)))
ed835673
HL		 1191 goto out;
1192 }
1193 break;
1194
1195 case OPK_C_NEW_STREAM:
1196 {
1197 SSL *c_stream;
14551f1e
HL		 1198 uint64_t flags = op->arg1;
1199 int allow_fail = ((flags & ALLOW_FAIL) != 0);
1200
1201 flags &= ~(uint64_t)ALLOW_FAIL;
ed835673
HL		 1202
1203 if (!TEST_ptr_null(c_tgt))
1204 goto out; /* don't overwrite existing stream with same name */
1205
dbf247ad
HL		 1206 if (!TEST_ptr(op->stream_name))
1207 goto out;
1208
14551f1e
HL		 1209 c_stream = SSL_new_stream(h->c_conn, flags);
1210 if (!allow_fail && !TEST_ptr(c_stream))
ed835673
HL		 1211 goto out;
1212
14551f1e
HL		 1213 if (allow_fail && c_stream == NULL) {
1214 if (!TEST_size_t_eq(ERR_GET_REASON(ERR_get_error()),
1215 SSL_R_STREAM_COUNT_LIMITED))
1216 goto out;
1217
1218 ++h->fail_count;
1219 break;
1220 }
1221
ed835673
HL		 1222 if (op->arg2 != UINT64_MAX
1223 && !TEST_uint64_t_eq(SSL_get_stream_id(c_stream),
1224 op->arg2))
1225 goto out;
1226
a350db73 1227 if (!TEST_true(helper_local_set_c_stream(&hl, op->stream_name, c_stream)))
ed835673
HL		 1228 goto out;
1229 }
1230 break;
1231
1232 case OPK_S_NEW_STREAM:
1233 {
1234 uint64_t stream_id = UINT64_MAX;
1235
1236 if (!TEST_uint64_t_eq(s_stream_id, UINT64_MAX))
1237 goto out; /* don't overwrite existing stream with same name */
1238
dbf247ad
HL		 1239 if (!TEST_ptr(op->stream_name))
1240 goto out;
1241
a350db73 1242 if (!TEST_true(ossl_quic_tserver_stream_new(h->s,
ed835673
HL		 1243 op->arg1 > 0,
1244 &stream_id)))
1245 goto out;
1246
1247 if (op->arg2 != UINT64_MAX
1248 && !TEST_uint64_t_eq(stream_id, op->arg2))
1249 goto out;
1250
a350db73 1251 if (!TEST_true(helper_set_s_stream(h, op->stream_name,
ed835673
HL		 1252 stream_id)))
1253 goto out;
1254 }
1255 break;
1256
a350db73 1257 case OPK_C_ACCEPT_STREAM_WAIT:
ed835673
HL		 1258 {
1259 SSL *c_stream;
1260
1261 if (!TEST_ptr_null(c_tgt))
1262 goto out; /* don't overwrite existing stream with same name */
1263
dbf247ad
HL		 1264 if (!TEST_ptr(op->stream_name))
1265 goto out;
1266
a350db73 1267 if ((c_stream = SSL_accept_stream(h->c_conn, 0)) == NULL)
9715e3aa 1268 SPIN_AGAIN();
ed835673 1269
a350db73
HL		 1270 if (!TEST_true(helper_local_set_c_stream(&hl, op->stream_name,
1271 c_stream)))
1272 goto out;
1273 }
1274 break;
1275
1276 case OPK_S_ACCEPT_STREAM_WAIT:
1277 {
1278 uint64_t new_stream_id;
1279
1280 if (!TEST_uint64_t_eq(s_stream_id, UINT64_MAX))
1281 goto out;
1282
dbf247ad
HL		 1283 if (!TEST_ptr(op->stream_name))
1284 goto out;
1285
a350db73
HL		 1286 new_stream_id = ossl_quic_tserver_pop_incoming_stream(h->s);
1287 if (new_stream_id == UINT64_MAX)
1288 SPIN_AGAIN();
1289
1290 if (!TEST_true(helper_set_s_stream(h, op->stream_name, new_stream_id)))
ed835673
HL		 1291 goto out;
1292 }
1293 break;
1294
1295 case OPK_C_ACCEPT_STREAM_NONE:
1296 {
1297 SSL *c_stream;
1298
a350db73 1299 if (!TEST_ptr_null(c_stream = SSL_accept_stream(h->c_conn, 0))) {
ed835673
HL		 1300 SSL_free(c_stream);
1301 goto out;
1302 }
1303 }
1304 break;
1305
1306 case OPK_C_FREE_STREAM:
1307 {
1308 if (!TEST_ptr(c_tgt)
1309 || !TEST_true(!SSL_is_connection(c_tgt)))
1310 goto out;
1311
dbf247ad
HL		 1312 if (!TEST_ptr(op->stream_name))
1313 goto out;
1314
a350db73 1315 if (!TEST_true(helper_local_set_c_stream(&hl, op->stream_name, NULL)))
ed835673
HL		 1316 goto out;
1317
1318 SSL_free(c_tgt);
1319 c_tgt = NULL;
1320 }
1321 break;
1322
1323 case OPK_C_SET_DEFAULT_STREAM_MODE:
1324 {
1325 if (!TEST_ptr(c_tgt))
1326 goto out;
1327
1328 if (!TEST_true(SSL_set_default_stream_mode(c_tgt, op->arg1)))
1329 goto out;
1330 }
1331 break;
1332
83df44ae 1333 case OPK_C_SET_INCOMING_STREAM_POLICY:
ed835673
HL		 1334 {
1335 if (!TEST_ptr(c_tgt))
1336 goto out;
1337
83df44ae
HL		 1338 if (!TEST_true(SSL_set_incoming_stream_policy(c_tgt,
1339 op->arg1, 0)))
ed835673
HL		 1340 goto out;
1341 }
1342 break;
1343
cd5e4380 1344 case OPK_C_SHUTDOWN_WAIT:
ed835673
HL		 1345 {
1346 int ret;
cd5e4380 1347 QUIC_CHANNEL *ch = ossl_quic_conn_get_channel(h->c_conn);
d49a1634 1348 SSL_SHUTDOWN_EX_ARGS args = {0};
cd5e4380
HL		 1349
1350 ossl_quic_channel_set_inhibit_tick(ch, 0);
ed835673
HL		 1351
1352 if (!TEST_ptr(c_tgt))
1353 goto out;
1354
d49a1634
HL		 1355 args.quic_reason = (const char *)op->arg0;
1356
1357 ret = SSL_shutdown_ex(c_tgt, 0, &args, sizeof(args));
ed835673
HL		 1358 if (!TEST_int_ge(ret, 0))
1359 goto out;
1360
cd5e4380
HL		 1361 if (ret == 0)
1362 SPIN_AGAIN();
ed835673
HL		 1363 }
1364 break;
1365
1366 case OPK_C_EXPECT_CONN_CLOSE_INFO:
1367 {
1368 SSL_CONN_CLOSE_INFO cc_info = {0};
1369 int expect_app = (op->arg1 & EXPECT_CONN_CLOSE_APP) != 0;
1370 int expect_remote = (op->arg1 & EXPECT_CONN_CLOSE_REMOTE) != 0;
1371 uint64_t error_code = op->arg2;
1372
1373 if (!TEST_ptr(c_tgt))
1374 goto out;
1375
9715e3aa
HL		 1376 if (!SSL_get_conn_close_info(c_tgt, &cc_info, sizeof(cc_info)))
1377 SPIN_AGAIN();
ed835673
HL		 1378
1379 if (!TEST_int_eq(expect_app, !cc_info.is_transport)
1380 || !TEST_int_eq(expect_remote, !cc_info.is_local)
1381 || !TEST_uint64_t_eq(error_code, cc_info.error_code))
1382 goto out;
1383 }
1384 break;
1385
1386 case OPK_S_EXPECT_CONN_CLOSE_INFO:
1387 {
1388 const QUIC_TERMINATE_CAUSE *tc;
1389 int expect_app = (op->arg1 & EXPECT_CONN_CLOSE_APP) != 0;
1390 int expect_remote = (op->arg1 & EXPECT_CONN_CLOSE_REMOTE) != 0;
1391 uint64_t error_code = op->arg2;
1392
9ff3a99e
HL		 1393 if (!ossl_quic_tserver_is_term_any(h->s)) {
1394 ossl_quic_tserver_ping(h->s);
9715e3aa 1395 SPIN_AGAIN();
9ff3a99e 1396 }
ed835673 1397
a350db73 1398 if (!TEST_ptr(tc = ossl_quic_tserver_get_terminate_cause(h->s)))
ed835673
HL		 1399 goto out;
1400
1401 if (!TEST_uint64_t_eq(error_code, tc->error_code)
1402 || !TEST_int_eq(expect_app, tc->app)
1403 || !TEST_int_eq(expect_remote, tc->remote))
1404 goto out;
1405 }
1406 break;
1407
1408 case OPK_S_BIND_STREAM_ID:
1409 {
1410 if (!TEST_uint64_t_eq(s_stream_id, UINT64_MAX))
1411 goto out;
1412
dbf247ad
HL		 1413 if (!TEST_ptr(op->stream_name))
1414 goto out;
1415
a350db73 1416 if (!TEST_true(helper_set_s_stream(h, op->stream_name, op->arg2)))
ed835673
HL		 1417 goto out;
1418 }
1419 break;
1420
fca44cfc
HL		 1421 case OPK_S_UNBIND_STREAM_ID:
1422 {
1423 if (!TEST_uint64_t_ne(s_stream_id, UINT64_MAX))
1424 goto out;
1425
dbf247ad
HL		 1426 if (!TEST_ptr(op->stream_name))
1427 goto out;
1428
fca44cfc
HL		 1429 if (!TEST_true(helper_set_s_stream(h, op->stream_name, UINT64_MAX)))
1430 goto out;
1431 }
1432 break;
1433
ed835673
HL		 1434 case OPK_C_WRITE_FAIL:
1435 {
571aff4b 1436 size_t bytes_written = 0;
ed835673
HL		 1437
1438 if (!TEST_ptr(c_tgt))
1439 goto out;
1440
1441 if (!TEST_false(SSL_write_ex(c_tgt, "apple", 5, &bytes_written)))
1442 goto out;
1443 }
1444 break;
1445
1446 case OPK_S_WRITE_FAIL:
1447 {
1448 size_t bytes_written = 0;
1449
1450 if (!TEST_uint64_t_ne(s_stream_id, UINT64_MAX))
1451 goto out;
1452
a350db73 1453 if (!TEST_false(ossl_quic_tserver_write(h->s, s_stream_id,
ed835673
HL		 1454 (const unsigned char *)"apple", 5,
1455 &bytes_written)))
1456 goto out;
1457 }
1458 break;
1459
1460 case OPK_C_READ_FAIL:
1461 {
571aff4b 1462 size_t bytes_read = 0;
ed835673
HL		 1463 char buf[1];
1464
1465 if (!TEST_ptr(c_tgt))
1466 goto out;
1467
1468 if (!TEST_false(SSL_read_ex(c_tgt, buf, sizeof(buf), &bytes_read)))
1469 goto out;
1470 }
1471 break;
1472
0345cac6
TM		 1473 case OPK_C_READ_FAIL_WAIT:
1474 {
1475 size_t bytes_read = 0;
1476 char buf[1];
1477
1478 if (!TEST_ptr(c_tgt))
1479 goto out;
1480
1481 if (!TEST_false(SSL_read_ex(c_tgt, buf, sizeof(buf), &bytes_read)))
1482 goto out;
1483
1484 if (is_want(c_tgt, 0))
1485 SPIN_AGAIN();
1486 }
1487 break;
1488
2f018d14
HL		 1489 case OPK_S_READ_FAIL:
1490 {
1491 size_t bytes_read = 0;
1492 unsigned char buf[1];
1493
1494 if (!TEST_uint64_t_ne(s_stream_id, UINT64_MAX))
1495 goto out;
1496
1497 if (!TEST_false(ossl_quic_tserver_read(h->s, s_stream_id,
1498 buf, sizeof(buf),
1499 &bytes_read)))
1500 goto out;
1501 }
1502 break;
1503
ed835673
HL		 1504 case OPK_C_STREAM_RESET:
1505 {
1506 SSL_STREAM_RESET_ARGS args = {0};
1507
1508 if (!TEST_ptr(c_tgt))
1509 goto out;
1510
1511 args.quic_error_code = op->arg2;
1512
1513 if (!TEST_true(SSL_stream_reset(c_tgt, &args, sizeof(args))))
1514 goto out;
1515 }
1516 break;
1517
a350db73
HL		 1518 case OPK_NEW_THREAD:
1519 {
1520#if !defined(OPENSSL_THREADS)
629b408c
HL		 1521 /*
1522 * If this test script requires threading and we do not have
1523 * support for it, skip the rest of it.
1524 */
1525 TEST_skip("threading not supported, skipping");
1526 testresult = 1;
a350db73
HL		 1527 goto out;
1528#else
1529 size_t i;
1530
1531 if (!TEST_ptr_null(h->threads)) {
1532 TEST_error("max one NEW_THREAD operation per script");
1533 goto out;
1534 }
1535
1536 h->threads = OPENSSL_zalloc(op->arg1 * sizeof(struct child_thread_args));
1537 if (!TEST_ptr(h->threads))
1538 goto out;
1539
1540 h->num_threads = op->arg1;
1541
1542 for (i = 0; i < op->arg1; ++i) {
1543 h->threads[i].h = h;
1544 h->threads[i].script = op->arg0;
0786483a 1545 h->threads[i].script_name = script_name;
a350db73
HL		 1546 h->threads[i].thread_idx = i;
1547
1548 h->threads[i].m = ossl_crypto_mutex_new();
1549 if (!TEST_ptr(h->threads[i].m))
1550 goto out;
1551
1552 h->threads[i].t
1553 = ossl_crypto_thread_native_start(run_script_child_thread,
1554 &h->threads[i], 1);
1555 if (!TEST_ptr(h->threads[i].t))
1556 goto out;
1557 }
1558#endif
1559 }
1560 break;
1561
0345cac6
TM		 1562 case OPK_C_CLOSE_SOCKET:
1563 {
1564 BIO_closesocket(h->c_fd);
410a90f5 1565 h->c_fd = -1;
0345cac6
TM		 1566 }
1567 break;
1568
1569 case OPK_C_EXPECT_SSL_ERR:
1570 {
1571 if (!TEST_size_t_eq((size_t)SSL_get_error(c_tgt, 0), op->arg1))
1572 goto out;
1573 }
1574 break;
1575
1576 case OPK_EXPECT_ERR_REASON:
1577 {
1578 if (!TEST_size_t_eq((size_t)ERR_GET_REASON(ERR_get_error()), op->arg1))
1579 goto out;
1580 }
1581 break;
1582
1583 case OPK_EXPECT_ERR_LIB:
1584 {
1585 if (!TEST_size_t_eq((size_t)ERR_GET_LIB(ERR_get_error()), op->arg1))
1586 goto out;
1587 }
1588 break;
1589
1590 case OPK_SLEEP:
1591 {
1592 OSSL_sleep(op->arg2);
1593 }
1594 break;
1595
e26dc8e3
HL		 1596 case OPK_S_SET_INJECT_PLAIN:
1597 h->qtf_packet_plain_cb = op->qtf_packet_plain_cb;
1598
1599 if (!TEST_true(qtest_fault_set_packet_plain_listener(h->qtf,
1600 h->qtf_packet_plain_cb != NULL ?
1601 helper_packet_plain_listener : NULL,
1602 h)))
1603 goto out;
1604
1605 break;
1606
de56eebd
HL		 1607 case OPK_S_SET_INJECT_HANDSHAKE:
1608 h->qtf_handshake_cb = op->qtf_handshake_cb;
1609
1610 if (!TEST_true(qtest_fault_set_handshake_listener(h->qtf,
1611 h->qtf_handshake_cb != NULL ?
1612 helper_handshake_listener : NULL,
1613 h)))
1614 goto out;
1615
1616 break;
1617
69169cd9
HL		 1618 case OPK_S_SET_INJECT_DATAGRAM:
1619 h->qtf_datagram_cb = op->qtf_datagram_cb;
1620
1621 if (!TEST_true(qtest_fault_set_datagram_listener(h->qtf,
1622 h->qtf_datagram_cb != NULL ?
