]> git.ipfire.org Git - thirdparty/openssl.git/blame - test/quic_multistream_test.c
projects / thirdparty / openssl.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
QUIC TXP: Fix bug where TXPIM PKT could be used after free
[thirdparty/openssl.git] / test / quic_multistream_test.c
CommitLineData
ed835673
HL		 1/*
2 * Copyright 2023 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9#include <openssl/ssl.h>
10#include <openssl/quic.h>
11#include <openssl/bio.h>
12#include <openssl/lhash.h>
13#include "internal/quic_tserver.h"
de521629 14#include "internal/quic_ssl.h"
e26dc8e3 15#include "internal/quic_error.h"
ed835673 16#include "testutil.h"
e26dc8e3 17#include "helpers/quictestlib.h"
a350db73
HL		 18#if defined(OPENSSL_THREADS)
19# include "internal/thread_arch.h"
20#endif
ed835673
HL		 21
22static const char *certfile, *keyfile;
23
a350db73
HL		 24#if defined(OPENSSL_THREADS)
25struct child_thread_args {
26 struct helper *h;
27 const struct script_op *script;
0786483a 28 const char *script_name;
a350db73
HL		 29 int thread_idx;
30
31 CRYPTO_THREAD *t;
32 CRYPTO_MUTEX *m;
33 int testresult;
34 int done;
35};
36#endif
37
ed835673
HL		 38typedef struct stream_info {
39 const char *name;
40 SSL *c_stream;
41 uint64_t s_stream_id;
42} STREAM_INFO;
43
44DEFINE_LHASH_OF_EX(STREAM_INFO);
45
46struct helper {
47 int s_fd;
e26dc8e3 48 BIO *s_net_bio, *s_net_bio_own, *s_qtf_wbio, *s_qtf_wbio_own;
ed835673
HL		 49 BIO_ADDR *s_net_bio_addr;
50 QUIC_TSERVER *s;
51 LHASH_OF(STREAM_INFO) *s_streams;
52
53 int c_fd;
54 BIO *c_net_bio, *c_net_bio_own;
55 SSL_CTX *c_ctx;
56 SSL *c_conn;
57 LHASH_OF(STREAM_INFO) *c_streams;
58
a350db73
HL		 59#if defined(OPENSSL_THREADS)
60 struct child_thread_args *threads;
61 size_t num_threads;
62#endif
63
ed835673 64 OSSL_TIME start_time;
693b23e3
HL		 65
66 /*
67 * This is a duration recording the amount of time we have skipped forwards
68 * for testing purposes relative to the real ossl_time_now() clock. We add
69 * a quantity of time to this every time we skip some time.
70 */
71 CRYPTO_RWLOCK *time_lock;
72 OSSL_TIME time_slip; /* protected by time_lock */
73
e26dc8e3
HL		 74 QTEST_FAULT *qtf;
75
9715e3aa 76 int init, blocking, check_spin_again;
e26dc8e3
HL		 77 int free_order, need_injector;
78
79 int (*qtf_packet_plain_cb)(struct helper *h, QUIC_PKT_HDR *hdr,
80 unsigned char *buf, size_t buf_len);
de56eebd
HL		 81 int (*qtf_handshake_cb)(struct helper *h,
82 unsigned char *buf, size_t buf_len);
e26dc8e3 83 uint64_t inject_word0, inject_word1;
7eb330ff 84 uint64_t scratch0, scratch1;
ed835673
HL		 85};
86
a350db73
HL		 87struct helper_local {
88 struct helper *h;
89 LHASH_OF(STREAM_INFO) *c_streams;
90 int thread_idx;
91};
92
ed835673
HL		 93struct script_op {
94 uint32_t op;
95 const void *arg0;
96 size_t arg1;
97 int (*check_func)(struct helper *h, const struct script_op *op);
98 const char *stream_name;
99 uint64_t arg2;
e26dc8e3
HL		 100 int (*qtf_packet_plain_cb)(struct helper *h, QUIC_PKT_HDR *hdr,
101 unsigned char *buf, size_t buf_len);
de56eebd
HL		 102 int (*qtf_handshake_cb)(struct helper *h,
103 unsigned char *buf, size_t buf_len);
ed835673
HL		 104};
105
106#define OPK_END 0
107#define OPK_CHECK 1
108#define OPK_C_SET_ALPN 2
109#define OPK_C_CONNECT_WAIT 3
110#define OPK_C_WRITE 4
111#define OPK_S_WRITE 5
112#define OPK_C_READ_EXPECT 6
113#define OPK_S_READ_EXPECT 7
114#define OPK_C_EXPECT_FIN 8
115#define OPK_S_EXPECT_FIN 9
116#define OPK_C_CONCLUDE 10
117#define OPK_S_CONCLUDE 11
118#define OPK_C_DETACH 12
119#define OPK_C_ATTACH 13
120#define OPK_C_NEW_STREAM 14
121#define OPK_S_NEW_STREAM 15
a350db73 122#define OPK_C_ACCEPT_STREAM_WAIT 16
ed835673
HL		 123#define OPK_C_ACCEPT_STREAM_NONE 17
124#define OPK_C_FREE_STREAM 18
125#define OPK_C_SET_DEFAULT_STREAM_MODE 19
83df44ae 126#define OPK_C_SET_INCOMING_STREAM_POLICY 20
cd5e4380 127#define OPK_C_SHUTDOWN_WAIT 21
ed835673
HL		 128#define OPK_C_EXPECT_CONN_CLOSE_INFO 22
129#define OPK_S_EXPECT_CONN_CLOSE_INFO 23
130#define OPK_S_BIND_STREAM_ID 24
131#define OPK_C_WAIT_FOR_DATA 25
132#define OPK_C_WRITE_FAIL 26
133#define OPK_S_WRITE_FAIL 27
134#define OPK_C_READ_FAIL 28
135#define OPK_C_STREAM_RESET 29
a350db73
HL		 136#define OPK_S_ACCEPT_STREAM_WAIT 30
137#define OPK_NEW_THREAD 31
fca44cfc
HL		 138#define OPK_BEGIN_REPEAT 32
139#define OPK_END_REPEAT 33
140#define OPK_S_UNBIND_STREAM_ID 34
0345cac6
TM		 141#define OPK_C_READ_FAIL_WAIT 35
142#define OPK_C_CLOSE_SOCKET 36
143#define OPK_C_EXPECT_SSL_ERR 37
144#define OPK_EXPECT_ERR_REASON 38
145#define OPK_EXPECT_ERR_LIB 39
146#define OPK_SLEEP 40
2f018d14 147#define OPK_S_READ_FAIL 41
e26dc8e3
HL		 148#define OPK_S_SET_INJECT_PLAIN 42
149#define OPK_SET_INJECT_WORD 43
cd5e4380
HL		 150#define OPK_C_INHIBIT_TICK 44
151#define OPK_C_SET_WRITE_BUF_SIZE 45
de56eebd 152#define OPK_S_SET_INJECT_HANDSHAKE 46
ed835673
HL		 153
154#define EXPECT_CONN_CLOSE_APP (1U << 0)
155#define EXPECT_CONN_CLOSE_REMOTE (1U << 1)
156
157#define C_BIDI_ID(ordinal) \
158 (((ordinal) << 2) | QUIC_STREAM_INITIATOR_CLIENT | QUIC_STREAM_DIR_BIDI)
159#define S_BIDI_ID(ordinal) \
160 (((ordinal) << 2) | QUIC_STREAM_INITIATOR_SERVER | QUIC_STREAM_DIR_BIDI)
161#define C_UNI_ID(ordinal) \
162 (((ordinal) << 2) | QUIC_STREAM_INITIATOR_CLIENT | QUIC_STREAM_DIR_UNI)
163#define S_UNI_ID(ordinal) \
164 (((ordinal) << 2) | QUIC_STREAM_INITIATOR_SERVER | QUIC_STREAM_DIR_UNI)
165
a350db73
HL		 166#define ANY_ID UINT64_MAX
167
ed835673
HL		 168#define OP_END \
169 {OPK_END}
170#define OP_CHECK(func, arg2) \
171 {OPK_CHECK, NULL, 0, (func), NULL, (arg2)},
172#define OP_C_SET_ALPN(alpn) \
173 {OPK_C_SET_ALPN, (alpn), 0, NULL, NULL},
174#define OP_C_CONNECT_WAIT() \
175 {OPK_C_CONNECT_WAIT, NULL, 0, NULL, NULL},
e26dc8e3
HL		 176#define OP_C_CONNECT_WAIT_OR_FAIL() \
177 {OPK_C_CONNECT_WAIT, NULL, 1, NULL, NULL},
ed835673
HL		 178#define OP_C_WRITE(stream_name, buf, buf_len) \
179 {OPK_C_WRITE, (buf), (buf_len), NULL, #stream_name},
180#define OP_S_WRITE(stream_name, buf, buf_len) \
181 {OPK_S_WRITE, (buf), (buf_len), NULL, #stream_name},
182#define OP_C_READ_EXPECT(stream_name, buf, buf_len) \
183 {OPK_C_READ_EXPECT, (buf), (buf_len), NULL, #stream_name},
184#define OP_S_READ_EXPECT(stream_name, buf, buf_len) \
185 {OPK_S_READ_EXPECT, (buf), (buf_len), NULL, #stream_name},
186#define OP_C_EXPECT_FIN(stream_name) \
187 {OPK_C_EXPECT_FIN, NULL, 0, NULL, #stream_name},
188#define OP_S_EXPECT_FIN(stream_name) \
189 {OPK_S_EXPECT_FIN, NULL, 0, NULL, #stream_name},
190#define OP_C_CONCLUDE(stream_name) \
191 {OPK_C_CONCLUDE, NULL, 0, NULL, #stream_name},
192#define OP_S_CONCLUDE(stream_name) \
193 {OPK_S_CONCLUDE, NULL, 0, NULL, #stream_name},
194#define OP_C_DETACH(stream_name) \
195 {OPK_C_DETACH, NULL, 0, NULL, #stream_name},
196#define OP_C_ATTACH(stream_name) \
197 {OPK_C_ATTACH, NULL, 0, NULL, #stream_name},
198#define OP_C_NEW_STREAM_BIDI(stream_name, expect_id) \
199 {OPK_C_NEW_STREAM, NULL, 0, NULL, #stream_name, (expect_id)},
200#define OP_C_NEW_STREAM_UNI(stream_name, expect_id) \
201 {OPK_C_NEW_STREAM, NULL, 1, NULL, #stream_name, (expect_id)},
202#define OP_S_NEW_STREAM_BIDI(stream_name, expect_id) \
203 {OPK_S_NEW_STREAM, NULL, 0, NULL, #stream_name, (expect_id)},
204#define OP_S_NEW_STREAM_UNI(stream_name, expect_id) \
205 {OPK_S_NEW_STREAM, NULL, 1, NULL, #stream_name, (expect_id)},
a350db73
HL		 206#define OP_C_ACCEPT_STREAM_WAIT(stream_name) \
207 {OPK_C_ACCEPT_STREAM_WAIT, NULL, 0, NULL, #stream_name},
ed835673
HL		 208#define OP_C_ACCEPT_STREAM_NONE() \
209 {OPK_C_ACCEPT_STREAM_NONE, NULL, 0, NULL, NULL},
210#define OP_C_FREE_STREAM(stream_name) \
211 {OPK_C_FREE_STREAM, NULL, 0, NULL, #stream_name},
212#define OP_C_SET_DEFAULT_STREAM_MODE(mode) \
213 {OPK_C_SET_DEFAULT_STREAM_MODE, NULL, (mode), NULL, NULL},
83df44ae
HL		 214#define OP_C_SET_INCOMING_STREAM_POLICY(policy) \
215 {OPK_C_SET_INCOMING_STREAM_POLICY, NULL, (policy), NULL, NULL},
d49a1634
HL		 216#define OP_C_SHUTDOWN_WAIT(reason) \
217 {OPK_C_SHUTDOWN_WAIT, (reason), 0, NULL, NULL},
ed835673
HL		 218#define OP_C_EXPECT_CONN_CLOSE_INFO(ec, app, remote) \
219 {OPK_C_EXPECT_CONN_CLOSE_INFO, NULL, \
220 ((app) ? EXPECT_CONN_CLOSE_APP : 0) | \
221 ((remote) ? EXPECT_CONN_CLOSE_REMOTE : 0), \
222 NULL, NULL, (ec)},
223#define OP_S_EXPECT_CONN_CLOSE_INFO(ec, app, remote) \
224 {OPK_S_EXPECT_CONN_CLOSE_INFO, NULL, \
225 ((app) ? EXPECT_CONN_CLOSE_APP : 0) | \
226 ((remote) ? EXPECT_CONN_CLOSE_REMOTE : 0), \
227 NULL, NULL, (ec)},
228#define OP_S_BIND_STREAM_ID(stream_name, stream_id) \
229 {OPK_S_BIND_STREAM_ID, NULL, 0, NULL, #stream_name, (stream_id)},
230#define OP_C_WAIT_FOR_DATA(stream_name) \
231 {OPK_C_WAIT_FOR_DATA, NULL, 0, NULL, #stream_name},
232#define OP_C_WRITE_FAIL(stream_name) \
233 {OPK_C_WRITE_FAIL, NULL, 0, NULL, #stream_name},
234#define OP_S_WRITE_FAIL(stream_name) \
235 {OPK_S_WRITE_FAIL, NULL, 0, NULL, #stream_name},
236#define OP_C_READ_FAIL(stream_name) \
237 {OPK_C_READ_FAIL, NULL, 0, NULL, #stream_name},
2f018d14
HL		 238#define OP_S_READ_FAIL(stream_name) \
239 {OPK_S_READ_FAIL, NULL, 0, NULL, #stream_name},
ed835673
HL		 240#define OP_C_STREAM_RESET(stream_name, aec) \
241 {OPK_C_STREAM_RESET, NULL, 0, NULL, #stream_name, (aec)},
a350db73
HL		 242#define OP_S_ACCEPT_STREAM_WAIT(stream_name) \
243 {OPK_S_ACCEPT_STREAM_WAIT, NULL, 0, NULL, #stream_name},
244#define OP_NEW_THREAD(num_threads, script) \
fca44cfc
HL		 245 {OPK_NEW_THREAD, (script), (num_threads), NULL, NULL, 0 },
246#define OP_BEGIN_REPEAT(n) \
247 {OPK_BEGIN_REPEAT, NULL, (n)},
248#define OP_END_REPEAT() \
249 {OPK_END_REPEAT},
250#define OP_S_UNBIND_STREAM_ID(stream_name) \
251 {OPK_S_UNBIND_STREAM_ID, NULL, 0, NULL, #stream_name},
0345cac6
TM		 252#define OP_C_READ_FAIL_WAIT(stream_name) \
253 {OPK_C_READ_FAIL_WAIT, NULL, 0, NULL, #stream_name},
254#define OP_C_CLOSE_SOCKET() \
255 {OPK_C_CLOSE_SOCKET},
256#define OP_C_EXPECT_SSL_ERR(stream_name, err) \
257 {OPK_C_EXPECT_SSL_ERR, NULL, (err), NULL, #stream_name},
258#define OP_EXPECT_ERR_REASON(err) \
259 {OPK_EXPECT_ERR_REASON, NULL, (err)},
260#define OP_EXPECT_ERR_LIB(lib) \
261 {OPK_EXPECT_ERR_LIB, NULL, (lib)},
262#define OP_SLEEP(ms) \
263 {OPK_SLEEP, NULL, 0, NULL, NULL, (ms)},
e26dc8e3
HL		 264#define OP_S_SET_INJECT_PLAIN(f) \
265 {OPK_S_SET_INJECT_PLAIN, NULL, 0, NULL, NULL, 0, (f)},
266#define OP_SET_INJECT_WORD(w0, w1) \
267 {OPK_SET_INJECT_WORD, NULL, (w0), NULL, NULL, (w1), NULL},
cd5e4380
HL		 268#define OP_C_INHIBIT_TICK(inhibit) \
269 {OPK_C_INHIBIT_TICK, NULL, (inhibit), NULL, NULL, 0, NULL},
270#define OP_C_SET_WRITE_BUF_SIZE(stream_name, size) \
271 {OPK_C_SET_WRITE_BUF_SIZE, NULL, (size), NULL, #stream_name},
de56eebd
HL		 272#define OP_S_SET_INJECT_HANDSHAKE(f) \
273 {OPK_S_SET_INJECT_HANDSHAKE, NULL, 0, NULL, NULL, 0, NULL, (f)},
ed835673 274
693b23e3
HL		 275static OSSL_TIME get_time(void *arg)
276{
277 struct helper *h = arg;
278 OSSL_TIME t;
279
280 if (!TEST_true(CRYPTO_THREAD_read_lock(h->time_lock)))
281 return ossl_time_zero();
282
283 t = ossl_time_add(ossl_time_now(), h->time_slip);
284
285 CRYPTO_THREAD_unlock(h->time_lock);
286 return t;
287}
288
289static int skip_time_ms(struct helper *h, const struct script_op *op)
290{
291 if (!TEST_true(CRYPTO_THREAD_write_lock(h->time_lock)))
292 return 0;
293
294 h->time_slip = ossl_time_add(h->time_slip, ossl_ms2time(op->arg2));
295
296 CRYPTO_THREAD_unlock(h->time_lock);
297 return 1;
298}
299
ed835673
HL		 300static int check_rejected(struct helper *h, const struct script_op *op)
301{
302 uint64_t stream_id = op->arg2;
303
9715e3aa
HL		 304 if (!ossl_quic_tserver_stream_has_peer_stop_sending(h->s, stream_id, NULL)
305 || !ossl_quic_tserver_stream_has_peer_reset_stream(h->s, stream_id, NULL)) {
306 h->check_spin_again = 1;
ed835673 307 return 0;
9715e3aa 308 }
ed835673
HL		 309
310 return 1;
311}
312
313static int check_stream_reset(struct helper *h, const struct script_op *op)
314{
315 uint64_t stream_id = op->arg2, aec = 0;
316
9715e3aa
HL		 317 if (!ossl_quic_tserver_stream_has_peer_reset_stream(h->s, stream_id, &aec)) {
318 h->check_spin_again = 1;
319 return 0;
320 }
321
322 return TEST_uint64_t_eq(aec, 42);
ed835673
HL		 323}
324
325static int check_stream_stopped(struct helper *h, const struct script_op *op)
326{
327 uint64_t stream_id = op->arg2;
328
9715e3aa
HL		 329 if (!ossl_quic_tserver_stream_has_peer_stop_sending(h->s, stream_id, NULL)) {
330 h->check_spin_again = 1;
331 return 0;
332 }
333
334 return 1;
ed835673
HL		 335}
336
693b23e3
HL		 337static int override_key_update(struct helper *h, const struct script_op *op)
338{
339 QUIC_CHANNEL *ch = ossl_quic_conn_get_channel(h->c_conn);
340
341 ossl_quic_channel_set_txku_threshold_override(ch, op->arg2);
342 return 1;
343}
344
2525109f
HL		 345static int trigger_key_update(struct helper *h, const struct script_op *op)
346{
347 if (!TEST_true(SSL_key_update(h->c_conn, SSL_KEY_UPDATE_REQUESTED)))
348 return 0;
349
350 return 1;
351}
352
693b23e3
HL		 353static int check_key_update_ge(struct helper *h, const struct script_op *op)
354{
355 QUIC_CHANNEL *ch = ossl_quic_conn_get_channel(h->c_conn);
356 int64_t txke = (int64_t)ossl_quic_channel_get_tx_key_epoch(ch);
357 int64_t rxke = (int64_t)ossl_quic_channel_get_rx_key_epoch(ch);
358 int64_t diff = txke - rxke;
359
360 /*
361 * TXKE must always be equal to or ahead of RXKE.
362 * It can be ahead of RXKE by at most 1.
