]> git.ipfire.org Git - thirdparty/openssl.git/blame - test/quicapitest.c
projects / thirdparty / openssl.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
fuzz-checker.yml: Revert inadvertent change from fac61ea
[thirdparty/openssl.git] / test / quicapitest.c
CommitLineData
e44795bd 1/*
da1c088f 2 * Copyright 2022-2023 The OpenSSL Project Authors. All Rights Reserved.
e44795bd
TM		 3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10#include <stdio.h>
11#include <string.h>
12
13#include <openssl/opensslconf.h>
14#include <openssl/quic.h>
a1c87f64 15#include <openssl/rand.h>
e44795bd
TM		 16
17#include "helpers/ssltestlib.h"
0c593328 18#include "helpers/quictestlib.h"
e44795bd
TM		 19#include "testutil.h"
20#include "testutil/output.h"
f0d9757c 21#include "../ssl/ssl_local.h"
e44795bd
TM		 22
23static OSSL_LIB_CTX *libctx = NULL;
24static OSSL_PROVIDER *defctxnull = NULL;
0c593328
MC		 25static char *certsdir = NULL;
26static char *cert = NULL;
9f6eb622
TM		 27static char *ccert = NULL;
28static char *cauthca = NULL;
0c593328 29static char *privkey = NULL;
9f6eb622 30static char *cprivkey = NULL;
2e1da969 31static char *datadir = NULL;
e44795bd
TM		 32
33static int is_fips = 0;
34
1be2ee68 35/* The ssltrace test assumes some options are switched on/off */
d2751ee3
TM		 36#if !defined(OPENSSL_NO_SSL_TRACE) \
37 && defined(OPENSSL_NO_BROTLI) && defined(OPENSSL_NO_ZSTD) \
38 && !defined(OPENSSL_NO_ECX) && !defined(OPENSSL_NO_DH)
1be2ee68
MC		 39# define DO_SSL_TRACE_TEST
40#endif
41
e44795bd
TM		 42/*
43 * Test that we read what we've written.
0c593328
MC		 44 * Test 0: Non-blocking
45 * Test 1: Blocking
5c3474ea 46 * Test 2: Blocking, introduce socket error, test error handling.
e44795bd 47 */
0c593328 48static int test_quic_write_read(int idx)
e44795bd 49{
0c593328 50 SSL_CTX *cctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method());
cf355bd6 51 SSL_CTX *sctx = NULL;
0c593328
MC		 52 SSL *clientquic = NULL;
53 QUIC_TSERVER *qtserv = NULL;
cf355bd6 54 int j, k, ret = 0;
0c593328 55 unsigned char buf[20];
e44795bd
TM		 56 static char *msg = "A test message";
57 size_t msglen = strlen(msg);
58 size_t numbytes = 0;
0c593328 59 int ssock = 0, csock = 0;
b757beb5 60 uint64_t sid = UINT64_MAX;
cf355bd6 61 SSL_SESSION *sess = NULL;
0c593328 62
5c3474ea 63 if (idx >= 1 && !qtest_supports_blocking())
0c593328 64 return TEST_skip("Blocking tests not supported in this build");
e44795bd 65
cf355bd6
MC		 66 for (k = 0; k < 2; k++) {
67 if (!TEST_ptr(cctx)
68 || !TEST_true(qtest_create_quic_objects(libctx, cctx, sctx,
69 cert, privkey,
70 idx >= 1
71 ? QTEST_FLAG_BLOCK
72 : 0,
73 &qtserv, &clientquic,
8d8c0a90 74 NULL, NULL))
cf355bd6 75 || !TEST_true(SSL_set_tlsext_host_name(clientquic, "localhost")))
0c593328 76 goto end;
0c593328 77
cf355bd6
MC		 78 if (sess != NULL && !TEST_true(SSL_set_session(clientquic, sess)))
79 goto end;
b757beb5 80
cf355bd6 81 if (!TEST_true(qtest_create_quic_connection(qtserv, clientquic)))
0c593328 82 goto end;
cf355bd6 83
5c3474ea 84 if (idx >= 1) {
cf355bd6
MC		 85 if (!TEST_true(BIO_get_fd(ossl_quic_tserver_get0_rbio(qtserv),
86 &ssock)))
87 goto end;
88 if (!TEST_int_gt(csock = SSL_get_rfd(clientquic), 0))
89 goto end;
90 }
91
92 sid = 0; /* client-initiated bidirectional stream */
93
94 for (j = 0; j < 2; j++) {
95 /* Check that sending and receiving app data is ok */
96 if (!TEST_true(SSL_write_ex(clientquic, msg, msglen, &numbytes))
97 || !TEST_size_t_eq(numbytes, msglen))
98 goto end;
99 if (idx >= 1) {
100 do {
101 if (!TEST_true(wait_until_sock_readable(ssock)))
102 goto end;
103
104 ossl_quic_tserver_tick(qtserv);
105
106 if (!TEST_true(ossl_quic_tserver_read(qtserv, sid, buf,
107 sizeof(buf),
108 &numbytes)))
109 goto end;
110 } while (numbytes == 0);
111
112 if (!TEST_mem_eq(buf, numbytes, msg, msglen))
54b86b7f 113 goto end;
cf355bd6 114 }
54b86b7f 115
cf355bd6
MC		 116 if (idx >= 2 && j > 0)
117 /* Introduce permanent socket error */
118 BIO_closesocket(csock);
54b86b7f 119
cf355bd6
MC		 120 ossl_quic_tserver_tick(qtserv);
121 if (!TEST_true(ossl_quic_tserver_write(qtserv, sid,
122 (unsigned char *)msg,
123 msglen, &numbytes)))
124 goto end;
125 ossl_quic_tserver_tick(qtserv);
126 SSL_handle_events(clientquic);
127
128 if (idx >= 2 && j > 0) {
129 if (!TEST_false(SSL_read_ex(clientquic, buf, 1, &numbytes))
130 || !TEST_int_eq(SSL_get_error(clientquic, 0),
131 SSL_ERROR_SYSCALL)
132 || !TEST_false(SSL_write_ex(clientquic, msg, msglen,
133 &numbytes))
134 || !TEST_int_eq(SSL_get_error(clientquic, 0),
135 SSL_ERROR_SYSCALL))
54b86b7f 136 goto end;
cf355bd6
MC		 137 break;
138 }
139
140 /*
141 * In blocking mode the SSL_read_ex call will block until the socket
142 * is readable and has our data. In non-blocking mode we're doing
143 * everything in memory, so it should be immediately available
144 */
145 if (!TEST_true(SSL_read_ex(clientquic, buf, 1, &numbytes))
146 || !TEST_size_t_eq(numbytes, 1)
147 || !TEST_true(SSL_has_pending(clientquic))
148 || !TEST_int_eq(SSL_pending(clientquic), msglen - 1)
149 || !TEST_true(SSL_read_ex(clientquic, buf + 1,
150 sizeof(buf) - 1, &numbytes))
151 || !TEST_mem_eq(buf, numbytes + 1, msg, msglen))
152 goto end;
153 }
54b86b7f 154
cf355bd6
MC		 155 if (sess == NULL) {
156 /* We didn't supply a session so we're not expecting resumption */
157 if (!TEST_false(SSL_session_reused(clientquic)))
158 goto end;
159 /* We should have a session ticket by now */
160 sess = SSL_get1_session(clientquic);
161 if (!TEST_ptr(sess))
162 goto end;
163 } else {
164 /* We supplied a session so we should have resumed */
165 if (!TEST_true(SSL_session_reused(clientquic)))
54b86b7f
HL		 166 goto end;
167 }
e44795bd 168
c9fb65b8
MC		 169 if (!TEST_true(qtest_shutdown(qtserv, clientquic)))
170 goto end;
5c3474ea 171
cf355bd6
MC		 172 if (sctx == NULL) {
173 sctx = ossl_quic_tserver_get0_ssl_ctx(qtserv);
174 if (!TEST_true(SSL_CTX_up_ref(sctx))) {
175 sctx = NULL;
5c3474ea 176 goto end;
cf355bd6 177 }
5c3474ea 178 }
cf355bd6
MC		 179 ossl_quic_tserver_free(qtserv);
180 qtserv = NULL;
181 SSL_free(clientquic);
182 clientquic = NULL;
5c3474ea 183
cf355bd6
MC		 184 if (idx >= 2)
185 break;
e44795bd
TM		 186 }
187
188 ret = 1;
189
190 end:
cf355bd6 191 SSL_SESSION_free(sess);
0c593328 192 ossl_quic_tserver_free(qtserv);
e44795bd 193 SSL_free(clientquic);
e44795bd 194 SSL_CTX_free(cctx);
cf355bd6 195 SSL_CTX_free(sctx);
e44795bd
TM		 196
197 return ret;
198}
199
0fa6612e
MC		 200/*
201 * Test that sending FIN with no data to a client blocking in SSL_read_ex() will
202 * wake up the client.