1623 helper_datagram_listener : NULL,
1624 h)))
1625 goto out;
1626
1627 break;
1628
e26dc8e3
HL		 1629 case OPK_SET_INJECT_WORD:
1630 h->inject_word0 = op->arg1;
1631 h->inject_word1 = op->arg2;
1632 break;
1633
cd5e4380
HL		 1634 case OPK_C_INHIBIT_TICK:
1635 {
1636 QUIC_CHANNEL *ch = ossl_quic_conn_get_channel(h->c_conn);
1637
1638 ossl_quic_channel_set_inhibit_tick(ch, op->arg1);
1639 }
1640 break;
1641
1642 case OPK_C_SET_WRITE_BUF_SIZE:
1643 if (!TEST_ptr(c_tgt))
1644 goto out;
1645
1646 if (!TEST_true(ossl_quic_set_write_buffer_size(c_tgt, op->arg1)))
1647 goto out;
1648
1649 break;
1650
614c08c2
MC		 1651 case OPK_S_NEW_TICKET:
1652 if (!TEST_true(ossl_quic_tserver_new_ticket(h->s)))
1653 goto out;
1654 break;
1655
ed835673
HL		 1656 default:
1657 TEST_error("unknown op");
1658 goto out;
1659 }
1660 }
1661
1662out:
fca44cfc
HL		 1663 if (!testresult) {
1664 size_t i;
1665
0786483a
HL		 1666 TEST_error("failed in script \"%s\" at op %zu, thread %d\n",
1667 script_name, op_idx + 1, thread_idx);
ed835673 1668
fca44cfc
HL		 1669 for (i = 0; i < repeat_stack_len; ++i)
1670 TEST_info("while repeating, iteration %zu of %zu, starting at script op %zu",
1671 repeat_stack_done[i],
1672 repeat_stack_limit[i],
1673 repeat_stack_idx[i]);
1674 }
1675
ed835673 1676 OPENSSL_free(tmp_buf);
a350db73
HL		 1677 helper_local_cleanup(&hl);
1678 return testresult;
1679}
1680
0786483a
HL		 1681static int run_script(const struct script_op *script,
1682 const char *script_name,
1683 int free_order)
a350db73
HL		 1684{
1685 int testresult = 0;
1686 struct helper h;
1687
e26dc8e3 1688 if (!TEST_true(helper_init(&h, free_order, 1)))
a350db73
HL		 1689 goto out;
1690
0786483a 1691 if (!TEST_true(run_script_worker(&h, script, script_name, -1)))
a350db73
HL		 1692 goto out;
1693
629b408c 1694#if defined(OPENSSL_THREADS)
a350db73
HL		 1695 if (!TEST_true(join_threads(h.threads, h.num_threads)))
1696 goto out;
629b408c 1697#endif
a350db73
HL		 1698
1699 testresult = 1;
1700out:
ed835673
HL		 1701 helper_cleanup(&h);
1702 return testresult;
1703}
1704
a350db73
HL		 1705#if defined(OPENSSL_THREADS)
1706static CRYPTO_THREAD_RETVAL run_script_child_thread(void *arg)
1707{
1708 int testresult;
1709 struct child_thread_args *args = arg;
1710
1711 testresult = run_script_worker(args->h, args->script,
0786483a 1712 args->script_name,
a350db73
HL		 1713 args->thread_idx);
1714
1715 ossl_crypto_mutex_lock(args->m);
1716 args->testresult = testresult;
1717 args->done = 1;
1718 ossl_crypto_mutex_unlock(args->m);
1719 return 1;
1720}
1721#endif
1722
ed835673
HL		 1723/* 1. Simple single-stream test */
1724static const struct script_op script_1[] = {
1725 OP_C_SET_ALPN ("ossltest")
1726 OP_C_CONNECT_WAIT ()
1727 OP_C_WRITE (DEFAULT, "apple", 5)
1728 OP_C_CONCLUDE (DEFAULT)
1729 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
1730 OP_S_READ_EXPECT (a, "apple", 5)
1731 OP_S_EXPECT_FIN (a)
1732 OP_S_WRITE (a, "orange", 6)
1733 OP_S_CONCLUDE (a)
1734 OP_C_READ_EXPECT (DEFAULT, "orange", 6)
1735 OP_C_EXPECT_FIN (DEFAULT)
1736 OP_END
1737};
1738
1739/* 2. Multi-stream test */
1740static const struct script_op script_2[] = {
1741 OP_C_SET_ALPN ("ossltest")
1742 OP_C_CONNECT_WAIT ()
83df44ae 1743 OP_C_SET_INCOMING_STREAM_POLICY(SSL_INCOMING_STREAM_POLICY_ACCEPT)
ed835673
HL		 1744 OP_C_WRITE (DEFAULT, "apple", 5)
1745 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
1746 OP_S_READ_EXPECT (a, "apple", 5)
1747 OP_S_WRITE (a, "orange", 6)
1748 OP_C_READ_EXPECT (DEFAULT, "orange", 6)
1749
1750 OP_C_NEW_STREAM_BIDI (b, C_BIDI_ID(1))
1751 OP_C_WRITE (b, "flamingo", 8)
1752 OP_C_CONCLUDE (b)
1753 OP_S_BIND_STREAM_ID (b, C_BIDI_ID(1))
1754 OP_S_READ_EXPECT (b, "flamingo", 8)
1755 OP_S_EXPECT_FIN (b)
1756 OP_S_WRITE (b, "gargoyle", 8)
1757 OP_S_CONCLUDE (b)
1758 OP_C_READ_EXPECT (b, "gargoyle", 8)
1759 OP_C_EXPECT_FIN (b)
1760
1761 OP_C_NEW_STREAM_UNI (c, C_UNI_ID(0))
1762 OP_C_WRITE (c, "elephant", 8)
1763 OP_C_CONCLUDE (c)
1764 OP_S_BIND_STREAM_ID (c, C_UNI_ID(0))
1765 OP_S_READ_EXPECT (c, "elephant", 8)
1766 OP_S_EXPECT_FIN (c)
1767 OP_S_WRITE_FAIL (c)
1768
1769 OP_C_ACCEPT_STREAM_NONE ()
1770
1771 OP_S_NEW_STREAM_BIDI (d, S_BIDI_ID(0))
1772 OP_S_WRITE (d, "frog", 4)
1773 OP_S_CONCLUDE (d)
1774
a350db73 1775 OP_C_ACCEPT_STREAM_WAIT (d)
ed835673
HL		 1776 OP_C_ACCEPT_STREAM_NONE ()
1777 OP_C_READ_EXPECT (d, "frog", 4)
1778 OP_C_EXPECT_FIN (d)
1779
1780 OP_S_NEW_STREAM_BIDI (e, S_BIDI_ID(1))
1781 OP_S_WRITE (e, "mixture", 7)
1782 OP_S_CONCLUDE (e)
1783
a350db73 1784 OP_C_ACCEPT_STREAM_WAIT (e)
ed835673
HL		 1785 OP_C_READ_EXPECT (e, "mixture", 7)
1786 OP_C_EXPECT_FIN (e)
1787 OP_C_WRITE (e, "ramble", 6)
1788 OP_S_READ_EXPECT (e, "ramble", 6)
1789 OP_C_CONCLUDE (e)
1790 OP_S_EXPECT_FIN (e)
1791
1792 OP_S_NEW_STREAM_UNI (f, S_UNI_ID(0))
1793 OP_S_WRITE (f, "yonder", 6)
1794 OP_S_CONCLUDE (f)
1795
a350db73 1796 OP_C_ACCEPT_STREAM_WAIT (f)
ed835673
HL		 1797 OP_C_ACCEPT_STREAM_NONE ()
1798 OP_C_READ_EXPECT (f, "yonder", 6)
1799 OP_C_EXPECT_FIN (f)
1800 OP_C_WRITE_FAIL (f)
1801
83df44ae 1802 OP_C_SET_INCOMING_STREAM_POLICY(SSL_INCOMING_STREAM_POLICY_REJECT)
ed835673
HL		 1803 OP_S_NEW_STREAM_BIDI (g, S_BIDI_ID(2))
1804 OP_S_WRITE (g, "unseen", 6)
1805 OP_S_CONCLUDE (g)
1806
1807 OP_C_ACCEPT_STREAM_NONE ()
1808
83df44ae 1809 OP_C_SET_INCOMING_STREAM_POLICY(SSL_INCOMING_STREAM_POLICY_AUTO)
ed835673
HL		 1810 OP_S_NEW_STREAM_BIDI (h, S_BIDI_ID(3))
1811 OP_S_WRITE (h, "UNSEEN", 6)
1812 OP_S_CONCLUDE (h)
1813
1814 OP_C_ACCEPT_STREAM_NONE ()
1815
1816 /*
1817 * Streams g, h should have been rejected, so server should have got
1818 * STOP_SENDING/RESET_STREAM.
1819 */
1820 OP_CHECK (check_rejected, S_BIDI_ID(2))
1821 OP_CHECK (check_rejected, S_BIDI_ID(3))
1822
1823 OP_END
1824};
1825
1826/* 3. Default stream detach/reattach test */
1827static const struct script_op script_3[] = {
1828 OP_C_SET_ALPN ("ossltest")
1829 OP_C_CONNECT_WAIT ()
1830
1831 OP_C_WRITE (DEFAULT, "apple", 5)
1832 OP_C_DETACH (a) /* DEFAULT becomes stream 'a' */
1833 OP_C_WRITE_FAIL (DEFAULT)
1834
1835 OP_C_WRITE (a, "by", 2)
1836
1837 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
1838 OP_S_READ_EXPECT (a, "appleby", 7)
1839
1840 OP_S_WRITE (a, "hello", 5)
1841 OP_C_READ_EXPECT (a, "hello", 5)
1842
1843 OP_C_WRITE_FAIL (DEFAULT)
1844 OP_C_ATTACH (a)
1845 OP_C_WRITE (DEFAULT, "is here", 7)
1846 OP_S_READ_EXPECT (a, "is here", 7)
1847
1848 OP_C_DETACH (a)
1849 OP_C_CONCLUDE (a)
1850 OP_S_EXPECT_FIN (a)
1851
1852 OP_END
1853};
1854
1855/* 4. Default stream mode test */
1856static const struct script_op script_4[] = {
1857 OP_C_SET_ALPN ("ossltest")
1858 OP_C_CONNECT_WAIT ()
1859
1860 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
1861 OP_C_WRITE_FAIL (DEFAULT)
1862
1863 OP_S_NEW_STREAM_BIDI (a, S_BIDI_ID(0))
1864 OP_S_WRITE (a, "apple", 5)
1865
1866 OP_C_READ_FAIL (DEFAULT)
1867
a350db73 1868 OP_C_ACCEPT_STREAM_WAIT (a)
ed835673
HL		 1869 OP_C_READ_EXPECT (a, "apple", 5)
1870
1871 OP_C_ATTACH (a)
1872 OP_C_WRITE (DEFAULT, "orange", 6)
1873 OP_S_READ_EXPECT (a, "orange", 6)
1874
1875 OP_END
1876};
1877
1878/* 5. Test stream reset functionality */
1879static const struct script_op script_5[] = {
1880 OP_C_SET_ALPN ("ossltest")
1881 OP_C_CONNECT_WAIT ()
1882
1883 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
1884 OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
9ff3a99e 1885 OP_C_NEW_STREAM_BIDI (b, C_BIDI_ID(1))
ed835673
HL		 1886
1887 OP_C_WRITE (a, "apple", 5)
1888 OP_C_STREAM_RESET (a, 42)
1889
9ff3a99e
HL		 1890 OP_C_WRITE (b, "strawberry", 10)
1891
ed835673 1892 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
9ff3a99e
HL		 1893 OP_S_BIND_STREAM_ID (b, C_BIDI_ID(1))
1894 OP_S_READ_EXPECT (b, "strawberry", 10)
2f018d14
HL		 1895 /* Reset disrupts read of already sent data */
1896 OP_S_READ_FAIL (a)
ed835673
HL		 1897 OP_CHECK (check_stream_reset, C_BIDI_ID(0))
1898
1899 OP_END
1900};
1901
1902/* 6. Test STOP_SENDING functionality */
1903static const struct script_op script_6[] = {
1904 OP_C_SET_ALPN ("ossltest")
1905 OP_C_CONNECT_WAIT ()
1906
1907 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
1908 OP_S_NEW_STREAM_BIDI (a, S_BIDI_ID(0))
1909 OP_S_WRITE (a, "apple", 5)
1910
a350db73 1911 OP_C_ACCEPT_STREAM_WAIT (a)
ed835673
HL		 1912 OP_C_FREE_STREAM (a)
1913 OP_C_ACCEPT_STREAM_NONE ()
1914
1915 OP_CHECK (check_stream_stopped, S_BIDI_ID(0))
1916
1917 OP_END
1918};
1919
1920/* 7. Unidirectional default stream mode test (client sends first) */
1921static const struct script_op script_7[] = {
1922 OP_C_SET_ALPN ("ossltest")
1923 OP_C_CONNECT_WAIT ()
1924
1925 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_AUTO_UNI)
1926 OP_C_WRITE (DEFAULT, "apple", 5)
1927
1928 OP_S_BIND_STREAM_ID (a, C_UNI_ID(0))
1929 OP_S_READ_EXPECT (a, "apple", 5)
1930 OP_S_WRITE_FAIL (a)
1931
1932 OP_END
1933};
1934
1935/* 8. Unidirectional default stream mode test (server sends first) */
1936static const struct script_op script_8[] = {
1937 OP_C_SET_ALPN ("ossltest")
1938 OP_C_CONNECT_WAIT ()
1939
1940 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_AUTO_UNI)
1941 OP_S_NEW_STREAM_UNI (a, S_UNI_ID(0))
1942 OP_S_WRITE (a, "apple", 5)
1943 OP_C_READ_EXPECT (DEFAULT, "apple", 5)
1944 OP_C_WRITE_FAIL (DEFAULT)
1945
1946 OP_END
1947};
1948
1949/* 9. Unidirectional default stream mode test (server sends first on bidi) */
1950static const struct script_op script_9[] = {
1951 OP_C_SET_ALPN ("ossltest")
1952 OP_C_CONNECT_WAIT ()
1953
1954 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_AUTO_UNI)
1955 OP_S_NEW_STREAM_BIDI (a, S_BIDI_ID(0))
1956 OP_S_WRITE (a, "apple", 5)
1957 OP_C_READ_EXPECT (DEFAULT, "apple", 5)
1958 OP_C_WRITE (DEFAULT, "orange", 6)
1959 OP_S_READ_EXPECT (a, "orange", 6)
1960
1961 OP_END
1962};
1963
1964/* 10. Shutdown */
1965static const struct script_op script_10[] = {
1966 OP_C_SET_ALPN ("ossltest")
1967 OP_C_CONNECT_WAIT ()
1968
1969 OP_C_WRITE (DEFAULT, "apple", 5)
1970 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
1971 OP_S_READ_EXPECT (a, "apple", 5)
1972
d49a1634 1973 OP_C_SHUTDOWN_WAIT (NULL)
ed835673
HL		 1974 OP_C_EXPECT_CONN_CLOSE_INFO(0, 1, 0)
1975 OP_S_EXPECT_CONN_CLOSE_INFO(0, 1, 1)
1976
1977 OP_END
1978};
1979
fca44cfc 1980/* 11. Many threads accepted on the same client connection */
274bb489
HL		 1981static const struct script_op script_11_child[] = {
1982 OP_C_ACCEPT_STREAM_WAIT (a)
1983 OP_C_READ_EXPECT (a, "foo", 3)
1984 OP_C_EXPECT_FIN (a)
1985
1986 OP_END
1987};
1988
1989static const struct script_op script_11[] = {
1990 OP_C_SET_ALPN ("ossltest")
1991 OP_C_CONNECT_WAIT ()
1992 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
1993
fca44cfc
HL		 1994 OP_NEW_THREAD (5, script_11_child)
1995
1996 OP_S_NEW_STREAM_BIDI (a, ANY_ID)
274bb489
HL		 1997 OP_S_WRITE (a, "foo", 3)
1998 OP_S_CONCLUDE (a)
1999
fca44cfc 2000 OP_S_NEW_STREAM_BIDI (b, ANY_ID)
274bb489
HL		 2001 OP_S_WRITE (b, "foo", 3)
2002 OP_S_CONCLUDE (b)
2003
fca44cfc 2004 OP_S_NEW_STREAM_BIDI (c, ANY_ID)
274bb489
HL		 2005 OP_S_WRITE (c, "foo", 3)
2006 OP_S_CONCLUDE (c)
2007
fca44cfc 2008 OP_S_NEW_STREAM_BIDI (d, ANY_ID)
274bb489
HL		 2009 OP_S_WRITE (d, "foo", 3)
2010 OP_S_CONCLUDE (d)
2011
fca44cfc 2012 OP_S_NEW_STREAM_BIDI (e, ANY_ID)
274bb489
HL		 2013 OP_S_WRITE (e, "foo", 3)
2014 OP_S_CONCLUDE (e)
2015
274bb489
HL		 2016 OP_END
2017};
2018
fca44cfc 2019/* 12. Many threads initiated on the same client connection */
274bb489
HL		 2020static const struct script_op script_12_child[] = {
2021 OP_C_NEW_STREAM_BIDI (a, ANY_ID)
2022 OP_C_WRITE (a, "foo", 3)
2023 OP_C_CONCLUDE (a)
2024 OP_C_FREE_STREAM (a)
2025
2026 OP_END
2027};
2028
2029static const struct script_op script_12[] = {
2030 OP_C_SET_ALPN ("ossltest")
2031 OP_C_CONNECT_WAIT ()
2032 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
2033
2034 OP_NEW_THREAD (5, script_12_child)
2035
2036 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
2037 OP_S_READ_EXPECT (a, "foo", 3)
2038 OP_S_EXPECT_FIN (a)
2039 OP_S_BIND_STREAM_ID (b, C_BIDI_ID(1))
2040 OP_S_READ_EXPECT (b, "foo", 3)
2041 OP_S_EXPECT_FIN (b)
2042 OP_S_BIND_STREAM_ID (c, C_BIDI_ID(2))
2043 OP_S_READ_EXPECT (c, "foo", 3)
2044 OP_S_EXPECT_FIN (c)
2045 OP_S_BIND_STREAM_ID (d, C_BIDI_ID(3))
2046 OP_S_READ_EXPECT (d, "foo", 3)
2047 OP_S_EXPECT_FIN (d)
2048 OP_S_BIND_STREAM_ID (e, C_BIDI_ID(4))
2049 OP_S_READ_EXPECT (e, "foo", 3)
2050 OP_S_EXPECT_FIN (e)
2051
2052 OP_END
2053};
2054
fca44cfc
HL		 2055/* 13. Many threads accepted on the same client connection (stress test) */
2056static const struct script_op script_13_child[] = {
2057 OP_BEGIN_REPEAT (10)
2058
2059 OP_C_ACCEPT_STREAM_WAIT (a)
2060 OP_C_READ_EXPECT (a, "foo", 3)
2061 OP_C_EXPECT_FIN (a)
2062 OP_C_FREE_STREAM (a)
2063
2064 OP_END_REPEAT ()
2065
2066 OP_END
2067};
2068
2069static const struct script_op script_13[] = {
2070 OP_C_SET_ALPN ("ossltest")
2071 OP_C_CONNECT_WAIT ()
2072 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
2073
2074 OP_NEW_THREAD (5, script_13_child)
2075
2076 OP_BEGIN_REPEAT (50)
2077
2078 OP_S_NEW_STREAM_BIDI (a, ANY_ID)
2079 OP_S_WRITE (a, "foo", 3)
2080 OP_S_CONCLUDE (a)
2081 OP_S_UNBIND_STREAM_ID (a)
2082
2083 OP_END_REPEAT ()
2084
2085 OP_END
2086};
2087
2088/* 14. Many threads initiating on the same client connection (stress test) */
2089static const struct script_op script_14_child[] = {
2090 OP_BEGIN_REPEAT (10)
2091
2092 OP_C_NEW_STREAM_BIDI (a, ANY_ID)
2093 OP_C_WRITE (a, "foo", 3)
2094 OP_C_CONCLUDE (a)
2095 OP_C_FREE_STREAM (a)
2096
2097 OP_END_REPEAT ()
2098
2099 OP_END
2100};
2101
2102static const struct script_op script_14[] = {
2103 OP_C_SET_ALPN ("ossltest")
2104 OP_C_CONNECT_WAIT ()
2105 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
2106
2107 OP_NEW_THREAD (5, script_14_child)
2108
2109 OP_BEGIN_REPEAT (50)
2110
2111 OP_S_ACCEPT_STREAM_WAIT (a)
2112 OP_S_READ_EXPECT (a, "foo", 3)
2113 OP_S_EXPECT_FIN (a)
2114 OP_S_UNBIND_STREAM_ID (a)
2115
2116 OP_END_REPEAT ()
2117
2118 OP_END
2119};
2120
0554f723
HL		 2121/* 15. Client sending large number of streams, MAX_STREAMS test */
2122static const struct script_op script_15[] = {
2123 OP_C_SET_ALPN ("ossltest")
2124 OP_C_CONNECT_WAIT ()
2125 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
2126
2127 /*
2128 * This will cause a protocol violation to be raised by the server if we are
2129 * not handling the stream limit correctly on the TX side.