363 */
364 if (!TEST_int64_t_ge(diff, 0) || !TEST_int64_t_le(diff, 1))
365 return 0;
366
367 /* Caller specifies a minimum number of RXKEs which must have happened. */
368 if (!TEST_uint64_t_ge((uint64_t)rxke, op->arg2))
369 return 0;
370
371 return 1;
372}
373
374static int check_key_update_lt(struct helper *h, const struct script_op *op)
375{
376 QUIC_CHANNEL *ch = ossl_quic_conn_get_channel(h->c_conn);
377 uint64_t txke = ossl_quic_channel_get_tx_key_epoch(ch);
378
379 /* Caller specifies a maximum number of TXKEs which must have happened. */
380 if (!TEST_uint64_t_lt(txke, op->arg2))
381 return 0;
382
383 return 1;
384}
385
ed835673
HL		 386static unsigned long stream_info_hash(const STREAM_INFO *info)
387{
388 return OPENSSL_LH_strhash(info->name);
389}
390
391static int stream_info_cmp(const STREAM_INFO *a, const STREAM_INFO *b)
392{
393 return strcmp(a->name, b->name);
394}
395
396static void cleanup_stream(STREAM_INFO *info)
397{
398 SSL_free(info->c_stream);
399 OPENSSL_free(info);
400}
401
402static void helper_cleanup_streams(LHASH_OF(STREAM_INFO) **lh)
403{
404 if (*lh == NULL)
405 return;
406
407 lh_STREAM_INFO_doall(*lh, cleanup_stream);
408 lh_STREAM_INFO_free(*lh);
409 *lh = NULL;
410}
411
a350db73
HL		 412#if defined(OPENSSL_THREADS)
413static CRYPTO_THREAD_RETVAL run_script_child_thread(void *arg);
414
415static int join_threads(struct child_thread_args *threads, size_t num_threads)
416{
417 int ok = 1;
418 size_t i;
419 CRYPTO_THREAD_RETVAL rv;
420
421 for (i = 0; i < num_threads; ++i) {
422 if (threads[i].t != NULL) {
423 ossl_crypto_thread_native_join(threads[i].t, &rv);
424
425 if (!threads[i].testresult)
426 /* Do not log failure here, worker will do it. */
427 ok = 0;
428
429 ossl_crypto_thread_native_clean(threads[i].t);
430 threads[i].t = NULL;
431 }
432
433 ossl_crypto_mutex_free(&threads[i].m);
434 }
435
436 return ok;
437}
438#endif
439
ed835673
HL		 440static void helper_cleanup(struct helper *h)
441{
a350db73
HL		 442#if defined(OPENSSL_THREADS)
443 join_threads(h->threads, h->num_threads);
444 OPENSSL_free(h->threads);
445 h->threads = NULL;
446 h->num_threads = 0;
447#endif
448
97f30fd5
HL		 449 if (h->free_order == 0) {
450 /* order 0: streams, then conn */
451 helper_cleanup_streams(&h->c_streams);
452
453 SSL_free(h->c_conn);
454 h->c_conn = NULL;
455 } else {
456 /* order 1: conn, then streams */
457 SSL_free(h->c_conn);
458 h->c_conn = NULL;
459
460 helper_cleanup_streams(&h->c_streams);
461 }
ed835673 462
97f30fd5 463 helper_cleanup_streams(&h->s_streams);
ed835673
HL		 464 ossl_quic_tserver_free(h->s);
465 h->s = NULL;
466
467 BIO_free(h->s_net_bio_own);
468 h->s_net_bio_own = NULL;
469
470 BIO_free(h->c_net_bio_own);
471 h->c_net_bio_own = NULL;
472
e26dc8e3
HL		 473 BIO_free(h->s_qtf_wbio_own);
474 h->s_qtf_wbio_own = NULL;
475
1d547f8f
HL		 476 qtest_fault_free(h->qtf);
477 h->qtf = NULL;
7eebc354 478
ed835673
HL		 479 if (h->s_fd >= 0) {
480 BIO_closesocket(h->s_fd);
481 h->s_fd = -1;
482 }
483
484 if (h->c_fd >= 0) {
485 BIO_closesocket(h->c_fd);
486 h->c_fd = -1;
487 }
488
489 BIO_ADDR_free(h->s_net_bio_addr);
490 h->s_net_bio_addr = NULL;
491
492 SSL_CTX_free(h->c_ctx);
493 h->c_ctx = NULL;
693b23e3
HL		 494
495 CRYPTO_THREAD_lock_free(h->time_lock);
496 h->time_lock = NULL;
ed835673
HL		 497}
498
e26dc8e3 499static int helper_init(struct helper *h, int free_order, int need_injector)
ed835673
HL		 500{
501 short port = 8186;
502 struct in_addr ina = {0};
503 QUIC_TSERVER_ARGS s_args = {0};
504
505 memset(h, 0, sizeof(*h));
506 h->c_fd = -1;
507 h->s_fd = -1;
97f30fd5 508 h->free_order = free_order;
e26dc8e3 509 h->need_injector = need_injector;
693b23e3
HL		 510 h->time_slip = ossl_time_zero();
511
512 if (!TEST_ptr(h->time_lock = CRYPTO_THREAD_lock_new()))
513 goto err;
ed835673
HL		 514
515 if (!TEST_ptr(h->s_streams = lh_STREAM_INFO_new(stream_info_hash,
516 stream_info_cmp)))
517 goto err;
518
519 if (!TEST_ptr(h->c_streams = lh_STREAM_INFO_new(stream_info_hash,
520 stream_info_cmp)))
521 goto err;
522
523 ina.s_addr = htonl(0x7f000001UL);
524
525 h->s_fd = BIO_socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP, 0);
526 if (!TEST_int_ge(h->s_fd, 0))
527 goto err;
528
529 if (!TEST_true(BIO_socket_nbio(h->s_fd, 1)))
530 goto err;
531
532 if (!TEST_ptr(h->s_net_bio_addr = BIO_ADDR_new()))
533 goto err;
534
535 if (!TEST_true(BIO_ADDR_rawmake(h->s_net_bio_addr, AF_INET, &ina, sizeof(ina),
536 htons(port))))
537 goto err;
538
539 if (!TEST_true(BIO_bind(h->s_fd, h->s_net_bio_addr, 0)))
540 goto err;
541
542 if (!TEST_int_gt(BIO_ADDR_rawport(h->s_net_bio_addr), 0))
543 goto err;
544
545 if (!TEST_ptr(h->s_net_bio = h->s_net_bio_own = BIO_new_dgram(h->s_fd, 0)))
546 goto err;
547
548 if (!BIO_up_ref(h->s_net_bio))
549 goto err;
550
e26dc8e3
HL		 551 if (need_injector) {
552 h->s_qtf_wbio = h->s_qtf_wbio_own = BIO_new(qtest_get_bio_method());
553 if (!TEST_ptr(h->s_qtf_wbio))
554 goto err;
555
556 if (!TEST_ptr(BIO_push(h->s_qtf_wbio, h->s_net_bio)))
557 goto err;
558
559 s_args.net_wbio = h->s_qtf_wbio;
560 } else {
561 s_args.net_wbio = h->s_net_bio;
562 }
563
693b23e3 564 s_args.net_rbio = h->s_net_bio;
37f27b91 565 s_args.alpn = NULL;
693b23e3
HL		 566 s_args.now_cb = get_time;
567 s_args.now_cb_arg = h;
829eec9f 568 s_args.ctx = NULL;
ed835673
HL		 569
570 if (!TEST_ptr(h->s = ossl_quic_tserver_new(&s_args, certfile, keyfile)))
571 goto err;
572
e26dc8e3
HL		 573 if (need_injector) {
574 h->qtf = qtest_create_injector(h->s);
575 if (!TEST_ptr(h->qtf))
576 goto err;
577
578 BIO_set_data(h->s_qtf_wbio, h->qtf);
579 }
580
7eebc354
HL		 581 if (!need_injector)
582 h->s_net_bio_own = NULL;
583
e26dc8e3 584 h->s_qtf_wbio_own = NULL;
ed835673
HL		 585
586 h->c_fd = BIO_socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP, 0);
587 if (!TEST_int_ge(h->c_fd, 0))
588 goto err;
589
590 if (!TEST_true(BIO_socket_nbio(h->c_fd, 1)))
591 goto err;
592
593 if (!TEST_ptr(h->c_net_bio = h->c_net_bio_own = BIO_new_dgram(h->c_fd, 0)))
594 goto err;
595
596 if (!TEST_true(BIO_dgram_set_peer(h->c_net_bio, h->s_net_bio_addr)))
597 goto err;
598
ed835673
HL		 599 if (!TEST_ptr(h->c_ctx = SSL_CTX_new(OSSL_QUIC_client_method())))
600 goto err;
601
602 if (!TEST_ptr(h->c_conn = SSL_new(h->c_ctx)))
603 goto err;
604
693b23e3
HL		 605 /* Use custom time function for virtual time skip. */
606 if (!TEST_true(ossl_quic_conn_set_override_now_cb(h->c_conn, get_time, h)))
607 goto err;
608
ed835673
HL		 609 /* Takes ownership of our reference to the BIO. */
610 SSL_set0_rbio(h->c_conn, h->c_net_bio);
611 h->c_net_bio_own = NULL;
612
613 if (!TEST_true(BIO_up_ref(h->c_net_bio)))
614 goto err;
615
616 SSL_set0_wbio(h->c_conn, h->c_net_bio);
617
618 if (!TEST_true(SSL_set_blocking_mode(h->c_conn, 0)))
619 goto err;
620
621 h->start_time = ossl_time_now();
622 h->init = 1;
623 return 1;
624
625err:
626 helper_cleanup(h);
627 return 0;
628}
629
a350db73
HL		 630static int helper_local_init(struct helper_local *hl, struct helper *h,
631 int thread_idx)
632{
633 hl->h = h;
634 hl->c_streams = NULL;
635 hl->thread_idx = thread_idx;
636
637 if (!TEST_ptr(h))
638 return 0;
639
640 if (thread_idx < 0) {
641 hl->c_streams = h->c_streams;
642 } else {
643 if (!TEST_ptr(hl->c_streams = lh_STREAM_INFO_new(stream_info_hash,
644 stream_info_cmp)))
645 return 0;
646 }
647
648 return 1;
649}
650
651static void helper_local_cleanup(struct helper_local *hl)
652{
653 if (hl->h == NULL)
654 return;
655
656 if (hl->thread_idx >= 0)
657 helper_cleanup_streams(&hl->c_streams);
658
659 hl->h = NULL;
660}
661
ed835673
HL		 662static STREAM_INFO *get_stream_info(LHASH_OF(STREAM_INFO) *lh,
663 const char *stream_name)
664{
665 STREAM_INFO key, *info;
666
667 if (!TEST_ptr(stream_name))
668 return NULL;
669
670 if (!strcmp(stream_name, "DEFAULT"))
671 return NULL;
672
673 key.name = stream_name;
674 info = lh_STREAM_INFO_retrieve(lh, &key);
675 if (info == NULL) {
676 info = OPENSSL_zalloc(sizeof(*info));
677 if (info == NULL)
678 return NULL;
679
680 info->name = stream_name;
681 info->s_stream_id = UINT64_MAX;
682 lh_STREAM_INFO_insert(lh, info);
683 }
684
685 return info;
686}
687
a350db73
HL		 688static int helper_local_set_c_stream(struct helper_local *hl,
689 const char *stream_name,
690 SSL *c_stream)
ed835673 691{
a350db73 692 STREAM_INFO *info = get_stream_info(hl->c_streams, stream_name);
ed835673
HL		 693
694 if (info == NULL)
695 return 0;
696
697 info->c_stream = c_stream;
698 info->s_stream_id = UINT64_MAX;
699 return 1;
700}
701
a350db73
HL		 702static SSL *helper_local_get_c_stream(struct helper_local *hl,
703 const char *stream_name)
ed835673
HL		 704{
705 STREAM_INFO *info;
706
707 if (!strcmp(stream_name, "DEFAULT"))
a350db73 708 return hl->h->c_conn;
ed835673 709
a350db73 710 info = get_stream_info(hl->c_streams, stream_name);
ed835673
HL		 711 if (info == NULL)
712 return NULL;
713
714 return info->c_stream;
715}
716
717static int
718helper_set_s_stream(struct helper *h, const char *stream_name,
719 uint64_t s_stream_id)
720{
721 STREAM_INFO *info;
722
723 if (!strcmp(stream_name, "DEFAULT"))
724 return 0;
725
726 info = get_stream_info(h->s_streams, stream_name);
727 if (info == NULL)
728 return 0;
729
730 info->c_stream = NULL;
731 info->s_stream_id = s_stream_id;
732 return 1;
733}
734
735static uint64_t helper_get_s_stream(struct helper *h, const char *stream_name)
736{
737 STREAM_INFO *info;
738
739 if (!strcmp(stream_name, "DEFAULT"))
740 return UINT64_MAX;
741
742 info = get_stream_info(h->s_streams, stream_name);
743 if (info == NULL)
744 return UINT64_MAX;
745
746 return info->s_stream_id;
747}
748
e26dc8e3
HL		 749static int helper_packet_plain_listener(QTEST_FAULT *qtf, QUIC_PKT_HDR *hdr,
750 unsigned char *buf, size_t buf_len,
751 void *arg)
752{
753 struct helper *h = arg;
754
755 return h->qtf_packet_plain_cb(h, hdr, buf, buf_len);
756}
757
de56eebd
HL		 758static int helper_handshake_listener(QTEST_FAULT *fault,
759 unsigned char *buf, size_t buf_len,
760 void *arg)
761{
762 struct helper *h = arg;
763
764 return h->qtf_handshake_cb(h, buf, buf_len);
765}
766
ed835673
HL		 767static int is_want(SSL *s, int ret)
768{
769 int ec = SSL_get_error(s, ret);
770
771 return ec == SSL_ERROR_WANT_READ || ec == SSL_ERROR_WANT_WRITE;
772}
773
a350db73 774static int run_script_worker(struct helper *h, const struct script_op *script,
0786483a 775 const char *script_name,
a350db73 776 int thread_idx)
ed835673 777{
ed835673 778 int testresult = 0;
ed835673
HL		 779 unsigned char *tmp_buf = NULL;
780 int connect_started = 0;
9715e3aa 781 size_t offset = 0;
a350db73
HL		 782 size_t op_idx = 0;
783 const struct script_op *op = NULL;
629b408c
HL		 784 int no_advance = 0, first = 1;
785#if defined(OPENSSL_THREADS)
786 int end_wait_warning = 0;
787#endif
a350db73
HL		 788 OSSL_TIME op_start_time = ossl_time_zero(), op_deadline = ossl_time_zero();
789 struct helper_local hl;
fca44cfc
HL		 790#define REPEAT_SLOTS 8
791 size_t repeat_stack_idx[REPEAT_SLOTS], repeat_stack_done[REPEAT_SLOTS];
792 size_t repeat_stack_limit[REPEAT_SLOTS];
793 size_t repeat_stack_len = 0;
ed835673 794
a350db73 795 if (!TEST_true(helper_local_init(&hl, h, thread_idx)))
ed835673
HL		 796 goto out;
797
2525109f 798#define SPIN_AGAIN() { OSSL_sleep(1); no_advance = 1; continue; }
ed835673 799
9715e3aa 800 for (;;) {
a350db73 801 SSL *c_tgt = h->c_conn;
ed835673
HL		 802 uint64_t s_stream_id = UINT64_MAX;
803
9715e3aa
HL		 804 if (no_advance) {
805 no_advance = 0;
806 } else {
807 if (!first)
808 ++op_idx;
809
810 first = 0;
4f2d32d6 811 offset = 0;
9715e3aa 812 op_start_time = ossl_time_now();
cd5e4380 813 op_deadline = ossl_time_add(op_start_time, ossl_ms2time(8000));
9715e3aa
HL		 814 }
815
816 if (!TEST_int_le(ossl_time_compare(ossl_time_now(), op_deadline), 0)) {
a350db73 817 TEST_error("op %zu timed out on thread %d", op_idx + 1, thread_idx);
9715e3aa
HL		 818 goto out;
819 }
820
ed835673
HL		 821 op = &script[op_idx];
822
823 if (op->stream_name != NULL) {
a350db73
HL		 824 c_tgt = helper_local_get_c_stream(&hl, op->stream_name);
825 if (thread_idx < 0)
826 s_stream_id = helper_get_s_stream(h, op->stream_name);
827 else
828 s_stream_id = UINT64_MAX;
829 }
830
7ba8f79a 831 if (thread_idx < 0)
a350db73 832 ossl_quic_tserver_tick(h->s);
7ba8f79a
HL		 833
834 if (thread_idx >= 0 || connect_started)
6084e04b 835 SSL_handle_events(h->c_conn);
ed835673 836
a350db73
HL		 837 if (thread_idx >= 0) {
838 /* Only allow certain opcodes on child threads. */
839 switch (op->op) {
840 case OPK_END:
841 case OPK_C_ACCEPT_STREAM_WAIT:
842 case OPK_C_NEW_STREAM:
843 case OPK_C_READ_EXPECT:
844 case OPK_C_EXPECT_FIN:
845 case OPK_C_WRITE:
846 case OPK_C_CONCLUDE:
847 case OPK_C_FREE_STREAM:
fca44cfc
HL		 848 case OPK_BEGIN_REPEAT:
849 case OPK_END_REPEAT:
0345cac6
TM		 850 case OPK_C_READ_FAIL_WAIT:
851 case OPK_C_EXPECT_SSL_ERR:
852 case OPK_EXPECT_ERR_REASON:
853 case OPK_EXPECT_ERR_LIB:
854 case OPK_SLEEP:
a350db73
HL		 855 break;
856
857 default:
0cea6df2
MC		 858 TEST_error("opcode %lu not allowed on child thread",
859 (unsigned long)op->op);
a350db73
HL		 860 goto out;
861 }
862 }
ed835673
HL		 863
864 switch (op->op) {
865 case OPK_END:
fca44cfc
HL		 866 if (!TEST_size_t_eq(repeat_stack_len, 0))
867 goto out;
868
629b408c 869#if defined(OPENSSL_THREADS)
a350db73
HL		 870 if (thread_idx < 0) {
871 int done;
872 size_t i;
873
874 for (i = 0; i < h->num_threads; ++i) {
875 if (h->threads[i].m == NULL)
876 continue;
877
878 ossl_crypto_mutex_lock(h->threads[i].m);
879 done = h->threads[i].done;
880 ossl_crypto_mutex_unlock(h->threads[i].m);
881
882 if (!done) {
883 if (!end_wait_warning) {
884 TEST_info("still waiting for other threads to finish (%zu)", i);
885 end_wait_warning = 1;
886 }
887
888 SPIN_AGAIN();
889 }
890 }
891 }
629b408c 892#endif
a350db73 893
0786483a 894 TEST_info("script \"%s\" finished on thread %d", script_name, thread_idx);
ed835673
HL		 895 testresult = 1;
896 goto out;
897
fca44cfc
HL		 898 case OPK_BEGIN_REPEAT:
899 if (!TEST_size_t_lt(repeat_stack_len, OSSL_NELEM(repeat_stack_idx)))
900 goto out;
901
902 if (!TEST_size_t_gt(op->arg1, 0))
903 goto out;
904
905 repeat_stack_idx[repeat_stack_len] = op_idx + 1;
906 repeat_stack_done[repeat_stack_len] = 0;
907 repeat_stack_limit[repeat_stack_len] = op->arg1;
908 ++repeat_stack_len;
909 break;
910
911 case OPK_END_REPEAT:
912 if (!TEST_size_t_gt(repeat_stack_len, 0))
913 goto out;
914
915 if (++repeat_stack_done[repeat_stack_len - 1]
916 == repeat_stack_limit[repeat_stack_len - 1]) {
917 --repeat_stack_len;
918 } else {
919 op_idx = repeat_stack_idx[repeat_stack_len - 1];
920 no_advance = 1;
921 continue;
922 }
923
924 break;
925
ed835673 926 case OPK_CHECK:
9715e3aa 927 {
a350db73
HL		 928 int ok = op->check_func(h, op);
929 if (h->check_spin_again) {