203 */
204static int test_fin_only_blocking(void)
205{
206 SSL_CTX *cctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method());
207 SSL_CTX *sctx = NULL;
208 SSL *clientquic = NULL;
209 QUIC_TSERVER *qtserv = NULL;
210 const char *msg = "Hello World";
211 uint64_t sid;
212 size_t numbytes;
213 unsigned char buf[32];
214 int ret = 0;
215 OSSL_TIME timer, timediff;
216
217 if (!qtest_supports_blocking())
218 return TEST_skip("Blocking tests not supported in this build");
219
220 if (!TEST_ptr(cctx)
221 || !TEST_true(qtest_create_quic_objects(libctx, cctx, sctx,
222 cert, privkey,
223 QTEST_FLAG_BLOCK,
224 &qtserv, &clientquic,
8d8c0a90 225 NULL, NULL))
0fa6612e
MC		 226 || !TEST_true(SSL_set_tlsext_host_name(clientquic, "localhost")))
227 goto end;
228
229 if (!TEST_true(qtest_create_quic_connection(qtserv, clientquic)))
230 goto end;
231
232 if (!TEST_true(ossl_quic_tserver_stream_new(qtserv, 0, &sid))
233 || !TEST_true(ossl_quic_tserver_write(qtserv, sid,
234 (unsigned char *)msg,
235 strlen(msg), &numbytes))
236 || !TEST_size_t_eq(strlen(msg), numbytes))
237 goto end;
238
239 ossl_quic_tserver_tick(qtserv);
240
241 if (!TEST_true(SSL_read_ex(clientquic, buf, sizeof(buf), &numbytes))
242 || !TEST_mem_eq(msg, strlen(msg), buf, numbytes))
243
244
245 goto end;
246
247 if (!TEST_true(ossl_quic_tserver_conclude(qtserv, sid)))
248 goto end;
249
250 timer = ossl_time_now();
251 if (!TEST_false(SSL_read_ex(clientquic, buf, sizeof(buf), &numbytes)))
252 goto end;
253 timediff = ossl_time_subtract(ossl_time_now(), timer);
254
255 if (!TEST_int_eq(SSL_get_error(clientquic, 0), SSL_ERROR_ZERO_RETURN)
256 /*
257 * We expect the SSL_read_ex to not have blocked so this should
258 * be very fast. 20ms should be plenty.
259 */
260 || !TEST_uint64_t_le(ossl_time2ms(timediff), 20))
261 goto end;
262
263 if (!TEST_true(qtest_shutdown(qtserv, clientquic)))
264 goto end;
265
266 ret = 1;
267
268 end:
269 ossl_quic_tserver_free(qtserv);
270 SSL_free(clientquic);
271 SSL_CTX_free(cctx);
272 SSL_CTX_free(sctx);
273
274 return ret;
275}
276
0c9646ec
MC		 277/* Test that a vanilla QUIC SSL object has the expected ciphersuites available */
278static int test_ciphersuites(void)
279{
280 SSL_CTX *ctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method());
281 SSL *ssl;
282 int testresult = 0;
283 const STACK_OF(SSL_CIPHER) *ciphers = NULL;
284 const SSL_CIPHER *cipher;
285 /* We expect this exact list of ciphersuites by default */
286 int cipherids[] = {
287 TLS1_3_CK_AES_256_GCM_SHA384,
288#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
289 TLS1_3_CK_CHACHA20_POLY1305_SHA256,
290#endif
291 TLS1_3_CK_AES_128_GCM_SHA256
292 };
293 size_t i, j;
294
295 if (!TEST_ptr(ctx))
296 return 0;
297
298 ssl = SSL_new(ctx);
299 if (!TEST_ptr(ssl))
300 goto err;
301
302 ciphers = SSL_get_ciphers(ssl);
303
304 for (i = 0, j = 0; i < OSSL_NELEM(cipherids); i++) {
305 if (cipherids[i] == TLS1_3_CK_CHACHA20_POLY1305_SHA256 && is_fips)
306 continue;
307 cipher = sk_SSL_CIPHER_value(ciphers, j++);
308 if (!TEST_ptr(cipher))
309 goto err;
310 if (!TEST_uint_eq(SSL_CIPHER_get_id(cipher), cipherids[i]))
311 goto err;
312 }
313
314 /* We should have checked all the ciphers in the stack */
315 if (!TEST_int_eq(sk_SSL_CIPHER_num(ciphers), j))
316 goto err;
317
318 testresult = 1;
319 err:
320 SSL_free(ssl);
321 SSL_CTX_free(ctx);
322
323 return testresult;
324}
325
9912dfb9
MC		 326static int test_cipher_find(void)
327{
328 SSL_CTX *cctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method());
329 SSL *clientquic = NULL;
330 struct {
331 const unsigned char *cipherbytes;
332 int ok;
333 } testciphers[] = {
334 { TLS13_AES_128_GCM_SHA256_BYTES, 1 },
335 { TLS13_AES_256_GCM_SHA384_BYTES, 1 },
336 { TLS13_CHACHA20_POLY1305_SHA256_BYTES, 1 },
337 { TLS13_AES_128_CCM_SHA256_BYTES, 0 },
338 { TLS13_AES_128_CCM_8_SHA256_BYTES, 0 }
339 };
340 size_t i;
341 int testresult = 0;
342
343 if (!TEST_ptr(cctx))
344 goto err;
345
346 clientquic = SSL_new(cctx);
347 if (!TEST_ptr(clientquic))
348 goto err;
349
350 for (i = 0; i < OSSL_NELEM(testciphers); i++)
351 if (testciphers[i].ok) {
352 if (!TEST_ptr(SSL_CIPHER_find(clientquic,
353 testciphers[i].cipherbytes)))
354 goto err;
355 } else {
356 if (!TEST_ptr_null(SSL_CIPHER_find(clientquic,
357 testciphers[i].cipherbytes)))
358 goto err;
359 }
360
361 testresult = 1;
362 err:
363 SSL_free(clientquic);
364 SSL_CTX_free(cctx);
365
366 return testresult;
367}
368
843f6e27
MC		 369/*
370 * Test that SSL_version, SSL_get_version, SSL_is_quic, SSL_is_tls and
371 * SSL_is_dtls return the expected results for a QUIC connection. Compare with
372 * test_version() in sslapitest.c which does the same thing for TLS/DTLS
373 * connections.