2130 */
2131 OP_BEGIN_REPEAT (200)
2132
14551f1e 2133 OP_C_NEW_STREAM_BIDI_EX (a, ANY_ID, SSL_STREAM_FLAG_ADVANCE)
0554f723
HL		 2134 OP_C_WRITE (a, "foo", 3)
2135 OP_C_CONCLUDE (a)
2136 OP_C_FREE_STREAM (a)
2137
2138 OP_END_REPEAT ()
2139
2140 /* Prove the connection is still good. */
2141 OP_S_NEW_STREAM_BIDI (a, S_BIDI_ID(0))
2142 OP_S_WRITE (a, "bar", 3)
2143 OP_S_CONCLUDE (a)
2144
2145 OP_C_ACCEPT_STREAM_WAIT (a)
2146 OP_C_READ_EXPECT (a, "bar", 3)
2147 OP_C_EXPECT_FIN (a)
2148
2149 /*
2150 * Drain the queue of incoming streams. We should be able to get all 200
2151 * even though only 100 can be initiated at a time.
2152 */
2153 OP_BEGIN_REPEAT (200)
2154
2155 OP_S_ACCEPT_STREAM_WAIT (b)
2156 OP_S_READ_EXPECT (b, "foo", 3)
2157 OP_S_EXPECT_FIN (b)
2158 OP_S_UNBIND_STREAM_ID (b)
2159
2160 OP_END_REPEAT ()
2161
2162 OP_END
2163};
2164
2165/* 16. Server sending large number of streams, MAX_STREAMS test */
2166static const struct script_op script_16[] = {
2167 OP_C_SET_ALPN ("ossltest")
2168 OP_C_CONNECT_WAIT ()
2169 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
2170
2171 /*
2172 * This will cause a protocol violation to be raised by the client if we are
2173 * not handling the stream limit correctly on the TX side.
2174 */
2175 OP_BEGIN_REPEAT (200)
2176
2177 OP_S_NEW_STREAM_BIDI (a, ANY_ID)
2178 OP_S_WRITE (a, "foo", 3)
2179 OP_S_CONCLUDE (a)
2180 OP_S_UNBIND_STREAM_ID (a)
2181
2182 OP_END_REPEAT ()
2183
2184 /* Prove that the connection is still good. */
2185 OP_C_NEW_STREAM_BIDI (a, ANY_ID)
2186 OP_C_WRITE (a, "bar", 3)
2187 OP_C_CONCLUDE (a)
2188
2189 OP_S_ACCEPT_STREAM_WAIT (b)
2190 OP_S_READ_EXPECT (b, "bar", 3)
2191 OP_S_EXPECT_FIN (b)
2192
2193 /* Drain the queue of incoming streams. */
2194 OP_BEGIN_REPEAT (200)
2195
2196 OP_C_ACCEPT_STREAM_WAIT (b)
2197 OP_C_READ_EXPECT (b, "foo", 3)
2198 OP_C_EXPECT_FIN (b)
2199 OP_C_FREE_STREAM (b)
2200
2201 OP_END_REPEAT ()
2202
2203 OP_END
2204};
2205
693b23e3
HL		 2206/* 17. Key update test - unlimited */
2207static const struct script_op script_17[] = {
2208 OP_C_SET_ALPN ("ossltest")
2209 OP_C_CONNECT_WAIT ()
2210
2211 OP_C_WRITE (DEFAULT, "apple", 5)
2212
2213 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
2214 OP_S_READ_EXPECT (a, "apple", 5)
2215
2216 OP_CHECK (override_key_update, 1)
2217
2218 OP_BEGIN_REPEAT (200)
2219
2220 OP_C_WRITE (DEFAULT, "apple", 5)
2221 OP_S_READ_EXPECT (a, "apple", 5)
2222
2223 /*
2224 * TXKU frequency is bounded by RTT because a previous TXKU needs to be
2225 * acknowledged by the peer first before another one can be begin. By
2226 * waiting this long, we eliminate any such concern and ensure as many key
2227 * updates as possible can occur for the purposes of this test.
2228 */
2229 OP_CHECK (skip_time_ms, 100)
2230
2231 OP_END_REPEAT ()
2232
2233 /* At least 5 RXKUs detected */
2234 OP_CHECK (check_key_update_ge, 5)
2235
2236 /*
2237 * Prove the connection is still healthy by sending something in both
2238 * directions.
2239 */
2240 OP_C_WRITE (DEFAULT, "xyzzy", 5)
2241 OP_S_READ_EXPECT (a, "xyzzy", 5)
2242
2243 OP_S_WRITE (a, "plugh", 5)
2244 OP_C_READ_EXPECT (DEFAULT, "plugh", 5)
2245
2246 OP_END
2247};
2248
2249/* 18. Key update test - RTT-bounded */
2250static const struct script_op script_18[] = {
2251 OP_C_SET_ALPN ("ossltest")
2252 OP_C_CONNECT_WAIT ()
2253
2254 OP_C_WRITE (DEFAULT, "apple", 5)
2255
2256 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
2257 OP_S_READ_EXPECT (a, "apple", 5)
2258
2259 OP_CHECK (override_key_update, 1)
2260
2261 OP_BEGIN_REPEAT (200)
2262
2263 OP_C_WRITE (DEFAULT, "apple", 5)
2264 OP_S_READ_EXPECT (a, "apple", 5)
de9564bd 2265 OP_CHECK (skip_time_ms, 8)
693b23e3
HL		 2266
2267 OP_END_REPEAT ()
2268
2269 /*
2270 * This time we simulate far less time passing between writes, so there are
2271 * fewer opportunities to initiate TXKUs. Note that we ask for a TXKU every
2272 * 1 packet above, which is absurd; thus this ensures we only actually
2273 * generate TXKUs when we are allowed to.
2274 */
0e1da9d7 2275 OP_CHECK (check_key_update_lt, 240)
693b23e3
HL		 2276
2277 /*
2278 * Prove the connection is still healthy by sending something in both
2279 * directions.
2280 */
2281 OP_C_WRITE (DEFAULT, "xyzzy", 5)
2282 OP_S_READ_EXPECT (a, "xyzzy", 5)
2283
2284 OP_S_WRITE (a, "plugh", 5)
2285 OP_C_READ_EXPECT (DEFAULT, "plugh", 5)
2286
2287 OP_END
2288};
2289
2525109f
HL		 2290/* 19. Key update test - artificially triggered */
2291static const struct script_op script_19[] = {
2292 OP_C_SET_ALPN ("ossltest")
2293 OP_C_CONNECT_WAIT ()
2294
2295 OP_C_WRITE (DEFAULT, "apple", 5)
2296
2297 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
2298 OP_S_READ_EXPECT (a, "apple", 5)
2299
76696a54
HL		 2300 OP_C_WRITE (DEFAULT, "orange", 6)
2301 OP_S_READ_EXPECT (a, "orange", 6)
2302
2303 OP_S_WRITE (a, "strawberry", 10)
2304 OP_C_READ_EXPECT (DEFAULT, "strawberry", 10)
2305
2525109f
HL		 2306 OP_CHECK (check_key_update_lt, 1)
2307 OP_CHECK (trigger_key_update, 0)
2308
2309 OP_C_WRITE (DEFAULT, "orange", 6)
2310 OP_S_READ_EXPECT (a, "orange", 6)
9289e59c 2311 OP_S_WRITE (a, "ok", 2)
2525109f 2312
9289e59c 2313 OP_C_READ_EXPECT (DEFAULT, "ok", 2)
2525109f
HL		 2314 OP_CHECK (check_key_update_ge, 1)
2315
2316 OP_END
2317};
2318
0345cac6
TM		 2319/* 20. Multiple threads accept stream with socket forcibly closed (error test) */
2320static const struct script_op script_20_child[] = {
2321 OP_C_ACCEPT_STREAM_WAIT (a)
2322 OP_C_READ_EXPECT (a, "foo", 3)
2323
2324 OP_SLEEP (500)
2325
2326 OP_C_READ_FAIL_WAIT (a)
2327 OP_C_EXPECT_SSL_ERR (a, SSL_ERROR_SYSCALL)
2328 OP_EXPECT_ERR_LIB (ERR_LIB_SYS)
741170be 2329 OP_EXPECT_ERR_REASON (SSL_R_QUIC_NETWORK_ERROR)
0345cac6
TM		 2330 OP_C_FREE_STREAM (a)
2331
2332 OP_END
2333};
2334
2335static const struct script_op script_20[] = {
2336 OP_C_SET_ALPN ("ossltest")
2337 OP_C_CONNECT_WAIT ()
2338 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
2339
2340 OP_NEW_THREAD (5, script_20_child)
2341
2342 OP_BEGIN_REPEAT (5)
2343
2344 OP_S_NEW_STREAM_BIDI (a, ANY_ID)
2345 OP_S_WRITE (a, "foo", 3)
2346 OP_S_UNBIND_STREAM_ID (a)
2347
2348 OP_END_REPEAT ()
2349
2350 OP_SLEEP (100)
2351
2352 OP_C_CLOSE_SOCKET ()
2353
2354 OP_END
2355};
2356
e26dc8e3
HL		 2357/* 21. Fault injection - unknown frame in 1-RTT packet */
2358static int script_21_inject_plain(struct helper *h, QUIC_PKT_HDR *hdr,
2359 unsigned char *buf, size_t len)
2360{
7eebc354 2361 int ok = 0;
e26dc8e3
HL		 2362 WPACKET wpkt;
2363 unsigned char frame_buf[8];
2364 size_t written;
2365
2366 if (h->inject_word0 == 0 || hdr->type != h->inject_word0)
2367 return 1;
2368
2369 if (!TEST_true(WPACKET_init_static_len(&wpkt, frame_buf,
2370 sizeof(frame_buf), 0)))
2371 return 0;
2372
2373 if (!TEST_true(WPACKET_quic_write_vlint(&wpkt, h->inject_word1)))
7eebc354 2374 goto err;
e26dc8e3
HL		 2375
2376 if (!TEST_true(WPACKET_get_total_written(&wpkt, &written)))
7eebc354 2377 goto err;
e26dc8e3
HL		 2378
2379 if (!qtest_fault_prepend_frame(h->qtf, frame_buf, written))
7eebc354 2380 goto err;
e26dc8e3 2381
7eebc354
HL		 2382 ok = 1;
2383err:
96b7df60
HL		 2384 if (ok)
2385 WPACKET_finish(&wpkt);
2386 else
2387 WPACKET_cleanup(&wpkt);
7eebc354 2388 return ok;
e26dc8e3
HL		 2389}
2390
2391static const struct script_op script_21[] = {
2392 OP_S_SET_INJECT_PLAIN (script_21_inject_plain)
2393 OP_C_SET_ALPN ("ossltest")
2394 OP_C_CONNECT_WAIT ()
2395
2396 OP_C_WRITE (DEFAULT, "apple", 5)
2397 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
2398 OP_S_READ_EXPECT (a, "apple", 5)
2399
2400 OP_SET_INJECT_WORD (QUIC_PKT_TYPE_1RTT, OSSL_QUIC_VLINT_MAX)
2401
2402 OP_S_WRITE (a, "orange", 6)
2403
2404 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_FRAME_ENCODING_ERROR,0,0)
2405
2406 OP_END
2407};
2408
2409/* 22. Fault injection - non-zero packet header reserved bits */
2410static int script_22_inject_plain(struct helper *h, QUIC_PKT_HDR *hdr,
2411 unsigned char *buf, size_t len)
2412{
2413 if (h->inject_word0 == 0)
2414 return 1;
2415
2416 hdr->reserved = 1;
2417 return 1;
2418}
2419
2420static const struct script_op script_22[] = {
2421 OP_S_SET_INJECT_PLAIN (script_22_inject_plain)
2422 OP_C_SET_ALPN ("ossltest")
2423 OP_C_CONNECT_WAIT ()
2424
2425 OP_C_WRITE (DEFAULT, "apple", 5)
2426 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
2427 OP_S_READ_EXPECT (a, "apple", 5)
2428
2429 OP_SET_INJECT_WORD (1, 0)
2430
2431 OP_S_WRITE (a, "orange", 6)
2432
2433 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_PROTOCOL_VIOLATION,0,0)
2434
2435 OP_END
2436};
2437
2438/* 23. Fault injection - empty NEW_TOKEN */
2439static int script_23_inject_plain(struct helper *h, QUIC_PKT_HDR *hdr,
2440 unsigned char *buf, size_t len)
2441{
7eebc354 2442 int ok = 0;
e26dc8e3
HL		 2443 WPACKET wpkt;
2444 unsigned char frame_buf[16];
2445 size_t written;
2446
2447 if (h->inject_word0 == 0)
2448 return 1;
2449
2450 if (!TEST_true(WPACKET_init_static_len(&wpkt, frame_buf,
2451 sizeof(frame_buf), 0)))
2452 return 0;
2453
2454 if (!TEST_true(WPACKET_quic_write_vlint(&wpkt, OSSL_QUIC_FRAME_TYPE_NEW_TOKEN))
2455 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, 0)))
7eebc354 2456 goto err;
e26dc8e3
HL		 2457
2458 if (!TEST_true(WPACKET_get_total_written(&wpkt, &written)))
7eebc354 2459 goto err;
e26dc8e3
HL		 2460
2461 if (!qtest_fault_prepend_frame(h->qtf, frame_buf, written))
7eebc354 2462 goto err;
e26dc8e3 2463
7eebc354
HL		 2464 ok = 1;
2465err:
96b7df60
HL		 2466 if (ok)
2467 WPACKET_finish(&wpkt);
2468 else
2469 WPACKET_cleanup(&wpkt);
7eebc354 2470 return ok;
e26dc8e3
HL		 2471}
2472
2473static const struct script_op script_23[] = {
2474 OP_S_SET_INJECT_PLAIN (script_23_inject_plain)
2475 OP_C_SET_ALPN ("ossltest")
2476 OP_C_CONNECT_WAIT ()
2477
2478 OP_C_WRITE (DEFAULT, "apple", 5)
2479 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
2480 OP_S_READ_EXPECT (a, "apple", 5)
2481
2482 OP_SET_INJECT_WORD (1, 0)
2483
2484 OP_S_WRITE (a, "orange", 6)
2485
2486 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_FRAME_ENCODING_ERROR,0,0)
2487
2488 OP_END
2489};
2490
2491/* 24. Fault injection - excess value of MAX_STREAMS_BIDI */
2492static int script_24_inject_plain(struct helper *h, QUIC_PKT_HDR *hdr,
2493 unsigned char *buf, size_t len)
2494{
7eebc354 2495 int ok = 0;
e26dc8e3
HL		 2496 WPACKET wpkt;
2497 unsigned char frame_buf[16];
2498 size_t written;
2499
2500 if (h->inject_word0 == 0)
2501 return 1;
2502
2503 if (!TEST_true(WPACKET_init_static_len(&wpkt, frame_buf,
2504 sizeof(frame_buf), 0)))
2505 return 0;
2506
2507 if (!TEST_true(WPACKET_quic_write_vlint(&wpkt, h->inject_word1))
2508 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, (((uint64_t)1) << 60) + 1)))
7eebc354 2509 goto err;
e26dc8e3
HL		 2510
2511 if (!TEST_true(WPACKET_get_total_written(&wpkt, &written)))
7eebc354 2512 goto err;
e26dc8e3
HL		 2513
2514 if (!qtest_fault_prepend_frame(h->qtf, frame_buf, written))
7eebc354 2515 goto err;
e26dc8e3 2516
7eebc354
HL		 2517 ok = 1;
2518err:
96b7df60
HL		 2519 if (ok)
2520 WPACKET_finish(&wpkt);
2521 else
2522 WPACKET_cleanup(&wpkt);
7eebc354 2523 return ok;
e26dc8e3
HL		 2524}
2525
2526static const struct script_op script_24[] = {
2527 OP_S_SET_INJECT_PLAIN (script_24_inject_plain)
2528 OP_C_SET_ALPN ("ossltest")
2529 OP_C_CONNECT_WAIT ()
2530
2531 OP_C_WRITE (DEFAULT, "apple", 5)
2532 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
2533 OP_S_READ_EXPECT (a, "apple", 5)
2534
2535 OP_SET_INJECT_WORD (1, OSSL_QUIC_FRAME_TYPE_MAX_STREAMS_BIDI)
2536
2537 OP_S_WRITE (a, "orange", 6)
2538
2539 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_FRAME_ENCODING_ERROR,0,0)
2540
2541 OP_END
2542};
2543
2544/* 25. Fault injection - excess value of MAX_STREAMS_UNI */
2545static const struct script_op script_25[] = {
2546 OP_S_SET_INJECT_PLAIN (script_24_inject_plain)
2547 OP_C_SET_ALPN ("ossltest")
2548 OP_C_CONNECT_WAIT ()
2549
2550 OP_C_WRITE (DEFAULT, "apple", 5)
2551 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
2552 OP_S_READ_EXPECT (a, "apple", 5)
2553
2554 OP_SET_INJECT_WORD (1, OSSL_QUIC_FRAME_TYPE_MAX_STREAMS_UNI)
2555
2556 OP_S_WRITE (a, "orange", 6)
2557
2558 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_FRAME_ENCODING_ERROR,0,0)
2559
2560 OP_END
2561};
2562
2563/* 26. Fault injection - excess value of STREAMS_BLOCKED_BIDI */
2564static const struct script_op script_26[] = {
2565 OP_S_SET_INJECT_PLAIN (script_24_inject_plain)
2566 OP_C_SET_ALPN ("ossltest")
2567 OP_C_CONNECT_WAIT ()
2568
2569 OP_C_WRITE (DEFAULT, "apple", 5)
2570 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
2571 OP_S_READ_EXPECT (a, "apple", 5)
2572
2573 OP_SET_INJECT_WORD (1, OSSL_QUIC_FRAME_TYPE_STREAMS_BLOCKED_BIDI)
2574
2575 OP_S_WRITE (a, "orange", 6)
2576