930 h->check_spin_again = 0;
9715e3aa
HL		 931 SPIN_AGAIN();
932 }
ed835673 933
9715e3aa
HL		 934 if (!TEST_true(ok))
935 goto out;
936 }
ed835673
HL		 937 break;
938
939 case OPK_C_SET_ALPN:
940 {
941 const char *alpn = op->arg0;
942 size_t alpn_len = strlen(alpn);
943
944 if (!TEST_size_t_le(alpn_len, UINT8_MAX)
945 || !TEST_ptr(tmp_buf = (unsigned char *)OPENSSL_malloc(alpn_len + 1)))
946 goto out;
947
948 memcpy(tmp_buf + 1, alpn, alpn_len);
949 tmp_buf[0] = (unsigned char)alpn_len;
950
951 /* 0 is the success case for SSL_set_alpn_protos(). */
a350db73 952 if (!TEST_false(SSL_set_alpn_protos(h->c_conn, tmp_buf,
ed835673
HL		 953 alpn_len + 1)))
954 goto out;
955
956 OPENSSL_free(tmp_buf);
957 tmp_buf = NULL;
958 }
959 break;
960
961 case OPK_C_CONNECT_WAIT:
962 {
963 int ret;
964
965 connect_started = 1;
966
a350db73 967 ret = SSL_connect(h->c_conn);
e26dc8e3 968 if (!TEST_true((ret == 1 || op->arg1 > 0)
a350db73 969 || (!h->blocking && is_want(h->c_conn, ret))))
ed835673
HL		 970 goto out;
971
e26dc8e3 972 if (!h->blocking && ret < 0)
ed835673
HL		 973 SPIN_AGAIN();
974 }
975 break;
976
977 case OPK_C_WRITE:
978 {
979 size_t bytes_written = 0;
980
981 if (!TEST_ptr(c_tgt))
982 goto out;
983
984 if (!TEST_true(SSL_write_ex(c_tgt, op->arg0, op->arg1,
985 &bytes_written))
986 || !TEST_size_t_eq(bytes_written, op->arg1))
987 goto out;
988 }
989 break;
990
991 case OPK_S_WRITE:
992 {
993 size_t bytes_written = 0;
994
995 if (!TEST_uint64_t_ne(s_stream_id, UINT64_MAX))
996 goto out;
997
a350db73 998 if (!TEST_true(ossl_quic_tserver_write(h->s, s_stream_id,
ed835673
HL		 999 op->arg0, op->arg1,
1000 &bytes_written))
1001 || !TEST_size_t_eq(bytes_written, op->arg1))
1002 goto out;
1003 }
1004 break;
1005
1006 case OPK_C_CONCLUDE:
1007 {
1008 if (!TEST_true(SSL_stream_conclude(c_tgt, 0)))
1009 goto out;
1010 }
1011 break;
1012
1013 case OPK_S_CONCLUDE:
1014 {
1015 if (!TEST_uint64_t_ne(s_stream_id, UINT64_MAX))
1016 goto out;
1017
a350db73 1018 ossl_quic_tserver_conclude(h->s, s_stream_id);
ed835673
HL		 1019 }
1020 break;
1021
1022 case OPK_C_WAIT_FOR_DATA:
1023 {
1024 char buf[1];
1025 size_t bytes_read = 0;
1026
1027 if (!TEST_ptr(c_tgt))
1028 goto out;
1029
1030 if (!SSL_peek_ex(c_tgt, buf, sizeof(buf), &bytes_read)
1031 || bytes_read == 0)
1032 SPIN_AGAIN();
1033 }
1034 break;
1035
1036 case OPK_C_READ_EXPECT:
1037 {
1038 size_t bytes_read = 0;
1039
9715e3aa
HL		 1040 if (op->arg1 > 0 && tmp_buf == NULL
1041 && !TEST_ptr(tmp_buf = OPENSSL_malloc(op->arg1)))
ed835673
HL		 1042 goto out;
1043
9715e3aa
HL		 1044 if (!SSL_read_ex(c_tgt, tmp_buf + offset, op->arg1 - offset,
1045 &bytes_read))
1046 SPIN_AGAIN();
ed835673 1047
9715e3aa
HL		 1048 if (bytes_read + offset != op->arg1) {
1049 offset += bytes_read;
1050 SPIN_AGAIN();
1051 }
1052
1053 if (op->arg1 > 0
1054 && !TEST_mem_eq(tmp_buf, op->arg1, op->arg0, op->arg1))
ed835673
HL		 1055 goto out;
1056
1057 OPENSSL_free(tmp_buf);
1058 tmp_buf = NULL;
1059 }
1060 break;
1061
1062 case OPK_S_READ_EXPECT:
1063 {
1064 size_t bytes_read = 0;
1065
1066 if (!TEST_uint64_t_ne(s_stream_id, UINT64_MAX))
1067 goto out;
1068
9715e3aa 1069 if (op->arg1 > 0 && tmp_buf == NULL
ed835673
HL		 1070 && !TEST_ptr(tmp_buf = OPENSSL_malloc(op->arg1)))
1071 goto out;
1072
a350db73 1073 if (!TEST_true(ossl_quic_tserver_read(h->s, s_stream_id,
9715e3aa
HL		 1074 tmp_buf + offset,
1075 op->arg1 - offset,
1076 &bytes_read)))
ed835673
HL		 1077 goto out;
1078
9715e3aa
HL		 1079 if (bytes_read + offset != op->arg1) {
1080 offset += bytes_read;
1081 SPIN_AGAIN();
1082 }
1083
ed835673
HL		 1084 if (op->arg1 > 0
1085 && !TEST_mem_eq(tmp_buf, op->arg1, op->arg0, op->arg1))
1086 goto out;
1087
1088 OPENSSL_free(tmp_buf);
1089 tmp_buf = NULL;
1090 }
1091 break;
1092
1093 case OPK_C_EXPECT_FIN:
1094 {
1095 char buf[1];
1096 size_t bytes_read = 0;
1097
1098 if (!TEST_false(SSL_read_ex(c_tgt, buf, sizeof(buf),
1099 &bytes_read))
9715e3aa
HL		 1100 || !TEST_size_t_eq(bytes_read, 0))
1101 goto out;
1102
1103 if (is_want(c_tgt, 0))
1104 SPIN_AGAIN();
1105
1106 if (!TEST_int_eq(SSL_get_error(c_tgt, 0),
1107 SSL_ERROR_ZERO_RETURN))
1108 goto out;
ed835673
HL		 1109 }
1110 break;
1111
1112 case OPK_S_EXPECT_FIN:
1113 {
9715e3aa 1114 if (!TEST_uint64_t_ne(s_stream_id, UINT64_MAX))
ed835673 1115 goto out;
9715e3aa 1116
a350db73 1117 if (!ossl_quic_tserver_has_read_ended(h->s, s_stream_id))
9715e3aa 1118 SPIN_AGAIN();
ed835673
HL		 1119 }
1120 break;
1121
1122 case OPK_C_DETACH:
1123 {
1124 SSL *c_stream;
1125
1126 if (!TEST_ptr_null(c_tgt))
1127 goto out; /* don't overwrite existing stream with same name */
1128
a350db73 1129 if (!TEST_ptr(c_stream = ossl_quic_detach_stream(h->c_conn)))
ed835673
HL		 1130 goto out;
1131
a350db73 1132 if (!TEST_true(helper_local_set_c_stream(&hl, op->stream_name, c_stream)))
ed835673
HL		 1133 goto out;
1134 }
1135 break;
1136
1137 case OPK_C_ATTACH:
1138 {
1139 if (!TEST_ptr(c_tgt))
1140 goto out;
1141
a350db73 1142 if (!TEST_true(ossl_quic_attach_stream(h->c_conn, c_tgt)))
ed835673
HL		 1143 goto out;
1144
a350db73 1145 if (!TEST_true(helper_local_set_c_stream(&hl, op->stream_name, NULL)))
ed835673
HL		 1146 goto out;
1147 }
1148 break;
1149
1150 case OPK_C_NEW_STREAM:
1151 {
1152 SSL *c_stream;
1153 uint64_t flags = 0;
1154
1155 if (!TEST_ptr_null(c_tgt))
1156 goto out; /* don't overwrite existing stream with same name */
1157
1158 if (op->arg1 != 0)
1159 flags |= SSL_STREAM_FLAG_UNI;
1160
a350db73 1161 if (!TEST_ptr(c_stream = SSL_new_stream(h->c_conn, flags)))
ed835673
HL		 1162 goto out;
1163
1164 if (op->arg2 != UINT64_MAX
1165 && !TEST_uint64_t_eq(SSL_get_stream_id(c_stream),
1166 op->arg2))
1167 goto out;
1168
a350db73 1169 if (!TEST_true(helper_local_set_c_stream(&hl, op->stream_name, c_stream)))
ed835673
HL		 1170 goto out;
1171 }
1172 break;
1173
1174 case OPK_S_NEW_STREAM:
1175 {
1176 uint64_t stream_id = UINT64_MAX;
1177
1178 if (!TEST_uint64_t_eq(s_stream_id, UINT64_MAX))
1179 goto out; /* don't overwrite existing stream with same name */
1180
a350db73 1181 if (!TEST_true(ossl_quic_tserver_stream_new(h->s,
ed835673
HL		 1182 op->arg1 > 0,
1183 &stream_id)))
1184 goto out;
1185
1186 if (op->arg2 != UINT64_MAX
1187 && !TEST_uint64_t_eq(stream_id, op->arg2))
1188 goto out;
1189
a350db73 1190 if (!TEST_true(helper_set_s_stream(h, op->stream_name,
ed835673
HL		 1191 stream_id)))
1192 goto out;
1193 }
1194 break;
1195
a350db73 1196 case OPK_C_ACCEPT_STREAM_WAIT:
ed835673
HL		 1197 {
1198 SSL *c_stream;
1199
1200 if (!TEST_ptr_null(c_tgt))
1201 goto out; /* don't overwrite existing stream with same name */
1202
a350db73 1203 if ((c_stream = SSL_accept_stream(h->c_conn, 0)) == NULL)
9715e3aa 1204 SPIN_AGAIN();
ed835673 1205
a350db73
HL		 1206 if (!TEST_true(helper_local_set_c_stream(&hl, op->stream_name,
1207 c_stream)))
1208 goto out;
1209 }
1210 break;
1211
1212 case OPK_S_ACCEPT_STREAM_WAIT:
1213 {
1214 uint64_t new_stream_id;
1215
1216 if (!TEST_uint64_t_eq(s_stream_id, UINT64_MAX))
1217 goto out;
1218
1219 new_stream_id = ossl_quic_tserver_pop_incoming_stream(h->s);
1220 if (new_stream_id == UINT64_MAX)
1221 SPIN_AGAIN();
1222
1223 if (!TEST_true(helper_set_s_stream(h, op->stream_name, new_stream_id)))
ed835673
HL		 1224 goto out;
1225 }
1226 break;
1227
1228 case OPK_C_ACCEPT_STREAM_NONE:
1229 {
1230 SSL *c_stream;
1231
a350db73 1232 if (!TEST_ptr_null(c_stream = SSL_accept_stream(h->c_conn, 0))) {
ed835673
HL		 1233 SSL_free(c_stream);
1234 goto out;
1235 }
1236 }
1237 break;
1238
1239 case OPK_C_FREE_STREAM:
1240 {
1241 if (!TEST_ptr(c_tgt)
1242 || !TEST_true(!SSL_is_connection(c_tgt)))
1243 goto out;
1244
a350db73 1245 if (!TEST_true(helper_local_set_c_stream(&hl, op->stream_name, NULL)))
ed835673
HL		 1246 goto out;
1247
1248 SSL_free(c_tgt);
1249 c_tgt = NULL;
1250 }
1251 break;
1252
1253 case OPK_C_SET_DEFAULT_STREAM_MODE:
1254 {
1255 if (!TEST_ptr(c_tgt))
1256 goto out;
1257
1258 if (!TEST_true(SSL_set_default_stream_mode(c_tgt, op->arg1)))
1259 goto out;
1260 }
1261 break;
1262
83df44ae 1263 case OPK_C_SET_INCOMING_STREAM_POLICY:
ed835673
HL		 1264 {
1265 if (!TEST_ptr(c_tgt))
1266 goto out;
1267
83df44ae
HL		 1268 if (!TEST_true(SSL_set_incoming_stream_policy(c_tgt,
1269 op->arg1, 0)))
ed835673
HL		 1270 goto out;
1271 }
1272 break;
1273
cd5e4380 1274 case OPK_C_SHUTDOWN_WAIT:
ed835673
HL		 1275 {
1276 int ret;
cd5e4380 1277 QUIC_CHANNEL *ch = ossl_quic_conn_get_channel(h->c_conn);
d49a1634 1278 SSL_SHUTDOWN_EX_ARGS args = {0};
cd5e4380
HL		 1279
1280 ossl_quic_channel_set_inhibit_tick(ch, 0);
ed835673
HL		 1281
1282 if (!TEST_ptr(c_tgt))
1283 goto out;
1284
d49a1634
HL		 1285 args.quic_reason = (const char *)op->arg0;
1286
1287 ret = SSL_shutdown_ex(c_tgt, 0, &args, sizeof(args));
ed835673
HL		 1288 if (!TEST_int_ge(ret, 0))
1289 goto out;
1290
cd5e4380
HL		 1291 if (ret == 0)
1292 SPIN_AGAIN();
ed835673
HL		 1293 }
1294 break;
1295
1296 case OPK_C_EXPECT_CONN_CLOSE_INFO:
1297 {
1298 SSL_CONN_CLOSE_INFO cc_info = {0};
1299 int expect_app = (op->arg1 & EXPECT_CONN_CLOSE_APP) != 0;
1300 int expect_remote = (op->arg1 & EXPECT_CONN_CLOSE_REMOTE) != 0;
1301 uint64_t error_code = op->arg2;
1302
1303 if (!TEST_ptr(c_tgt))
1304 goto out;
1305
9715e3aa
HL		 1306 if (!SSL_get_conn_close_info(c_tgt, &cc_info, sizeof(cc_info)))
1307 SPIN_AGAIN();
ed835673
HL		 1308
1309 if (!TEST_int_eq(expect_app, !cc_info.is_transport)
1310 || !TEST_int_eq(expect_remote, !cc_info.is_local)
1311 || !TEST_uint64_t_eq(error_code, cc_info.error_code))
1312 goto out;
1313 }
1314 break;
1315
1316 case OPK_S_EXPECT_CONN_CLOSE_INFO:
1317 {
1318 const QUIC_TERMINATE_CAUSE *tc;
1319 int expect_app = (op->arg1 & EXPECT_CONN_CLOSE_APP) != 0;
1320 int expect_remote = (op->arg1 & EXPECT_CONN_CLOSE_REMOTE) != 0;
1321 uint64_t error_code = op->arg2;
1322
9ff3a99e
HL		 1323 if (!ossl_quic_tserver_is_term_any(h->s)) {
1324 ossl_quic_tserver_ping(h->s);
9715e3aa 1325 SPIN_AGAIN();
9ff3a99e 1326 }
ed835673 1327
a350db73 1328 if (!TEST_ptr(tc = ossl_quic_tserver_get_terminate_cause(h->s)))
ed835673
HL		 1329 goto out;
1330
1331 if (!TEST_uint64_t_eq(error_code, tc->error_code)
1332 || !TEST_int_eq(expect_app, tc->app)
1333 || !TEST_int_eq(expect_remote, tc->remote))
1334 goto out;
1335 }
1336 break;
1337
1338 case OPK_S_BIND_STREAM_ID:
1339 {
1340 if (!TEST_uint64_t_eq(s_stream_id, UINT64_MAX))
1341 goto out;
1342
a350db73 1343 if (!TEST_true(helper_set_s_stream(h, op->stream_name, op->arg2)))
ed835673
HL		 1344 goto out;
1345 }
1346 break;
1347
fca44cfc
HL		 1348 case OPK_S_UNBIND_STREAM_ID:
1349 {
1350 if (!TEST_uint64_t_ne(s_stream_id, UINT64_MAX))
1351 goto out;
1352
1353 if (!TEST_true(helper_set_s_stream(h, op->stream_name, UINT64_MAX)))
1354 goto out;
1355 }
1356 break;
1357
ed835673
HL		 1358 case OPK_C_WRITE_FAIL:
1359 {
571aff4b 1360 size_t bytes_written = 0;
ed835673
HL		 1361
1362 if (!TEST_ptr(c_tgt))
1363 goto out;
1364
1365 if (!TEST_false(SSL_write_ex(c_tgt, "apple", 5, &bytes_written)))
1366 goto out;
1367 }
1368 break;
1369
1370 case OPK_S_WRITE_FAIL:
1371 {
1372 size_t bytes_written = 0;
1373
1374 if (!TEST_uint64_t_ne(s_stream_id, UINT64_MAX))
1375 goto out;
1376
a350db73 1377 if (!TEST_false(ossl_quic_tserver_write(h->s, s_stream_id,
ed835673
HL		 1378 (const unsigned char *)"apple", 5,
1379 &bytes_written)))
1380 goto out;
1381 }
1382 break;
1383
1384 case OPK_C_READ_FAIL:
1385 {
571aff4b 1386 size_t bytes_read = 0;
ed835673
HL		 1387 char buf[1];
1388
1389 if (!TEST_ptr(c_tgt))
1390 goto out;
1391
1392 if (!TEST_false(SSL_read_ex(c_tgt, buf, sizeof(buf), &bytes_read)))
1393 goto out;
1394 }
1395 break;
1396
0345cac6
TM		 1397 case OPK_C_READ_FAIL_WAIT:
1398 {
1399 size_t bytes_read = 0;
1400 char buf[1];
1401
1402 if (!TEST_ptr(c_tgt))
1403 goto out;
1404
1405 if (!TEST_false(SSL_read_ex(c_tgt, buf, sizeof(buf), &bytes_read)))
1406 goto out;
1407
1408 if (is_want(c_tgt, 0))
1409 SPIN_AGAIN();
1410 }
1411 break;
1412
2f018d14
HL		 1413 case OPK_S_READ_FAIL:
1414 {
1415 size_t bytes_read = 0;
1416 unsigned char buf[1];
1417
1418 if (!TEST_uint64_t_ne(s_stream_id, UINT64_MAX))
1419 goto out;
1420
1421 if (!TEST_false(ossl_quic_tserver_read(h->s, s_stream_id,
1422 buf, sizeof(buf),
1423 &bytes_read)))
1424 goto out;
1425 }
1426 break;
1427
ed835673
HL		 1428 case OPK_C_STREAM_RESET:
1429 {
1430 SSL_STREAM_RESET_ARGS args = {0};
1431
1432 if (!TEST_ptr(c_tgt))
1433 goto out;
1434
1435 args.quic_error_code = op->arg2;
1436
1437 if (!TEST_true(SSL_stream_reset(c_tgt, &args, sizeof(args))))
1438 goto out;
1439 }
1440 break;
1441
a350db73
HL		 1442 case OPK_NEW_THREAD:
1443 {
1444#if !defined(OPENSSL_THREADS)
629b408c
HL		 1445 /*
1446 * If this test script requires threading and we do not have
1447 * support for it, skip the rest of it.
1448 */
1449 TEST_skip("threading not supported, skipping");
1450 testresult = 1;
a350db73
HL		 1451 goto out;
1452#else
1453 size_t i;
1454
1455 if (!TEST_ptr_null(h->threads)) {
1456 TEST_error("max one NEW_THREAD operation per script");
1457 goto out;
1458 }
1459
1460 h->threads = OPENSSL_zalloc(op->arg1 * sizeof(struct child_thread_args));
1461 if (!TEST_ptr(h->threads))
1462 goto out;
1463
1464 h->num_threads = op->arg1;
1465
1466 for (i = 0; i < op->arg1; ++i) {
1467 h->threads[i].h = h;
1468 h->threads[i].script = op->arg0;
0786483a 1469 h->threads[i].script_name = script_name;
a350db73
HL		 1470 h->threads[i].thread_idx = i;
1471
1472 h->threads[i].m = ossl_crypto_mutex_new();
1473 if (!TEST_ptr(h->threads[i].m))
1474 goto out;
1475
1476 h->threads[i].t
1477 = ossl_crypto_thread_native_start(run_script_child_thread,
1478 &h->threads[i], 1);
1479 if (!TEST_ptr(h->threads[i].t))
1480 goto out;
1481 }
1482#endif
1483 }
1484 break;
1485
0345cac6
TM		 1486 case OPK_C_CLOSE_SOCKET:
1487 {
1488 BIO_closesocket(h->c_fd);
1489 }
1490 break;
1491
1492 case OPK_C_EXPECT_SSL_ERR:
1493 {
1494 if (!TEST_size_t_eq((size_t)SSL_get_error(c_tgt, 0), op->arg1))
1495 goto out;
1496 }
1497 break;
1498
1499 case OPK_EXPECT_ERR_REASON:
1500 {
1501 if (!TEST_size_t_eq((size_t)ERR_GET_REASON(ERR_get_error()), op->arg1))
1502 goto out;
1503 }
1504 break;
1505
1506 case OPK_EXPECT_ERR_LIB:
1507 {
1508 if (!TEST_size_t_eq((size_t)ERR_GET_LIB(ERR_get_error()), op->arg1))
1509 goto out;
1510 }
1511 break;
1512
1513 case OPK_SLEEP:
1514 {
1515 OSSL_sleep(op->arg2);
1516 }
1517 break;
1518
e26dc8e3
HL		 1519 case OPK_S_SET_INJECT_PLAIN:
1520 h->qtf_packet_plain_cb = op->qtf_packet_plain_cb;
1521
1522 if (!TEST_true(qtest_fault_set_packet_plain_listener(h->qtf,
1523 h->qtf_packet_plain_cb != NULL ?
1524 helper_packet_plain_listener : NULL,
1525 h)))
1526 goto out;
1527
1528 break;
1529
de56eebd
HL		 1530 case OPK_S_SET_INJECT_HANDSHAKE:
1531 h->qtf_handshake_cb = op->qtf_handshake_cb;
1532
1533 if (!TEST_true(qtest_fault_set_handshake_listener(h->qtf,
1534 h->qtf_handshake_cb != NULL ?