374 */
375static int test_version(void)
376{
377 SSL_CTX *cctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method());
378 SSL *clientquic = NULL;
379 QUIC_TSERVER *qtserv = NULL;
380 int testresult = 0;
381
382 if (!TEST_ptr(cctx)
cf355bd6
MC		 383 || !TEST_true(qtest_create_quic_objects(libctx, cctx, NULL, cert,
384 privkey, 0, &qtserv,
8d8c0a90 385 &clientquic, NULL, NULL))
843f6e27
MC		 386 || !TEST_true(qtest_create_quic_connection(qtserv, clientquic)))
387 goto err;
388
389 if (!TEST_int_eq(SSL_version(clientquic), OSSL_QUIC1_VERSION)
390 || !TEST_str_eq(SSL_get_version(clientquic), "QUICv1"))
391 goto err;
392
393 if (!TEST_true(SSL_is_quic(clientquic))
394 || !TEST_false(SSL_is_tls(clientquic))
395 || !TEST_false(SSL_is_dtls(clientquic)))
396 goto err;
397
398
399 testresult = 1;
400 err:
401 ossl_quic_tserver_free(qtserv);
402 SSL_free(clientquic);
403 SSL_CTX_free(cctx);
404
405 return testresult;
406}
407
1be2ee68 408#if defined(DO_SSL_TRACE_TEST)
2e1da969
MC		 409static void strip_line_ends(char *str)
410{
411 size_t i;
412
413 for (i = strlen(str);
414 i > 0 && (str[i - 1] == '\n' || str[i - 1] == '\r');
415 i--);
416
417 str[i] = '\0';
418}
419
420static int compare_with_file(BIO *membio)
421{
b7278eea 422 BIO *file = NULL, *newfile = NULL;
2e1da969
MC		 423 char buf1[512], buf2[512];
424 char *reffile;
425 int ret = 0;
426 size_t i;
427
d2751ee3 428#ifdef OPENSSL_NO_ZLIB
2e1da969 429 reffile = test_mk_file_path(datadir, "ssltraceref.txt");
d2751ee3
TM		 430#else
431 reffile = test_mk_file_path(datadir, "ssltraceref-zlib.txt");
432#endif
2e1da969
MC		 433 if (!TEST_ptr(reffile))
434 goto err;
435
436 file = BIO_new_file(reffile, "rb");
437 if (!TEST_ptr(file))
438 goto err;
439
b7278eea
TM		 440 newfile = BIO_new_file("ssltraceref-new.txt", "wb");
441 if (!TEST_ptr(newfile))
442 goto err;
443
444 while (BIO_gets(membio, buf2, sizeof(buf2)) > 0)
445 if (BIO_puts(newfile, buf2) <= 0) {
446 TEST_error("Failed writing new file data");
447 goto err;
448 }
449
450 if (!TEST_int_ge(BIO_seek(membio, 0), 0))
451 goto err;
452
2e1da969
MC		 453 while (BIO_gets(file, buf1, sizeof(buf1)) > 0) {
454 if (BIO_gets(membio, buf2, sizeof(buf2)) <= 0) {
455 TEST_error("Failed reading mem data");
456 goto err;
457 }
458 strip_line_ends(buf1);
459 strip_line_ends(buf2);
460 if (strlen(buf1) != strlen(buf2)) {
461 TEST_error("Actual and ref line data length mismatch");
462 TEST_info("%s", buf1);
463 TEST_info("%s", buf2);
464 goto err;
465 }
466 for (i = 0; i < strlen(buf1); i++) {
467 /* '?' is a wild card character in the reference text */
468 if (buf1[i] == '?')
469 buf2[i] = '?';
470 }
471 if (!TEST_str_eq(buf1, buf2))
472 goto err;
473 }
474 if (!TEST_true(BIO_eof(file))
475 || !TEST_true(BIO_eof(membio)))
476 goto err;
477
478 ret = 1;
479 err:
480 OPENSSL_free(reffile);
481 BIO_free(file);
b7278eea 482 BIO_free(newfile);
2e1da969
MC		 483 return ret;
484}
485
486/*
487 * Tests that the SSL_trace() msg_callback works as expected with a QUIC
488 * connection. This also provides testing of the msg_callback at the same time.
489 */
490static int test_ssl_trace(void)
491{
492 SSL_CTX *cctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method());
493 SSL *clientquic = NULL;
494 QUIC_TSERVER *qtserv = NULL;
495 int testresult = 0;
496 BIO *bio = BIO_new(BIO_s_mem());
497
498 /*
499 * Ensure we only configure ciphersuites that are available with both the
500 * default and fips providers to get the same output in both cases
501 */
502 if (!TEST_true(SSL_CTX_set_ciphersuites(cctx, "TLS_AES_128_GCM_SHA256")))
503 goto err;
504
505 if (!TEST_ptr(cctx)
506 || !TEST_ptr(bio)
cf355bd6 507 || !TEST_true(qtest_create_quic_objects(libctx, cctx, NULL, cert,
617cab09
TM		 508 privkey,
509 QTEST_FLAG_FAKE_TIME,
510 &qtserv,
8d8c0a90 511 &clientquic, NULL, NULL)))
2e1da969
MC		 512 goto err;
513
514 SSL_set_msg_callback(clientquic, SSL_trace);
515 SSL_set_msg_callback_arg(clientquic, bio);
516
517 if (!TEST_true(qtest_create_quic_connection(qtserv, clientquic)))
518 goto err;
519
520 if (!TEST_true(compare_with_file(bio)))
521 goto err;
522
523 testresult = 1;
524 err:
525 ossl_quic_tserver_free(qtserv);
526 SSL_free(clientquic);
527 SSL_CTX_free(cctx);
528 BIO_free(bio);
529
530 return testresult;
531}
532#endif
533
09d56d20
HL		 534static int ensure_valid_ciphers(const STACK_OF(SSL_CIPHER) *ciphers)
535{
536 size_t i;
537
538 /* Ensure ciphersuite list is suitably subsetted. */
539 for (i = 0; i < (size_t)sk_SSL_CIPHER_num(ciphers); ++i) {
540 const SSL_CIPHER *cipher = sk_SSL_CIPHER_value(ciphers, i);
541 switch (SSL_CIPHER_get_id(cipher)) {
542 case TLS1_3_CK_AES_128_GCM_SHA256:
543 case TLS1_3_CK_AES_256_GCM_SHA384:
544 case TLS1_3_CK_CHACHA20_POLY1305_SHA256:
545 break;
546 default:
547 TEST_error("forbidden cipher: %s", SSL_CIPHER_get_name(cipher));
548 return 0;
549 }
550 }
551
552 return 1;
553}
554
f082205b
HL		 555/*
556 * Test that handshake-layer APIs which shouldn't work don't work with QUIC.
557 */
09d56d20 558static int test_quic_forbidden_apis_ctx(void)
f082205b
HL		 559{
560 int testresult = 0;
561 SSL_CTX *ctx = NULL;
f082205b
HL		 562
563 if (!TEST_ptr(ctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method())))
564 goto err;
565
9f3cd808 566#ifndef OPENSSL_NO_SRTP
f082205b
HL		 567 /* This function returns 0 on success and 1 on error, and should fail. */
568 if (!TEST_true(SSL_CTX_set_tlsext_use_srtp(ctx, "SRTP_AEAD_AES_128_GCM")))
569 goto err;
9f3cd808 570#endif
f082205b 571
09d56d20
HL		 572 /*
573 * List of ciphersuites we do and don't allow in QUIC.
574 */
575#define QUIC_CIPHERSUITES \
576 "TLS_AES_128_GCM_SHA256:" \
577 "TLS_AES_256_GCM_SHA384:" \
578 "TLS_CHACHA20_POLY1305_SHA256"
579
580#define NON_QUIC_CIPHERSUITES \
581 "TLS_AES_128_CCM_SHA256:" \
582 "TLS_AES_256_CCM_SHA384:" \
583 "TLS_AES_128_CCM_8_SHA256"
584
585 /* Set TLSv1.3 ciphersuite list for the SSL_CTX. */
586 if (!TEST_true(SSL_CTX_set_ciphersuites(ctx,
587 QUIC_CIPHERSUITES ":"
588 NON_QUIC_CIPHERSUITES)))
589 goto err;
590
591 /*
592 * Forbidden ciphersuites should show up in SSL_CTX accessors, they are only
593 * filtered in SSL_get1_supported_ciphers, so we don't check for
594 * non-inclusion here.