2577 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_STREAM_LIMIT_ERROR,0,0)
2578
2579 OP_END
2580};
2581
2582/* 27. Fault injection - excess value of STREAMS_BLOCKED_UNI */
2583static const struct script_op script_27[] = {
2584 OP_S_SET_INJECT_PLAIN (script_24_inject_plain)
2585 OP_C_SET_ALPN ("ossltest")
2586 OP_C_CONNECT_WAIT ()
2587
2588 OP_C_WRITE (DEFAULT, "apple", 5)
2589 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
2590 OP_S_READ_EXPECT (a, "apple", 5)
2591
2592 OP_SET_INJECT_WORD (1, OSSL_QUIC_FRAME_TYPE_STREAMS_BLOCKED_UNI)
2593
2594 OP_S_WRITE (a, "orange", 6)
2595
2596 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_STREAM_LIMIT_ERROR,0,0)
2597
2598 OP_END
2599};
2600
2601/* 28. Fault injection - received RESET_STREAM for send-only stream */
2602static int script_28_inject_plain(struct helper *h, QUIC_PKT_HDR *hdr,
2603 unsigned char *buf, size_t len)
2604{
7eebc354 2605 int ok = 0;
e26dc8e3
HL		 2606 WPACKET wpkt;
2607 unsigned char frame_buf[32];
2608 size_t written;
2609
2610 if (h->inject_word0 == 0)
2611 return 1;
2612
2613 if (!TEST_true(WPACKET_init_static_len(&wpkt, frame_buf,
2614 sizeof(frame_buf), 0)))
2615 return 0;
2616
2617 if (!TEST_true(WPACKET_quic_write_vlint(&wpkt, h->inject_word1))
2618 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, /* stream ID */
2619 h->inject_word0 - 1))
2620 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, 123))
2621 || (h->inject_word1 == OSSL_QUIC_FRAME_TYPE_RESET_STREAM
2622 && !TEST_true(WPACKET_quic_write_vlint(&wpkt, 5)))) /* final size */
7eebc354 2623 goto err;
e26dc8e3
HL		 2624
2625 if (!TEST_true(WPACKET_get_total_written(&wpkt, &written)))
7eebc354 2626 goto err;
e26dc8e3
HL		 2627
2628 if (!qtest_fault_prepend_frame(h->qtf, frame_buf, written))
7eebc354 2629 goto err;
e26dc8e3 2630
7eebc354
HL		 2631 ok = 1;
2632err:
96b7df60
HL		 2633 if (ok)
2634 WPACKET_finish(&wpkt);
2635 else
2636 WPACKET_cleanup(&wpkt);
7eebc354 2637 return ok;
e26dc8e3
HL		 2638}
2639
2640static const struct script_op script_28[] = {
2641 OP_S_SET_INJECT_PLAIN (script_28_inject_plain)
2642 OP_C_SET_ALPN ("ossltest")
2643 OP_C_CONNECT_WAIT ()
2644 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
2645
70cafc44
HL		 2646 OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
2647 OP_C_WRITE (a, "orange", 6)
e26dc8e3 2648
70cafc44
HL		 2649 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
2650 OP_S_READ_EXPECT (a, "orange", 6)
2651
2652 OP_C_NEW_STREAM_UNI (b, C_UNI_ID(0))
2653 OP_C_WRITE (b, "apple", 5)
2654
2655 OP_S_BIND_STREAM_ID (b, C_UNI_ID(0))
2656 OP_S_READ_EXPECT (b, "apple", 5)
e26dc8e3
HL		 2657
2658 OP_SET_INJECT_WORD (C_UNI_ID(0) + 1, OSSL_QUIC_FRAME_TYPE_RESET_STREAM)
70cafc44 2659 OP_S_WRITE (a, "fruit", 5)
e26dc8e3
HL		 2660
2661 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_STREAM_STATE_ERROR,0,0)
2662
2663 OP_END
2664};
2665
2666/* 29. Fault injection - received RESET_STREAM for nonexistent send-only stream */
2667static const struct script_op script_29[] = {
2668 OP_S_SET_INJECT_PLAIN (script_28_inject_plain)
2669 OP_C_SET_ALPN ("ossltest")
2670 OP_C_CONNECT_WAIT ()
2671 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
2672
70cafc44
HL		 2673 OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
2674 OP_C_WRITE (a, "orange", 6)
e26dc8e3 2675
70cafc44
HL		 2676 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
2677 OP_S_READ_EXPECT (a, "orange", 6)
2678
2679 OP_C_NEW_STREAM_UNI (b, C_UNI_ID(0))
2680 OP_C_WRITE (b, "apple", 5)
2681
2682 OP_S_BIND_STREAM_ID (b, C_UNI_ID(0))
2683 OP_S_READ_EXPECT (b, "apple", 5)
e26dc8e3
HL		 2684
2685 OP_SET_INJECT_WORD (C_UNI_ID(1) + 1, OSSL_QUIC_FRAME_TYPE_RESET_STREAM)
70cafc44 2686 OP_S_WRITE (a, "fruit", 5)
e26dc8e3
HL		 2687
2688 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_STREAM_STATE_ERROR,0,0)
2689
2690 OP_END
2691};
2692
2693/* 30. Fault injection - received STOP_SENDING for receive-only stream */
2694static const struct script_op script_30[] = {
2695 OP_S_SET_INJECT_PLAIN (script_28_inject_plain)
2696 OP_C_SET_ALPN ("ossltest")
2697 OP_C_CONNECT_WAIT ()
2698 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
2699
2700 OP_S_NEW_STREAM_UNI (a, S_UNI_ID(0))
2701 OP_S_WRITE (a, "apple", 5)
2702
2703 OP_C_ACCEPT_STREAM_WAIT (a)
2704 OP_C_READ_EXPECT (a, "apple", 5)
2705
2706 OP_SET_INJECT_WORD (S_UNI_ID(0) + 1, OSSL_QUIC_FRAME_TYPE_STOP_SENDING)
2707 OP_S_WRITE (a, "orange", 6)
2708
2709 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_STREAM_STATE_ERROR,0,0)
2710
2711 OP_END
2712};
2713
2714/* 31. Fault injection - received STOP_SENDING for nonexistent receive-only stream */
2715static const struct script_op script_31[] = {
2716 OP_S_SET_INJECT_PLAIN (script_28_inject_plain)
2717 OP_C_SET_ALPN ("ossltest")
2718 OP_C_CONNECT_WAIT ()
2719 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
2720
2721 OP_S_NEW_STREAM_UNI (a, S_UNI_ID(0))
2722 OP_S_WRITE (a, "apple", 5)
2723
2724 OP_C_ACCEPT_STREAM_WAIT (a)
2725 OP_C_READ_EXPECT (a, "apple", 5)
2726
2727 OP_SET_INJECT_WORD (C_UNI_ID(0) + 1, OSSL_QUIC_FRAME_TYPE_STOP_SENDING)
2728 OP_S_WRITE (a, "orange", 6)
2729
2730 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_STREAM_STATE_ERROR,0,0)
2731
2732 OP_END
2733};
2734
2735/* 32. Fault injection - STREAM frame for nonexistent stream */
2736static int script_32_inject_plain(struct helper *h, QUIC_PKT_HDR *hdr,
2737 unsigned char *buf, size_t len)
2738{
7eebc354 2739 int ok = 0;
e26dc8e3
HL		 2740 WPACKET wpkt;
2741 unsigned char frame_buf[64];
2742 size_t written;
2743 uint64_t type = OSSL_QUIC_FRAME_TYPE_STREAM_OFF_LEN, offset, flen, i;
2744
2745 switch (h->inject_word1) {
2746 default:
2747 return 0;
2748 case 0:
2749 return 1;
2750 case 1:
2751 offset = 0;
1623bf37 2752 flen = 0;
e26dc8e3
HL		 2753 break;
2754 case 2:
2755 offset = (((uint64_t)1)<<62) - 1;
1623bf37 2756 flen = 5;
e26dc8e3
HL		 2757 break;
2758 case 3:
2759 offset = 1 * 1024 * 1024 * 1024; /* 1G */
1623bf37
HL		 2760 flen = 5;
2761 break;
2762 case 4:
2763 offset = 0;
2764 flen = 1;
e26dc8e3
HL		 2765 break;
2766 }
2767
2768 if (!TEST_true(WPACKET_init_static_len(&wpkt, frame_buf,
2769 sizeof(frame_buf), 0)))
2770 return 0;
2771
2772 if (!TEST_true(WPACKET_quic_write_vlint(&wpkt, type))
2773 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, /* stream ID */
2774 h->inject_word0 - 1))
2775 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, offset))
2776 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, flen)))
7eebc354 2777 goto err;
e26dc8e3
HL		 2778
2779 for (i = 0; i < flen; ++i)
2780 if (!TEST_true(WPACKET_put_bytes_u8(&wpkt, 0x42)))
7eebc354 2781 goto err;
e26dc8e3
HL		 2782
2783 if (!TEST_true(WPACKET_get_total_written(&wpkt, &written)))
7eebc354 2784 goto err;
e26dc8e3
HL		 2785
2786 if (!qtest_fault_prepend_frame(h->qtf, frame_buf, written))
7eebc354 2787 goto err;
e26dc8e3 2788
7eebc354
HL		 2789 ok = 1;
2790err:
96b7df60
HL		 2791 if (ok)
2792 WPACKET_finish(&wpkt);
2793 else
2794 WPACKET_cleanup(&wpkt);
7eebc354 2795 return ok;
e26dc8e3
HL		 2796}
2797
2798static const struct script_op script_32[] = {
2799 OP_S_SET_INJECT_PLAIN (script_32_inject_plain)
2800 OP_C_SET_ALPN ("ossltest")
2801 OP_C_CONNECT_WAIT ()
2802 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
2803
2804 OP_S_NEW_STREAM_UNI (a, S_UNI_ID(0))
2805 OP_S_WRITE (a, "apple", 5)
2806
2807 OP_C_ACCEPT_STREAM_WAIT (a)
2808 OP_C_READ_EXPECT (a, "apple", 5)
2809
2810 OP_SET_INJECT_WORD (C_UNI_ID(0) + 1, 1)
2811 OP_S_WRITE (a, "orange", 6)
2812
2813 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_STREAM_STATE_ERROR,0,0)
2814
2815 OP_END
2816};
2817
2818/* 33. Fault injection - STREAM frame with illegal offset */
2819static const struct script_op script_33[] = {
2820 OP_S_SET_INJECT_PLAIN (script_32_inject_plain)
2821 OP_C_SET_ALPN ("ossltest")
2822 OP_C_CONNECT_WAIT ()
2823 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
2824
2825 OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
2826 OP_C_WRITE (a, "apple", 5)
2827
2828 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
2829 OP_S_READ_EXPECT (a, "apple", 5)
2830
2831 OP_SET_INJECT_WORD (C_BIDI_ID(0) + 1, 2)
2832 OP_S_WRITE (a, "orange", 6)
2833
2834 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_FRAME_ENCODING_ERROR,0,0)
2835
2836 OP_END
2837};
2838
2839/* 34. Fault injection - STREAM frame which exceeds FC */
2840static const struct script_op script_34[] = {
2841 OP_S_SET_INJECT_PLAIN (script_32_inject_plain)
2842 OP_C_SET_ALPN ("ossltest")
2843 OP_C_CONNECT_WAIT ()
2844 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
2845
2846 OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
2847 OP_C_WRITE (a, "apple", 5)
2848
2849 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
2850 OP_S_READ_EXPECT (a, "apple", 5)
2851
2852 OP_SET_INJECT_WORD (C_BIDI_ID(0) + 1, 3)
2853 OP_S_WRITE (a, "orange", 6)
2854
2855 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_FLOW_CONTROL_ERROR,0,0)
2856
2857 OP_END
2858};
2859
2860/* 35. Fault injection - MAX_STREAM_DATA for receive-only stream */
2861static const struct script_op script_35[] = {
2862 OP_S_SET_INJECT_PLAIN (script_28_inject_plain)
2863 OP_C_SET_ALPN ("ossltest")
2864 OP_C_CONNECT_WAIT ()
2865 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
2866
2867 OP_S_NEW_STREAM_UNI (a, S_UNI_ID(0))
2868 OP_S_WRITE (a, "apple", 5)
2869
2870 OP_C_ACCEPT_STREAM_WAIT (a)
2871 OP_C_READ_EXPECT (a, "apple", 5)
2872
2873 OP_SET_INJECT_WORD (S_UNI_ID(0) + 1, OSSL_QUIC_FRAME_TYPE_MAX_STREAM_DATA)
2874 OP_S_WRITE (a, "orange", 6)
2875
2876 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_STREAM_STATE_ERROR,0,0)
2877
2878 OP_END
2879};
2880
2881/* 36. Fault injection - MAX_STREAM_DATA for nonexistent stream */
2882static const struct script_op script_36[] = {
2883 OP_S_SET_INJECT_PLAIN (script_28_inject_plain)
2884 OP_C_SET_ALPN ("ossltest")
2885 OP_C_CONNECT_WAIT ()
2886 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
2887
2888 OP_S_NEW_STREAM_UNI (a, S_UNI_ID(0))
2889 OP_S_WRITE (a, "apple", 5)
2890
2891 OP_C_ACCEPT_STREAM_WAIT (a)
2892 OP_C_READ_EXPECT (a, "apple", 5)
2893
2894 OP_SET_INJECT_WORD (C_BIDI_ID(0) + 1, OSSL_QUIC_FRAME_TYPE_MAX_STREAM_DATA)
2895 OP_S_WRITE (a, "orange", 6)
2896
2897 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_STREAM_STATE_ERROR,0,0)
2898
2899 OP_END
2900};
2901
2902/* 37. Fault injection - STREAM_DATA_BLOCKED for send-only stream */
2903static const struct script_op script_37[] = {
2904 OP_S_SET_INJECT_PLAIN (script_28_inject_plain)
2905 OP_C_SET_ALPN ("ossltest")
2906 OP_C_CONNECT_WAIT ()
2907 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
2908
2909 OP_C_NEW_STREAM_UNI (a, C_UNI_ID(0))
2910 OP_C_WRITE (a, "apple", 5)
2911
2912 OP_S_BIND_STREAM_ID (a, C_UNI_ID(0))
2913 OP_S_READ_EXPECT (a, "apple", 5)
2914
2915 OP_S_NEW_STREAM_UNI (b, S_UNI_ID(0))
2916 OP_SET_INJECT_WORD (C_UNI_ID(0) + 1, OSSL_QUIC_FRAME_TYPE_STREAM_DATA_BLOCKED)
2917 OP_S_WRITE (b, "orange", 5)
2918
2919 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_STREAM_STATE_ERROR,0,0)
2920
2921 OP_END
2922};
2923
2924/* 38. Fault injection - STREAM_DATA_BLOCKED for non-existent stream */
2925static const struct script_op script_38[] = {
2926 OP_S_SET_INJECT_PLAIN (script_28_inject_plain)
2927 OP_C_SET_ALPN ("ossltest")
2928 OP_C_CONNECT_WAIT ()
2929 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
2930
2931 OP_S_NEW_STREAM_UNI (b, S_UNI_ID(0))
2932 OP_SET_INJECT_WORD (C_BIDI_ID(0) + 1, OSSL_QUIC_FRAME_TYPE_STREAM_DATA_BLOCKED)
2933 OP_S_WRITE (b, "orange", 5)
2934
2935 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_STREAM_STATE_ERROR,0,0)
2936
2937 OP_END
2938};
2939
2940/* 39. Fault injection - NEW_CONN_ID with zero-len CID */
2941static int script_39_inject_plain(struct helper *h, QUIC_PKT_HDR *hdr,
2942 unsigned char *buf, size_t len)
2943{
7eebc354 2944 int ok = 0;
e26dc8e3
HL		 2945 WPACKET wpkt;
2946 unsigned char frame_buf[64];
2947 size_t i, written;
ed75eb32
HL		 2948 uint64_t seq_no = 0, retire_prior_to = 0;
2949 QUIC_CONN_ID new_cid = {0};
2950 QUIC_CHANNEL *ch = ossl_quic_tserver_get_channel(h->s);
e26dc8e3 2951
ed75eb32
HL		 2952 switch (h->inject_word1) {
2953 case 0:
e26dc8e3 2954 return 1;
ed75eb32
HL		 2955 case 1:
2956 new_cid.id_len = 0;
2957 break;
2958 case 2:
2959 new_cid.id_len = 21;
2960 break;
2961 case 3:
2962 new_cid.id_len = 1;
2963 new_cid.id[0] = 0x55;
2964
2965 seq_no = 0;
2966 retire_prior_to = 1;
2967 break;
2968 case 4:
f2609004 2969 /* Use our actual CID so we don't break connectivity. */
ed75eb32
HL		 2970 ossl_quic_channel_get_diag_local_cid(ch, &new_cid);
2971
2972 seq_no = 2;
2973 retire_prior_to = 2;
2974 break;
2975 case 5:
2976 /*
2977 * Use a bogus CID which will need to be ignored if connectivity is to
2978 * be continued.