1535 helper_handshake_listener : NULL,
1536 h)))
1537 goto out;
1538
1539 break;
1540
e26dc8e3
HL		 1541 case OPK_SET_INJECT_WORD:
1542 h->inject_word0 = op->arg1;
1543 h->inject_word1 = op->arg2;
1544 break;
1545
cd5e4380
HL		 1546 case OPK_C_INHIBIT_TICK:
1547 {
1548 QUIC_CHANNEL *ch = ossl_quic_conn_get_channel(h->c_conn);
1549
1550 ossl_quic_channel_set_inhibit_tick(ch, op->arg1);
1551 }
1552 break;
1553
1554 case OPK_C_SET_WRITE_BUF_SIZE:
1555 if (!TEST_ptr(c_tgt))
1556 goto out;
1557
1558 if (!TEST_true(ossl_quic_set_write_buffer_size(c_tgt, op->arg1)))
1559 goto out;
1560
1561 break;
1562
ed835673
HL		 1563 default:
1564 TEST_error("unknown op");
1565 goto out;
1566 }
1567 }
1568
1569out:
fca44cfc
HL		 1570 if (!testresult) {
1571 size_t i;
1572
0786483a
HL		 1573 TEST_error("failed in script \"%s\" at op %zu, thread %d\n",
1574 script_name, op_idx + 1, thread_idx);
ed835673 1575
fca44cfc
HL		 1576 for (i = 0; i < repeat_stack_len; ++i)
1577 TEST_info("while repeating, iteration %zu of %zu, starting at script op %zu",
1578 repeat_stack_done[i],
1579 repeat_stack_limit[i],
1580 repeat_stack_idx[i]);
1581 }
1582
ed835673 1583 OPENSSL_free(tmp_buf);
a350db73
HL		 1584 helper_local_cleanup(&hl);
1585 return testresult;
1586}
1587
0786483a
HL		 1588static int run_script(const struct script_op *script,
1589 const char *script_name,
1590 int free_order)
a350db73
HL		 1591{
1592 int testresult = 0;
1593 struct helper h;
1594
e26dc8e3 1595 if (!TEST_true(helper_init(&h, free_order, 1)))
a350db73
HL		 1596 goto out;
1597
0786483a 1598 if (!TEST_true(run_script_worker(&h, script, script_name, -1)))
a350db73
HL		 1599 goto out;
1600
629b408c 1601#if defined(OPENSSL_THREADS)
a350db73
HL		 1602 if (!TEST_true(join_threads(h.threads, h.num_threads)))
1603 goto out;
629b408c 1604#endif
a350db73
HL		 1605
1606 testresult = 1;
1607out:
ed835673
HL		 1608 helper_cleanup(&h);
1609 return testresult;
1610}
1611
a350db73
HL		 1612#if defined(OPENSSL_THREADS)
1613static CRYPTO_THREAD_RETVAL run_script_child_thread(void *arg)
1614{
1615 int testresult;
1616 struct child_thread_args *args = arg;
1617
1618 testresult = run_script_worker(args->h, args->script,
0786483a 1619 args->script_name,
a350db73
HL		 1620 args->thread_idx);
1621
1622 ossl_crypto_mutex_lock(args->m);
1623 args->testresult = testresult;
1624 args->done = 1;
1625 ossl_crypto_mutex_unlock(args->m);
1626 return 1;
1627}
1628#endif
1629
ed835673
HL		 1630/* 1. Simple single-stream test */
1631static const struct script_op script_1[] = {
1632 OP_C_SET_ALPN ("ossltest")
1633 OP_C_CONNECT_WAIT ()
1634 OP_C_WRITE (DEFAULT, "apple", 5)
1635 OP_C_CONCLUDE (DEFAULT)
1636 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
1637 OP_S_READ_EXPECT (a, "apple", 5)
1638 OP_S_EXPECT_FIN (a)
1639 OP_S_WRITE (a, "orange", 6)
1640 OP_S_CONCLUDE (a)
1641 OP_C_READ_EXPECT (DEFAULT, "orange", 6)
1642 OP_C_EXPECT_FIN (DEFAULT)
1643 OP_END
1644};
1645
1646/* 2. Multi-stream test */
1647static const struct script_op script_2[] = {
1648 OP_C_SET_ALPN ("ossltest")
1649 OP_C_CONNECT_WAIT ()
83df44ae 1650 OP_C_SET_INCOMING_STREAM_POLICY(SSL_INCOMING_STREAM_POLICY_ACCEPT)
ed835673
HL		 1651 OP_C_WRITE (DEFAULT, "apple", 5)
1652 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
1653 OP_S_READ_EXPECT (a, "apple", 5)
1654 OP_S_WRITE (a, "orange", 6)
1655 OP_C_READ_EXPECT (DEFAULT, "orange", 6)
1656
1657 OP_C_NEW_STREAM_BIDI (b, C_BIDI_ID(1))
1658 OP_C_WRITE (b, "flamingo", 8)
1659 OP_C_CONCLUDE (b)
1660 OP_S_BIND_STREAM_ID (b, C_BIDI_ID(1))
1661 OP_S_READ_EXPECT (b, "flamingo", 8)
1662 OP_S_EXPECT_FIN (b)
1663 OP_S_WRITE (b, "gargoyle", 8)
1664 OP_S_CONCLUDE (b)
1665 OP_C_READ_EXPECT (b, "gargoyle", 8)
1666 OP_C_EXPECT_FIN (b)
1667
1668 OP_C_NEW_STREAM_UNI (c, C_UNI_ID(0))
1669 OP_C_WRITE (c, "elephant", 8)
1670 OP_C_CONCLUDE (c)
1671 OP_S_BIND_STREAM_ID (c, C_UNI_ID(0))
1672 OP_S_READ_EXPECT (c, "elephant", 8)
1673 OP_S_EXPECT_FIN (c)
1674 OP_S_WRITE_FAIL (c)
1675
1676 OP_C_ACCEPT_STREAM_NONE ()
1677
1678 OP_S_NEW_STREAM_BIDI (d, S_BIDI_ID(0))
1679 OP_S_WRITE (d, "frog", 4)
1680 OP_S_CONCLUDE (d)
1681
a350db73 1682 OP_C_ACCEPT_STREAM_WAIT (d)
ed835673
HL		 1683 OP_C_ACCEPT_STREAM_NONE ()
1684 OP_C_READ_EXPECT (d, "frog", 4)
1685 OP_C_EXPECT_FIN (d)
1686
1687 OP_S_NEW_STREAM_BIDI (e, S_BIDI_ID(1))
1688 OP_S_WRITE (e, "mixture", 7)
1689 OP_S_CONCLUDE (e)
1690
a350db73 1691 OP_C_ACCEPT_STREAM_WAIT (e)
ed835673
HL		 1692 OP_C_READ_EXPECT (e, "mixture", 7)
1693 OP_C_EXPECT_FIN (e)
1694 OP_C_WRITE (e, "ramble", 6)
1695 OP_S_READ_EXPECT (e, "ramble", 6)
1696 OP_C_CONCLUDE (e)
1697 OP_S_EXPECT_FIN (e)
1698
1699 OP_S_NEW_STREAM_UNI (f, S_UNI_ID(0))
1700 OP_S_WRITE (f, "yonder", 6)
1701 OP_S_CONCLUDE (f)
1702
a350db73 1703 OP_C_ACCEPT_STREAM_WAIT (f)
ed835673
HL		 1704 OP_C_ACCEPT_STREAM_NONE ()
1705 OP_C_READ_EXPECT (f, "yonder", 6)
1706 OP_C_EXPECT_FIN (f)
1707 OP_C_WRITE_FAIL (f)
1708
83df44ae 1709 OP_C_SET_INCOMING_STREAM_POLICY(SSL_INCOMING_STREAM_POLICY_REJECT)
ed835673
HL		 1710 OP_S_NEW_STREAM_BIDI (g, S_BIDI_ID(2))
1711 OP_S_WRITE (g, "unseen", 6)
1712 OP_S_CONCLUDE (g)
1713
1714 OP_C_ACCEPT_STREAM_NONE ()
1715
83df44ae 1716 OP_C_SET_INCOMING_STREAM_POLICY(SSL_INCOMING_STREAM_POLICY_AUTO)
ed835673
HL		 1717 OP_S_NEW_STREAM_BIDI (h, S_BIDI_ID(3))
1718 OP_S_WRITE (h, "UNSEEN", 6)
1719 OP_S_CONCLUDE (h)
1720
1721 OP_C_ACCEPT_STREAM_NONE ()
1722
1723 /*
1724 * Streams g, h should have been rejected, so server should have got
1725 * STOP_SENDING/RESET_STREAM.
1726 */
1727 OP_CHECK (check_rejected, S_BIDI_ID(2))
1728 OP_CHECK (check_rejected, S_BIDI_ID(3))
1729
1730 OP_END
1731};
1732
1733/* 3. Default stream detach/reattach test */
1734static const struct script_op script_3[] = {
1735 OP_C_SET_ALPN ("ossltest")
1736 OP_C_CONNECT_WAIT ()
1737
1738 OP_C_WRITE (DEFAULT, "apple", 5)
1739 OP_C_DETACH (a) /* DEFAULT becomes stream 'a' */
1740 OP_C_WRITE_FAIL (DEFAULT)
1741
1742 OP_C_WRITE (a, "by", 2)
1743
1744 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
1745 OP_S_READ_EXPECT (a, "appleby", 7)
1746
1747 OP_S_WRITE (a, "hello", 5)
1748 OP_C_READ_EXPECT (a, "hello", 5)
1749
1750 OP_C_WRITE_FAIL (DEFAULT)
1751 OP_C_ATTACH (a)
1752 OP_C_WRITE (DEFAULT, "is here", 7)
1753 OP_S_READ_EXPECT (a, "is here", 7)
1754
1755 OP_C_DETACH (a)
1756 OP_C_CONCLUDE (a)
1757 OP_S_EXPECT_FIN (a)
1758
1759 OP_END
1760};
1761
1762/* 4. Default stream mode test */
1763static const struct script_op script_4[] = {
1764 OP_C_SET_ALPN ("ossltest")
1765 OP_C_CONNECT_WAIT ()
1766
1767 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
1768 OP_C_WRITE_FAIL (DEFAULT)
1769
1770 OP_S_NEW_STREAM_BIDI (a, S_BIDI_ID(0))
1771 OP_S_WRITE (a, "apple", 5)
1772
1773 OP_C_READ_FAIL (DEFAULT)
1774
a350db73 1775 OP_C_ACCEPT_STREAM_WAIT (a)
ed835673
HL		 1776 OP_C_READ_EXPECT (a, "apple", 5)
1777
1778 OP_C_ATTACH (a)
1779 OP_C_WRITE (DEFAULT, "orange", 6)
1780 OP_S_READ_EXPECT (a, "orange", 6)
1781
1782 OP_END
1783};
1784
1785/* 5. Test stream reset functionality */
1786static const struct script_op script_5[] = {
1787 OP_C_SET_ALPN ("ossltest")
1788 OP_C_CONNECT_WAIT ()
1789
1790 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
1791 OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
9ff3a99e 1792 OP_C_NEW_STREAM_BIDI (b, C_BIDI_ID(1))
ed835673
HL		 1793
1794 OP_C_WRITE (a, "apple", 5)
1795 OP_C_STREAM_RESET (a, 42)
1796
9ff3a99e
HL		 1797 OP_C_WRITE (b, "strawberry", 10)
1798
ed835673 1799 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
9ff3a99e
HL		 1800 OP_S_BIND_STREAM_ID (b, C_BIDI_ID(1))
1801 OP_S_READ_EXPECT (b, "strawberry", 10)
2f018d14
HL		 1802 /* Reset disrupts read of already sent data */
1803 OP_S_READ_FAIL (a)
ed835673
HL		 1804 OP_CHECK (check_stream_reset, C_BIDI_ID(0))
1805
1806 OP_END
1807};
1808
1809/* 6. Test STOP_SENDING functionality */
1810static const struct script_op script_6[] = {
1811 OP_C_SET_ALPN ("ossltest")
1812 OP_C_CONNECT_WAIT ()
1813
1814 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
1815 OP_S_NEW_STREAM_BIDI (a, S_BIDI_ID(0))
1816 OP_S_WRITE (a, "apple", 5)
1817
a350db73 1818 OP_C_ACCEPT_STREAM_WAIT (a)
ed835673
HL		 1819 OP_C_FREE_STREAM (a)
1820 OP_C_ACCEPT_STREAM_NONE ()
1821
1822 OP_CHECK (check_stream_stopped, S_BIDI_ID(0))
1823
1824 OP_END
1825};
1826
1827/* 7. Unidirectional default stream mode test (client sends first) */
1828static const struct script_op script_7[] = {
1829 OP_C_SET_ALPN ("ossltest")
1830 OP_C_CONNECT_WAIT ()
1831
1832 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_AUTO_UNI)
1833 OP_C_WRITE (DEFAULT, "apple", 5)
1834
1835 OP_S_BIND_STREAM_ID (a, C_UNI_ID(0))
1836 OP_S_READ_EXPECT (a, "apple", 5)
1837 OP_S_WRITE_FAIL (a)
1838
1839 OP_END
1840};
1841
1842/* 8. Unidirectional default stream mode test (server sends first) */
1843static const struct script_op script_8[] = {
1844 OP_C_SET_ALPN ("ossltest")
1845 OP_C_CONNECT_WAIT ()
1846
1847 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_AUTO_UNI)
1848 OP_S_NEW_STREAM_UNI (a, S_UNI_ID(0))
1849 OP_S_WRITE (a, "apple", 5)
1850 OP_C_READ_EXPECT (DEFAULT, "apple", 5)
1851 OP_C_WRITE_FAIL (DEFAULT)
1852
1853 OP_END
1854};
1855
1856/* 9. Unidirectional default stream mode test (server sends first on bidi) */
1857static const struct script_op script_9[] = {
1858 OP_C_SET_ALPN ("ossltest")
1859 OP_C_CONNECT_WAIT ()
1860
1861 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_AUTO_UNI)
1862 OP_S_NEW_STREAM_BIDI (a, S_BIDI_ID(0))
1863 OP_S_WRITE (a, "apple", 5)
1864 OP_C_READ_EXPECT (DEFAULT, "apple", 5)
1865 OP_C_WRITE (DEFAULT, "orange", 6)
1866 OP_S_READ_EXPECT (a, "orange", 6)
1867
1868 OP_END
1869};
1870
1871/* 10. Shutdown */
1872static const struct script_op script_10[] = {
1873 OP_C_SET_ALPN ("ossltest")
1874 OP_C_CONNECT_WAIT ()
1875
1876 OP_C_WRITE (DEFAULT, "apple", 5)
1877 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
1878 OP_S_READ_EXPECT (a, "apple", 5)
1879
d49a1634 1880 OP_C_SHUTDOWN_WAIT (NULL)
ed835673
HL		 1881 OP_C_EXPECT_CONN_CLOSE_INFO(0, 1, 0)
1882 OP_S_EXPECT_CONN_CLOSE_INFO(0, 1, 1)
1883
1884 OP_END
1885};
1886
fca44cfc 1887/* 11. Many threads accepted on the same client connection */
274bb489
HL		 1888static const struct script_op script_11_child[] = {
1889 OP_C_ACCEPT_STREAM_WAIT (a)
1890 OP_C_READ_EXPECT (a, "foo", 3)
1891 OP_C_EXPECT_FIN (a)
1892
1893 OP_END
1894};
1895
1896static const struct script_op script_11[] = {
1897 OP_C_SET_ALPN ("ossltest")
1898 OP_C_CONNECT_WAIT ()
1899 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
1900
fca44cfc
HL		 1901 OP_NEW_THREAD (5, script_11_child)
1902
1903 OP_S_NEW_STREAM_BIDI (a, ANY_ID)
274bb489
HL		 1904 OP_S_WRITE (a, "foo", 3)
1905 OP_S_CONCLUDE (a)
1906
fca44cfc 1907 OP_S_NEW_STREAM_BIDI (b, ANY_ID)
274bb489
HL		 1908 OP_S_WRITE (b, "foo", 3)
1909 OP_S_CONCLUDE (b)
1910
fca44cfc 1911 OP_S_NEW_STREAM_BIDI (c, ANY_ID)
274bb489
HL		 1912 OP_S_WRITE (c, "foo", 3)
1913 OP_S_CONCLUDE (c)
1914
fca44cfc 1915 OP_S_NEW_STREAM_BIDI (d, ANY_ID)
274bb489
HL		 1916 OP_S_WRITE (d, "foo", 3)
1917 OP_S_CONCLUDE (d)
1918
fca44cfc 1919 OP_S_NEW_STREAM_BIDI (e, ANY_ID)
274bb489
HL		 1920 OP_S_WRITE (e, "foo", 3)
1921 OP_S_CONCLUDE (e)
1922
274bb489
HL		 1923 OP_END
1924};
1925
fca44cfc 1926/* 12. Many threads initiated on the same client connection */
274bb489
HL		 1927static const struct script_op script_12_child[] = {
1928 OP_C_NEW_STREAM_BIDI (a, ANY_ID)
1929 OP_C_WRITE (a, "foo", 3)
1930 OP_C_CONCLUDE (a)
1931 OP_C_FREE_STREAM (a)
1932
1933 OP_END
1934};
1935
1936static const struct script_op script_12[] = {
1937 OP_C_SET_ALPN ("ossltest")
1938 OP_C_CONNECT_WAIT ()
1939 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
1940
1941 OP_NEW_THREAD (5, script_12_child)
1942
1943 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
1944 OP_S_READ_EXPECT (a, "foo", 3)
1945 OP_S_EXPECT_FIN (a)
1946 OP_S_BIND_STREAM_ID (b, C_BIDI_ID(1))
1947 OP_S_READ_EXPECT (b, "foo", 3)
1948 OP_S_EXPECT_FIN (b)
1949 OP_S_BIND_STREAM_ID (c, C_BIDI_ID(2))
1950 OP_S_READ_EXPECT (c, "foo", 3)
1951 OP_S_EXPECT_FIN (c)
1952 OP_S_BIND_STREAM_ID (d, C_BIDI_ID(3))
1953 OP_S_READ_EXPECT (d, "foo", 3)
1954 OP_S_EXPECT_FIN (d)
1955 OP_S_BIND_STREAM_ID (e, C_BIDI_ID(4))
1956 OP_S_READ_EXPECT (e, "foo", 3)
1957 OP_S_EXPECT_FIN (e)
1958
1959 OP_END
1960};
1961
fca44cfc
HL		 1962/* 13. Many threads accepted on the same client connection (stress test) */
1963static const struct script_op script_13_child[] = {
1964 OP_BEGIN_REPEAT (10)
1965
1966 OP_C_ACCEPT_STREAM_WAIT (a)
1967 OP_C_READ_EXPECT (a, "foo", 3)
1968 OP_C_EXPECT_FIN (a)
1969 OP_C_FREE_STREAM (a)
1970
1971 OP_END_REPEAT ()
1972
1973 OP_END
1974};
1975
1976static const struct script_op script_13[] = {
1977 OP_C_SET_ALPN ("ossltest")
1978 OP_C_CONNECT_WAIT ()
1979 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
1980
1981 OP_NEW_THREAD (5, script_13_child)
1982
1983 OP_BEGIN_REPEAT (50)
1984
1985 OP_S_NEW_STREAM_BIDI (a, ANY_ID)
1986 OP_S_WRITE (a, "foo", 3)
1987 OP_S_CONCLUDE (a)
1988 OP_S_UNBIND_STREAM_ID (a)
1989
1990 OP_END_REPEAT ()
1991
1992 OP_END
1993};
1994
1995/* 14. Many threads initiating on the same client connection (stress test) */
1996static const struct script_op script_14_child[] = {
1997 OP_BEGIN_REPEAT (10)
1998
1999 OP_C_NEW_STREAM_BIDI (a, ANY_ID)
2000 OP_C_WRITE (a, "foo", 3)
2001 OP_C_CONCLUDE (a)
2002 OP_C_FREE_STREAM (a)
2003
2004 OP_END_REPEAT ()
2005
2006 OP_END
2007};
2008
2009static const struct script_op script_14[] = {
2010 OP_C_SET_ALPN ("ossltest")
2011 OP_C_CONNECT_WAIT ()
2012 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
2013
2014 OP_NEW_THREAD (5, script_14_child)
2015
2016 OP_BEGIN_REPEAT (50)
2017
2018 OP_S_ACCEPT_STREAM_WAIT (a)
2019 OP_S_READ_EXPECT (a, "foo", 3)
2020 OP_S_EXPECT_FIN (a)
2021 OP_S_UNBIND_STREAM_ID (a)
2022
2023 OP_END_REPEAT ()
2024
2025 OP_END
2026};
2027
0554f723
HL		 2028/* 15. Client sending large number of streams, MAX_STREAMS test */
2029static const struct script_op script_15[] = {
2030 OP_C_SET_ALPN ("ossltest")
2031 OP_C_CONNECT_WAIT ()
2032 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
2033
2034 /*
2035 * This will cause a protocol violation to be raised by the server if we are
2036 * not handling the stream limit correctly on the TX side.
2037 */
2038 OP_BEGIN_REPEAT (200)
2039
2040 OP_C_NEW_STREAM_BIDI (a, ANY_ID)
2041 OP_C_WRITE (a, "foo", 3)
2042 OP_C_CONCLUDE (a)
2043 OP_C_FREE_STREAM (a)
2044
2045 OP_END_REPEAT ()
2046
2047 /* Prove the connection is still good. */
2048 OP_S_NEW_STREAM_BIDI (a, S_BIDI_ID(0))
2049 OP_S_WRITE (a, "bar", 3)
2050 OP_S_CONCLUDE (a)
2051
2052 OP_C_ACCEPT_STREAM_WAIT (a)
2053 OP_C_READ_EXPECT (a, "bar", 3)
2054 OP_C_EXPECT_FIN (a)
2055
2056 /*
2057 * Drain the queue of incoming streams. We should be able to get all 200
2058 * even though only 100 can be initiated at a time.
2059 */
2060 OP_BEGIN_REPEAT (200)
2061
2062 OP_S_ACCEPT_STREAM_WAIT (b)
2063 OP_S_READ_EXPECT (b, "foo", 3)
2064 OP_S_EXPECT_FIN (b)
2065 OP_S_UNBIND_STREAM_ID (b)
2066
2067 OP_END_REPEAT ()
2068
2069 OP_END
2070};
2071
2072/* 16. Server sending large number of streams, MAX_STREAMS test */
2073static const struct script_op script_16[] = {
2074 OP_C_SET_ALPN ("ossltest")
2075 OP_C_CONNECT_WAIT ()
2076 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
2077
2078 /*
2079 * This will cause a protocol violation to be raised by the client if we are
2080 * not handling the stream limit correctly on the TX side.