595 */
596
597 testresult = 1;
598err:
599 SSL_CTX_free(ctx);
600 return testresult;
601}
602
603static int test_quic_forbidden_apis(void)
604{
605 int testresult = 0;
606 SSL_CTX *ctx = NULL;
607 SSL *ssl = NULL;
608 STACK_OF(SSL_CIPHER) *ciphers = NULL;
609
610 if (!TEST_ptr(ctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method())))
611 goto err;
612
f082205b
HL		 613 if (!TEST_ptr(ssl = SSL_new(ctx)))
614 goto err;
615
9f3cd808 616#ifndef OPENSSL_NO_SRTP
f082205b
HL		 617 /* This function returns 0 on success and 1 on error, and should fail. */
618 if (!TEST_true(SSL_set_tlsext_use_srtp(ssl, "SRTP_AEAD_AES_128_GCM")))
619 goto err;
9f3cd808 620#endif
f082205b 621
09d56d20
HL		 622 /* Set TLSv1.3 ciphersuite list for the SSL_CTX. */
623 if (!TEST_true(SSL_set_ciphersuites(ssl,
624 QUIC_CIPHERSUITES ":"
625 NON_QUIC_CIPHERSUITES)))
626 goto err;
627
628 /* Non-QUIC ciphersuites must not appear in supported ciphers list. */
629 if (!TEST_ptr(ciphers = SSL_get1_supported_ciphers(ssl))
630 || !TEST_true(ensure_valid_ciphers(ciphers)))
631 goto err;
632
f082205b
HL		 633 testresult = 1;
634err:
09d56d20 635 sk_SSL_CIPHER_free(ciphers);
f082205b
HL		 636 SSL_free(ssl);
637 SSL_CTX_free(ctx);
638 return testresult;
639}
640
f0d9757c
HL		 641static int test_quic_forbidden_options(void)
642{
643 int testresult = 0;
644 SSL_CTX *ctx = NULL;
645 SSL *ssl = NULL;
82a2beca
HL		 646 char buf[16];
647 size_t len;
f0d9757c
HL		 648
649 if (!TEST_ptr(ctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method())))
650 goto err;
651
652 /* QUIC options restrictions do not affect SSL_CTX */
653 SSL_CTX_set_options(ctx, UINT64_MAX);
654
655 if (!TEST_uint64_t_eq(SSL_CTX_get_options(ctx), UINT64_MAX))
656 goto err;
657
82a2beca
HL		 658 /* Set options on CTX which should not be inherited (tested below). */
659 SSL_CTX_set_read_ahead(ctx, 1);
660 SSL_CTX_set_max_early_data(ctx, 1);
661 SSL_CTX_set_recv_max_early_data(ctx, 1);
f66f0d3c 662 SSL_CTX_set_quiet_shutdown(ctx, 1);
82a2beca 663
f0d9757c
HL		 664 if (!TEST_ptr(ssl = SSL_new(ctx)))
665 goto err;
666
667 /* Only permitted options get transferred to SSL object */
668 if (!TEST_uint64_t_eq(SSL_get_options(ssl), OSSL_QUIC_PERMITTED_OPTIONS))
669 goto err;
670
671 /* Try again using SSL_set_options */
672 SSL_set_options(ssl, UINT64_MAX);
673
674 if (!TEST_uint64_t_eq(SSL_get_options(ssl), OSSL_QUIC_PERMITTED_OPTIONS))
675 goto err;
676
677 /* Clear everything */
678 SSL_clear_options(ssl, UINT64_MAX);
679
680 if (!TEST_uint64_t_eq(SSL_get_options(ssl), 0))
681 goto err;
682
d0638fd5 683 /* Readahead */
82a2beca
HL		 684 if (!TEST_false(SSL_get_read_ahead(ssl)))
685 goto err;
686
d0638fd5
HL		 687 SSL_set_read_ahead(ssl, 1);
688 if (!TEST_false(SSL_get_read_ahead(ssl)))
689 goto err;
690
691 /* Block padding */
692 if (!TEST_true(SSL_set_block_padding(ssl, 0))
693 || !TEST_true(SSL_set_block_padding(ssl, 1))
694 || !TEST_false(SSL_set_block_padding(ssl, 2)))
695 goto err;
696
697 /* Max fragment length */
698 if (!TEST_true(SSL_set_tlsext_max_fragment_length(ssl, TLSEXT_max_fragment_length_DISABLED))
699 || !TEST_false(SSL_set_tlsext_max_fragment_length(ssl, TLSEXT_max_fragment_length_512)))
700 goto err;
701
82a2beca 702 /* Max early data */
6e5550a1 703 if (!TEST_false(SSL_set_recv_max_early_data(ssl, 1))
82a2beca
HL		 704 || !TEST_false(SSL_set_max_early_data(ssl, 1)))
705 goto err;
706
707 /* Read/Write */
708 if (!TEST_false(SSL_read_early_data(ssl, buf, sizeof(buf), &len))
709 || !TEST_false(SSL_write_early_data(ssl, buf, sizeof(buf), &len)))
710 goto err;
711
fe33e2c8 712 /* Buffer Management */
a1c56bbe 713 if (!TEST_true(SSL_alloc_buffers(ssl))
fe33e2c8
HL		 714 || !TEST_false(SSL_free_buffers(ssl)))
715 goto err;
716
38c0ff1f
HL		 717 /* Pipelining */
718 if (!TEST_false(SSL_set_max_send_fragment(ssl, 2))
719 || !TEST_false(SSL_set_split_send_fragment(ssl, 2))
720 || !TEST_false(SSL_set_max_pipelines(ssl, 2)))
721 goto err;
722
a1c56bbe
HL		 723 /* HRR */
724 if (!TEST_false(SSL_stateless(ssl)))
725 goto err;
726
f66f0d3c
HL		 727 /* Quiet Shutdown */
728 if (!TEST_false(SSL_get_quiet_shutdown(ssl)))
729 goto err;
730
764817c4
HL		 731 /* No duplication */
732 if (!TEST_ptr_null(SSL_dup(ssl)))
733 goto err;
734
5f69db39
HL		 735 /* No clear */
736 if (!TEST_false(SSL_clear(ssl)))
737 goto err;
738
f0d9757c
HL		 739 testresult = 1;
740err:
741 SSL_free(ssl);
742 SSL_CTX_free(ctx);
743 return testresult;
744}
745
5e6015af
HL		 746static int test_quic_set_fd(int idx)
747{
748 int testresult = 0;
749 SSL_CTX *ctx = NULL;
750 SSL *ssl = NULL;
751 int fd = -1, resfd = -1;
752 BIO *bio = NULL;
753
754 if (!TEST_ptr(ctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method())))
755 goto err;
756
757 if (!TEST_ptr(ssl = SSL_new(ctx)))
758 goto err;
759
760 if (!TEST_int_ge(fd = BIO_socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP, 0), 0))
761 goto err;
762
763 if (idx == 0) {
764 if (!TEST_true(SSL_set_fd(ssl, fd)))
765 goto err;
766 if (!TEST_ptr(bio = SSL_get_rbio(ssl)))
767 goto err;
768 if (!TEST_ptr_eq(bio, SSL_get_wbio(ssl)))
769 goto err;
770 } else if (idx == 1) {
771 if (!TEST_true(SSL_set_rfd(ssl, fd)))
772 goto err;
773 if (!TEST_ptr(bio = SSL_get_rbio(ssl)))
774 goto err;
775 if (!TEST_ptr_null(SSL_get_wbio(ssl)))
776 goto err;
777 } else {
778 if (!TEST_true(SSL_set_wfd(ssl, fd)))
779 goto err;
780 if (!TEST_ptr(bio = SSL_get_wbio(ssl)))
781 goto err;
782 if (!TEST_ptr_null(SSL_get_rbio(ssl)))
783 goto err;
784 }
785
786 if (!TEST_int_eq(BIO_method_type(bio), BIO_TYPE_DGRAM))
787 goto err;
788
789 if (!TEST_true(BIO_get_fd(bio, &resfd))
790 || !TEST_int_eq(resfd, fd))
791 goto err;
792
793 testresult = 1;
794err:
795 SSL_free(ssl);
796 SSL_CTX_free(ctx);
797 if (fd >= 0)
798 BIO_closesocket(fd);
799 return testresult;
800}
801
0a3733ba
MC		 802#define MAXLOOPS 1000
803
804static int test_bio_ssl(void)
805{
806 /*
807 * We just use OSSL_QUIC_client_method() rather than
808 * OSSL_QUIC_client_thread_method(). We will never leave the connection idle
809 * so we will always be implicitly handling time events anyway via other
810 * IO calls.
811 */
812 SSL_CTX *cctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method());
813 SSL *clientquic = NULL, *stream = NULL;
814 QUIC_TSERVER *qtserv = NULL;
815 int testresult = 0;
816 BIO *cbio = NULL, *strbio = NULL, *thisbio;
817 const char *msg = "Hello world";
818 int abortctr = 0, err, clienterr = 0, servererr = 0, retc = 0, rets = 0;
819 size_t written, readbytes, msglen;
820 int sid = 0, i;
821 unsigned char buf[80];
822
823 if (!TEST_ptr(cctx))
824 goto err;
825
826 cbio = BIO_new_ssl(cctx, 1);
827 if (!TEST_ptr(cbio))
828 goto err;
829
830 /*
831 * We must configure the ALPN/peer address etc so we get the SSL object in
832 * order to pass it to qtest_create_quic_objects for configuration.