2979 */
2980 new_cid.id_len = 8;
2981 new_cid.id[0] = 0x55;
2982
2983 seq_no = 1;
2984 retire_prior_to = 1;
2985 break;
2986 }
e26dc8e3
HL		 2987
2988 if (!TEST_true(WPACKET_init_static_len(&wpkt, frame_buf,
2989 sizeof(frame_buf), 0)))
2990 return 0;
2991
2992 if (!TEST_true(WPACKET_quic_write_vlint(&wpkt, OSSL_QUIC_FRAME_TYPE_NEW_CONN_ID))
ed75eb32
HL		 2993 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, seq_no)) /* seq no */
2994 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, retire_prior_to)) /* retire prior to */
2995 || !TEST_true(WPACKET_put_bytes_u8(&wpkt, new_cid.id_len))) /* len */
7eebc354 2996 goto err;
e26dc8e3 2997
d63b8cbb 2998 for (i = 0; i < new_cid.id_len && i < OSSL_NELEM(new_cid.id); ++i)
ed75eb32
HL		 2999 if (!TEST_true(WPACKET_put_bytes_u8(&wpkt, new_cid.id[i])))
3000 goto err;
3001
d63b8cbb
HL		 3002 for (; i < new_cid.id_len; ++i)
3003 if (!TEST_true(WPACKET_put_bytes_u8(&wpkt, 0x55)))
3004 goto err;
3005
e26dc8e3
HL		 3006 for (i = 0; i < QUIC_STATELESS_RESET_TOKEN_LEN; ++i)
3007 if (!TEST_true(WPACKET_put_bytes_u8(&wpkt, 0x42)))
7eebc354 3008 goto err;
e26dc8e3
HL		 3009
3010 if (!TEST_true(WPACKET_get_total_written(&wpkt, &written)))
7eebc354 3011 goto err;
e26dc8e3
HL		 3012
3013 if (!qtest_fault_prepend_frame(h->qtf, frame_buf, written))
7eebc354 3014 goto err;
e26dc8e3 3015
7eebc354
HL		 3016 ok = 1;
3017err:
96b7df60
HL		 3018 if (ok)
3019 WPACKET_finish(&wpkt);
3020 else
3021 WPACKET_cleanup(&wpkt);
7eebc354 3022 return ok;
e26dc8e3
HL		 3023}
3024
3025static const struct script_op script_39[] = {
3026 OP_S_SET_INJECT_PLAIN (script_39_inject_plain)
3027 OP_C_SET_ALPN ("ossltest")
3028 OP_C_CONNECT_WAIT ()
3029 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
3030
3031 OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
3032 OP_C_WRITE (a, "apple", 5)
3033 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
3034 OP_S_READ_EXPECT (a, "apple", 5)
3035
3036 OP_SET_INJECT_WORD (0, 1)
3037 OP_S_WRITE (a, "orange", 5)
3038
3039 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_FRAME_ENCODING_ERROR,0,0)
3040
3041 OP_END
3042};
3043
cd5e4380
HL		 3044/* 40. Shutdown flush test */
3045static const unsigned char script_40_data[1024] = "strawberry";
3046
3047static const struct script_op script_40[] = {
3048 OP_C_SET_ALPN ("ossltest")
3049 OP_C_CONNECT_WAIT ()
3050 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
3051
3052 OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
3053 OP_C_WRITE (a, "apple", 5)
3054
3055 OP_C_INHIBIT_TICK (1)
3056 OP_C_SET_WRITE_BUF_SIZE (a, 1024 * 100 * 3)
3057
3058 OP_BEGIN_REPEAT (100)
3059
3060 OP_C_WRITE (a, script_40_data, sizeof(script_40_data))
3061
3062 OP_END_REPEAT ()
3063
3064 OP_C_CONCLUDE (a)
d49a1634 3065 OP_C_SHUTDOWN_WAIT (NULL) /* disengages tick inhibition */
cd5e4380
HL		 3066
3067 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
3068 OP_S_READ_EXPECT (a, "apple", 5)
3069
3070 OP_BEGIN_REPEAT (100)
3071
3072 OP_S_READ_EXPECT (a, script_40_data, sizeof(script_40_data))
3073
3074 OP_END_REPEAT ()
3075
3076 OP_S_EXPECT_FIN (a)
3077
3078 OP_C_EXPECT_CONN_CLOSE_INFO(0, 1, 0)
3079 OP_S_EXPECT_CONN_CLOSE_INFO(0, 1, 1)
3080
3081 OP_END
3082};
3083
7eb330ff
HL		 3084/* 41. Fault injection - PATH_CHALLENGE yields PATH_RESPONSE */
3085static const uint64_t path_challenge = UINT64_C(0xbdeb9451169c83aa);
3086
3087static int script_41_inject_plain(struct helper *h, QUIC_PKT_HDR *hdr,
3088 unsigned char *buf, size_t len)
3089{
3090 int ok = 0;
3091 WPACKET wpkt;
3092 unsigned char frame_buf[16];
3093 size_t written;
3094
3095 if (h->inject_word0 == 0)
3096 return 1;
3097
3098 if (!TEST_true(WPACKET_init_static_len(&wpkt, frame_buf,
3099 sizeof(frame_buf), 0)))
3100 return 0;
3101
a1aff2c6 3102 if (!TEST_true(WPACKET_quic_write_vlint(&wpkt, h->inject_word1))
7eb330ff
HL		 3103 || !TEST_true(WPACKET_put_bytes_u64(&wpkt, path_challenge)))
3104 goto err;
3105
3106 if (!TEST_true(WPACKET_get_total_written(&wpkt, &written))
3107 || !TEST_size_t_eq(written, 9))
3108 goto err;
3109
3110 if (!qtest_fault_prepend_frame(h->qtf, frame_buf, written))
3111 goto err;
3112
3113 --h->inject_word0;
3114 ok = 1;
3115err:
3116 if (ok)
3117 WPACKET_finish(&wpkt);
3118 else
3119 WPACKET_cleanup(&wpkt);
3120 return ok;
3121}
3122
3123static void script_41_trace(int write_p, int version, int content_type,
3124 const void *buf, size_t len, SSL *ssl, void *arg)
3125{
3126 uint64_t frame_type, frame_data;
3127 int was_minimal;
3128 struct helper *h = arg;
3129 PACKET pkt;
3130
3131 if (version != OSSL_QUIC1_VERSION
3132 || content_type != SSL3_RT_QUIC_FRAME_FULL
3133 || len < 1)
3134 return;
3135
3136 if (!TEST_true(PACKET_buf_init(&pkt, buf, len))) {
3137 ++h->scratch1;
3138 return;
3139 }
3140
3141 if (!TEST_true(ossl_quic_wire_peek_frame_header(&pkt, &frame_type,
3142 &was_minimal))) {
3143 ++h->scratch1;
3144 return;
3145 }
3146
3147 if (frame_type != OSSL_QUIC_FRAME_TYPE_PATH_RESPONSE)
3148 return;
3149
3150 if (!TEST_true(ossl_quic_wire_decode_frame_path_response(&pkt, &frame_data))
3151 || !TEST_uint64_t_eq(frame_data, path_challenge)) {
3152 ++h->scratch1;
3153 return;
3154 }
3155
3156 ++h->scratch0;
3157}
3158
3159static int script_41_setup(struct helper *h, const struct script_op *op)
3160{
3161 ossl_quic_tserver_set_msg_callback(h->s, script_41_trace, h);
3162 return 1;
3163}
3164
3165static int script_41_check(struct helper *h, const struct script_op *op)
3166{
3167 /* At least one valid challenge/response echo? */
3168 if (!TEST_uint64_t_gt(h->scratch0, 0))
3169 return 0;
3170
3171 /* No failed tests? */
3172 if (!TEST_uint64_t_eq(h->scratch1, 0))
3173 return 0;
3174
3175 return 1;
3176}
3177
3178static const struct script_op script_41[] = {
3179 OP_S_SET_INJECT_PLAIN (script_41_inject_plain)
3180 OP_C_SET_ALPN ("ossltest")
3181 OP_C_CONNECT_WAIT ()
3182 OP_CHECK (script_41_setup, 0)
3183
3184 OP_C_WRITE (DEFAULT, "apple", 5)
3185 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
3186 OP_S_READ_EXPECT (a, "apple", 5)
3187
a1aff2c6 3188 OP_SET_INJECT_WORD (1, OSSL_QUIC_FRAME_TYPE_PATH_CHALLENGE)
7eb330ff
HL		 3189
3190 OP_S_WRITE (a, "orange", 6)
3191 OP_C_READ_EXPECT (DEFAULT, "orange", 6)
3192
3193 OP_C_WRITE (DEFAULT, "strawberry", 10)
3194 OP_S_READ_EXPECT (a, "strawberry", 10)
3195
3196 OP_CHECK (script_41_check, 0)
3197 OP_END
3198};
3199
27c2f62f
HL		 3200/* 42. Fault injection - CRYPTO frame with illegal offset */
3201static int script_42_inject_plain(struct helper *h, QUIC_PKT_HDR *hdr,
3202 unsigned char *buf, size_t len)
3203{
3204 int ok = 0;
3205 unsigned char frame_buf[64];
3206 size_t written;
3207 WPACKET wpkt;
3208
3209 if (h->inject_word0 == 0)
3210 return 1;
3211
3212 --h->inject_word0;
3213
3214 if (!TEST_true(WPACKET_init_static_len(&wpkt, frame_buf,
3215 sizeof(frame_buf), 0)))
3216 return 0;
3217
3218 if (!TEST_true(WPACKET_quic_write_vlint(&wpkt, OSSL_QUIC_FRAME_TYPE_CRYPTO))
ab6c6345 3219 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, h->inject_word1))
27c2f62f
HL		 3220 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, 1))
3221 || !TEST_true(WPACKET_put_bytes_u8(&wpkt, 0x42)))
3222 goto err;
3223
3224 if (!TEST_true(WPACKET_get_total_written(&wpkt, &written)))
3225 goto err;
3226
3227 if (!qtest_fault_prepend_frame(h->qtf, frame_buf, written))
3228 goto err;
3229
3230 ok = 1;
3231err:
3232 if (ok)
3233 WPACKET_finish(&wpkt);
3234 else
3235 WPACKET_cleanup(&wpkt);
3236 return ok;
3237}
3238
3239static const struct script_op script_42[] = {
3240 OP_S_SET_INJECT_PLAIN (script_42_inject_plain)
3241 OP_C_SET_ALPN ("ossltest")
3242 OP_C_CONNECT_WAIT ()
3243 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
3244
3245 OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
3246 OP_C_WRITE (a, "apple", 5)
3247
3248 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
3249 OP_S_READ_EXPECT (a, "apple", 5)
3250
ab6c6345 3251 OP_SET_INJECT_WORD (1, (((uint64_t)1) << 62) - 1)
27c2f62f
HL		 3252 OP_S_WRITE (a, "orange", 6)
3253
3254 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_FRAME_ENCODING_ERROR,0,0)
3255
3256 OP_END
3257};
3258
ab6c6345
HL		 3259/* 43. Fault injection - CRYPTO frame exceeding FC */
3260static const struct script_op script_43[] = {
3261 OP_S_SET_INJECT_PLAIN (script_42_inject_plain)
3262 OP_C_SET_ALPN ("ossltest")
3263 OP_C_CONNECT_WAIT ()
3264 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
3265
3266 OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
3267 OP_C_WRITE (a, "apple", 5)
3268
3269 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
3270 OP_S_READ_EXPECT (a, "apple", 5)
3271
3272 OP_SET_INJECT_WORD (1, 0x100000 /* 1 MiB */)
3273 OP_S_WRITE (a, "orange", 6)
3274
3275 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_CRYPTO_BUFFER_EXCEEDED,0,0)
3276
3277 OP_END
3278};
3279
97684a15
HL		 3280/* 44. Fault injection - PADDING */
3281static int script_44_inject_plain(struct helper *h, QUIC_PKT_HDR *hdr,
3282 unsigned char *buf, size_t len)
3283{
3284 int ok = 0;
3285 WPACKET wpkt;
3286 unsigned char frame_buf[16];
3287 size_t written;
3288
3289 if (h->inject_word0 == 0)
3290 return 1;
3291
3292 if (!TEST_true(WPACKET_init_static_len(&wpkt, frame_buf,
3293 sizeof(frame_buf), 0)))
3294 return 0;
3295
3296 if (!TEST_true(ossl_quic_wire_encode_padding(&wpkt, 1)))
3297 goto err;
3298
3299 if (!TEST_true(WPACKET_get_total_written(&wpkt, &written)))
3300 goto err;
3301
3302 if (!qtest_fault_prepend_frame(h->qtf, frame_buf, written))
3303 goto err;
3304
3305 ok = 1;
3306err:
3307 if (ok)
3308 WPACKET_finish(&wpkt);
3309 else
3310 WPACKET_cleanup(&wpkt);
3311 return ok;
3312}
3313
3314static const struct script_op script_44[] = {
3315 OP_S_SET_INJECT_PLAIN (script_44_inject_plain)
3316 OP_C_SET_ALPN ("ossltest")
3317 OP_C_CONNECT_WAIT ()
3318
3319 OP_C_WRITE (DEFAULT, "apple", 5)
3320 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
3321 OP_S_READ_EXPECT (a, "apple", 5)
3322
3323 OP_SET_INJECT_WORD (1, 0)
3324
3325 OP_S_WRITE (a, "Strawberry", 10)
3326 OP_C_READ_EXPECT (DEFAULT, "Strawberry", 10)
3327
3328 OP_END
3329};
3330
17340e87
HL		 3331/* 45. PING must generate ACK */
3332static int force_ping(struct helper *h, const struct script_op *op)
3333{
3334 QUIC_CHANNEL *ch = ossl_quic_tserver_get_channel(h->s);
3335
3336 h->scratch0 = ossl_quic_channel_get_diag_num_rx_ack(ch);
3337
3338 if (!TEST_true(ossl_quic_tserver_ping(h->s)))
3339 return 0;
3340
3341 return 1;
3342}
3343
3344static int wait_incoming_acks_increased(struct helper *h, const struct script_op *op)
3345{
3346 QUIC_CHANNEL *ch = ossl_quic_tserver_get_channel(h->s);
3347 uint16_t count;
3348
3349 count = ossl_quic_channel_get_diag_num_rx_ack(ch);
3350
3351 if (count == h->scratch0) {
3352 h->check_spin_again = 1;
3353 return 0;
3354 }
3355
3356 return 1;
3357}
3358
3359static const struct script_op script_45[] = {
3360 OP_C_SET_ALPN ("ossltest")
3361 OP_C_CONNECT_WAIT ()
3362
3363 OP_C_WRITE (DEFAULT, "apple", 5)
3364 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
3365 OP_S_READ_EXPECT (a, "apple", 5)
3366
3367 OP_BEGIN_REPEAT (2)
3368
3369 OP_CHECK (force_ping, 0)
3370 OP_CHECK (wait_incoming_acks_increased, 0)
3371
3372 OP_END_REPEAT ()
3373
3374 OP_S_WRITE (a, "Strawberry", 10)
3375 OP_C_READ_EXPECT (DEFAULT, "Strawberry", 10)
3376
3377 OP_END
3378};
3379
ed0d6ba4
HL		 3380/* 46. Fault injection - ACK - malformed initial range */
3381static int script_46_inject_plain(struct helper *h, QUIC_PKT_HDR *hdr,
3382 unsigned char *buf, size_t len)
3383{
3384 int ok = 0;
3385 WPACKET wpkt;
3386 unsigned char frame_buf[16];
3387 size_t written;
d49a1634
HL		 3388 uint64_t type = 0, largest_acked = 0, first_range = 0, range_count = 0;
3389 uint64_t agap = 0, alen = 0;
ed0d6ba4
HL		 3390 uint64_t ect0 = 0, ect1 = 0, ecnce = 0;
3391
3392 if (h->inject_word0 == 0)
3393 return 1;
3394
3395 if (!TEST_true(WPACKET_init_static_len(&wpkt, frame_buf,
3396 sizeof(frame_buf), 0)))
3397 return 0;
3398
3399 type = OSSL_QUIC_FRAME_TYPE_ACK_WITHOUT_ECN;
3400
3401 switch (h->inject_word0) {
3402 case 1:
3403 largest_acked = 100;
3404 first_range = 101;
3405 range_count = 0;
3406 break;
3407 case 2:
3408 largest_acked = 100;
3409 first_range = 80;
3410 /* [20..100]; [0..18] */
3411 range_count = 1;
3412 agap = 0;
3413 alen = 19;
3414 break;
3415 case 3:
3416 largest_acked = 100;
3417 first_range = 80;
3418 range_count = 1;
3419 agap = 18;
3420 alen = 1;
3421 break;
3422 case 4:
3423 type = OSSL_QUIC_FRAME_TYPE_ACK_WITH_ECN;
3424 largest_acked = 100;
3425 first_range = 1;
3426 range_count = 0;
3427 break;
3428 case 5:
3429 type = OSSL_QUIC_FRAME_TYPE_ACK_WITH_ECN;
3430 largest_acked = 0;
3431 first_range = 0;
3432 range_count = 0;
3433 ect0 = 0;
3434 ect1 = 50;
3435 ecnce = 200;
3436 break;
3437 }
3438
3439 h->inject_word0 = 0;
3440
3441 if (!TEST_true(WPACKET_quic_write_vlint(&wpkt, type))
3442 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, largest_acked))
3443 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, /*ack_delay=*/0))
3444 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, /*ack_range_count=*/range_count))
3445 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, /*first_ack_range=*/first_range)))
3446 goto err;
3447
3448 if (range_count > 0)
3449 if (!TEST_true(WPACKET_quic_write_vlint(&wpkt, /*range[0].gap=*/agap))
3450 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, /*range[0].len=*/alen)))
3451 goto err;
3452
3453 if (type == OSSL_QUIC_FRAME_TYPE_ACK_WITH_ECN)
3454 if (!TEST_true(WPACKET_quic_write_vlint(&wpkt, ect0))
3455 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, ect1))
3456 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, ecnce)))
3457 goto err;
3458
3459 if (!TEST_true(WPACKET_get_total_written(&wpkt, &written)))
3460 goto err;
3461
3462 if (!qtest_fault_prepend_frame(h->qtf, frame_buf, written))
3463 goto err;
3464
3465 ok = 1;
3466err:
3467 if (ok)
3468 WPACKET_finish(&wpkt);
3469 else
3470 WPACKET_cleanup(&wpkt);
3471 return ok;
3472}
3473
3474static const struct script_op script_46[] = {
3475 OP_S_SET_INJECT_PLAIN (script_46_inject_plain)
3476 OP_C_SET_ALPN ("ossltest")
3477 OP_C_CONNECT_WAIT ()
3478
3479 OP_C_WRITE (DEFAULT, "apple", 5)
3480 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
3481 OP_S_READ_EXPECT (a, "apple", 5)
3482
3483 OP_SET_INJECT_WORD (1, 0)
3484
3485 OP_S_WRITE (a, "Strawberry", 10)
3486
3487 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_FRAME_ENCODING_ERROR,0,0)
3488
3489 OP_END
3490};
3491
3492/* 47. Fault injection - ACK - malformed subsequent range */
3493static const struct script_op script_47[] = {
3494 OP_S_SET_INJECT_PLAIN (script_46_inject_plain)
3495 OP_C_SET_ALPN ("ossltest")
3496 OP_C_CONNECT_WAIT ()
3497
3498 OP_C_WRITE (DEFAULT, "apple", 5)
3499 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
3500 OP_S_READ_EXPECT (a, "apple", 5)
3501
3502 OP_SET_INJECT_WORD (2, 0)
3503
3504 OP_S_WRITE (a, "Strawberry", 10)
3505
3506 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_FRAME_ENCODING_ERROR,0,0)
3507
3508 OP_END
3509};
3510
3511/* 48. Fault injection - ACK - malformed subsequent range */
3512static const struct script_op script_48[] = {
3513 OP_S_SET_INJECT_PLAIN (script_46_inject_plain)
3514 OP_C_SET_ALPN ("ossltest")
3515 OP_C_CONNECT_WAIT ()
3516
3517 OP_C_WRITE (DEFAULT, "apple", 5)
3518 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
3519 OP_S_READ_EXPECT (a, "apple", 5)
3520
3521 OP_SET_INJECT_WORD (3, 0)
3522
3523 OP_S_WRITE (a, "Strawberry", 10)
3524
3525 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_FRAME_ENCODING_ERROR,0,0)
3526
3527 OP_END
3528};
3529
3530/* 49. Fault injection - ACK - fictional PN */
3531static const struct script_op script_49[] = {
3532 OP_S_SET_INJECT_PLAIN (script_46_inject_plain)
3533 OP_C_SET_ALPN ("ossltest")
3534 OP_C_CONNECT_WAIT ()
3535
3536 OP_C_WRITE (DEFAULT, "apple", 5)
3537 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
3538 OP_S_READ_EXPECT (a, "apple", 5)
3539
3540 OP_SET_INJECT_WORD (4, 0)
3541
3542 OP_S_WRITE (a, "Strawberry", 10)
3543 OP_C_READ_EXPECT (DEFAULT, "Strawberry", 10)
3544
3545 OP_END
3546};
3547
3548/* 50. Fault injection - ACK - duplicate PN */
3549static const struct script_op script_50[] = {
3550 OP_S_SET_INJECT_PLAIN (script_46_inject_plain)
3551 OP_C_SET_ALPN ("ossltest")
3552 OP_C_CONNECT_WAIT ()
3553
3554 OP_C_WRITE (DEFAULT, "apple", 5)
3555 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
3556 OP_S_READ_EXPECT (a, "apple", 5)
3557
3558 OP_BEGIN_REPEAT (2)
3559
3560 OP_SET_INJECT_WORD (5, 0)
3561
3562 OP_S_WRITE (a, "Strawberry", 10)
3563 OP_C_READ_EXPECT (DEFAULT, "Strawberry", 10)
3564
3565 OP_END_REPEAT ()
3566
3567 OP_END
3568};
3569
f2609004 3570/* 51. Fault injection - PATH_RESPONSE is ignored */
a1aff2c6
HL		 3571static const struct script_op script_51[] = {
3572 OP_S_SET_INJECT_PLAIN (script_41_inject_plain)
3573 OP_C_SET_ALPN ("ossltest")
3574 OP_C_CONNECT_WAIT ()
3575
3576 OP_C_WRITE (DEFAULT, "apple", 5)
3577 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
3578 OP_S_READ_EXPECT (a, "apple", 5)
3579
3580 OP_SET_INJECT_WORD (1, OSSL_QUIC_FRAME_TYPE_PATH_RESPONSE)
3581
3582 OP_S_WRITE (a, "orange", 6)
3583 OP_C_READ_EXPECT (DEFAULT, "orange", 6)
3584
3585 OP_C_WRITE (DEFAULT, "Strawberry", 10)
3586 OP_S_READ_EXPECT (a, "Strawberry", 10)
3587
3588 OP_END
3589};
3590
477944b6
HL		 3591/* 52. Fault injection - ignore BLOCKED frames with bogus values */
3592static int script_52_inject_plain(struct helper *h, QUIC_PKT_HDR *hdr,
3593 unsigned char *buf, size_t len)
3594{
3595 int ok = 0;
3596 unsigned char frame_buf[64];
3597 size_t written;
3598 WPACKET wpkt;
3599 uint64_t type = h->inject_word1;
3600
3601 if (h->inject_word0 == 0)
3602 return 1;
3603
3604 --h->inject_word0;
3605
3606 if (!TEST_true(WPACKET_init_static_len(&wpkt, frame_buf,
3607 sizeof(frame_buf), 0)))
3608 return 0;
3609
3610 if (!TEST_true(WPACKET_quic_write_vlint(&wpkt, type)))
3611 goto err;
3612
3613 if (type == OSSL_QUIC_FRAME_TYPE_STREAM_DATA_BLOCKED)
3614 if (!TEST_true(WPACKET_quic_write_vlint(&wpkt, C_BIDI_ID(0))))
3615 goto err;
3616
3617 if (!TEST_true(WPACKET_quic_write_vlint(&wpkt, 0xFFFFFF)))
3618 goto err;
3619
3620 if (!TEST_true(WPACKET_get_total_written(&wpkt, &written)))
3621 goto err;
3622
3623 if (!qtest_fault_prepend_frame(h->qtf, frame_buf, written))
3624 goto err;
3625
3626 ok = 1;
3627err:
3628 if (ok)
3629 WPACKET_finish(&wpkt);
3630 else
3631 WPACKET_cleanup(&wpkt);
3632 return ok;
3633}
3634
3635static const struct script_op script_52[] = {
3636 OP_S_SET_INJECT_PLAIN (script_52_inject_plain)
3637 OP_C_SET_ALPN ("ossltest")
3638 OP_C_CONNECT_WAIT ()
3639
3640 OP_C_WRITE (DEFAULT, "apple", 5)
3641 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
3642 OP_S_READ_EXPECT (a, "apple", 5)
3643
3644 OP_SET_INJECT_WORD (1, OSSL_QUIC_FRAME_TYPE_DATA_BLOCKED)
3645
3646 OP_S_WRITE (a, "orange", 6)
3647 OP_C_READ_EXPECT (DEFAULT, "orange", 6)
3648
3649 OP_C_WRITE (DEFAULT, "Strawberry", 10)
3650 OP_S_READ_EXPECT (a, "Strawberry", 10)
3651
3652 OP_SET_INJECT_WORD (1, OSSL_QUIC_FRAME_TYPE_STREAM_DATA_BLOCKED)
3653
3654 OP_S_WRITE (a, "orange", 6)
3655 OP_C_READ_EXPECT (DEFAULT, "orange", 6)
3656
3657 OP_C_WRITE (DEFAULT, "Strawberry", 10)
3658 OP_S_READ_EXPECT (a, "Strawberry", 10)
3659
3660 OP_SET_INJECT_WORD (1, OSSL_QUIC_FRAME_TYPE_STREAMS_BLOCKED_UNI)
3661
3662 OP_S_WRITE (a, "orange", 6)
3663 OP_C_READ_EXPECT (DEFAULT, "orange", 6)
3664
3665 OP_C_WRITE (DEFAULT, "Strawberry", 10)
3666 OP_S_READ_EXPECT (a, "Strawberry", 10)
3667
3668 OP_SET_INJECT_WORD (1, OSSL_QUIC_FRAME_TYPE_STREAMS_BLOCKED_BIDI)
3669
3670 OP_S_WRITE (a, "orange", 6)
3671 OP_C_READ_EXPECT (DEFAULT, "orange", 6)
3672
3673 OP_C_WRITE (DEFAULT, "Strawberry", 10)
3674 OP_S_READ_EXPECT (a, "Strawberry", 10)
3675
3676 OP_END
3677};
a1aff2c6 3678
de56eebd
HL		 3679/* 53. Fault injection - excess CRYPTO buffer size */
3680static int script_53_inject_plain(struct helper *h, QUIC_PKT_HDR *hdr,
3681 unsigned char *buf, size_t len)
3682{
3683 int ok = 0;
3684 size_t written;
3685 WPACKET wpkt;
3686 uint64_t offset = 0, data_len = 100;
3687 unsigned char *frame_buf = NULL;
3688 size_t frame_len, i;
3689
3690 if (h->inject_word0 == 0)
3691 return 1;
3692
3693 h->inject_word0 = 0;
3694
3695 switch (h->inject_word1) {
3696 case 0:
3697 /*
3698 * Far out offset which will not have been reached during handshake.
3699 * This will not be delivered to the QUIC_TLS instance since it will be
3700 * waiting for in-order delivery of previous bytes. This tests our flow
3701 * control on CRYPTO stream buffering.
3702 */
3703 offset = 100000;
3704 data_len = 1;
3705 break;
3706 }
3707
d49a1634 3708 frame_len = 1 + 8 + 8 + (size_t)data_len;
de56eebd
HL		 3709 if (!TEST_ptr(frame_buf = OPENSSL_malloc(frame_len)))
3710 return 0;
3711
3712 if (!TEST_true(WPACKET_init_static_len(&wpkt, frame_buf, frame_len, 0)))
3713 goto err;
3714
3715 if (!TEST_true(WPACKET_quic_write_vlint(&wpkt, OSSL_QUIC_FRAME_TYPE_CRYPTO))
3716 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, offset))
3717 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, data_len)))
3718 goto err;
3719
3720 for (i = 0; i < data_len; ++i)
3721 if (!TEST_true(WPACKET_put_bytes_u8(&wpkt, 0x42)))
3722 goto err;
3723
3724 if (!TEST_true(WPACKET_get_total_written(&wpkt, &written)))
3725 goto err;
3726
3727 if (!qtest_fault_prepend_frame(h->qtf, frame_buf, written))
3728 goto err;
3729
3730 ok = 1;
3731err:
3732 if (ok)
3733 WPACKET_finish(&wpkt);
3734 else
3735 WPACKET_cleanup(&wpkt);
3736 OPENSSL_free(frame_buf);
3737 return ok;
3738}
3739
3740static const struct script_op script_53[] = {
3741 OP_S_SET_INJECT_PLAIN (script_53_inject_plain)
3742 OP_C_SET_ALPN ("ossltest")
3743 OP_C_CONNECT_WAIT ()
3744
3745 OP_C_WRITE (DEFAULT, "apple", 5)
3746 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
3747 OP_S_READ_EXPECT (a, "apple", 5)
3748
3749 OP_SET_INJECT_WORD (1, 0)
3750 OP_S_WRITE (a, "Strawberry", 10)
3751
3752 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_CRYPTO_BUFFER_EXCEEDED,0,0)
3753
3754 OP_END
3755};
3756
3757/* 54. Fault injection - corrupted crypto stream data */
3758static int script_54_inject_handshake(struct helper *h,
3759 unsigned char *buf, size_t buf_len)
3760{
3761 size_t i;
3762
3763 for (i = 0; i < buf_len; ++i)
3764 buf[i] ^= 0xff;
3765
3766 return 1;
3767}
3768
3769static const struct script_op script_54[] = {
3770 OP_S_SET_INJECT_HANDSHAKE(script_54_inject_handshake)
3771 OP_C_SET_ALPN ("ossltest")
3772 OP_C_CONNECT_WAIT_OR_FAIL()
3773
3774 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_CRYPTO_UNEXPECTED_MESSAGE,0,0)
3775
3776 OP_END
3777};
3778
ed75eb32
HL		 3779/* 55. Fault injection - NEW_CONN_ID with >20 byte CID */
3780static const struct script_op script_55[] = {
3781 OP_S_SET_INJECT_PLAIN (script_39_inject_plain)
3782 OP_C_SET_ALPN ("ossltest")
3783 OP_C_CONNECT_WAIT ()
3784 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
3785
3786 OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
3787 OP_C_WRITE (a, "apple", 5)
3788 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
3789 OP_S_READ_EXPECT (a, "apple", 5)
3790
3791 OP_SET_INJECT_WORD (0, 2)
3792 OP_S_WRITE (a, "orange", 5)
3793
3794 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_FRAME_ENCODING_ERROR,0,0)
3795
3796 OP_END
3797};
3798
3799/* 56. Fault injection - NEW_CONN_ID with seq no < retire prior to */
3800static const struct script_op script_56[] = {
3801 OP_S_SET_INJECT_PLAIN (script_39_inject_plain)
3802 OP_C_SET_ALPN ("ossltest")
3803 OP_C_CONNECT_WAIT ()
3804 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
3805
3806 OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
3807 OP_C_WRITE (a, "apple", 5)
3808 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
3809 OP_S_READ_EXPECT (a, "apple", 5)
3810
3811 OP_SET_INJECT_WORD (0, 3)
3812 OP_S_WRITE (a, "orange", 5)
3813
3814 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_FRAME_ENCODING_ERROR,0,0)
3815
3816 OP_END
3817};
3818
f2609004 3819/* 57. Fault injection - NEW_CONN_ID with lower seq so ignored */
ed75eb32
HL		 3820static const struct script_op script_57[] = {
3821 OP_S_SET_INJECT_PLAIN (script_39_inject_plain)
3822 OP_C_SET_ALPN ("ossltest")
3823 OP_C_CONNECT_WAIT ()
3824 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
3825
3826 OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
3827 OP_C_WRITE (a, "apple", 5)
3828 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
3829 OP_S_READ_EXPECT (a, "apple", 5)
3830
3831 OP_SET_INJECT_WORD (0, 4)
3832 OP_S_WRITE (a, "orange", 5)
3833 OP_C_READ_EXPECT (a, "orange", 5)
3834
3835 OP_C_WRITE (a, "Strawberry", 10)
3836 OP_S_READ_EXPECT (a, "Strawberry", 10)
3837
3838 /*
3839 * Now we send a NEW_CONN_ID with a bogus CID. However the sequence number
3840 * is old so it should be ignored and we should still be able to
3841 * communicate.