2081 */
2082 OP_BEGIN_REPEAT (200)
2083
2084 OP_S_NEW_STREAM_BIDI (a, ANY_ID)
2085 OP_S_WRITE (a, "foo", 3)
2086 OP_S_CONCLUDE (a)
2087 OP_S_UNBIND_STREAM_ID (a)
2088
2089 OP_END_REPEAT ()
2090
2091 /* Prove that the connection is still good. */
2092 OP_C_NEW_STREAM_BIDI (a, ANY_ID)
2093 OP_C_WRITE (a, "bar", 3)
2094 OP_C_CONCLUDE (a)
2095
2096 OP_S_ACCEPT_STREAM_WAIT (b)
2097 OP_S_READ_EXPECT (b, "bar", 3)
2098 OP_S_EXPECT_FIN (b)
2099
2100 /* Drain the queue of incoming streams. */
2101 OP_BEGIN_REPEAT (200)
2102
2103 OP_C_ACCEPT_STREAM_WAIT (b)
2104 OP_C_READ_EXPECT (b, "foo", 3)
2105 OP_C_EXPECT_FIN (b)
2106 OP_C_FREE_STREAM (b)
2107
2108 OP_END_REPEAT ()
2109
2110 OP_END
2111};
2112
693b23e3
HL		 2113/* 17. Key update test - unlimited */
2114static const struct script_op script_17[] = {
2115 OP_C_SET_ALPN ("ossltest")
2116 OP_C_CONNECT_WAIT ()
2117
2118 OP_C_WRITE (DEFAULT, "apple", 5)
2119
2120 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
2121 OP_S_READ_EXPECT (a, "apple", 5)
2122
2123 OP_CHECK (override_key_update, 1)
2124
2125 OP_BEGIN_REPEAT (200)
2126
2127 OP_C_WRITE (DEFAULT, "apple", 5)
2128 OP_S_READ_EXPECT (a, "apple", 5)
2129
2130 /*
2131 * TXKU frequency is bounded by RTT because a previous TXKU needs to be
2132 * acknowledged by the peer first before another one can be begin. By
2133 * waiting this long, we eliminate any such concern and ensure as many key
2134 * updates as possible can occur for the purposes of this test.
2135 */
2136 OP_CHECK (skip_time_ms, 100)
2137
2138 OP_END_REPEAT ()
2139
2140 /* At least 5 RXKUs detected */
2141 OP_CHECK (check_key_update_ge, 5)
2142
2143 /*
2144 * Prove the connection is still healthy by sending something in both
2145 * directions.
2146 */
2147 OP_C_WRITE (DEFAULT, "xyzzy", 5)
2148 OP_S_READ_EXPECT (a, "xyzzy", 5)
2149
2150 OP_S_WRITE (a, "plugh", 5)
2151 OP_C_READ_EXPECT (DEFAULT, "plugh", 5)
2152
2153 OP_END
2154};
2155
2156/* 18. Key update test - RTT-bounded */
2157static const struct script_op script_18[] = {
2158 OP_C_SET_ALPN ("ossltest")
2159 OP_C_CONNECT_WAIT ()
2160
2161 OP_C_WRITE (DEFAULT, "apple", 5)
2162
2163 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
2164 OP_S_READ_EXPECT (a, "apple", 5)
2165
2166 OP_CHECK (override_key_update, 1)
2167
2168 OP_BEGIN_REPEAT (200)
2169
2170 OP_C_WRITE (DEFAULT, "apple", 5)
2171 OP_S_READ_EXPECT (a, "apple", 5)
de9564bd 2172 OP_CHECK (skip_time_ms, 8)
693b23e3
HL		 2173
2174 OP_END_REPEAT ()
2175
2176 /*
2177 * This time we simulate far less time passing between writes, so there are
2178 * fewer opportunities to initiate TXKUs. Note that we ask for a TXKU every
2179 * 1 packet above, which is absurd; thus this ensures we only actually
2180 * generate TXKUs when we are allowed to.
2181 */
0e1da9d7 2182 OP_CHECK (check_key_update_lt, 240)
693b23e3
HL		 2183
2184 /*
2185 * Prove the connection is still healthy by sending something in both
2186 * directions.
2187 */
2188 OP_C_WRITE (DEFAULT, "xyzzy", 5)
2189 OP_S_READ_EXPECT (a, "xyzzy", 5)
2190
2191 OP_S_WRITE (a, "plugh", 5)
2192 OP_C_READ_EXPECT (DEFAULT, "plugh", 5)
2193
2194 OP_END
2195};
2196
2525109f
HL		 2197/* 19. Key update test - artificially triggered */
2198static const struct script_op script_19[] = {
2199 OP_C_SET_ALPN ("ossltest")
2200 OP_C_CONNECT_WAIT ()
2201
2202 OP_C_WRITE (DEFAULT, "apple", 5)
2203
2204 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
2205 OP_S_READ_EXPECT (a, "apple", 5)
2206
76696a54
HL		 2207 OP_C_WRITE (DEFAULT, "orange", 6)
2208 OP_S_READ_EXPECT (a, "orange", 6)
2209
2210 OP_S_WRITE (a, "strawberry", 10)
2211 OP_C_READ_EXPECT (DEFAULT, "strawberry", 10)
2212
2525109f
HL		 2213 OP_CHECK (check_key_update_lt, 1)
2214 OP_CHECK (trigger_key_update, 0)
2215
2216 OP_C_WRITE (DEFAULT, "orange", 6)
2217 OP_S_READ_EXPECT (a, "orange", 6)
9289e59c 2218 OP_S_WRITE (a, "ok", 2)
2525109f 2219
9289e59c 2220 OP_C_READ_EXPECT (DEFAULT, "ok", 2)
2525109f
HL		 2221 OP_CHECK (check_key_update_ge, 1)
2222
2223 OP_END
2224};
2225
0345cac6
TM		 2226/* 20. Multiple threads accept stream with socket forcibly closed (error test) */
2227static const struct script_op script_20_child[] = {
2228 OP_C_ACCEPT_STREAM_WAIT (a)
2229 OP_C_READ_EXPECT (a, "foo", 3)
2230
2231 OP_SLEEP (500)
2232
2233 OP_C_READ_FAIL_WAIT (a)
2234 OP_C_EXPECT_SSL_ERR (a, SSL_ERROR_SYSCALL)
2235 OP_EXPECT_ERR_LIB (ERR_LIB_SYS)
741170be 2236 OP_EXPECT_ERR_REASON (SSL_R_QUIC_NETWORK_ERROR)
0345cac6
TM		 2237 OP_C_FREE_STREAM (a)
2238
2239 OP_END
2240};
2241
2242static const struct script_op script_20[] = {
2243 OP_C_SET_ALPN ("ossltest")
2244 OP_C_CONNECT_WAIT ()
2245 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
2246
2247 OP_NEW_THREAD (5, script_20_child)
2248
2249 OP_BEGIN_REPEAT (5)
2250
2251 OP_S_NEW_STREAM_BIDI (a, ANY_ID)
2252 OP_S_WRITE (a, "foo", 3)
2253 OP_S_UNBIND_STREAM_ID (a)
2254
2255 OP_END_REPEAT ()
2256
2257 OP_SLEEP (100)
2258
2259 OP_C_CLOSE_SOCKET ()
2260
2261 OP_END
2262};
2263
e26dc8e3
HL		 2264/* 21. Fault injection - unknown frame in 1-RTT packet */
2265static int script_21_inject_plain(struct helper *h, QUIC_PKT_HDR *hdr,
2266 unsigned char *buf, size_t len)
2267{
7eebc354 2268 int ok = 0;
e26dc8e3
HL		 2269 WPACKET wpkt;
2270 unsigned char frame_buf[8];
2271 size_t written;
2272
2273 if (h->inject_word0 == 0 || hdr->type != h->inject_word0)
2274 return 1;
2275
2276 if (!TEST_true(WPACKET_init_static_len(&wpkt, frame_buf,
2277 sizeof(frame_buf), 0)))
2278 return 0;
2279
2280 if (!TEST_true(WPACKET_quic_write_vlint(&wpkt, h->inject_word1)))
7eebc354 2281 goto err;
e26dc8e3
HL		 2282
2283 if (!TEST_true(WPACKET_get_total_written(&wpkt, &written)))
7eebc354 2284 goto err;
e26dc8e3
HL		 2285
2286 if (!qtest_fault_prepend_frame(h->qtf, frame_buf, written))
7eebc354 2287 goto err;
e26dc8e3 2288
7eebc354
HL		 2289 ok = 1;
2290err:
96b7df60
HL		 2291 if (ok)
2292 WPACKET_finish(&wpkt);
2293 else
2294 WPACKET_cleanup(&wpkt);
7eebc354 2295 return ok;
e26dc8e3
HL		 2296}
2297
2298static const struct script_op script_21[] = {
2299 OP_S_SET_INJECT_PLAIN (script_21_inject_plain)
2300 OP_C_SET_ALPN ("ossltest")
2301 OP_C_CONNECT_WAIT ()
2302
2303 OP_C_WRITE (DEFAULT, "apple", 5)
2304 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
2305 OP_S_READ_EXPECT (a, "apple", 5)
2306
2307 OP_SET_INJECT_WORD (QUIC_PKT_TYPE_1RTT, OSSL_QUIC_VLINT_MAX)
2308
2309 OP_S_WRITE (a, "orange", 6)
2310
2311 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_FRAME_ENCODING_ERROR,0,0)
2312
2313 OP_END
2314};
2315
2316/* 22. Fault injection - non-zero packet header reserved bits */
2317static int script_22_inject_plain(struct helper *h, QUIC_PKT_HDR *hdr,
2318 unsigned char *buf, size_t len)
2319{
2320 if (h->inject_word0 == 0)
2321 return 1;
2322
2323 hdr->reserved = 1;
2324 return 1;
2325}
2326
2327static const struct script_op script_22[] = {
2328 OP_S_SET_INJECT_PLAIN (script_22_inject_plain)
2329 OP_C_SET_ALPN ("ossltest")
2330 OP_C_CONNECT_WAIT ()
2331
2332 OP_C_WRITE (DEFAULT, "apple", 5)
2333 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
2334 OP_S_READ_EXPECT (a, "apple", 5)
2335
2336 OP_SET_INJECT_WORD (1, 0)
2337
2338 OP_S_WRITE (a, "orange", 6)
2339
2340 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_PROTOCOL_VIOLATION,0,0)
2341
2342 OP_END
2343};
2344
2345/* 23. Fault injection - empty NEW_TOKEN */
2346static int script_23_inject_plain(struct helper *h, QUIC_PKT_HDR *hdr,
2347 unsigned char *buf, size_t len)
2348{
7eebc354 2349 int ok = 0;
e26dc8e3
HL		 2350 WPACKET wpkt;
2351 unsigned char frame_buf[16];
2352 size_t written;
2353
2354 if (h->inject_word0 == 0)
2355 return 1;
2356
2357 if (!TEST_true(WPACKET_init_static_len(&wpkt, frame_buf,
2358 sizeof(frame_buf), 0)))
2359 return 0;
2360
2361 if (!TEST_true(WPACKET_quic_write_vlint(&wpkt, OSSL_QUIC_FRAME_TYPE_NEW_TOKEN))
2362 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, 0)))
7eebc354 2363 goto err;
e26dc8e3
HL		 2364
2365 if (!TEST_true(WPACKET_get_total_written(&wpkt, &written)))
7eebc354 2366 goto err;
e26dc8e3
HL		 2367
2368 if (!qtest_fault_prepend_frame(h->qtf, frame_buf, written))
7eebc354 2369 goto err;
e26dc8e3 2370
7eebc354
HL		 2371 ok = 1;
2372err:
96b7df60
HL		 2373 if (ok)
2374 WPACKET_finish(&wpkt);
2375 else
2376 WPACKET_cleanup(&wpkt);
7eebc354 2377 return ok;
e26dc8e3
HL		 2378}
2379
2380static const struct script_op script_23[] = {
2381 OP_S_SET_INJECT_PLAIN (script_23_inject_plain)
2382 OP_C_SET_ALPN ("ossltest")
2383 OP_C_CONNECT_WAIT ()
2384
2385 OP_C_WRITE (DEFAULT, "apple", 5)
2386 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
2387 OP_S_READ_EXPECT (a, "apple", 5)
2388
2389 OP_SET_INJECT_WORD (1, 0)
2390
2391 OP_S_WRITE (a, "orange", 6)
2392
2393 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_FRAME_ENCODING_ERROR,0,0)
2394
2395 OP_END
2396};
2397
2398/* 24. Fault injection - excess value of MAX_STREAMS_BIDI */
2399static int script_24_inject_plain(struct helper *h, QUIC_PKT_HDR *hdr,
2400 unsigned char *buf, size_t len)
2401{
7eebc354 2402 int ok = 0;
e26dc8e3
HL		 2403 WPACKET wpkt;
2404 unsigned char frame_buf[16];
2405 size_t written;
2406
2407 if (h->inject_word0 == 0)
2408 return 1;
2409
2410 if (!TEST_true(WPACKET_init_static_len(&wpkt, frame_buf,
2411 sizeof(frame_buf), 0)))
2412 return 0;
2413
2414 if (!TEST_true(WPACKET_quic_write_vlint(&wpkt, h->inject_word1))
2415 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, (((uint64_t)1) << 60) + 1)))
7eebc354 2416 goto err;
e26dc8e3
HL		 2417
2418 if (!TEST_true(WPACKET_get_total_written(&wpkt, &written)))
7eebc354 2419 goto err;
e26dc8e3
HL		 2420
2421 if (!qtest_fault_prepend_frame(h->qtf, frame_buf, written))
7eebc354 2422 goto err;
e26dc8e3 2423
7eebc354
HL		 2424 ok = 1;
2425err:
96b7df60
HL		 2426 if (ok)
2427 WPACKET_finish(&wpkt);
2428 else
2429 WPACKET_cleanup(&wpkt);
7eebc354 2430 return ok;
e26dc8e3
HL		 2431}
2432
2433static const struct script_op script_24[] = {
2434 OP_S_SET_INJECT_PLAIN (script_24_inject_plain)
2435 OP_C_SET_ALPN ("ossltest")
2436 OP_C_CONNECT_WAIT ()
2437
2438 OP_C_WRITE (DEFAULT, "apple", 5)
2439 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
2440 OP_S_READ_EXPECT (a, "apple", 5)
2441
2442 OP_SET_INJECT_WORD (1, OSSL_QUIC_FRAME_TYPE_MAX_STREAMS_BIDI)
2443
2444 OP_S_WRITE (a, "orange", 6)
2445
2446 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_FRAME_ENCODING_ERROR,0,0)
2447
2448 OP_END
2449};
2450
2451/* 25. Fault injection - excess value of MAX_STREAMS_UNI */
2452static const struct script_op script_25[] = {
2453 OP_S_SET_INJECT_PLAIN (script_24_inject_plain)
2454 OP_C_SET_ALPN ("ossltest")
2455 OP_C_CONNECT_WAIT ()
2456
2457 OP_C_WRITE (DEFAULT, "apple", 5)
2458 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
2459 OP_S_READ_EXPECT (a, "apple", 5)
2460
2461 OP_SET_INJECT_WORD (1, OSSL_QUIC_FRAME_TYPE_MAX_STREAMS_UNI)
2462
2463 OP_S_WRITE (a, "orange", 6)
2464
2465 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_FRAME_ENCODING_ERROR,0,0)
2466
2467 OP_END
2468};
2469
2470/* 26. Fault injection - excess value of STREAMS_BLOCKED_BIDI */
2471static const struct script_op script_26[] = {
2472 OP_S_SET_INJECT_PLAIN (script_24_inject_plain)
2473 OP_C_SET_ALPN ("ossltest")
2474 OP_C_CONNECT_WAIT ()
2475
2476 OP_C_WRITE (DEFAULT, "apple", 5)
2477 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
2478 OP_S_READ_EXPECT (a, "apple", 5)
2479
2480 OP_SET_INJECT_WORD (1, OSSL_QUIC_FRAME_TYPE_STREAMS_BLOCKED_BIDI)
2481
2482 OP_S_WRITE (a, "orange", 6)
2483
2484 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_STREAM_LIMIT_ERROR,0,0)
2485
2486 OP_END
2487};
2488
2489/* 27. Fault injection - excess value of STREAMS_BLOCKED_UNI */
2490static const struct script_op script_27[] = {
2491 OP_S_SET_INJECT_PLAIN (script_24_inject_plain)
2492 OP_C_SET_ALPN ("ossltest")
2493 OP_C_CONNECT_WAIT ()
2494
2495 OP_C_WRITE (DEFAULT, "apple", 5)
2496 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
2497 OP_S_READ_EXPECT (a, "apple", 5)
2498
2499 OP_SET_INJECT_WORD (1, OSSL_QUIC_FRAME_TYPE_STREAMS_BLOCKED_UNI)
2500
2501 OP_S_WRITE (a, "orange", 6)
2502
2503 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_STREAM_LIMIT_ERROR,0,0)
2504
2505 OP_END
2506};
2507
2508/* 28. Fault injection - received RESET_STREAM for send-only stream */
2509static int script_28_inject_plain(struct helper *h, QUIC_PKT_HDR *hdr,
2510 unsigned char *buf, size_t len)
2511{
7eebc354 2512 int ok = 0;
e26dc8e3
HL		 2513 WPACKET wpkt;
2514 unsigned char frame_buf[32];
2515 size_t written;
2516
2517 if (h->inject_word0 == 0)
2518 return 1;
2519
2520 if (!TEST_true(WPACKET_init_static_len(&wpkt, frame_buf,
2521 sizeof(frame_buf), 0)))
2522 return 0;
2523
2524 if (!TEST_true(WPACKET_quic_write_vlint(&wpkt, h->inject_word1))
2525 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, /* stream ID */
2526 h->inject_word0 - 1))
2527 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, 123))
2528 || (h->inject_word1 == OSSL_QUIC_FRAME_TYPE_RESET_STREAM
2529 && !TEST_true(WPACKET_quic_write_vlint(&wpkt, 5)))) /* final size */
7eebc354 2530 goto err;
e26dc8e3
HL		 2531
2532 if (!TEST_true(WPACKET_get_total_written(&wpkt, &written)))
7eebc354 2533 goto err;
e26dc8e3
HL		 2534
2535 if (!qtest_fault_prepend_frame(h->qtf, frame_buf, written))
7eebc354 2536 goto err;
e26dc8e3 2537
7eebc354
HL		 2538 ok = 1;
2539err:
96b7df60
HL		 2540 if (ok)
2541 WPACKET_finish(&wpkt);
2542 else
2543 WPACKET_cleanup(&wpkt);
7eebc354 2544 return ok;
e26dc8e3
HL		 2545}
2546
2547static const struct script_op script_28[] = {
2548 OP_S_SET_INJECT_PLAIN (script_28_inject_plain)
2549 OP_C_SET_ALPN ("ossltest")
2550 OP_C_CONNECT_WAIT ()
2551 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
2552
70cafc44
HL		 2553 OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
2554 OP_C_WRITE (a, "orange", 6)
e26dc8e3 2555
70cafc44
HL		 2556 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
2557 OP_S_READ_EXPECT (a, "orange", 6)
2558
2559 OP_C_NEW_STREAM_UNI (b, C_UNI_ID(0))
2560 OP_C_WRITE (b, "apple", 5)
2561
2562 OP_S_BIND_STREAM_ID (b, C_UNI_ID(0))
2563 OP_S_READ_EXPECT (b, "apple", 5)
e26dc8e3
HL		 2564
2565 OP_SET_INJECT_WORD (C_UNI_ID(0) + 1, OSSL_QUIC_FRAME_TYPE_RESET_STREAM)
70cafc44 2566 OP_S_WRITE (a, "fruit", 5)
e26dc8e3
HL		 2567
2568 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_STREAM_STATE_ERROR,0,0)
2569
2570 OP_END
2571};
2572
2573/* 29. Fault injection - received RESET_STREAM for nonexistent send-only stream */
2574static const struct script_op script_29[] = {
2575 OP_S_SET_INJECT_PLAIN (script_28_inject_plain)
2576 OP_C_SET_ALPN ("ossltest")
2577 OP_C_CONNECT_WAIT ()
2578 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
2579
70cafc44
HL		 2580 OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
2581 OP_C_WRITE (a, "orange", 6)
e26dc8e3 2582
70cafc44
HL		 2583 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
2584 OP_S_READ_EXPECT (a, "orange", 6)
2585
2586 OP_C_NEW_STREAM_UNI (b, C_UNI_ID(0))
2587 OP_C_WRITE (b, "apple", 5)
2588
2589 OP_S_BIND_STREAM_ID (b, C_UNI_ID(0))
2590 OP_S_READ_EXPECT (b, "apple", 5)
e26dc8e3
HL		 2591
2592 OP_SET_INJECT_WORD (C_UNI_ID(1) + 1, OSSL_QUIC_FRAME_TYPE_RESET_STREAM)
70cafc44 2593 OP_S_WRITE (a, "fruit", 5)
e26dc8e3
HL		 2594
2595 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_STREAM_STATE_ERROR,0,0)
2596
2597 OP_END
2598};
2599
2600/* 30. Fault injection - received STOP_SENDING for receive-only stream */
2601static const struct script_op script_30[] = {
2602 OP_S_SET_INJECT_PLAIN (script_28_inject_plain)
2603 OP_C_SET_ALPN ("ossltest")
2604 OP_C_CONNECT_WAIT ()
2605 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
2606
2607 OP_S_NEW_STREAM_UNI (a, S_UNI_ID(0))
2608 OP_S_WRITE (a, "apple", 5)
2609
2610 OP_C_ACCEPT_STREAM_WAIT (a)
2611 OP_C_READ_EXPECT (a, "apple", 5)
2612
2613 OP_SET_INJECT_WORD (S_UNI_ID(0) + 1, OSSL_QUIC_FRAME_TYPE_STOP_SENDING)
2614 OP_S_WRITE (a, "orange", 6)
2615
2616 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_STREAM_STATE_ERROR,0,0)
2617
2618 OP_END
2619};
2620
2621/* 31. Fault injection - received STOP_SENDING for nonexistent receive-only stream */
2622static const struct script_op script_31[] = {
2623 OP_S_SET_INJECT_PLAIN (script_28_inject_plain)
2624 OP_C_SET_ALPN ("ossltest")
2625 OP_C_CONNECT_WAIT ()
2626 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