833 */
834 if (!TEST_int_eq(BIO_get_ssl(cbio, &clientquic), 1))
835 goto err;
836
cf355bd6 837 if (!TEST_true(qtest_create_quic_objects(libctx, NULL, NULL, cert, privkey,
8d8c0a90
MC		 838 0, &qtserv, &clientquic, NULL,
839 NULL)))
0a3733ba
MC		 840 goto err;
841
842 msglen = strlen(msg);
843
844 do {
845 err = BIO_FLAGS_WRITE;
846 while (!clienterr && !retc && err == BIO_FLAGS_WRITE) {
847 retc = BIO_write_ex(cbio, msg, msglen, &written);
848 if (!retc) {
849 if (BIO_should_retry(cbio))
850 err = BIO_retry_type(cbio);
851 else
852 err = 0;
853 }
854 }
855
856 if (!clienterr && retc <= 0 && err != BIO_FLAGS_READ) {
857 TEST_info("BIO_write_ex() failed %d, %d", retc, err);
858 TEST_openssl_errors();
859 clienterr = 1;
860 }
861
862 if (!servererr && rets <= 0) {
863 ossl_quic_tserver_tick(qtserv);
864 servererr = ossl_quic_tserver_is_term_any(qtserv);
865 if (!servererr)
866 rets = ossl_quic_tserver_is_handshake_confirmed(qtserv);
867 }
868
869 if (clienterr && servererr)
870 goto err;
871
872 if (++abortctr == MAXLOOPS) {
873 TEST_info("No progress made");
874 goto err;
875 }
876 } while ((!retc && !clienterr) || (rets <= 0 && !servererr));
877
878 /*
879 * 2 loops: The first using the default stream, and the second using a new
880 * client initiated bidi stream.
881 */
882 for (i = 0, thisbio = cbio; i < 2; i++) {
883 if (!TEST_true(ossl_quic_tserver_read(qtserv, sid, buf, sizeof(buf),
884 &readbytes))
885 || !TEST_mem_eq(msg, msglen, buf, readbytes))
886 goto err;
887
888 if (!TEST_true(ossl_quic_tserver_write(qtserv, sid, (unsigned char *)msg,
889 msglen, &written)))
890 goto err;
891 ossl_quic_tserver_tick(qtserv);
892
893 if (!TEST_true(BIO_read_ex(thisbio, buf, sizeof(buf), &readbytes))
894 || !TEST_mem_eq(msg, msglen, buf, readbytes))
895 goto err;
896
897 if (i == 1)
898 break;
899
900 /*
901 * Now create a new stream and repeat. The bottom two bits of the stream
902 * id represents whether the stream is bidi and whether it is client
903 * initiated or not. For client initiated bidi they are both 0. So the
904 * first client initiated bidi stream is 0 and the next one is 4.
905 */
906 sid = 4;
907 stream = SSL_new_stream(clientquic, 0);
908 if (!TEST_ptr(stream))
909 goto err;
910
911 thisbio = strbio = BIO_new(BIO_f_ssl());
912 if (!TEST_ptr(strbio))
913 goto err;
914
915 if (!TEST_int_eq(BIO_set_ssl(thisbio, stream, BIO_CLOSE), 1))
916 goto err;
917 stream = NULL;
918
919 if (!TEST_true(BIO_write_ex(thisbio, msg, msglen, &written)))
920 goto err;
921
922 ossl_quic_tserver_tick(qtserv);
923 }
924
925 testresult = 1;
926 err:
927 BIO_free_all(cbio);
928 BIO_free_all(strbio);
929 SSL_free(stream);
930 ossl_quic_tserver_free(qtserv);
931 SSL_CTX_free(cctx);
932
933 return testresult;
934}
935
a1c87f64
MC		 936#define BACK_PRESSURE_NUM_LOOPS 10000
937/*
938 * Test that sending data from the client to the server faster than the server
939 * can process it eventually results in back pressure on the client.
940 */
941static int test_back_pressure(void)
942{
943 SSL_CTX *cctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method());
944 SSL *clientquic = NULL;
945 QUIC_TSERVER *qtserv = NULL;
946 int testresult = 0;
947 unsigned char *msg = NULL;
948 const size_t msglen = 1024;
949 unsigned char buf[64];
950 size_t readbytes, written;
951 int i;
952
953 if (!TEST_ptr(cctx)
1e7cc86b
HL		 954 || !TEST_true(qtest_create_quic_objects(libctx, cctx, NULL, cert,
955 privkey, 0, &qtserv,
8d8c0a90 956 &clientquic, NULL, NULL))
a1c87f64
MC		 957 || !TEST_true(qtest_create_quic_connection(qtserv, clientquic)))
958 goto err;
959
960 msg = OPENSSL_malloc(msglen);
961 if (!TEST_ptr(msg))
962 goto err;
963 if (!TEST_int_eq(RAND_bytes_ex(libctx, msg, msglen, 0), 1))
964 goto err;
965
966 /*
967 * Limit to 10000 loops. If we've not seen any back pressure after that
968 * we're going to run out of memory, so abort.
969 */
970 for (i = 0; i < BACK_PRESSURE_NUM_LOOPS; i++) {
971 /* Send data from the client */
972 if (!SSL_write_ex(clientquic, msg, msglen, &written)) {
973 /* Check if we are seeing back pressure */
974 if (SSL_get_error(clientquic, 0) == SSL_ERROR_WANT_WRITE)
975 break;
976 TEST_error("Unexpected client failure");
977 goto err;
978 }
979
980 /* Receive data at the server */
981 ossl_quic_tserver_tick(qtserv);
982 if (!TEST_true(ossl_quic_tserver_read(qtserv, 0, buf, sizeof(buf),
983 &readbytes)))
984 goto err;
985 }
986
987 if (i == BACK_PRESSURE_NUM_LOOPS) {
988 TEST_error("No back pressure seen");
989 goto err;
990 }
991
992 testresult = 1;
993 err:
994 SSL_free(clientquic);
995 ossl_quic_tserver_free(qtserv);
996 SSL_CTX_free(cctx);
997 OPENSSL_free(msg);
998
999 return testresult;
1000}
1001
8c5284ff
MC		 1002
1003static int dgram_ctr = 0;
1004
1005static void dgram_cb(int write_p, int version, int content_type,
1006 const void *buf, size_t msglen, SSL *ssl, void *arg)
1007{
1008 if (!write_p)
1009 return;
1010
1011 if (content_type != SSL3_RT_QUIC_DATAGRAM)
1012 return;
1013
1014 dgram_ctr++;
1015}
1016
1017/* Test that we send multiple datagrams in one go when appropriate */
1018static int test_multiple_dgrams(void)
1019{
1020 SSL_CTX *cctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method());
1021 SSL *clientquic = NULL;
1022 QUIC_TSERVER *qtserv = NULL;
1023 int testresult = 0;
1024 unsigned char *buf;
1025 const size_t buflen = 1400;
1026 size_t written;
1027
1028 buf = OPENSSL_zalloc(buflen);
1029
1030 if (!TEST_ptr(cctx)
1031 || !TEST_ptr(buf)
1032 || !TEST_true(qtest_create_quic_objects(libctx, cctx, NULL, cert,
1033 privkey, 0, &qtserv,
8d8c0a90 1034 &clientquic, NULL, NULL))
8c5284ff
MC		 1035 || !TEST_true(qtest_create_quic_connection(qtserv, clientquic)))
1036 goto err;
1037
1038 dgram_ctr = 0;
1039 SSL_set_msg_callback(clientquic, dgram_cb);
1040 if (!TEST_true(SSL_write_ex(clientquic, buf, buflen, &written))
1041 || !TEST_size_t_eq(written, buflen)
1042 /* We wrote enough data for 2 datagrams */
1043 || !TEST_int_eq(dgram_ctr, 2))
1044 goto err;
1045
1046 testresult = 1;
1047 err:
1048 OPENSSL_free(buf);
1049 SSL_free(clientquic);
1050 ossl_quic_tserver_free(qtserv);
1051 SSL_CTX_free(cctx);
1052
1053 return testresult;
1054}
1055
48724e8a
MC		 1056static int non_io_retry_cert_verify_cb(X509_STORE_CTX *ctx, void *arg)
1057{
1058 int idx = SSL_get_ex_data_X509_STORE_CTX_idx();
1059 SSL *ssl;
1060 int *ctr = (int *)arg;
1061
1062 /* this should not happen but check anyway */
1063 if (idx < 0
1064 || (ssl = X509_STORE_CTX_get_ex_data(ctx, idx)) == NULL)
1065 return 0;
1066
1067 /* If this is the first time we've been called then retry */
1068 if (((*ctr)++) == 0)
1069 return SSL_set_retry_verify(ssl);
1070
1071 /* Otherwise do nothing - verification succeeds. Continue as normal */
1072 return 1;
1073}
1074
1075/* Test that we can handle a non-io related retry error
1076 * Test 0: Non-blocking
1077 * Test 1: Blocking
1078 */