3842 */
3843 OP_SET_INJECT_WORD (0, 5)
3844 OP_S_WRITE (a, "raspberry", 9)
3845 OP_C_READ_EXPECT (a, "raspberry", 9)
3846
3847 OP_C_WRITE (a, "peach", 5)
3848 OP_S_READ_EXPECT (a, "peach", 5)
3849
3850 OP_END
3851};
3852
d56b81ac
HL		 3853/* 58. Fault injection - repeated HANDSHAKE_DONE */
3854static int script_58_inject_plain(struct helper *h, QUIC_PKT_HDR *hdr,
3855 unsigned char *buf, size_t len)
3856{
3857 int ok = 0;
3858 unsigned char frame_buf[64];
3859 size_t written;
3860 WPACKET wpkt;
3861
3862 if (h->inject_word0 == 0)
3863 return 1;
3864
3865 if (!TEST_true(WPACKET_init_static_len(&wpkt, frame_buf,
3866 sizeof(frame_buf), 0)))
3867 return 0;
3868
3869 if (h->inject_word0 == 1) {
3870 if (!TEST_true(WPACKET_quic_write_vlint(&wpkt, OSSL_QUIC_FRAME_TYPE_HANDSHAKE_DONE)))
3871 goto err;
3872 } else {
3873 /* Needless multi-byte encoding */
3874 if (!TEST_true(WPACKET_put_bytes_u8(&wpkt, 0x40))
3875 || !TEST_true(WPACKET_put_bytes_u8(&wpkt, 0x1E)))
3876 goto err;
3877 }
3878
3879 if (!TEST_true(WPACKET_get_total_written(&wpkt, &written)))
3880 goto err;
3881
3882 if (!qtest_fault_prepend_frame(h->qtf, frame_buf, written))
3883 goto err;
3884
3885 ok = 1;
3886err:
3887 if (ok)
3888 WPACKET_finish(&wpkt);
3889 else
3890 WPACKET_cleanup(&wpkt);
3891 return ok;
3892}
3893
3894static const struct script_op script_58[] = {
3895 OP_S_SET_INJECT_PLAIN (script_58_inject_plain)
3896 OP_C_SET_ALPN ("ossltest")
3897 OP_C_CONNECT_WAIT ()
3898
3899 OP_C_WRITE (DEFAULT, "apple", 5)
3900 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
3901 OP_S_READ_EXPECT (a, "apple", 5)
3902
3903 OP_SET_INJECT_WORD (1, 0)
3904
3905 OP_S_WRITE (a, "orange", 6)
3906 OP_C_READ_EXPECT (DEFAULT, "orange", 6)
3907
3908 OP_C_WRITE (DEFAULT, "Strawberry", 10)
3909 OP_S_READ_EXPECT (a, "Strawberry", 10)
3910
3911 OP_END
3912};
3913
3914/* 59. Fault injection - multi-byte frame encoding */
3915static const struct script_op script_59[] = {
3916 OP_S_SET_INJECT_PLAIN (script_58_inject_plain)
3917 OP_C_SET_ALPN ("ossltest")
3918 OP_C_CONNECT_WAIT ()
3919
3920 OP_C_WRITE (DEFAULT, "apple", 5)
3921 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
3922 OP_S_READ_EXPECT (a, "apple", 5)
3923
3924 OP_SET_INJECT_WORD (2, 0)
3925
3926 OP_S_WRITE (a, "orange", 6)
3927
3928 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_PROTOCOL_VIOLATION,0,0)
3929
3930 OP_END
3931};
3932
d49a1634
HL		 3933/* 60. Connection close reason truncation */
3934static char long_reason[2048];
3935
3936static int init_reason(struct helper *h, const struct script_op *op)
3937{
3938 memset(long_reason, '~', sizeof(long_reason));
3939 memcpy(long_reason, "This is a long reason string.", 29);
d63b8cbb 3940 long_reason[OSSL_NELEM(long_reason) - 1] = '\0';
d49a1634
HL		 3941 return 1;
3942}
3943
3944static int check_shutdown_reason(struct helper *h, const struct script_op *op)
3945{
3946 const QUIC_TERMINATE_CAUSE *tc = ossl_quic_tserver_get_terminate_cause(h->s);
3947
3948 if (tc == NULL) {
3949 h->check_spin_again = 1;
3950 return 0;
3951 }
3952
3953 if (!TEST_size_t_ge(tc->reason_len, 50)
3954 || !TEST_mem_eq(long_reason, tc->reason_len,
3955 tc->reason, tc->reason_len))
3956 return 0;
3957
3958 return 1;
3959}
3960
3961static const struct script_op script_60[] = {
3962 OP_C_SET_ALPN ("ossltest")
3963 OP_C_CONNECT_WAIT ()
3964
3965 OP_C_WRITE (DEFAULT, "apple", 5)
3966 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
3967 OP_S_READ_EXPECT (a, "apple", 5)
3968
3969 OP_CHECK (init_reason, 0)
3970 OP_C_SHUTDOWN_WAIT (long_reason)
3971 OP_CHECK (check_shutdown_reason, 0)
3972
3973 OP_END
3974};
3975
d63b8cbb
HL		 3976/* 61. Fault injection - RESET_STREAM exceeding stream count FC */
3977static int script_61_inject_plain(struct helper *h, QUIC_PKT_HDR *hdr,
3978 unsigned char *buf, size_t len)
3979{
3980 int ok = 0;
3981 WPACKET wpkt;
3982 unsigned char frame_buf[32];
3983 size_t written;
3984
3985 if (h->inject_word0 == 0)
3986 return 1;
3987
3988 if (!TEST_true(WPACKET_init_static_len(&wpkt, frame_buf,
3989 sizeof(frame_buf), 0)))
3990 return 0;
3991
3992 if (!TEST_true(WPACKET_quic_write_vlint(&wpkt, h->inject_word0))
3993 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, /* stream ID */
3994 h->inject_word1))
3995 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, 123))
3996 || (h->inject_word1 == OSSL_QUIC_FRAME_TYPE_RESET_STREAM
3997 && !TEST_true(WPACKET_quic_write_vlint(&wpkt, 0)))) /* final size */
3998 goto err;
3999
4000 if (!TEST_true(WPACKET_get_total_written(&wpkt, &written)))
4001 goto err;
4002
4003 if (!qtest_fault_prepend_frame(h->qtf, frame_buf, written))
4004 goto err;
4005
4006 ok = 1;
4007err:
4008 if (ok)
4009 WPACKET_finish(&wpkt);
4010 else
4011 WPACKET_cleanup(&wpkt);
4012 return ok;
4013}
4014
4015static const struct script_op script_61[] = {
4016 OP_S_SET_INJECT_PLAIN (script_61_inject_plain)
4017 OP_C_SET_ALPN ("ossltest")
4018 OP_C_CONNECT_WAIT ()
4019 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
4020
4021 OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
4022 OP_C_WRITE (a, "orange", 6)
4023
4024 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
4025 OP_S_READ_EXPECT (a, "orange", 6)
4026
4027 OP_SET_INJECT_WORD (OSSL_QUIC_FRAME_TYPE_RESET_STREAM,
4028 S_BIDI_ID(OSSL_QUIC_VLINT_MAX / 4))
4029 OP_S_WRITE (a, "fruit", 5)
4030
4031 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_STREAM_LIMIT_ERROR,0,0)
4032
4033 OP_END
4034};
4035
4036/* 62. Fault injection - STOP_SENDING with high ID */
4037static const struct script_op script_62[] = {
4038 OP_S_SET_INJECT_PLAIN (script_61_inject_plain)
4039 OP_C_SET_ALPN ("ossltest")
4040 OP_C_CONNECT_WAIT ()
4041 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
4042
4043 OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
4044 OP_C_WRITE (a, "orange", 6)
4045
4046 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
4047 OP_S_READ_EXPECT (a, "orange", 6)
4048
4049 OP_SET_INJECT_WORD (OSSL_QUIC_FRAME_TYPE_STOP_SENDING,
4050 C_BIDI_ID(OSSL_QUIC_VLINT_MAX / 4))
4051 OP_S_WRITE (a, "fruit", 5)
4052
4053 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_STREAM_STATE_ERROR,0,0)
4054
4055 OP_END
4056};
d49a1634 4057
1623bf37
HL		 4058/* 63. Fault injection - STREAM frame exceeding stream limit */
4059static const struct script_op script_63[] = {
4060 OP_S_SET_INJECT_PLAIN (script_32_inject_plain)
4061 OP_C_SET_ALPN ("ossltest")
4062 OP_C_CONNECT_WAIT ()
4063 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
4064
4065 OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
4066 OP_C_WRITE (a, "apple", 5)
4067
4068 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
4069 OP_S_READ_EXPECT (a, "apple", 5)
4070
4071 OP_SET_INJECT_WORD (S_BIDI_ID(5000) + 1, 4)
4072 OP_S_WRITE (a, "orange", 6)
4073
4074 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_STREAM_LIMIT_ERROR,0,0)
4075
4076 OP_END
4077};
4078
4079/* 64. Fault injection - STREAM - zero-length no-FIN is accepted */
4080static const struct script_op script_64[] = {
4081 OP_S_SET_INJECT_PLAIN (script_32_inject_plain)
4082 OP_C_SET_ALPN ("ossltest")
4083 OP_C_CONNECT_WAIT ()
4084 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
4085
4086 OP_S_NEW_STREAM_UNI (a, S_UNI_ID(0))
4087 OP_S_WRITE (a, "apple", 5)
4088
4089 OP_C_ACCEPT_STREAM_WAIT (a)
4090 OP_C_READ_EXPECT (a, "apple", 5)
4091
4092 OP_SET_INJECT_WORD (S_BIDI_ID(20) + 1, 1)
4093 OP_S_WRITE (a, "orange", 6)
4094 OP_C_READ_EXPECT (a, "orange", 6)
4095
4096 OP_END
4097};
4098
4099/* 65. Fault injection - CRYPTO - zero-length is accepted */
4100static int script_65_inject_plain(struct helper *h, QUIC_PKT_HDR *hdr,
4101 unsigned char *buf, size_t len)
4102{
4103 int ok = 0;
4104 unsigned char frame_buf[64];
4105 size_t written;
4106 WPACKET wpkt;
4107
4108 if (h->inject_word0 == 0)
4109 return 1;
4110
4111 --h->inject_word0;
4112
4113 if (!TEST_true(WPACKET_init_static_len(&wpkt, frame_buf,
4114 sizeof(frame_buf), 0)))
4115 return 0;
4116
4117 if (!TEST_true(WPACKET_quic_write_vlint(&wpkt, OSSL_QUIC_FRAME_TYPE_CRYPTO))
4118 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, 0))
4119 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, 0)))
4120 goto err;
4121
4122 if (!TEST_true(WPACKET_get_total_written(&wpkt, &written)))
4123 goto err;
4124
4125 if (!qtest_fault_prepend_frame(h->qtf, frame_buf, written))
4126 goto err;
4127
4128 ok = 1;
4129err:
4130 if (ok)
4131 WPACKET_finish(&wpkt);
4132 else
4133 WPACKET_cleanup(&wpkt);
4134 return ok;
4135}
4136
4137static const struct script_op script_65[] = {
4138 OP_S_SET_INJECT_PLAIN (script_65_inject_plain)
4139 OP_C_SET_ALPN ("ossltest")
4140 OP_C_CONNECT_WAIT ()
4141 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
4142
4143 OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
4144 OP_C_WRITE (a, "apple", 5)
4145
4146 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
4147 OP_S_READ_EXPECT (a, "apple", 5)
4148
4149 OP_SET_INJECT_WORD (1, 0)
4150 OP_S_WRITE (a, "orange", 6)
4151 OP_C_READ_EXPECT (a, "orange", 6)
4152
4153 OP_END
4154};
4155
4156/* 66. Fault injection - large MAX_STREAM_DATA */
4157static int script_66_inject_plain(struct helper *h, QUIC_PKT_HDR *hdr,
4158 unsigned char *buf, size_t len)
4159{
4160 int ok = 0;
4161 WPACKET wpkt;
4162 unsigned char frame_buf[64];
4163 size_t written;
4164
4165 if (h->inject_word0 == 0)
4166 return 1;
4167
4168 if (!TEST_true(WPACKET_init_static_len(&wpkt, frame_buf,
4169 sizeof(frame_buf), 0)))
4170 return 0;
4171
4172 if (!TEST_true(WPACKET_quic_write_vlint(&wpkt, h->inject_word1)))
4173 goto err;
4174
4175 if (h->inject_word1 == OSSL_QUIC_FRAME_TYPE_MAX_STREAM_DATA)
4176 if (!TEST_true(WPACKET_quic_write_vlint(&wpkt, /* stream ID */
4177 h->inject_word0 - 1)))
4178 goto err;
4179
4180 if (!TEST_true(WPACKET_quic_write_vlint(&wpkt, OSSL_QUIC_VLINT_MAX)))
4181 goto err;
4182
4183 if (!TEST_true(WPACKET_get_total_written(&wpkt, &written)))
4184 goto err;
4185
4186 if (!qtest_fault_prepend_frame(h->qtf, frame_buf, written))
4187 goto err;
4188
4189 ok = 1;
4190err:
4191 if (ok)
4192 WPACKET_finish(&wpkt);
4193 else
4194 WPACKET_cleanup(&wpkt);
4195 return ok;
4196}
4197
4198static const struct script_op script_66[] = {
4199 OP_S_SET_INJECT_PLAIN (script_66_inject_plain)
4200 OP_C_SET_ALPN ("ossltest")
4201 OP_C_CONNECT_WAIT ()
4202 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
4203
4204 OP_S_NEW_STREAM_BIDI (a, S_BIDI_ID(0))
4205 OP_S_WRITE (a, "apple", 5)
4206
4207 OP_C_ACCEPT_STREAM_WAIT (a)
4208 OP_C_READ_EXPECT (a, "apple", 5)
4209
4210 OP_SET_INJECT_WORD (S_BIDI_ID(0) + 1, OSSL_QUIC_FRAME_TYPE_MAX_STREAM_DATA)
4211 OP_S_WRITE (a, "orange", 6)
4212 OP_C_READ_EXPECT (a, "orange", 6)
4213 OP_C_WRITE (a, "Strawberry", 10)
4214 OP_S_READ_EXPECT (a, "Strawberry", 10)
4215
4216 OP_END
4217};
4218
4219/* 67. Fault injection - large MAX_DATA */
4220static const struct script_op script_67[] = {
4221 OP_S_SET_INJECT_PLAIN (script_66_inject_plain)
4222 OP_C_SET_ALPN ("ossltest")
4223 OP_C_CONNECT_WAIT ()
4224 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
4225
4226 OP_S_NEW_STREAM_BIDI (a, S_BIDI_ID(0))
4227 OP_S_WRITE (a, "apple", 5)
4228
4229 OP_C_ACCEPT_STREAM_WAIT (a)
4230 OP_C_READ_EXPECT (a, "apple", 5)
4231
4232 OP_SET_INJECT_WORD (1, OSSL_QUIC_FRAME_TYPE_MAX_DATA)
4233 OP_S_WRITE (a, "orange", 6)
4234 OP_C_READ_EXPECT (a, "orange", 6)
4235 OP_C_WRITE (a, "Strawberry", 10)
4236 OP_S_READ_EXPECT (a, "Strawberry", 10)
4237
4238 OP_END
4239};
4240
644ef0bb
MC		 4241/* 68. Fault injection - Unexpected TLS messages */
4242static int script_68_inject_handshake(struct helper *h, unsigned char *msg,
4243 size_t msglen)
4244{
4245 const unsigned char *data;
4246 size_t datalen;
4247 const unsigned char certreq[] = {
4248 SSL3_MT_CERTIFICATE_REQUEST, /* CertificateRequest message */
4249 0, 0, 12, /* Length of message */
4250 1, 1, /* certificate_request_context */
4251 0, 8, /* Extensions block length */
4252 0, TLSEXT_TYPE_signature_algorithms, /* sig_algs extension*/
4253 0, 4, /* 4 bytes of sig algs extension*/
4254 0, 2, /* sigalgs list is 2 bytes long */
4255 8, 4 /* rsa_pss_rsae_sha256 */
4256 };
4257 const unsigned char keyupdate[] = {
4258 SSL3_MT_KEY_UPDATE, /* KeyUpdate message */
4259 0, 0, 1, /* Length of message */
4260 SSL_KEY_UPDATE_NOT_REQUESTED /* update_not_requested */
4261 };
4262
4263 /* We transform the NewSessionTicket message into something else */
4264 switch(h->inject_word0) {
4265 case 0:
4266 return 1;
4267
4268 case 1:
4269 /* CertificateRequest message */
4270 data = certreq;
4271 datalen = sizeof(certreq);
4272 break;
4273
4274 case 2:
4275 /* KeyUpdate message */
4276 data = keyupdate;
4277 datalen = sizeof(keyupdate);
4278 break;
4279
4280 default:
4281 return 0;
4282 }
4283
4284 if (!TEST_true(qtest_fault_resize_message(h->qtf,
4285 datalen - SSL3_HM_HEADER_LENGTH)))
4286 return 0;
4287
4288 memcpy(msg, data, datalen);
4289
4290 return 1;
4291}
4292
4293/* Send a CerticateRequest message post-handshake */
4294static const struct script_op script_68[] = {
4295 OP_S_SET_INJECT_HANDSHAKE(script_68_inject_handshake)
4296 OP_C_SET_ALPN ("ossltest")
4297 OP_C_CONNECT_WAIT ()
4298 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
4299
4300 OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
4301 OP_C_WRITE (a, "apple", 5)
4302 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
4303 OP_S_READ_EXPECT (a, "apple", 5)
4304
4305 OP_SET_INJECT_WORD (1, 0)
4306 OP_S_NEW_TICKET ()
4307 OP_S_WRITE (a, "orange", 6)
4308
4309 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_PROTOCOL_VIOLATION, 0, 0)
4310
4311 OP_END
4312};
4313
4314/* 69. Send a TLS KeyUpdate message post-handshake */
4315static const struct script_op script_69[] = {
4316 OP_S_SET_INJECT_HANDSHAKE(script_68_inject_handshake)
4317 OP_C_SET_ALPN ("ossltest")
4318 OP_C_CONNECT_WAIT ()
4319 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
4320
4321 OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
4322 OP_C_WRITE (a, "apple", 5)
4323 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
4324 OP_S_READ_EXPECT (a, "apple", 5)
4325
4326 OP_SET_INJECT_WORD (2, 0)
4327 OP_S_NEW_TICKET ()
4328 OP_S_WRITE (a, "orange", 6)
4329
4330 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_CRYPTO_ERR_BEGIN
4331 + SSL_AD_UNEXPECTED_MESSAGE, 0, 0)
4332
4333 OP_END
4334};
4335
4336static int set_max_early_data(struct helper *h, const struct script_op *op)
4337{
4338
4339 if (!TEST_true(ossl_quic_tserver_set_max_early_data(h->s,
4340 (uint32_t)op->arg2)))
4341 return 0;
4342
4343 return 1;
4344}
4345
4346/* 70. Send a TLS NewSessionTicket message with invalid max_early_data */
4347static const struct script_op script_70[] = {
4348 OP_C_SET_ALPN ("ossltest")
4349 OP_C_CONNECT_WAIT ()
4350 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
4351
4352 OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
4353 OP_C_WRITE (a, "apple", 5)
4354 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
4355 OP_S_READ_EXPECT (a, "apple", 5)
4356
4357 OP_CHECK (set_max_early_data, 0xfffffffe)
4358 OP_S_NEW_TICKET ()
4359 OP_S_WRITE (a, "orange", 6)
4360
4361 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_PROTOCOL_VIOLATION, 0, 0)
4362
4363 OP_END
4364};
4365
4366/* 71. Send a TLS NewSessionTicket message with valid max_early_data */
4367static const struct script_op script_71[] = {
4368 OP_C_SET_ALPN ("ossltest")
4369 OP_C_CONNECT_WAIT ()
4370 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
4371
4372 OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
4373 OP_C_WRITE (a, "apple", 5)
4374 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
4375 OP_S_READ_EXPECT (a, "apple", 5)
4376
4377 OP_CHECK (set_max_early_data, 0xffffffff)
4378 OP_S_NEW_TICKET ()
4379 OP_S_WRITE (a, "orange", 6)
4380 OP_C_READ_EXPECT (a, "orange", 6)
4381
4382 OP_END
4383};
4384
14551f1e
HL		 4385/* 72. Test that APL stops handing out streams after limit reached (bidi) */
4386static int script_72_check(struct helper *h, const struct script_op *op)
4387{
4388 if (!TEST_uint64_t_ge(h->fail_count, 50))
4389 return 0;
4390
4391 return 1;
4392}
4393
4394static const struct script_op script_72[] = {
4395 OP_C_SET_ALPN ("ossltest")
4396 OP_C_CONNECT_WAIT ()
4397 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
4398
4399 /*
4400 * Request more streams than a server will initially hand out and test that
4401 * they fail properly.