2627
2628 OP_S_NEW_STREAM_UNI (a, S_UNI_ID(0))
2629 OP_S_WRITE (a, "apple", 5)
2630
2631 OP_C_ACCEPT_STREAM_WAIT (a)
2632 OP_C_READ_EXPECT (a, "apple", 5)
2633
2634 OP_SET_INJECT_WORD (C_UNI_ID(0) + 1, OSSL_QUIC_FRAME_TYPE_STOP_SENDING)
2635 OP_S_WRITE (a, "orange", 6)
2636
2637 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_STREAM_STATE_ERROR,0,0)
2638
2639 OP_END
2640};
2641
2642/* 32. Fault injection - STREAM frame for nonexistent stream */
2643static int script_32_inject_plain(struct helper *h, QUIC_PKT_HDR *hdr,
2644 unsigned char *buf, size_t len)
2645{
7eebc354 2646 int ok = 0;
e26dc8e3
HL		 2647 WPACKET wpkt;
2648 unsigned char frame_buf[64];
2649 size_t written;
2650 uint64_t type = OSSL_QUIC_FRAME_TYPE_STREAM_OFF_LEN, offset, flen, i;
2651
2652 switch (h->inject_word1) {
2653 default:
2654 return 0;
2655 case 0:
2656 return 1;
2657 case 1:
2658 offset = 0;
2659 flen = 0;
2660 break;
2661 case 2:
2662 offset = (((uint64_t)1)<<62) - 1;
2663 flen = 5;
2664 break;
2665 case 3:
2666 offset = 1 * 1024 * 1024 * 1024; /* 1G */
2667 flen = 5;
2668 break;
2669 }
2670
2671 if (!TEST_true(WPACKET_init_static_len(&wpkt, frame_buf,
2672 sizeof(frame_buf), 0)))
2673 return 0;
2674
2675 if (!TEST_true(WPACKET_quic_write_vlint(&wpkt, type))
2676 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, /* stream ID */
2677 h->inject_word0 - 1))
2678 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, offset))
2679 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, flen)))
7eebc354 2680 goto err;
e26dc8e3
HL		 2681
2682 for (i = 0; i < flen; ++i)
2683 if (!TEST_true(WPACKET_put_bytes_u8(&wpkt, 0x42)))
7eebc354 2684 goto err;
e26dc8e3
HL		 2685
2686 if (!TEST_true(WPACKET_get_total_written(&wpkt, &written)))
7eebc354 2687 goto err;
e26dc8e3
HL		 2688
2689 if (!qtest_fault_prepend_frame(h->qtf, frame_buf, written))
7eebc354 2690 goto err;
e26dc8e3 2691
7eebc354
HL		 2692 ok = 1;
2693err:
96b7df60
HL		 2694 if (ok)
2695 WPACKET_finish(&wpkt);
2696 else
2697 WPACKET_cleanup(&wpkt);
7eebc354 2698 return ok;
e26dc8e3
HL		 2699}
2700
2701static const struct script_op script_32[] = {
2702 OP_S_SET_INJECT_PLAIN (script_32_inject_plain)
2703 OP_C_SET_ALPN ("ossltest")
2704 OP_C_CONNECT_WAIT ()
2705 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
2706
2707 OP_S_NEW_STREAM_UNI (a, S_UNI_ID(0))
2708 OP_S_WRITE (a, "apple", 5)
2709
2710 OP_C_ACCEPT_STREAM_WAIT (a)
2711 OP_C_READ_EXPECT (a, "apple", 5)
2712
2713 OP_SET_INJECT_WORD (C_UNI_ID(0) + 1, 1)
2714 OP_S_WRITE (a, "orange", 6)
2715
2716 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_STREAM_STATE_ERROR,0,0)
2717
2718 OP_END
2719};
2720
2721/* 33. Fault injection - STREAM frame with illegal offset */
2722static const struct script_op script_33[] = {
2723 OP_S_SET_INJECT_PLAIN (script_32_inject_plain)
2724 OP_C_SET_ALPN ("ossltest")
2725 OP_C_CONNECT_WAIT ()
2726 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
2727
2728 OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
2729 OP_C_WRITE (a, "apple", 5)
2730
2731 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
2732 OP_S_READ_EXPECT (a, "apple", 5)
2733
2734 OP_SET_INJECT_WORD (C_BIDI_ID(0) + 1, 2)
2735 OP_S_WRITE (a, "orange", 6)
2736
2737 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_FRAME_ENCODING_ERROR,0,0)
2738
2739 OP_END
2740};
2741
2742/* 34. Fault injection - STREAM frame which exceeds FC */
2743static const struct script_op script_34[] = {
2744 OP_S_SET_INJECT_PLAIN (script_32_inject_plain)
2745 OP_C_SET_ALPN ("ossltest")
2746 OP_C_CONNECT_WAIT ()
2747 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
2748
2749 OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
2750 OP_C_WRITE (a, "apple", 5)
2751
2752 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
2753 OP_S_READ_EXPECT (a, "apple", 5)
2754
2755 OP_SET_INJECT_WORD (C_BIDI_ID(0) + 1, 3)
2756 OP_S_WRITE (a, "orange", 6)
2757
2758 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_FLOW_CONTROL_ERROR,0,0)
2759
2760 OP_END
2761};
2762
2763/* 35. Fault injection - MAX_STREAM_DATA for receive-only stream */
2764static const struct script_op script_35[] = {
2765 OP_S_SET_INJECT_PLAIN (script_28_inject_plain)
2766 OP_C_SET_ALPN ("ossltest")
2767 OP_C_CONNECT_WAIT ()
2768 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
2769
2770 OP_S_NEW_STREAM_UNI (a, S_UNI_ID(0))
2771 OP_S_WRITE (a, "apple", 5)
2772
2773 OP_C_ACCEPT_STREAM_WAIT (a)
2774 OP_C_READ_EXPECT (a, "apple", 5)
2775
2776 OP_SET_INJECT_WORD (S_UNI_ID(0) + 1, OSSL_QUIC_FRAME_TYPE_MAX_STREAM_DATA)
2777 OP_S_WRITE (a, "orange", 6)
2778
2779 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_STREAM_STATE_ERROR,0,0)
2780
2781 OP_END
2782};
2783
2784/* 36. Fault injection - MAX_STREAM_DATA for nonexistent stream */
2785static const struct script_op script_36[] = {
2786 OP_S_SET_INJECT_PLAIN (script_28_inject_plain)
2787 OP_C_SET_ALPN ("ossltest")
2788 OP_C_CONNECT_WAIT ()
2789 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
2790
2791 OP_S_NEW_STREAM_UNI (a, S_UNI_ID(0))
2792 OP_S_WRITE (a, "apple", 5)
2793
2794 OP_C_ACCEPT_STREAM_WAIT (a)
2795 OP_C_READ_EXPECT (a, "apple", 5)
2796
2797 OP_SET_INJECT_WORD (C_BIDI_ID(0) + 1, OSSL_QUIC_FRAME_TYPE_MAX_STREAM_DATA)
2798 OP_S_WRITE (a, "orange", 6)
2799
2800 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_STREAM_STATE_ERROR,0,0)
2801
2802 OP_END
2803};
2804
2805/* 37. Fault injection - STREAM_DATA_BLOCKED for send-only stream */
2806static const struct script_op script_37[] = {
2807 OP_S_SET_INJECT_PLAIN (script_28_inject_plain)
2808 OP_C_SET_ALPN ("ossltest")
2809 OP_C_CONNECT_WAIT ()
2810 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
2811
2812 OP_C_NEW_STREAM_UNI (a, C_UNI_ID(0))
2813 OP_C_WRITE (a, "apple", 5)
2814
2815 OP_S_BIND_STREAM_ID (a, C_UNI_ID(0))
2816 OP_S_READ_EXPECT (a, "apple", 5)
2817
2818 OP_S_NEW_STREAM_UNI (b, S_UNI_ID(0))
2819 OP_SET_INJECT_WORD (C_UNI_ID(0) + 1, OSSL_QUIC_FRAME_TYPE_STREAM_DATA_BLOCKED)
2820 OP_S_WRITE (b, "orange", 5)
2821
2822 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_STREAM_STATE_ERROR,0,0)
2823
2824 OP_END
2825};
2826
2827/* 38. Fault injection - STREAM_DATA_BLOCKED for non-existent stream */
2828static const struct script_op script_38[] = {
2829 OP_S_SET_INJECT_PLAIN (script_28_inject_plain)
2830 OP_C_SET_ALPN ("ossltest")
2831 OP_C_CONNECT_WAIT ()
2832 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
2833
2834 OP_S_NEW_STREAM_UNI (b, S_UNI_ID(0))
2835 OP_SET_INJECT_WORD (C_BIDI_ID(0) + 1, OSSL_QUIC_FRAME_TYPE_STREAM_DATA_BLOCKED)
2836 OP_S_WRITE (b, "orange", 5)
2837
2838 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_STREAM_STATE_ERROR,0,0)
2839
2840 OP_END
2841};
2842
2843/* 39. Fault injection - NEW_CONN_ID with zero-len CID */
2844static int script_39_inject_plain(struct helper *h, QUIC_PKT_HDR *hdr,
2845 unsigned char *buf, size_t len)
2846{
7eebc354 2847 int ok = 0;
e26dc8e3
HL		 2848 WPACKET wpkt;
2849 unsigned char frame_buf[64];
2850 size_t i, written;
ed75eb32
HL		 2851 uint64_t seq_no = 0, retire_prior_to = 0;
2852 QUIC_CONN_ID new_cid = {0};
2853 QUIC_CHANNEL *ch = ossl_quic_tserver_get_channel(h->s);
e26dc8e3 2854
ed75eb32
HL		 2855 switch (h->inject_word1) {
2856 case 0:
e26dc8e3 2857 return 1;
ed75eb32
HL		 2858 case 1:
2859 new_cid.id_len = 0;
2860 break;
2861 case 2:
2862 new_cid.id_len = 21;
2863 break;
2864 case 3:
2865 new_cid.id_len = 1;
2866 new_cid.id[0] = 0x55;
2867
2868 seq_no = 0;
2869 retire_prior_to = 1;
2870 break;
2871 case 4:
2872 /* Cheese it by using our actual CID so we don't break connectivity. */
2873 ossl_quic_channel_get_diag_local_cid(ch, &new_cid);
2874
2875 seq_no = 2;
2876 retire_prior_to = 2;
2877 break;
2878 case 5:
2879 /*
2880 * Use a bogus CID which will need to be ignored if connectivity is to
2881 * be continued.
2882 */
2883 new_cid.id_len = 8;
2884 new_cid.id[0] = 0x55;
2885
2886 seq_no = 1;
2887 retire_prior_to = 1;
2888 break;
2889 }
e26dc8e3
HL		 2890
2891 if (!TEST_true(WPACKET_init_static_len(&wpkt, frame_buf,
2892 sizeof(frame_buf), 0)))
2893 return 0;
2894
2895 if (!TEST_true(WPACKET_quic_write_vlint(&wpkt, OSSL_QUIC_FRAME_TYPE_NEW_CONN_ID))
ed75eb32
HL		 2896 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, seq_no)) /* seq no */
2897 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, retire_prior_to)) /* retire prior to */
2898 || !TEST_true(WPACKET_put_bytes_u8(&wpkt, new_cid.id_len))) /* len */
7eebc354 2899 goto err;
e26dc8e3 2900
d63b8cbb 2901 for (i = 0; i < new_cid.id_len && i < OSSL_NELEM(new_cid.id); ++i)
ed75eb32
HL		 2902 if (!TEST_true(WPACKET_put_bytes_u8(&wpkt, new_cid.id[i])))
2903 goto err;
2904
d63b8cbb
HL		 2905 for (; i < new_cid.id_len; ++i)
2906 if (!TEST_true(WPACKET_put_bytes_u8(&wpkt, 0x55)))
2907 goto err;
2908
e26dc8e3
HL		 2909 for (i = 0; i < QUIC_STATELESS_RESET_TOKEN_LEN; ++i)
2910 if (!TEST_true(WPACKET_put_bytes_u8(&wpkt, 0x42)))
7eebc354 2911 goto err;
e26dc8e3
HL		 2912
2913 if (!TEST_true(WPACKET_get_total_written(&wpkt, &written)))
7eebc354 2914 goto err;
e26dc8e3
HL		 2915
2916 if (!qtest_fault_prepend_frame(h->qtf, frame_buf, written))
7eebc354 2917 goto err;
e26dc8e3 2918
7eebc354
HL		 2919 ok = 1;
2920err:
96b7df60
HL		 2921 if (ok)
2922 WPACKET_finish(&wpkt);
2923 else
2924 WPACKET_cleanup(&wpkt);
7eebc354 2925 return ok;
e26dc8e3
HL		 2926}
2927
2928static const struct script_op script_39[] = {
2929 OP_S_SET_INJECT_PLAIN (script_39_inject_plain)
2930 OP_C_SET_ALPN ("ossltest")
2931 OP_C_CONNECT_WAIT ()
2932 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
2933
2934 OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
2935 OP_C_WRITE (a, "apple", 5)
2936 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
2937 OP_S_READ_EXPECT (a, "apple", 5)
2938
2939 OP_SET_INJECT_WORD (0, 1)
2940 OP_S_WRITE (a, "orange", 5)
2941
2942 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_FRAME_ENCODING_ERROR,0,0)
2943
2944 OP_END
2945};
2946
cd5e4380
HL		 2947/* 40. Shutdown flush test */
2948static const unsigned char script_40_data[1024] = "strawberry";
2949
2950static const struct script_op script_40[] = {
2951 OP_C_SET_ALPN ("ossltest")
2952 OP_C_CONNECT_WAIT ()
2953 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
2954
2955 OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
2956 OP_C_WRITE (a, "apple", 5)
2957
2958 OP_C_INHIBIT_TICK (1)
2959 OP_C_SET_WRITE_BUF_SIZE (a, 1024 * 100 * 3)
2960
2961 OP_BEGIN_REPEAT (100)
2962
2963 OP_C_WRITE (a, script_40_data, sizeof(script_40_data))
2964
2965 OP_END_REPEAT ()
2966
2967 OP_C_CONCLUDE (a)
d49a1634 2968 OP_C_SHUTDOWN_WAIT (NULL) /* disengages tick inhibition */
cd5e4380
HL		 2969
2970 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
2971 OP_S_READ_EXPECT (a, "apple", 5)
2972
2973 OP_BEGIN_REPEAT (100)
2974
2975 OP_S_READ_EXPECT (a, script_40_data, sizeof(script_40_data))
2976
2977 OP_END_REPEAT ()
2978
2979 OP_S_EXPECT_FIN (a)
2980
2981 OP_C_EXPECT_CONN_CLOSE_INFO(0, 1, 0)
2982 OP_S_EXPECT_CONN_CLOSE_INFO(0, 1, 1)
2983
2984 OP_END
2985};
2986
7eb330ff
HL		 2987/* 41. Fault injection - PATH_CHALLENGE yields PATH_RESPONSE */
2988static const uint64_t path_challenge = UINT64_C(0xbdeb9451169c83aa);
2989
2990static int script_41_inject_plain(struct helper *h, QUIC_PKT_HDR *hdr,
2991 unsigned char *buf, size_t len)
2992{
2993 int ok = 0;
2994 WPACKET wpkt;
2995 unsigned char frame_buf[16];
2996 size_t written;
2997
2998 if (h->inject_word0 == 0)
2999 return 1;
3000
3001 if (!TEST_true(WPACKET_init_static_len(&wpkt, frame_buf,
3002 sizeof(frame_buf), 0)))
3003 return 0;
3004
a1aff2c6 3005 if (!TEST_true(WPACKET_quic_write_vlint(&wpkt, h->inject_word1))
7eb330ff
HL		 3006 || !TEST_true(WPACKET_put_bytes_u64(&wpkt, path_challenge)))
3007 goto err;
3008
3009 if (!TEST_true(WPACKET_get_total_written(&wpkt, &written))
3010 || !TEST_size_t_eq(written, 9))
3011 goto err;
3012
3013 if (!qtest_fault_prepend_frame(h->qtf, frame_buf, written))
3014 goto err;
3015
3016 --h->inject_word0;
3017 ok = 1;
3018err:
3019 if (ok)
3020 WPACKET_finish(&wpkt);
3021 else
3022 WPACKET_cleanup(&wpkt);
3023 return ok;
3024}
3025
3026static void script_41_trace(int write_p, int version, int content_type,
3027 const void *buf, size_t len, SSL *ssl, void *arg)
3028{
3029 uint64_t frame_type, frame_data;
3030 int was_minimal;
3031 struct helper *h = arg;
3032 PACKET pkt;
3033
3034 if (version != OSSL_QUIC1_VERSION
3035 || content_type != SSL3_RT_QUIC_FRAME_FULL
3036 || len < 1)
3037 return;
3038
3039 if (!TEST_true(PACKET_buf_init(&pkt, buf, len))) {
3040 ++h->scratch1;
3041 return;
3042 }
3043
3044 if (!TEST_true(ossl_quic_wire_peek_frame_header(&pkt, &frame_type,
3045 &was_minimal))) {
3046 ++h->scratch1;
3047 return;
3048 }
3049
3050 if (frame_type != OSSL_QUIC_FRAME_TYPE_PATH_RESPONSE)
3051 return;
3052
3053 if (!TEST_true(ossl_quic_wire_decode_frame_path_response(&pkt, &frame_data))
3054 || !TEST_uint64_t_eq(frame_data, path_challenge)) {
3055 ++h->scratch1;
3056 return;
3057 }
3058
3059 ++h->scratch0;
3060}
3061
3062static int script_41_setup(struct helper *h, const struct script_op *op)
3063{
3064 ossl_quic_tserver_set_msg_callback(h->s, script_41_trace, h);
3065 return 1;
3066}
3067
3068static int script_41_check(struct helper *h, const struct script_op *op)
3069{
3070 /* At least one valid challenge/response echo? */
3071 if (!TEST_uint64_t_gt(h->scratch0, 0))
3072 return 0;
3073
3074 /* No failed tests? */
3075 if (!TEST_uint64_t_eq(h->scratch1, 0))
3076 return 0;
3077
3078 return 1;
3079}
3080
3081static const struct script_op script_41[] = {
3082 OP_S_SET_INJECT_PLAIN (script_41_inject_plain)
3083 OP_C_SET_ALPN ("ossltest")
3084 OP_C_CONNECT_WAIT ()
3085 OP_CHECK (script_41_setup, 0)
3086
3087 OP_C_WRITE (DEFAULT, "apple", 5)
3088 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
3089 OP_S_READ_EXPECT (a, "apple", 5)
3090
a1aff2c6 3091 OP_SET_INJECT_WORD (1, OSSL_QUIC_FRAME_TYPE_PATH_CHALLENGE)
7eb330ff
HL		 3092
3093 OP_S_WRITE (a, "orange", 6)
3094 OP_C_READ_EXPECT (DEFAULT, "orange", 6)
3095
3096 OP_C_WRITE (DEFAULT, "strawberry", 10)
3097 OP_S_READ_EXPECT (a, "strawberry", 10)
3098
3099 OP_CHECK (script_41_check, 0)
3100 OP_END
3101};
3102
27c2f62f
HL		 3103/* 42. Fault injection - CRYPTO frame with illegal offset */
3104static int script_42_inject_plain(struct helper *h, QUIC_PKT_HDR *hdr,
3105 unsigned char *buf, size_t len)
3106{
3107 int ok = 0;
3108 unsigned char frame_buf[64];
3109 size_t written;
3110 WPACKET wpkt;
3111
3112 if (h->inject_word0 == 0)
3113 return 1;
3114
3115 --h->inject_word0;
3116
3117 if (!TEST_true(WPACKET_init_static_len(&wpkt, frame_buf,
3118 sizeof(frame_buf), 0)))
3119 return 0;
3120
3121 if (!TEST_true(WPACKET_quic_write_vlint(&wpkt, OSSL_QUIC_FRAME_TYPE_CRYPTO))
ab6c6345 3122 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, h->inject_word1))
27c2f62f
HL		 3123 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, 1))
3124 || !TEST_true(WPACKET_put_bytes_u8(&wpkt, 0x42)))
3125 goto err;
3126
3127 if (!TEST_true(WPACKET_get_total_written(&wpkt, &written)))
3128 goto err;
3129
3130 if (!qtest_fault_prepend_frame(h->qtf, frame_buf, written))
3131 goto err;
3132
3133 ok = 1;
3134err:
3135 if (ok)
3136 WPACKET_finish(&wpkt);
3137 else
3138 WPACKET_cleanup(&wpkt);
3139 return ok;
3140}
3141
3142static const struct script_op script_42[] = {
3143 OP_S_SET_INJECT_PLAIN (script_42_inject_plain)
3144 OP_C_SET_ALPN ("ossltest")
3145 OP_C_CONNECT_WAIT ()
3146 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
3147
3148 OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
3149 OP_C_WRITE (a, "apple", 5)
3150
3151 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
3152 OP_S_READ_EXPECT (a, "apple", 5)
3153
ab6c6345 3154 OP_SET_INJECT_WORD (1, (((uint64_t)1) << 62) - 1)
27c2f62f
HL		 3155 OP_S_WRITE (a, "orange", 6)
3156
3157 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_FRAME_ENCODING_ERROR,0,0)
3158
3159 OP_END
3160};
3161
ab6c6345
HL		 3162/* 43. Fault injection - CRYPTO frame exceeding FC */
3163static const struct script_op script_43[] = {
3164 OP_S_SET_INJECT_PLAIN (script_42_inject_plain)
3165 OP_C_SET_ALPN ("ossltest")
3166 OP_C_CONNECT_WAIT ()
3167 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
3168
3169 OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
3170 OP_C_WRITE (a, "apple", 5)
3171