1079static int test_non_io_retry(int idx)
1080{
1081 SSL_CTX *cctx;
1082 SSL *clientquic = NULL;
1083 QUIC_TSERVER *qtserv = NULL;
1084 int testresult = 0;
1085 int flags = 0, ctr = 0;
1086
1087 if (idx >= 1 && !qtest_supports_blocking())
1088 return TEST_skip("Blocking tests not supported in this build");
1089
1090 cctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method());
1091 if (!TEST_ptr(cctx))
1092 goto err;
1093
1094 SSL_CTX_set_cert_verify_callback(cctx, non_io_retry_cert_verify_cb, &ctr);
1095
1096 flags = (idx >= 1) ? QTEST_FLAG_BLOCK : 0;
1097 if (!TEST_true(qtest_create_quic_objects(libctx, cctx, NULL, cert, privkey,
8d8c0a90
MC		 1098 flags, &qtserv, &clientquic, NULL,
1099 NULL))
48724e8a
MC		 1100 || !TEST_true(qtest_create_quic_connection_ex(qtserv, clientquic,
1101 SSL_ERROR_WANT_RETRY_VERIFY))
1102 || !TEST_int_eq(SSL_want(clientquic), SSL_RETRY_VERIFY)
1103 || !TEST_true(qtest_create_quic_connection(qtserv, clientquic)))
1104 goto err;
1105
1106 testresult = 1;
1107 err:
1108 SSL_free(clientquic);
1109 ossl_quic_tserver_free(qtserv);
1110 SSL_CTX_free(cctx);
1111
1112 return testresult;
1113}
1114
1e4fc0b2
MC		 1115static int use_session_cb_cnt = 0;
1116static int find_session_cb_cnt = 0;
1117static const char *pskid = "Identity";
1118static SSL_SESSION *serverpsk = NULL, *clientpsk = NULL;
1119
1120static int use_session_cb(SSL *ssl, const EVP_MD *md, const unsigned char **id,
1121 size_t *idlen, SSL_SESSION **sess)
1122{
1123 use_session_cb_cnt++;
1124
1125 if (clientpsk == NULL)
1126 return 0;
1127
1128 SSL_SESSION_up_ref(clientpsk);
1129
1130 *sess = clientpsk;
1131 *id = (const unsigned char *)pskid;
1132 *idlen = strlen(pskid);
1133
1134 return 1;
1135}
1136
1137static int find_session_cb(SSL *ssl, const unsigned char *identity,
1138 size_t identity_len, SSL_SESSION **sess)
1139{
1140 find_session_cb_cnt++;
1141
1142 if (serverpsk == NULL)
1143 return 0;
1144
1145 /* Identity should match that set by the client */
1146 if (strlen(pskid) != identity_len
1147 || strncmp(pskid, (const char *)identity, identity_len) != 0)
1148 return 0;
1149
1150 SSL_SESSION_up_ref(serverpsk);
1151 *sess = serverpsk;
1152
1153 return 1;
1154}
1155
1156static int test_quic_psk(void)
1157{
1158 SSL_CTX *cctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method());
1159 SSL *clientquic = NULL;
1160 QUIC_TSERVER *qtserv = NULL;
1161 int testresult = 0;
1162
1163 if (!TEST_ptr(cctx)
1164 /* No cert or private key for the server, i.e. PSK only */
1165 || !TEST_true(qtest_create_quic_objects(libctx, cctx, NULL, NULL,
1166 NULL, 0, &qtserv,
8d8c0a90 1167 &clientquic, NULL, NULL)))
1e4fc0b2
MC		 1168 goto end;
1169
1170 SSL_set_psk_use_session_callback(clientquic, use_session_cb);
1171 ossl_quic_tserver_set_psk_find_session_cb(qtserv, find_session_cb);
1172 use_session_cb_cnt = 0;
1173 find_session_cb_cnt = 0;
1174
1175 clientpsk = serverpsk = create_a_psk(clientquic, SHA384_DIGEST_LENGTH);
1176 if (!TEST_ptr(clientpsk))
1177 goto end;
1178 /* We already had one ref. Add another one */
1179 SSL_SESSION_up_ref(clientpsk);
1180
1181 if (!TEST_true(qtest_create_quic_connection(qtserv, clientquic))
1182 || !TEST_int_eq(1, find_session_cb_cnt)
1183 || !TEST_int_eq(1, use_session_cb_cnt)
1184 /* Check that we actually used the PSK */
1185 || !TEST_true(SSL_session_reused(clientquic)))
1186 goto end;
1187
1188 testresult = 1;
1189
1190 end:
1191 SSL_free(clientquic);
1192 ossl_quic_tserver_free(qtserv);
1193 SSL_CTX_free(cctx);
1194 SSL_SESSION_free(clientpsk);
1195 SSL_SESSION_free(serverpsk);
1196 clientpsk = serverpsk = NULL;
1197
1198 return testresult;
1199}
1200
9f6eb622
TM		 1201static int test_client_auth(int idx)
1202{
1203 SSL_CTX *cctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method());
1204 SSL_CTX *sctx = SSL_CTX_new_ex(libctx, NULL, TLS_method());
1205 SSL *clientquic = NULL;
1206 QUIC_TSERVER *qtserv = NULL;
1207 int testresult = 0;
1208 unsigned char buf[20];
1209 static char *msg = "A test message";
1210 size_t msglen = strlen(msg);
1211 size_t numbytes = 0;
1212
1213 if (!TEST_ptr(cctx) || !TEST_ptr(sctx))
1214 goto err;
1215
1216 SSL_CTX_set_verify(sctx, SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT
1217 | SSL_VERIFY_CLIENT_ONCE, NULL);
1218
1219 if (!TEST_true(SSL_CTX_load_verify_file(sctx, cauthca)))
1220 goto err;
1221
1222 if (idx > 0
1223 && (!TEST_true(SSL_CTX_use_certificate_chain_file(cctx, ccert))
1224 || !TEST_true(SSL_CTX_use_PrivateKey_file(cctx, cprivkey,
1225 SSL_FILETYPE_PEM))))
1226 goto err;
1227
1228 if (!TEST_true(qtest_create_quic_objects(libctx, cctx, sctx, cert,
1229 privkey, 0, &qtserv,
1230 &clientquic, NULL, NULL)))
1231 goto err;
1232
1233 if (idx == 0) {
1234 if (!TEST_false(qtest_create_quic_connection(qtserv, clientquic)))
1235 goto err;
1236
1237 /* negative test passed */
1238 testresult = 1;
1239 goto err;
1240 }
1241
1242 if (!TEST_true(qtest_create_quic_connection(qtserv, clientquic)))
1243 goto err;
1244
1245 /* Check that sending and receiving app data is ok */
1246 if (!TEST_true(SSL_write_ex(clientquic, msg, msglen, &numbytes))
1247 || !TEST_size_t_eq(numbytes, msglen))
1248 goto err;
1249
1250 ossl_quic_tserver_tick(qtserv);
1251 if (!TEST_true(ossl_quic_tserver_write(qtserv, 0,
1252 (unsigned char *)msg,
1253 msglen, &numbytes)))
1254 goto err;
1255
1256 ossl_quic_tserver_tick(qtserv);
1257 SSL_handle_events(clientquic);
1258
1259 if (!TEST_true(SSL_read_ex(clientquic, buf, sizeof(buf), &numbytes))
1260 || !TEST_size_t_eq(numbytes, msglen)
1261 || !TEST_mem_eq(buf, numbytes, msg, msglen))
1262 goto err;
1263
1264 if (!TEST_true(qtest_shutdown(qtserv, clientquic)))
1265 goto err;
1266
1267 testresult = 1;
1268
1269 err:
1270 SSL_free(clientquic);
1271 ossl_quic_tserver_free(qtserv);
1272 SSL_CTX_free(sctx);
1273 SSL_CTX_free(cctx);
1274
1275 return testresult;
1276}
1277
122d4e20
MC		 1278/*
1279 * Test that we correctly handle ALPN supplied by the application
1280 * Test 0: ALPN is provided
1281 * Test 1: No ALPN is provided
1282 */
1283static int test_alpn(int idx)
1284{
1285 SSL_CTX *cctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method());
1286 SSL *clientquic = NULL;
1287 QUIC_TSERVER *qtserv = NULL;
1288 int testresult = 0;
1289 int ret;
1290
1291 /*
1292 * Ensure we only configure ciphersuites that are available with both the
1293 * default and fips providers to get the same output in both cases
1294 */
1295 if (!TEST_true(SSL_CTX_set_ciphersuites(cctx, "TLS_AES_128_GCM_SHA256")))
1296 goto err;
1297
1298 if (!TEST_ptr(cctx)
1299 || !TEST_true(qtest_create_quic_objects(libctx, cctx, NULL, cert,
1300 privkey,
1301 QTEST_FLAG_FAKE_TIME,
1302 &qtserv,
8d8c0a90 1303 &clientquic, NULL, NULL)))
122d4e20
MC		 1304 goto err;
1305
1306 if (idx == 0) {
1307 /*
1308 * Clear the ALPN we set in qtest_create_quic_objects. We use TEST_false
1309 * because SSL_set_alpn_protos returns 0 for success.