4402 */
4403 OP_BEGIN_REPEAT (200)
4404
4405 OP_C_NEW_STREAM_BIDI_EX (a, ANY_ID, ALLOW_FAIL)
4406 OP_C_SKIP_IF_UNBOUND (a, 2)
4407 OP_C_WRITE (a, "apple", 5)
4408 OP_C_FREE_STREAM (a)
4409
4410 OP_END_REPEAT ()
4411
4412 OP_CHECK (script_72_check, 0)
4413
4414 OP_END
4415};
4416
4417/* 73. Test that APL stops handing out streams after limit reached (uni) */
4418static const struct script_op script_73[] = {
4419 OP_C_SET_ALPN ("ossltest")
4420 OP_C_CONNECT_WAIT ()
4421 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
4422
4423 /*
4424 * Request more streams than a server will initially hand out and test that
4425 * they fail properly.
4426 */
4427 OP_BEGIN_REPEAT (200)
4428
4429 OP_C_NEW_STREAM_UNI_EX (a, ANY_ID, ALLOW_FAIL)
4430 OP_C_SKIP_IF_UNBOUND (a, 2)
4431 OP_C_WRITE (a, "apple", 5)
4432 OP_C_FREE_STREAM (a)
4433
4434 OP_END_REPEAT ()
4435
4436 OP_CHECK (script_72_check, 0)
4437
4438 OP_END
4439};
4440
69169cd9
HL		 4441/* 74. Version negotiation: QUIC_VERSION_1 ignored */
4442static int generate_version_neg(WPACKET *wpkt, uint32_t version)
4443{
4444 QUIC_PKT_HDR hdr = {0};
4445
4446 hdr.type = QUIC_PKT_TYPE_VERSION_NEG;
4447 hdr.fixed = 1;
4448 hdr.dst_conn_id.id_len = 0;
4449 hdr.src_conn_id.id_len = 8;
4450 memset(hdr.src_conn_id.id, 0x55, 8);
4451
4452 if (!TEST_true(ossl_quic_wire_encode_pkt_hdr(wpkt, 0, &hdr, NULL)))
4453 return 0;
4454
4455 if (!TEST_true(WPACKET_put_bytes_u32(wpkt, version)))
4456 return 0;
4457
4458 return 1;
4459}
4460
4461static int server_gen_version_neg(struct helper *h, BIO_MSG *msg, size_t stride)
4462{
4463 int rc = 0, have_wpkt = 0;
4464 size_t l;
4465 WPACKET wpkt;
4466 BUF_MEM *buf = NULL;
4467 uint32_t version;
4468
4469 switch (h->inject_word0) {
4470 case 0:
4471 return 1;
4472 case 1:
4473 version = QUIC_VERSION_1;
4474 break;
4475 default:
4476 version = 0x5432abcd;
4477 break;
4478 }
4479
4480 if (!TEST_ptr(buf = BUF_MEM_new()))
4481 goto err;
4482
4483 if (!TEST_true(WPACKET_init(&wpkt, buf)))
4484 goto err;
4485
4486 have_wpkt = 1;
4487
4488 generate_version_neg(&wpkt, version);
4489
4490 if (!TEST_true(WPACKET_get_total_written(&wpkt, &l)))
4491 goto err;
4492
4493 if (!TEST_true(qtest_fault_resize_datagram(h->qtf, l)))
4494 return 0;
4495
4496 memcpy(msg->data, buf->data, l);
4497 h->inject_word0 = 0;
4498
4499 rc = 1;
4500err:
4501 if (have_wpkt)
4502 WPACKET_finish(&wpkt);
4503
4504 BUF_MEM_free(buf);
4505 return rc;
4506}
4507
4508static const struct script_op script_74[] = {
4509 OP_S_SET_INJECT_DATAGRAM (server_gen_version_neg)
4510 OP_SET_INJECT_WORD (1, 0)
4511
4512 OP_C_SET_ALPN ("ossltest")
4513 OP_C_CONNECT_WAIT ()
4514
4515 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
4516
4517 OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
4518 OP_C_WRITE (a, "apple", 5)
4519 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
4520 OP_S_READ_EXPECT (a, "apple", 5)
4521
4522 OP_END
4523};
4524
4525/* 75. Version negotiation: Unknown version causes connection abort */
4526static const struct script_op script_75[] = {
4527 OP_S_SET_INJECT_DATAGRAM (server_gen_version_neg)
4528 OP_SET_INJECT_WORD (2, 0)
4529
4530 OP_C_SET_ALPN ("ossltest")
4531 OP_C_CONNECT_WAIT_OR_FAIL()
4532
4533 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_CONNECTION_REFUSED,0,0)
4534
4535 OP_END
4536};
4537
ed835673
HL		 4538static const struct script_op *const scripts[] = {
4539 script_1,
4540 script_2,
4541 script_3,
4542 script_4,
4543 script_5,
4544 script_6,
4545 script_7,
4546 script_8,
4547 script_9,
4548 script_10,
274bb489
HL		 4549 script_11,
4550 script_12,
fca44cfc
HL		 4551 script_13,
4552 script_14,
0554f723
HL		 4553 script_15,
4554 script_16,
693b23e3
HL		 4555 script_17,
4556 script_18,
2525109f 4557 script_19,
0345cac6 4558 script_20,
e26dc8e3
HL		 4559 script_21,
4560 script_22,
4561 script_23,
4562 script_24,
4563 script_25,
4564 script_26,
4565 script_27,
4566 script_28,
4567 script_29,
4568 script_30,
4569 script_31,
4570 script_32,
4571 script_33,
4572 script_34,
4573 script_35,
4574 script_36,
4575 script_37,
4576 script_38,
8aa6a436 4577 script_39,
0786483a 4578 script_40,
7eb330ff 4579 script_41,
27c2f62f 4580 script_42,
ab6c6345 4581 script_43,
97684a15 4582 script_44,
17340e87 4583 script_45,
ed0d6ba4
HL		 4584 script_46,
4585 script_47,
4586 script_48,
4587 script_49,
4588 script_50,
a1aff2c6 4589 script_51,
477944b6 4590 script_52,
de56eebd
HL		 4591 script_53,
4592 script_54,
ed75eb32
HL		 4593 script_55,
4594 script_56,
4595 script_57,
d56b81ac
HL		 4596 script_58,
4597 script_59,
d49a1634 4598 script_60,
d63b8cbb
HL		 4599 script_61,
4600 script_62,
1623bf37
HL		 4601 script_63,
4602 script_64,
4603 script_65,
4604 script_66,
4605 script_67,
644ef0bb
MC		 4606 script_68,
4607 script_69,
4608 script_70,
14551f1e
HL		 4609 script_71,
4610 script_72,
69169cd9
HL		 4611 script_73,
4612 script_74,
4613 script_75
ed835673
HL		 4614};
4615
4616static int test_script(int idx)
4617{
97f30fd5
HL		 4618 int script_idx = idx >> 1;
4619 int free_order = idx & 1;
0786483a
HL		 4620 char script_name[64];
4621
cd5e4380 4622 snprintf(script_name, sizeof(script_name), "script %d", script_idx + 1);
97f30fd5
HL		 4623
4624 TEST_info("Running script %d (order=%d)", script_idx + 1, free_order);
0786483a 4625 return run_script(scripts[script_idx], script_name, free_order);
ed835673
HL		 4626}
4627
e26dc8e3
HL		 4628/* Dynamically generated tests. */
4629static struct script_op dyn_frame_types_script[] = {
8aa6a436 4630 OP_S_SET_INJECT_PLAIN (script_21_inject_plain)
e26dc8e3
HL		 4631 OP_SET_INJECT_WORD (0, 0) /* dynamic */
4632
4633 OP_C_SET_ALPN ("ossltest")
4634 OP_C_CONNECT_WAIT_OR_FAIL()
4635
4636 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_FRAME_ENCODING_ERROR,0,0)
4637
4638 OP_END
4639};
4640
4641struct forbidden_frame_type {
4642 uint64_t pkt_type, frame_type, expected_err;
4643};
4644
4645static const struct forbidden_frame_type forbidden_frame_types[] = {
4646 { QUIC_PKT_TYPE_INITIAL, OSSL_QUIC_VLINT_MAX, QUIC_ERR_FRAME_ENCODING_ERROR },
4647 { QUIC_PKT_TYPE_HANDSHAKE, OSSL_QUIC_VLINT_MAX, QUIC_ERR_FRAME_ENCODING_ERROR },
4648 { QUIC_PKT_TYPE_1RTT, OSSL_QUIC_VLINT_MAX, QUIC_ERR_FRAME_ENCODING_ERROR },
4649
4650 { QUIC_PKT_TYPE_INITIAL, OSSL_QUIC_FRAME_TYPE_STREAM, QUIC_ERR_PROTOCOL_VIOLATION },
4651 { QUIC_PKT_TYPE_INITIAL, OSSL_QUIC_FRAME_TYPE_RESET_STREAM, QUIC_ERR_PROTOCOL_VIOLATION },
4652 { QUIC_PKT_TYPE_INITIAL, OSSL_QUIC_FRAME_TYPE_STOP_SENDING, QUIC_ERR_PROTOCOL_VIOLATION },
4653 { QUIC_PKT_TYPE_INITIAL, OSSL_QUIC_FRAME_TYPE_NEW_TOKEN, QUIC_ERR_PROTOCOL_VIOLATION },
4654 { QUIC_PKT_TYPE_INITIAL, OSSL_QUIC_FRAME_TYPE_MAX_DATA, QUIC_ERR_PROTOCOL_VIOLATION },
4655 { QUIC_PKT_TYPE_INITIAL, OSSL_QUIC_FRAME_TYPE_MAX_STREAM_DATA, QUIC_ERR_PROTOCOL_VIOLATION },
4656 { QUIC_PKT_TYPE_INITIAL, OSSL_QUIC_FRAME_TYPE_MAX_STREAMS_BIDI, QUIC_ERR_PROTOCOL_VIOLATION },
4657 { QUIC_PKT_TYPE_INITIAL, OSSL_QUIC_FRAME_TYPE_MAX_STREAMS_UNI, QUIC_ERR_PROTOCOL_VIOLATION },
4658 { QUIC_PKT_TYPE_INITIAL, OSSL_QUIC_FRAME_TYPE_DATA_BLOCKED, QUIC_ERR_PROTOCOL_VIOLATION },
4659 { QUIC_PKT_TYPE_INITIAL, OSSL_QUIC_FRAME_TYPE_STREAM_DATA_BLOCKED, QUIC_ERR_PROTOCOL_VIOLATION },
4660 { QUIC_PKT_TYPE_INITIAL, OSSL_QUIC_FRAME_TYPE_STREAMS_BLOCKED_BIDI, QUIC_ERR_PROTOCOL_VIOLATION },
4661 { QUIC_PKT_TYPE_INITIAL, OSSL_QUIC_FRAME_TYPE_STREAMS_BLOCKED_UNI, QUIC_ERR_PROTOCOL_VIOLATION },
4662 { QUIC_PKT_TYPE_INITIAL, OSSL_QUIC_FRAME_TYPE_NEW_CONN_ID, QUIC_ERR_PROTOCOL_VIOLATION },
4663 { QUIC_PKT_TYPE_INITIAL, OSSL_QUIC_FRAME_TYPE_RETIRE_CONN_ID, QUIC_ERR_PROTOCOL_VIOLATION },
4664 { QUIC_PKT_TYPE_INITIAL, OSSL_QUIC_FRAME_TYPE_PATH_CHALLENGE, QUIC_ERR_PROTOCOL_VIOLATION },
4665 { QUIC_PKT_TYPE_INITIAL, OSSL_QUIC_FRAME_TYPE_PATH_RESPONSE, QUIC_ERR_PROTOCOL_VIOLATION },
4666 { QUIC_PKT_TYPE_INITIAL, OSSL_QUIC_FRAME_TYPE_CONN_CLOSE_APP, QUIC_ERR_PROTOCOL_VIOLATION },
4667 { QUIC_PKT_TYPE_INITIAL, OSSL_QUIC_FRAME_TYPE_HANDSHAKE_DONE, QUIC_ERR_PROTOCOL_VIOLATION },
4668
4669 { QUIC_PKT_TYPE_HANDSHAKE, OSSL_QUIC_FRAME_TYPE_STREAM, QUIC_ERR_PROTOCOL_VIOLATION },
4670 { QUIC_PKT_TYPE_HANDSHAKE, OSSL_QUIC_FRAME_TYPE_RESET_STREAM, QUIC_ERR_PROTOCOL_VIOLATION },
4671 { QUIC_PKT_TYPE_HANDSHAKE, OSSL_QUIC_FRAME_TYPE_STOP_SENDING, QUIC_ERR_PROTOCOL_VIOLATION },
4672 { QUIC_PKT_TYPE_HANDSHAKE, OSSL_QUIC_FRAME_TYPE_NEW_TOKEN, QUIC_ERR_PROTOCOL_VIOLATION },
4673 { QUIC_PKT_TYPE_HANDSHAKE, OSSL_QUIC_FRAME_TYPE_MAX_DATA, QUIC_ERR_PROTOCOL_VIOLATION },
4674 { QUIC_PKT_TYPE_HANDSHAKE, OSSL_QUIC_FRAME_TYPE_MAX_STREAM_DATA, QUIC_ERR_PROTOCOL_VIOLATION },
4675 { QUIC_PKT_TYPE_HANDSHAKE, OSSL_QUIC_FRAME_TYPE_MAX_STREAMS_BIDI, QUIC_ERR_PROTOCOL_VIOLATION },
4676 { QUIC_PKT_TYPE_HANDSHAKE, OSSL_QUIC_FRAME_TYPE_MAX_STREAMS_UNI, QUIC_ERR_PROTOCOL_VIOLATION },
4677 { QUIC_PKT_TYPE_HANDSHAKE, OSSL_QUIC_FRAME_TYPE_DATA_BLOCKED, QUIC_ERR_PROTOCOL_VIOLATION },
4678 { QUIC_PKT_TYPE_HANDSHAKE, OSSL_QUIC_FRAME_TYPE_STREAM_DATA_BLOCKED, QUIC_ERR_PROTOCOL_VIOLATION },
4679 { QUIC_PKT_TYPE_HANDSHAKE, OSSL_QUIC_FRAME_TYPE_STREAMS_BLOCKED_BIDI, QUIC_ERR_PROTOCOL_VIOLATION },
4680 { QUIC_PKT_TYPE_HANDSHAKE, OSSL_QUIC_FRAME_TYPE_STREAMS_BLOCKED_UNI, QUIC_ERR_PROTOCOL_VIOLATION },
4681 { QUIC_PKT_TYPE_HANDSHAKE, OSSL_QUIC_FRAME_TYPE_NEW_CONN_ID, QUIC_ERR_PROTOCOL_VIOLATION },
4682 { QUIC_PKT_TYPE_HANDSHAKE, OSSL_QUIC_FRAME_TYPE_RETIRE_CONN_ID, QUIC_ERR_PROTOCOL_VIOLATION },
4683 { QUIC_PKT_TYPE_HANDSHAKE, OSSL_QUIC_FRAME_TYPE_PATH_CHALLENGE, QUIC_ERR_PROTOCOL_VIOLATION },
4684 { QUIC_PKT_TYPE_HANDSHAKE, OSSL_QUIC_FRAME_TYPE_PATH_RESPONSE, QUIC_ERR_PROTOCOL_VIOLATION },
4685 { QUIC_PKT_TYPE_HANDSHAKE, OSSL_QUIC_FRAME_TYPE_CONN_CLOSE_APP, QUIC_ERR_PROTOCOL_VIOLATION },
4686 { QUIC_PKT_TYPE_HANDSHAKE, OSSL_QUIC_FRAME_TYPE_HANDSHAKE_DONE, QUIC_ERR_PROTOCOL_VIOLATION },
4687
4688 /* Client uses a zero-length CID so this is not allowed. */
4689 { QUIC_PKT_TYPE_1RTT, OSSL_QUIC_FRAME_TYPE_RETIRE_CONN_ID, QUIC_ERR_PROTOCOL_VIOLATION },
4690};
4691
4692static ossl_unused int test_dyn_frame_types(int idx)
4693{
4694 size_t i;
0786483a 4695 char script_name[64];
e26dc8e3
HL		 4696 struct script_op *s = dyn_frame_types_script;
4697
4698 for (i = 0; i < OSSL_NELEM(dyn_frame_types_script); ++i)
4699 if (s[i].op == OPK_SET_INJECT_WORD) {
49a38dee 4700 s[i].arg1 = (size_t)forbidden_frame_types[idx].pkt_type;
e26dc8e3
HL		 4701 s[i].arg2 = forbidden_frame_types[idx].frame_type;
4702 } else if (s[i].op == OPK_C_EXPECT_CONN_CLOSE_INFO) {
4703 s[i].arg2 = forbidden_frame_types[idx].expected_err;
4704 }
4705
0786483a
HL		 4706 snprintf(script_name, sizeof(script_name),
4707 "dyn script %d", idx);
4708
4709 return run_script(dyn_frame_types_script, script_name, 0);
e26dc8e3
HL		 4710}
4711
ed835673
HL		 4712OPT_TEST_DECLARE_USAGE("certfile privkeyfile\n")
4713
4714int setup_tests(void)
4715{
4716 if (!test_skip_common_options()) {
4717 TEST_error("Error parsing test options\n");
4718 return 0;
4719 }
4720
4721 if (!TEST_ptr(certfile = test_get_argument(0))
4722 || !TEST_ptr(keyfile = test_get_argument(1)))
4723 return 0;
4724
e26dc8e3 4725 ADD_ALL_TESTS(test_dyn_frame_types, OSSL_NELEM(forbidden_frame_types));
97f30fd5 4726 ADD_ALL_TESTS(test_script, OSSL_NELEM(scripts) * 2);
ed835673
HL		 4727 return 1;
4728}
A mirror of the official openssl repository