3172 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
3173 OP_S_READ_EXPECT (a, "apple", 5)
3174
3175 OP_SET_INJECT_WORD (1, 0x100000 /* 1 MiB */)
3176 OP_S_WRITE (a, "orange", 6)
3177
3178 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_CRYPTO_BUFFER_EXCEEDED,0,0)
3179
3180 OP_END
3181};
3182
97684a15
HL		 3183/* 44. Fault injection - PADDING */
3184static int script_44_inject_plain(struct helper *h, QUIC_PKT_HDR *hdr,
3185 unsigned char *buf, size_t len)
3186{
3187 int ok = 0;
3188 WPACKET wpkt;
3189 unsigned char frame_buf[16];
3190 size_t written;
3191
3192 if (h->inject_word0 == 0)
3193 return 1;
3194
3195 if (!TEST_true(WPACKET_init_static_len(&wpkt, frame_buf,
3196 sizeof(frame_buf), 0)))
3197 return 0;
3198
3199 if (!TEST_true(ossl_quic_wire_encode_padding(&wpkt, 1)))
3200 goto err;
3201
3202 if (!TEST_true(WPACKET_get_total_written(&wpkt, &written)))
3203 goto err;
3204
3205 if (!qtest_fault_prepend_frame(h->qtf, frame_buf, written))
3206 goto err;
3207
3208 ok = 1;
3209err:
3210 if (ok)
3211 WPACKET_finish(&wpkt);
3212 else
3213 WPACKET_cleanup(&wpkt);
3214 return ok;
3215}
3216
3217static const struct script_op script_44[] = {
3218 OP_S_SET_INJECT_PLAIN (script_44_inject_plain)
3219 OP_C_SET_ALPN ("ossltest")
3220 OP_C_CONNECT_WAIT ()
3221
3222 OP_C_WRITE (DEFAULT, "apple", 5)
3223 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
3224 OP_S_READ_EXPECT (a, "apple", 5)
3225
3226 OP_SET_INJECT_WORD (1, 0)
3227
3228 OP_S_WRITE (a, "Strawberry", 10)
3229 OP_C_READ_EXPECT (DEFAULT, "Strawberry", 10)
3230
3231 OP_END
3232};
3233
17340e87
HL		 3234/* 45. PING must generate ACK */
3235static int force_ping(struct helper *h, const struct script_op *op)
3236{
3237 QUIC_CHANNEL *ch = ossl_quic_tserver_get_channel(h->s);
3238
3239 h->scratch0 = ossl_quic_channel_get_diag_num_rx_ack(ch);
3240
3241 if (!TEST_true(ossl_quic_tserver_ping(h->s)))
3242 return 0;
3243
3244 return 1;
3245}
3246
3247static int wait_incoming_acks_increased(struct helper *h, const struct script_op *op)
3248{
3249 QUIC_CHANNEL *ch = ossl_quic_tserver_get_channel(h->s);
3250 uint16_t count;
3251
3252 count = ossl_quic_channel_get_diag_num_rx_ack(ch);
3253
3254 if (count == h->scratch0) {
3255 h->check_spin_again = 1;
3256 return 0;
3257 }
3258
3259 return 1;
3260}
3261
3262static const struct script_op script_45[] = {
3263 OP_C_SET_ALPN ("ossltest")
3264 OP_C_CONNECT_WAIT ()
3265
3266 OP_C_WRITE (DEFAULT, "apple", 5)
3267 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
3268 OP_S_READ_EXPECT (a, "apple", 5)
3269
3270 OP_BEGIN_REPEAT (2)
3271
3272 OP_CHECK (force_ping, 0)
3273 OP_CHECK (wait_incoming_acks_increased, 0)
3274
3275 OP_END_REPEAT ()
3276
3277 OP_S_WRITE (a, "Strawberry", 10)
3278 OP_C_READ_EXPECT (DEFAULT, "Strawberry", 10)
3279
3280 OP_END
3281};
3282
ed0d6ba4
HL		 3283/* 46. Fault injection - ACK - malformed initial range */
3284static int script_46_inject_plain(struct helper *h, QUIC_PKT_HDR *hdr,
3285 unsigned char *buf, size_t len)
3286{
3287 int ok = 0;
3288 WPACKET wpkt;
3289 unsigned char frame_buf[16];
3290 size_t written;
d49a1634
HL		 3291 uint64_t type = 0, largest_acked = 0, first_range = 0, range_count = 0;
3292 uint64_t agap = 0, alen = 0;
ed0d6ba4
HL		 3293 uint64_t ect0 = 0, ect1 = 0, ecnce = 0;
3294
3295 if (h->inject_word0 == 0)
3296 return 1;
3297
3298 if (!TEST_true(WPACKET_init_static_len(&wpkt, frame_buf,
3299 sizeof(frame_buf), 0)))
3300 return 0;
3301
3302 type = OSSL_QUIC_FRAME_TYPE_ACK_WITHOUT_ECN;
3303
3304 switch (h->inject_word0) {
3305 case 1:
3306 largest_acked = 100;
3307 first_range = 101;
3308 range_count = 0;
3309 break;
3310 case 2:
3311 largest_acked = 100;
3312 first_range = 80;
3313 /* [20..100]; [0..18] */
3314 range_count = 1;
3315 agap = 0;
3316 alen = 19;
3317 break;
3318 case 3:
3319 largest_acked = 100;
3320 first_range = 80;
3321 range_count = 1;
3322 agap = 18;
3323 alen = 1;
3324 break;
3325 case 4:
3326 type = OSSL_QUIC_FRAME_TYPE_ACK_WITH_ECN;
3327 largest_acked = 100;
3328 first_range = 1;
3329 range_count = 0;
3330 break;
3331 case 5:
3332 type = OSSL_QUIC_FRAME_TYPE_ACK_WITH_ECN;
3333 largest_acked = 0;
3334 first_range = 0;
3335 range_count = 0;
3336 ect0 = 0;
3337 ect1 = 50;
3338 ecnce = 200;
3339 break;
3340 }
3341
3342 h->inject_word0 = 0;
3343
3344 if (!TEST_true(WPACKET_quic_write_vlint(&wpkt, type))
3345 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, largest_acked))
3346 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, /*ack_delay=*/0))
3347 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, /*ack_range_count=*/range_count))
3348 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, /*first_ack_range=*/first_range)))
3349 goto err;
3350
3351 if (range_count > 0)
3352 if (!TEST_true(WPACKET_quic_write_vlint(&wpkt, /*range[0].gap=*/agap))
3353 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, /*range[0].len=*/alen)))
3354 goto err;
3355
3356 if (type == OSSL_QUIC_FRAME_TYPE_ACK_WITH_ECN)
3357 if (!TEST_true(WPACKET_quic_write_vlint(&wpkt, ect0))
3358 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, ect1))
3359 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, ecnce)))
3360 goto err;
3361
3362 if (!TEST_true(WPACKET_get_total_written(&wpkt, &written)))
3363 goto err;
3364
3365 if (!qtest_fault_prepend_frame(h->qtf, frame_buf, written))
3366 goto err;
3367
3368 ok = 1;
3369err:
3370 if (ok)
3371 WPACKET_finish(&wpkt);
3372 else
3373 WPACKET_cleanup(&wpkt);
3374 return ok;
3375}
3376
3377static const struct script_op script_46[] = {
3378 OP_S_SET_INJECT_PLAIN (script_46_inject_plain)
3379 OP_C_SET_ALPN ("ossltest")
3380 OP_C_CONNECT_WAIT ()
3381
3382 OP_C_WRITE (DEFAULT, "apple", 5)
3383 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
3384 OP_S_READ_EXPECT (a, "apple", 5)
3385
3386 OP_SET_INJECT_WORD (1, 0)
3387
3388 OP_S_WRITE (a, "Strawberry", 10)
3389
3390 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_FRAME_ENCODING_ERROR,0,0)
3391
3392 OP_END
3393};
3394
3395/* 47. Fault injection - ACK - malformed subsequent range */
3396static const struct script_op script_47[] = {
3397 OP_S_SET_INJECT_PLAIN (script_46_inject_plain)
3398 OP_C_SET_ALPN ("ossltest")
3399 OP_C_CONNECT_WAIT ()
3400
3401 OP_C_WRITE (DEFAULT, "apple", 5)
3402 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
3403 OP_S_READ_EXPECT (a, "apple", 5)
3404
3405 OP_SET_INJECT_WORD (2, 0)
3406
3407 OP_S_WRITE (a, "Strawberry", 10)
3408
3409 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_FRAME_ENCODING_ERROR,0,0)
3410
3411 OP_END
3412};
3413
3414/* 48. Fault injection - ACK - malformed subsequent range */
3415static const struct script_op script_48[] = {
3416 OP_S_SET_INJECT_PLAIN (script_46_inject_plain)
3417 OP_C_SET_ALPN ("ossltest")
3418 OP_C_CONNECT_WAIT ()
3419
3420 OP_C_WRITE (DEFAULT, "apple", 5)
3421 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
3422 OP_S_READ_EXPECT (a, "apple", 5)
3423
3424 OP_SET_INJECT_WORD (3, 0)
3425
3426 OP_S_WRITE (a, "Strawberry", 10)
3427
3428 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_FRAME_ENCODING_ERROR,0,0)
3429
3430 OP_END
3431};
3432
3433/* 49. Fault injection - ACK - fictional PN */
3434static const struct script_op script_49[] = {
3435 OP_S_SET_INJECT_PLAIN (script_46_inject_plain)
3436 OP_C_SET_ALPN ("ossltest")
3437 OP_C_CONNECT_WAIT ()
3438
3439 OP_C_WRITE (DEFAULT, "apple", 5)
3440 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
3441 OP_S_READ_EXPECT (a, "apple", 5)
3442
3443 OP_SET_INJECT_WORD (4, 0)
3444
3445 OP_S_WRITE (a, "Strawberry", 10)
3446 OP_C_READ_EXPECT (DEFAULT, "Strawberry", 10)
3447
3448 OP_END
3449};
3450
3451/* 50. Fault injection - ACK - duplicate PN */
3452static const struct script_op script_50[] = {
3453 OP_S_SET_INJECT_PLAIN (script_46_inject_plain)
3454 OP_C_SET_ALPN ("ossltest")
3455 OP_C_CONNECT_WAIT ()
3456
3457 OP_C_WRITE (DEFAULT, "apple", 5)
3458 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
3459 OP_S_READ_EXPECT (a, "apple", 5)
3460
3461 OP_BEGIN_REPEAT (2)
3462
3463 OP_SET_INJECT_WORD (5, 0)
3464
3465 OP_S_WRITE (a, "Strawberry", 10)
3466 OP_C_READ_EXPECT (DEFAULT, "Strawberry", 10)
3467
3468 OP_END_REPEAT ()
3469
3470 OP_END
3471};
3472
a1aff2c6
HL		 3473/* 51. Fault injection - PATH_CHALLENGE is ignored */
3474static const struct script_op script_51[] = {
3475 OP_S_SET_INJECT_PLAIN (script_41_inject_plain)
3476 OP_C_SET_ALPN ("ossltest")
3477 OP_C_CONNECT_WAIT ()
3478
3479 OP_C_WRITE (DEFAULT, "apple", 5)
3480 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
3481 OP_S_READ_EXPECT (a, "apple", 5)
3482
3483 OP_SET_INJECT_WORD (1, OSSL_QUIC_FRAME_TYPE_PATH_RESPONSE)
3484
3485 OP_S_WRITE (a, "orange", 6)
3486 OP_C_READ_EXPECT (DEFAULT, "orange", 6)
3487
3488 OP_C_WRITE (DEFAULT, "Strawberry", 10)
3489 OP_S_READ_EXPECT (a, "Strawberry", 10)
3490
3491 OP_END
3492};
3493
477944b6
HL		 3494/* 52. Fault injection - ignore BLOCKED frames with bogus values */
3495static int script_52_inject_plain(struct helper *h, QUIC_PKT_HDR *hdr,
3496 unsigned char *buf, size_t len)
3497{
3498 int ok = 0;
3499 unsigned char frame_buf[64];
3500 size_t written;
3501 WPACKET wpkt;
3502 uint64_t type = h->inject_word1;
3503
3504 if (h->inject_word0 == 0)
3505 return 1;
3506
3507 --h->inject_word0;
3508
3509 if (!TEST_true(WPACKET_init_static_len(&wpkt, frame_buf,
3510 sizeof(frame_buf), 0)))
3511 return 0;
3512
3513 if (!TEST_true(WPACKET_quic_write_vlint(&wpkt, type)))
3514 goto err;
3515
3516 if (type == OSSL_QUIC_FRAME_TYPE_STREAM_DATA_BLOCKED)
3517 if (!TEST_true(WPACKET_quic_write_vlint(&wpkt, C_BIDI_ID(0))))
3518 goto err;
3519
3520 if (!TEST_true(WPACKET_quic_write_vlint(&wpkt, 0xFFFFFF)))
3521 goto err;
3522
3523 if (!TEST_true(WPACKET_get_total_written(&wpkt, &written)))
3524 goto err;
3525
3526 if (!qtest_fault_prepend_frame(h->qtf, frame_buf, written))
3527 goto err;
3528
3529 ok = 1;
3530err:
3531 if (ok)
3532 WPACKET_finish(&wpkt);
3533 else
3534 WPACKET_cleanup(&wpkt);
3535 return ok;
3536}
3537
3538static const struct script_op script_52[] = {
3539 OP_S_SET_INJECT_PLAIN (script_52_inject_plain)
3540 OP_C_SET_ALPN ("ossltest")
3541 OP_C_CONNECT_WAIT ()
3542
3543 OP_C_WRITE (DEFAULT, "apple", 5)
3544 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
3545 OP_S_READ_EXPECT (a, "apple", 5)
3546
3547 OP_SET_INJECT_WORD (1, OSSL_QUIC_FRAME_TYPE_DATA_BLOCKED)
3548
3549 OP_S_WRITE (a, "orange", 6)
3550 OP_C_READ_EXPECT (DEFAULT, "orange", 6)
3551
3552 OP_C_WRITE (DEFAULT, "Strawberry", 10)
3553 OP_S_READ_EXPECT (a, "Strawberry", 10)
3554
3555 OP_SET_INJECT_WORD (1, OSSL_QUIC_FRAME_TYPE_STREAM_DATA_BLOCKED)
3556
3557 OP_S_WRITE (a, "orange", 6)
3558 OP_C_READ_EXPECT (DEFAULT, "orange", 6)
3559
3560 OP_C_WRITE (DEFAULT, "Strawberry", 10)
3561 OP_S_READ_EXPECT (a, "Strawberry", 10)
3562
3563 OP_SET_INJECT_WORD (1, OSSL_QUIC_FRAME_TYPE_STREAMS_BLOCKED_UNI)
3564
3565 OP_S_WRITE (a, "orange", 6)
3566 OP_C_READ_EXPECT (DEFAULT, "orange", 6)
3567
3568 OP_C_WRITE (DEFAULT, "Strawberry", 10)
3569 OP_S_READ_EXPECT (a, "Strawberry", 10)
3570
3571 OP_SET_INJECT_WORD (1, OSSL_QUIC_FRAME_TYPE_STREAMS_BLOCKED_BIDI)
3572
3573 OP_S_WRITE (a, "orange", 6)
3574 OP_C_READ_EXPECT (DEFAULT, "orange", 6)
3575
3576 OP_C_WRITE (DEFAULT, "Strawberry", 10)
3577 OP_S_READ_EXPECT (a, "Strawberry", 10)
3578
3579 OP_END
3580};
a1aff2c6 3581
de56eebd
HL		 3582/* 53. Fault injection - excess CRYPTO buffer size */
3583static int script_53_inject_plain(struct helper *h, QUIC_PKT_HDR *hdr,
3584 unsigned char *buf, size_t len)
3585{
3586 int ok = 0;
3587 size_t written;
3588 WPACKET wpkt;
3589 uint64_t offset = 0, data_len = 100;
3590 unsigned char *frame_buf = NULL;
3591 size_t frame_len, i;
3592
3593 if (h->inject_word0 == 0)
3594 return 1;
3595
3596 h->inject_word0 = 0;
3597
3598 switch (h->inject_word1) {
3599 case 0:
3600 /*
3601 * Far out offset which will not have been reached during handshake.
3602 * This will not be delivered to the QUIC_TLS instance since it will be
3603 * waiting for in-order delivery of previous bytes. This tests our flow
3604 * control on CRYPTO stream buffering.
3605 */
3606 offset = 100000;
3607 data_len = 1;
3608 break;
3609 }
3610
d49a1634 3611 frame_len = 1 + 8 + 8 + (size_t)data_len;
de56eebd
HL		 3612 if (!TEST_ptr(frame_buf = OPENSSL_malloc(frame_len)))
3613 return 0;
3614
3615 if (!TEST_true(WPACKET_init_static_len(&wpkt, frame_buf, frame_len, 0)))
3616 goto err;
3617
3618 if (!TEST_true(WPACKET_quic_write_vlint(&wpkt, OSSL_QUIC_FRAME_TYPE_CRYPTO))
3619 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, offset))
3620 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, data_len)))
3621 goto err;
3622
3623 for (i = 0; i < data_len; ++i)
3624 if (!TEST_true(WPACKET_put_bytes_u8(&wpkt, 0x42)))
3625 goto err;
3626
3627 if (!TEST_true(WPACKET_get_total_written(&wpkt, &written)))
3628 goto err;
3629
3630 if (!qtest_fault_prepend_frame(h->qtf, frame_buf, written))
3631 goto err;
3632
3633 ok = 1;
3634err:
3635 if (ok)
3636 WPACKET_finish(&wpkt);
3637 else
3638 WPACKET_cleanup(&wpkt);
3639 OPENSSL_free(frame_buf);
3640 return ok;
3641}
3642
3643static const struct script_op script_53[] = {
3644 OP_S_SET_INJECT_PLAIN (script_53_inject_plain)
3645 OP_C_SET_ALPN ("ossltest")
3646 OP_C_CONNECT_WAIT ()
3647
3648 OP_C_WRITE (DEFAULT, "apple", 5)
3649 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
3650 OP_S_READ_EXPECT (a, "apple", 5)
3651
3652 OP_SET_INJECT_WORD (1, 0)
3653 OP_S_WRITE (a, "Strawberry", 10)
3654
3655 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_CRYPTO_BUFFER_EXCEEDED,0,0)
3656
3657 OP_END
3658};
3659
3660/* 54. Fault injection - corrupted crypto stream data */
3661static int script_54_inject_handshake(struct helper *h,
3662 unsigned char *buf, size_t buf_len)
3663{
3664 size_t i;
3665
3666 for (i = 0; i < buf_len; ++i)
3667 buf[i] ^= 0xff;
3668
3669 return 1;
3670}
3671
3672static const struct script_op script_54[] = {
3673 OP_S_SET_INJECT_HANDSHAKE(script_54_inject_handshake)
3674 OP_C_SET_ALPN ("ossltest")
3675 OP_C_CONNECT_WAIT_OR_FAIL()
3676
3677 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_CRYPTO_UNEXPECTED_MESSAGE,0,0)
3678
3679 OP_END
3680};
3681
ed75eb32
HL		 3682/* 55. Fault injection - NEW_CONN_ID with >20 byte CID */
3683static const struct script_op script_55[] = {
3684 OP_S_SET_INJECT_PLAIN (script_39_inject_plain)
3685 OP_C_SET_ALPN ("ossltest")
3686 OP_C_CONNECT_WAIT ()
3687 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
3688
3689 OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
3690 OP_C_WRITE (a, "apple", 5)
3691 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
3692 OP_S_READ_EXPECT (a, "apple", 5)
3693
3694 OP_SET_INJECT_WORD (0, 2)
3695 OP_S_WRITE (a, "orange", 5)
3696
3697 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_FRAME_ENCODING_ERROR,0,0)
3698
3699 OP_END
3700};
3701
3702/* 56. Fault injection - NEW_CONN_ID with seq no < retire prior to */
3703static const struct script_op script_56[] = {
3704 OP_S_SET_INJECT_PLAIN (script_39_inject_plain)
3705 OP_C_SET_ALPN ("ossltest")
3706 OP_C_CONNECT_WAIT ()
3707 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
3708
3709 OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
3710 OP_C_WRITE (a, "apple", 5)
3711 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
3712 OP_S_READ_EXPECT (a, "apple", 5)
3713
3714 OP_SET_INJECT_WORD (0, 3)
3715 OP_S_WRITE (a, "orange", 5)
3716
3717 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_FRAME_ENCODING_ERROR,0,0)
3718
3719 OP_END
3720};
3721
3722/* 57. Fault injection - NEW_CONN_ID with lower seq no ignored */
3723static const struct script_op script_57[] = {
3724 OP_S_SET_INJECT_PLAIN (script_39_inject_plain)
3725 OP_C_SET_ALPN ("ossltest")
3726 OP_C_CONNECT_WAIT ()
3727 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
3728
3729 OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
3730 OP_C_WRITE (a, "apple", 5)
3731 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
3732 OP_S_READ_EXPECT (a, "apple", 5)
3733
3734 OP_SET_INJECT_WORD (0, 4)
3735 OP_S_WRITE (a, "orange", 5)
3736 OP_C_READ_EXPECT (a, "orange", 5)
3737
3738 OP_C_WRITE (a, "Strawberry", 10)
3739 OP_S_READ_EXPECT (a, "Strawberry", 10)
3740
3741 /*
3742 * Now we send a NEW_CONN_ID with a bogus CID. However the sequence number
3743 * is old so it should be ignored and we should still be able to
3744 * communicate.