1310 */
1311 if (!TEST_false(SSL_set_alpn_protos(clientquic, NULL, 0)))
1312 goto err;
1313 }
1314
1315 ret = SSL_connect(clientquic);
1316 if (!TEST_int_le(ret, 0))
1317 goto err;
1318 if (idx == 0) {
1319 /* We expect an immediate error due to lack of ALPN */
1320 if (!TEST_int_eq(SSL_get_error(clientquic, ret), SSL_ERROR_SSL))
1321 goto err;
1322 } else {
1323 /* ALPN was provided so we expect the connection to succeed */
1324 if (!TEST_int_eq(SSL_get_error(clientquic, ret), SSL_ERROR_WANT_READ)
1325 || !TEST_true(qtest_create_quic_connection(qtserv, clientquic)))
1326 goto err;
1327 }
1328
1329 testresult = 1;
1330 err:
1331 ossl_quic_tserver_free(qtserv);
1332 SSL_free(clientquic);
1333 SSL_CTX_free(cctx);
1334
1335 return testresult;
1336}
1337
7757f5ef
TM		 1338/*
1339 * Test SSL_get_shutdown() behavior.
1340 */
1341static int test_get_shutdown(void)
1342{
1343 SSL_CTX *cctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method());
1344 SSL *clientquic = NULL;
1345 QUIC_TSERVER *qtserv = NULL;
1346 int testresult = 0;
1347
1348 if (!TEST_ptr(cctx)
1349 || !TEST_true(qtest_create_quic_objects(libctx, cctx, NULL, cert,
1350 privkey,
1351 QTEST_FLAG_FAKE_TIME,
1352 &qtserv, &clientquic,
1353 NULL, NULL))
1354 || !TEST_true(qtest_create_quic_connection(qtserv, clientquic)))
1355 goto err;
1356
1357 if (!TEST_int_eq(SSL_get_shutdown(clientquic), 0))
1358 goto err;
1359
1360 if (!TEST_int_eq(SSL_shutdown(clientquic), 0))
1361 goto err;
1362
1363 if (!TEST_int_eq(SSL_get_shutdown(clientquic), SSL_SENT_SHUTDOWN))
1364 goto err;
1365
1366 do {
1367 ossl_quic_tserver_tick(qtserv);
1368 qtest_add_time(100);
1369 } while (SSL_shutdown(clientquic) == 0);
1370
1371 if (!TEST_int_eq(SSL_get_shutdown(clientquic),
1372 SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN))
1373 goto err;
1374
1375 testresult = 1;
1376 err:
1377 ossl_quic_tserver_free(qtserv);
1378 SSL_free(clientquic);
1379 SSL_CTX_free(cctx);
1380
1381 return testresult;
1382}
1383
d3a8daca 1384#define MAX_LOOPS 2000
19d79bb2
MC		 1385
1386/*
1387 * Keep retrying SSL_read_ex until it succeeds or we give up. Accept a stream
1388 * if we don't already have one
1389 */
1390static int unreliable_client_read(SSL *clientquic, SSL **stream, void *buf,
1391 size_t buflen, size_t *readbytes,
1392 QUIC_TSERVER *qtserv)
1393{
1394 int abortctr;
1395
1396 /* We just do this in a loop with a sleep for simplicity */
1397 for (abortctr = 0; abortctr < MAX_LOOPS; abortctr++) {
1398 if (*stream == NULL) {
1399 SSL_handle_events(clientquic);
1400 *stream = SSL_accept_stream(clientquic, 0);
1401 }
1402
1403 if (*stream != NULL) {
1404 if (SSL_read_ex(*stream, buf, buflen, readbytes))
1405 return 1;
0a2369fd 1406 if (!TEST_int_eq(SSL_get_error(*stream, 0), SSL_ERROR_WANT_READ))
19d79bb2
MC		 1407 return 0;
1408 }
1409 ossl_quic_tserver_tick(qtserv);
5d3933ee 1410 qtest_add_time(1);
0a2369fd 1411 qtest_wait_for_timeout(clientquic, qtserv);
19d79bb2
MC		 1412 }
1413
0a2369fd 1414 TEST_error("No progress made");
19d79bb2
MC		 1415 return 0;
1416}
1417
1418/* Keep retrying ossl_quic_tserver_read until it succeeds or we give up */
1419static int unreliable_server_read(QUIC_TSERVER *qtserv, uint64_t sid,
1420 void *buf, size_t buflen, size_t *readbytes,
1421 SSL *clientquic)
1422{
1423 int abortctr;
1424
1425 /* We just do this in a loop with a sleep for simplicity */
1426 for (abortctr = 0; abortctr < MAX_LOOPS; abortctr++) {
0a2369fd
MC		 1427 if (ossl_quic_tserver_read(qtserv, sid, buf, buflen, readbytes)
1428 && *readbytes > 1)
19d79bb2
MC		 1429 return 1;
1430 ossl_quic_tserver_tick(qtserv);
1431 SSL_handle_events(clientquic);
5d3933ee 1432 qtest_add_time(1);
0a2369fd 1433 qtest_wait_for_timeout(clientquic, qtserv);
19d79bb2
MC		 1434 }
1435
0a2369fd 1436 TEST_error("No progress made");
19d79bb2
MC		 1437 return 0;
1438}
1439
b1584a85
MC		 1440/*
1441 * Create a connection and send data using an unreliable transport. We introduce
1442 * random noise to drop, delay and duplicate datagrams.
1443 * Test 0: Introduce random noise to datagrams
1444 * Test 1: As with test 0 but also split datagrams containing multiple packets
1445 * into individual datagrams so that individual packets can be affected
1446 * by noise - not just a whole datagram.
1447 */
1448static int test_noisy_dgram(int idx)
43b94c7f
MC		 1449{
1450 SSL_CTX *cctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method());
19d79bb2 1451 SSL *clientquic = NULL, *stream[2] = { NULL, NULL };
43b94c7f
MC		 1452 QUIC_TSERVER *qtserv = NULL;
1453 int testresult = 0;
19d79bb2
MC		 1454 uint64_t sid = 0;
1455 char *msg = "Hello world!";
1456 size_t msglen = strlen(msg), written, readbytes, i, j;
1457 unsigned char buf[80];
b1584a85 1458 int flags = QTEST_FLAG_NOISE | QTEST_FLAG_FAKE_TIME;
21d2041d 1459 QTEST_FAULT *fault = NULL;
b1584a85
MC		 1460
1461 if (idx == 1)
1462 flags |= QTEST_FLAG_PACKET_SPLIT;
43b94c7f
MC		 1463
1464 if (!TEST_ptr(cctx)
1465 || !TEST_true(qtest_create_quic_objects(libctx, cctx, NULL, cert,
b1584a85 1466 privkey, flags,
43b94c7f 1467 &qtserv,
21d2041d 1468 &clientquic, &fault, NULL)))
43b94c7f
MC		 1469 goto err;
1470
1471 if (!TEST_true(qtest_create_quic_connection(qtserv, clientquic)))
1472 goto err;
1473
19d79bb2
MC		 1474 if (!TEST_true(SSL_set_incoming_stream_policy(clientquic,
1475 SSL_INCOMING_STREAM_POLICY_ACCEPT,
1476 0))
1477 || !TEST_true(SSL_set_default_stream_mode(clientquic,
1478 SSL_DEFAULT_STREAM_MODE_NONE)))
1479 goto err;
1480
1481 for (j = 0; j < 2; j++) {
1482 if (!TEST_true(ossl_quic_tserver_stream_new(qtserv, 0, &sid)))
1483 goto err;
1484 ossl_quic_tserver_tick(qtserv);
5d3933ee 1485 qtest_add_time(1);
19d79bb2
MC		 1486
1487 /*
6dfc57f8
TM		 1488 * Send data from the server to the client. Some datagrams may get
1489 * lost, modified, dropped or re-ordered. We repeat 20 times to ensure
1490 * we are sending enough datagrams for problems to be noticed.