3745 */
3746 OP_SET_INJECT_WORD (0, 5)
3747 OP_S_WRITE (a, "raspberry", 9)
3748 OP_C_READ_EXPECT (a, "raspberry", 9)
3749
3750 OP_C_WRITE (a, "peach", 5)
3751 OP_S_READ_EXPECT (a, "peach", 5)
3752
3753 OP_END
3754};
3755
d56b81ac
HL		 3756/* 58. Fault injection - repeated HANDSHAKE_DONE */
3757static int script_58_inject_plain(struct helper *h, QUIC_PKT_HDR *hdr,
3758 unsigned char *buf, size_t len)
3759{
3760 int ok = 0;
3761 unsigned char frame_buf[64];
3762 size_t written;
3763 WPACKET wpkt;
3764
3765 if (h->inject_word0 == 0)
3766 return 1;
3767
3768 if (!TEST_true(WPACKET_init_static_len(&wpkt, frame_buf,
3769 sizeof(frame_buf), 0)))
3770 return 0;
3771
3772 if (h->inject_word0 == 1) {
3773 if (!TEST_true(WPACKET_quic_write_vlint(&wpkt, OSSL_QUIC_FRAME_TYPE_HANDSHAKE_DONE)))
3774 goto err;
3775 } else {
3776 /* Needless multi-byte encoding */
3777 if (!TEST_true(WPACKET_put_bytes_u8(&wpkt, 0x40))
3778 || !TEST_true(WPACKET_put_bytes_u8(&wpkt, 0x1E)))
3779 goto err;
3780 }
3781
3782 if (!TEST_true(WPACKET_get_total_written(&wpkt, &written)))
3783 goto err;
3784
3785 if (!qtest_fault_prepend_frame(h->qtf, frame_buf, written))
3786 goto err;
3787
3788 ok = 1;
3789err:
3790 if (ok)
3791 WPACKET_finish(&wpkt);
3792 else
3793 WPACKET_cleanup(&wpkt);
3794 return ok;
3795}
3796
3797static const struct script_op script_58[] = {
3798 OP_S_SET_INJECT_PLAIN (script_58_inject_plain)
3799 OP_C_SET_ALPN ("ossltest")
3800 OP_C_CONNECT_WAIT ()
3801
3802 OP_C_WRITE (DEFAULT, "apple", 5)
3803 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
3804 OP_S_READ_EXPECT (a, "apple", 5)
3805
3806 OP_SET_INJECT_WORD (1, 0)
3807
3808 OP_S_WRITE (a, "orange", 6)
3809 OP_C_READ_EXPECT (DEFAULT, "orange", 6)
3810
3811 OP_C_WRITE (DEFAULT, "Strawberry", 10)
3812 OP_S_READ_EXPECT (a, "Strawberry", 10)
3813
3814 OP_END
3815};
3816
3817/* 59. Fault injection - multi-byte frame encoding */
3818static const struct script_op script_59[] = {
3819 OP_S_SET_INJECT_PLAIN (script_58_inject_plain)
3820 OP_C_SET_ALPN ("ossltest")
3821 OP_C_CONNECT_WAIT ()
3822
3823 OP_C_WRITE (DEFAULT, "apple", 5)
3824 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
3825 OP_S_READ_EXPECT (a, "apple", 5)
3826
3827 OP_SET_INJECT_WORD (2, 0)
3828
3829 OP_S_WRITE (a, "orange", 6)
3830
3831 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_PROTOCOL_VIOLATION,0,0)
3832
3833 OP_END
3834};
3835
d49a1634
HL		 3836/* 60. Connection close reason truncation */
3837static char long_reason[2048];
3838
3839static int init_reason(struct helper *h, const struct script_op *op)
3840{
3841 memset(long_reason, '~', sizeof(long_reason));
3842 memcpy(long_reason, "This is a long reason string.", 29);
d63b8cbb 3843 long_reason[OSSL_NELEM(long_reason) - 1] = '\0';
d49a1634
HL		 3844 return 1;
3845}
3846
3847static int check_shutdown_reason(struct helper *h, const struct script_op *op)
3848{
3849 const QUIC_TERMINATE_CAUSE *tc = ossl_quic_tserver_get_terminate_cause(h->s);
3850
3851 if (tc == NULL) {
3852 h->check_spin_again = 1;
3853 return 0;
3854 }
3855
3856 if (!TEST_size_t_ge(tc->reason_len, 50)
3857 || !TEST_mem_eq(long_reason, tc->reason_len,
3858 tc->reason, tc->reason_len))
3859 return 0;
3860
3861 return 1;
3862}
3863
3864static const struct script_op script_60[] = {
3865 OP_C_SET_ALPN ("ossltest")
3866 OP_C_CONNECT_WAIT ()
3867
3868 OP_C_WRITE (DEFAULT, "apple", 5)
3869 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
3870 OP_S_READ_EXPECT (a, "apple", 5)
3871
3872 OP_CHECK (init_reason, 0)
3873 OP_C_SHUTDOWN_WAIT (long_reason)
3874 OP_CHECK (check_shutdown_reason, 0)
3875
3876 OP_END
3877};
3878
d63b8cbb
HL		 3879/* 61. Fault injection - RESET_STREAM exceeding stream count FC */
3880static int script_61_inject_plain(struct helper *h, QUIC_PKT_HDR *hdr,
3881 unsigned char *buf, size_t len)
3882{
3883 int ok = 0;
3884 WPACKET wpkt;
3885 unsigned char frame_buf[32];
3886 size_t written;
3887
3888 if (h->inject_word0 == 0)
3889 return 1;
3890
3891 if (!TEST_true(WPACKET_init_static_len(&wpkt, frame_buf,
3892 sizeof(frame_buf), 0)))
3893 return 0;
3894
3895 if (!TEST_true(WPACKET_quic_write_vlint(&wpkt, h->inject_word0))
3896 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, /* stream ID */
3897 h->inject_word1))
3898 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, 123))
3899 || (h->inject_word1 == OSSL_QUIC_FRAME_TYPE_RESET_STREAM
3900 && !TEST_true(WPACKET_quic_write_vlint(&wpkt, 0)))) /* final size */
3901 goto err;
3902
3903 if (!TEST_true(WPACKET_get_total_written(&wpkt, &written)))
3904 goto err;
3905
3906 if (!qtest_fault_prepend_frame(h->qtf, frame_buf, written))
3907 goto err;
3908
3909 ok = 1;
3910err:
3911 if (ok)
3912 WPACKET_finish(&wpkt);
3913 else
3914 WPACKET_cleanup(&wpkt);
3915 return ok;
3916}
3917
3918static const struct script_op script_61[] = {
3919 OP_S_SET_INJECT_PLAIN (script_61_inject_plain)
3920 OP_C_SET_ALPN ("ossltest")
3921 OP_C_CONNECT_WAIT ()
3922 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
3923
3924 OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
3925 OP_C_WRITE (a, "orange", 6)
3926
3927 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
3928 OP_S_READ_EXPECT (a, "orange", 6)
3929
3930 OP_SET_INJECT_WORD (OSSL_QUIC_FRAME_TYPE_RESET_STREAM,
3931 S_BIDI_ID(OSSL_QUIC_VLINT_MAX / 4))
3932 OP_S_WRITE (a, "fruit", 5)
3933
3934 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_STREAM_LIMIT_ERROR,0,0)
3935
3936 OP_END
3937};
3938
3939/* 62. Fault injection - STOP_SENDING with high ID */
3940static const struct script_op script_62[] = {
3941 OP_S_SET_INJECT_PLAIN (script_61_inject_plain)
3942 OP_C_SET_ALPN ("ossltest")
3943 OP_C_CONNECT_WAIT ()
3944 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
3945
3946 OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
3947 OP_C_WRITE (a, "orange", 6)
3948
3949 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
3950 OP_S_READ_EXPECT (a, "orange", 6)
3951
3952 OP_SET_INJECT_WORD (OSSL_QUIC_FRAME_TYPE_STOP_SENDING,
3953 C_BIDI_ID(OSSL_QUIC_VLINT_MAX / 4))
3954 OP_S_WRITE (a, "fruit", 5)
3955
3956 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_STREAM_STATE_ERROR,0,0)
3957
3958 OP_END
3959};
d49a1634 3960
ed835673
HL		 3961static const struct script_op *const scripts[] = {
3962 script_1,
3963 script_2,
3964 script_3,
3965 script_4,
3966 script_5,
3967 script_6,
3968 script_7,
3969 script_8,
3970 script_9,
3971 script_10,
274bb489
HL		 3972 script_11,
3973 script_12,
fca44cfc
HL		 3974 script_13,
3975 script_14,
0554f723
HL		 3976 script_15,
3977 script_16,
693b23e3
HL		 3978 script_17,
3979 script_18,
2525109f 3980 script_19,
0345cac6 3981 script_20,
e26dc8e3
HL		 3982 script_21,
3983 script_22,
3984 script_23,
3985 script_24,
3986 script_25,
3987 script_26,
3988 script_27,
3989 script_28,
3990 script_29,
3991 script_30,
3992 script_31,
3993 script_32,
3994 script_33,
3995 script_34,
3996 script_35,
3997 script_36,
3998 script_37,
3999 script_38,
8aa6a436 4000 script_39,
0786483a 4001 script_40,
7eb330ff 4002 script_41,
27c2f62f 4003 script_42,
ab6c6345 4004 script_43,
97684a15 4005 script_44,
17340e87 4006 script_45,
ed0d6ba4
HL		 4007 script_46,
4008 script_47,
4009 script_48,
4010 script_49,
4011 script_50,
a1aff2c6 4012 script_51,
477944b6 4013 script_52,
de56eebd
HL		 4014 script_53,
4015 script_54,
ed75eb32
HL		 4016 script_55,
4017 script_56,
4018 script_57,
d56b81ac
HL		 4019 script_58,
4020 script_59,
d49a1634 4021 script_60,
d63b8cbb
HL		 4022 script_61,
4023 script_62,
ed835673
HL		 4024};
4025
4026static int test_script(int idx)
4027{
97f30fd5
HL		 4028 int script_idx = idx >> 1;
4029 int free_order = idx & 1;
0786483a
HL		 4030 char script_name[64];
4031
cd5e4380 4032 snprintf(script_name, sizeof(script_name), "script %d", script_idx + 1);
97f30fd5
HL		 4033
4034 TEST_info("Running script %d (order=%d)", script_idx + 1, free_order);
0786483a 4035 return run_script(scripts[script_idx], script_name, free_order);
ed835673
HL		 4036}
4037
e26dc8e3
HL		 4038/* Dynamically generated tests. */
4039static struct script_op dyn_frame_types_script[] = {
8aa6a436 4040 OP_S_SET_INJECT_PLAIN (script_21_inject_plain)
e26dc8e3
HL		 4041 OP_SET_INJECT_WORD (0, 0) /* dynamic */
4042
4043 OP_C_SET_ALPN ("ossltest")
4044 OP_C_CONNECT_WAIT_OR_FAIL()
4045
4046 OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_FRAME_ENCODING_ERROR,0,0)
4047
4048 OP_END
4049};
4050
4051struct forbidden_frame_type {
4052 uint64_t pkt_type, frame_type, expected_err;
4053};
4054
4055static const struct forbidden_frame_type forbidden_frame_types[] = {
4056 { QUIC_PKT_TYPE_INITIAL, OSSL_QUIC_VLINT_MAX, QUIC_ERR_FRAME_ENCODING_ERROR },
4057 { QUIC_PKT_TYPE_HANDSHAKE, OSSL_QUIC_VLINT_MAX, QUIC_ERR_FRAME_ENCODING_ERROR },
4058 { QUIC_PKT_TYPE_1RTT, OSSL_QUIC_VLINT_MAX, QUIC_ERR_FRAME_ENCODING_ERROR },
4059
4060 { QUIC_PKT_TYPE_INITIAL, OSSL_QUIC_FRAME_TYPE_STREAM, QUIC_ERR_PROTOCOL_VIOLATION },
4061 { QUIC_PKT_TYPE_INITIAL, OSSL_QUIC_FRAME_TYPE_RESET_STREAM, QUIC_ERR_PROTOCOL_VIOLATION },
4062 { QUIC_PKT_TYPE_INITIAL, OSSL_QUIC_FRAME_TYPE_STOP_SENDING, QUIC_ERR_PROTOCOL_VIOLATION },
4063 { QUIC_PKT_TYPE_INITIAL, OSSL_QUIC_FRAME_TYPE_NEW_TOKEN, QUIC_ERR_PROTOCOL_VIOLATION },
4064 { QUIC_PKT_TYPE_INITIAL, OSSL_QUIC_FRAME_TYPE_MAX_DATA, QUIC_ERR_PROTOCOL_VIOLATION },
4065 { QUIC_PKT_TYPE_INITIAL, OSSL_QUIC_FRAME_TYPE_MAX_STREAM_DATA, QUIC_ERR_PROTOCOL_VIOLATION },
4066 { QUIC_PKT_TYPE_INITIAL, OSSL_QUIC_FRAME_TYPE_MAX_STREAMS_BIDI, QUIC_ERR_PROTOCOL_VIOLATION },
4067 { QUIC_PKT_TYPE_INITIAL, OSSL_QUIC_FRAME_TYPE_MAX_STREAMS_UNI, QUIC_ERR_PROTOCOL_VIOLATION },
4068 { QUIC_PKT_TYPE_INITIAL, OSSL_QUIC_FRAME_TYPE_DATA_BLOCKED, QUIC_ERR_PROTOCOL_VIOLATION },
4069 { QUIC_PKT_TYPE_INITIAL, OSSL_QUIC_FRAME_TYPE_STREAM_DATA_BLOCKED, QUIC_ERR_PROTOCOL_VIOLATION },
4070 { QUIC_PKT_TYPE_INITIAL, OSSL_QUIC_FRAME_TYPE_STREAMS_BLOCKED_BIDI, QUIC_ERR_PROTOCOL_VIOLATION },
4071 { QUIC_PKT_TYPE_INITIAL, OSSL_QUIC_FRAME_TYPE_STREAMS_BLOCKED_UNI, QUIC_ERR_PROTOCOL_VIOLATION },
4072 { QUIC_PKT_TYPE_INITIAL, OSSL_QUIC_FRAME_TYPE_NEW_CONN_ID, QUIC_ERR_PROTOCOL_VIOLATION },
4073 { QUIC_PKT_TYPE_INITIAL, OSSL_QUIC_FRAME_TYPE_RETIRE_CONN_ID, QUIC_ERR_PROTOCOL_VIOLATION },
4074 { QUIC_PKT_TYPE_INITIAL, OSSL_QUIC_FRAME_TYPE_PATH_CHALLENGE, QUIC_ERR_PROTOCOL_VIOLATION },
4075 { QUIC_PKT_TYPE_INITIAL, OSSL_QUIC_FRAME_TYPE_PATH_RESPONSE, QUIC_ERR_PROTOCOL_VIOLATION },
4076 { QUIC_PKT_TYPE_INITIAL, OSSL_QUIC_FRAME_TYPE_CONN_CLOSE_APP, QUIC_ERR_PROTOCOL_VIOLATION },
4077 { QUIC_PKT_TYPE_INITIAL, OSSL_QUIC_FRAME_TYPE_HANDSHAKE_DONE, QUIC_ERR_PROTOCOL_VIOLATION },
4078
4079 { QUIC_PKT_TYPE_HANDSHAKE, OSSL_QUIC_FRAME_TYPE_STREAM, QUIC_ERR_PROTOCOL_VIOLATION },
4080 { QUIC_PKT_TYPE_HANDSHAKE, OSSL_QUIC_FRAME_TYPE_RESET_STREAM, QUIC_ERR_PROTOCOL_VIOLATION },
4081 { QUIC_PKT_TYPE_HANDSHAKE, OSSL_QUIC_FRAME_TYPE_STOP_SENDING, QUIC_ERR_PROTOCOL_VIOLATION },
4082 { QUIC_PKT_TYPE_HANDSHAKE, OSSL_QUIC_FRAME_TYPE_NEW_TOKEN, QUIC_ERR_PROTOCOL_VIOLATION },
4083 { QUIC_PKT_TYPE_HANDSHAKE, OSSL_QUIC_FRAME_TYPE_MAX_DATA, QUIC_ERR_PROTOCOL_VIOLATION },
4084 { QUIC_PKT_TYPE_HANDSHAKE, OSSL_QUIC_FRAME_TYPE_MAX_STREAM_DATA, QUIC_ERR_PROTOCOL_VIOLATION },
4085 { QUIC_PKT_TYPE_HANDSHAKE, OSSL_QUIC_FRAME_TYPE_MAX_STREAMS_BIDI, QUIC_ERR_PROTOCOL_VIOLATION },
4086 { QUIC_PKT_TYPE_HANDSHAKE, OSSL_QUIC_FRAME_TYPE_MAX_STREAMS_UNI, QUIC_ERR_PROTOCOL_VIOLATION },
4087 { QUIC_PKT_TYPE_HANDSHAKE, OSSL_QUIC_FRAME_TYPE_DATA_BLOCKED, QUIC_ERR_PROTOCOL_VIOLATION },
4088 { QUIC_PKT_TYPE_HANDSHAKE, OSSL_QUIC_FRAME_TYPE_STREAM_DATA_BLOCKED, QUIC_ERR_PROTOCOL_VIOLATION },
4089 { QUIC_PKT_TYPE_HANDSHAKE, OSSL_QUIC_FRAME_TYPE_STREAMS_BLOCKED_BIDI, QUIC_ERR_PROTOCOL_VIOLATION },
4090 { QUIC_PKT_TYPE_HANDSHAKE, OSSL_QUIC_FRAME_TYPE_STREAMS_BLOCKED_UNI, QUIC_ERR_PROTOCOL_VIOLATION },
4091 { QUIC_PKT_TYPE_HANDSHAKE, OSSL_QUIC_FRAME_TYPE_NEW_CONN_ID, QUIC_ERR_PROTOCOL_VIOLATION },
4092 { QUIC_PKT_TYPE_HANDSHAKE, OSSL_QUIC_FRAME_TYPE_RETIRE_CONN_ID, QUIC_ERR_PROTOCOL_VIOLATION },
4093 { QUIC_PKT_TYPE_HANDSHAKE, OSSL_QUIC_FRAME_TYPE_PATH_CHALLENGE, QUIC_ERR_PROTOCOL_VIOLATION },
4094 { QUIC_PKT_TYPE_HANDSHAKE, OSSL_QUIC_FRAME_TYPE_PATH_RESPONSE, QUIC_ERR_PROTOCOL_VIOLATION },
4095 { QUIC_PKT_TYPE_HANDSHAKE, OSSL_QUIC_FRAME_TYPE_CONN_CLOSE_APP, QUIC_ERR_PROTOCOL_VIOLATION },
4096 { QUIC_PKT_TYPE_HANDSHAKE, OSSL_QUIC_FRAME_TYPE_HANDSHAKE_DONE, QUIC_ERR_PROTOCOL_VIOLATION },
4097
4098 /* Client uses a zero-length CID so this is not allowed. */
4099 { QUIC_PKT_TYPE_1RTT, OSSL_QUIC_FRAME_TYPE_RETIRE_CONN_ID, QUIC_ERR_PROTOCOL_VIOLATION },
4100};
4101
4102static ossl_unused int test_dyn_frame_types(int idx)
4103{
4104 size_t i;
0786483a 4105 char script_name[64];
e26dc8e3
HL		 4106 struct script_op *s = dyn_frame_types_script;
4107
4108 for (i = 0; i < OSSL_NELEM(dyn_frame_types_script); ++i)
4109 if (s[i].op == OPK_SET_INJECT_WORD) {
49a38dee 4110 s[i].arg1 = (size_t)forbidden_frame_types[idx].pkt_type;
e26dc8e3
HL		 4111 s[i].arg2 = forbidden_frame_types[idx].frame_type;
4112 } else if (s[i].op == OPK_C_EXPECT_CONN_CLOSE_INFO) {
4113 s[i].arg2 = forbidden_frame_types[idx].expected_err;
4114 }
4115
0786483a
HL		 4116 snprintf(script_name, sizeof(script_name),
4117 "dyn script %d", idx);
4118
4119 return run_script(dyn_frame_types_script, script_name, 0);
e26dc8e3
HL		 4120}
4121
ed835673
HL		 4122OPT_TEST_DECLARE_USAGE("certfile privkeyfile\n")
4123
4124int setup_tests(void)
4125{
4126 if (!test_skip_common_options()) {
4127 TEST_error("Error parsing test options\n");
4128 return 0;
4129 }
4130
4131 if (!TEST_ptr(certfile = test_get_argument(0))
4132 || !TEST_ptr(keyfile = test_get_argument(1)))
4133 return 0;
4134
e26dc8e3 4135 ADD_ALL_TESTS(test_dyn_frame_types, OSSL_NELEM(forbidden_frame_types));
97f30fd5 4136 ADD_ALL_TESTS(test_script, OSSL_NELEM(scripts) * 2);
ed835673
HL		 4137 return 1;
4138}
A mirror of the official openssl repository