1491 */
1492 for (i = 0; i < 20; i++) {
19d79bb2
MC		 1493 if (!TEST_true(ossl_quic_tserver_write(qtserv, sid,
1494 (unsigned char *)msg, msglen,
1495 &written))
1496 || !TEST_size_t_eq(msglen, written))
1497 goto err;
1498 ossl_quic_tserver_tick(qtserv);
5d3933ee 1499 qtest_add_time(1);
19d79bb2
MC		 1500
1501 /*
6dfc57f8
TM		 1502 * Since the underlying BIO is now noisy we may get failures that
1503 * need to be retried - so we use unreliable_client_read() to
1504 * handle that
1505 */
19d79bb2
MC		 1506 if (!TEST_true(unreliable_client_read(clientquic, &stream[j], buf,
1507 sizeof(buf), &readbytes,
1508 qtserv))
1509 || !TEST_mem_eq(msg, msglen, buf, readbytes))
1510 goto err;
1511 }
1512
1513 /* Send data from the client to the server */
6dfc57f8 1514 for (i = 0; i < 20; i++) {
19d79bb2
MC		 1515 if (!TEST_true(SSL_write_ex(stream[j], (unsigned char *)msg,
1516 msglen, &written))
1517 || !TEST_size_t_eq(msglen, written))
1518 goto err;
1519
1520 ossl_quic_tserver_tick(qtserv);
5d3933ee
MC		 1521 qtest_add_time(1);
1522
19d79bb2 1523 /*
6dfc57f8
TM		 1524 * Since the underlying BIO is now noisy we may get failures that
1525 * need to be retried - so we use unreliable_server_read() to
1526 * handle that
1527 */
19d79bb2
MC		 1528 if (!TEST_true(unreliable_server_read(qtserv, sid, buf, sizeof(buf),
1529 &readbytes, clientquic))
1530 || !TEST_mem_eq(msg, msglen, buf, readbytes))
1531 goto err;
1532 }
1533 }
1534
43b94c7f
MC		 1535 testresult = 1;
1536 err:
1537 ossl_quic_tserver_free(qtserv);
19d79bb2
MC		 1538 SSL_free(stream[0]);
1539 SSL_free(stream[1]);
43b94c7f
MC		 1540 SSL_free(clientquic);
1541 SSL_CTX_free(cctx);
21d2041d 1542 qtest_fault_free(fault);
43b94c7f
MC		 1543
1544 return testresult;
1545}
1546
1547
2e1da969 1548OPT_TEST_DECLARE_USAGE("provider config certsdir datadir\n")
e44795bd
TM		 1549
1550int setup_tests(void)
1551{
1552 char *modulename;
1553 char *configfile;
1554
1555 libctx = OSSL_LIB_CTX_new();
1556 if (!TEST_ptr(libctx))
1557 return 0;
1558
1559 defctxnull = OSSL_PROVIDER_load(NULL, "null");
1560
1561 /*
1562 * Verify that the default and fips providers in the default libctx are not
1563 * available
1564 */
1565 if (!TEST_false(OSSL_PROVIDER_available(NULL, "default"))
1566 || !TEST_false(OSSL_PROVIDER_available(NULL, "fips")))
0c593328 1567 goto err;
e44795bd
TM		 1568
1569 if (!test_skip_common_options()) {
1570 TEST_error("Error parsing test options\n");
0c593328 1571 goto err;
e44795bd
TM		 1572 }
1573
1574 if (!TEST_ptr(modulename = test_get_argument(0))
0c593328 1575 || !TEST_ptr(configfile = test_get_argument(1))
2e1da969
MC		 1576 || !TEST_ptr(certsdir = test_get_argument(2))
1577 || !TEST_ptr(datadir = test_get_argument(3)))
0c593328 1578 goto err;
e44795bd
TM		 1579
1580 if (!TEST_true(OSSL_LIB_CTX_load_config(libctx, configfile)))
0c593328 1581 goto err;
e44795bd
TM		 1582
1583 /* Check we have the expected provider available */
1584 if (!TEST_true(OSSL_PROVIDER_available(libctx, modulename)))
0c593328 1585 goto err;
e44795bd
TM		 1586
1587 /* Check the default provider is not available */
1588 if (strcmp(modulename, "default") != 0
1589 && !TEST_false(OSSL_PROVIDER_available(libctx, "default")))
0c593328 1590 goto err;
e44795bd
TM		 1591
1592 if (strcmp(modulename, "fips") == 0)
1593 is_fips = 1;
1594
0c593328
MC		 1595 cert = test_mk_file_path(certsdir, "servercert.pem");
1596 if (cert == NULL)
1597 goto err;
1598
9f6eb622
TM		 1599 ccert = test_mk_file_path(certsdir, "ee-client-chain.pem");
1600 if (ccert == NULL)
1601 goto err;
1602
1603 cauthca = test_mk_file_path(certsdir, "root-cert.pem");
1604 if (cauthca == NULL)
1605 goto err;
1606
0c593328
MC		 1607 privkey = test_mk_file_path(certsdir, "serverkey.pem");
1608 if (privkey == NULL)
1609 goto err;
1610
9f6eb622
TM		 1611 cprivkey = test_mk_file_path(certsdir, "ee-key.pem");
1612 if (privkey == NULL)
1613 goto err;
1614
5c3474ea 1615 ADD_ALL_TESTS(test_quic_write_read, 3);
0fa6612e 1616 ADD_TEST(test_fin_only_blocking);
0c9646ec 1617 ADD_TEST(test_ciphersuites);
9912dfb9 1618 ADD_TEST(test_cipher_find);
843f6e27 1619 ADD_TEST(test_version);
1be2ee68 1620#if defined(DO_SSL_TRACE_TEST)
2e1da969
MC		 1621 ADD_TEST(test_ssl_trace);
1622#endif
09d56d20 1623 ADD_TEST(test_quic_forbidden_apis_ctx);
f082205b 1624 ADD_TEST(test_quic_forbidden_apis);
f0d9757c 1625 ADD_TEST(test_quic_forbidden_options);
5e6015af 1626 ADD_ALL_TESTS(test_quic_set_fd, 3);
0a3733ba 1627 ADD_TEST(test_bio_ssl);
a1c87f64 1628 ADD_TEST(test_back_pressure);
8c5284ff 1629 ADD_TEST(test_multiple_dgrams);
48724e8a 1630 ADD_ALL_TESTS(test_non_io_retry, 2);
1e4fc0b2 1631 ADD_TEST(test_quic_psk);
9f6eb622 1632 ADD_ALL_TESTS(test_client_auth, 2);
122d4e20 1633 ADD_ALL_TESTS(test_alpn, 2);
b1584a85 1634 ADD_ALL_TESTS(test_noisy_dgram, 2);
7757f5ef 1635 ADD_TEST(test_get_shutdown);
43b94c7f 1636
e44795bd 1637 return 1;
0c593328
MC		 1638 err:
1639 cleanup_tests();
1640 return 0;
e44795bd
TM		 1641}
1642
1643void cleanup_tests(void)
1644{
43b94c7f 1645 bio_f_noisy_dgram_filter_free();
b1584a85 1646 bio_f_pkt_split_dgram_filter_free();
0c593328
MC		 1647 OPENSSL_free(cert);
1648 OPENSSL_free(privkey);
9f6eb622
TM		 1649 OPENSSL_free(ccert);
1650 OPENSSL_free(cauthca);
1651 OPENSSL_free(cprivkey);
e44795bd
TM		 1652 OSSL_PROVIDER_unload(defctxnull);
1653 OSSL_LIB_CTX_free(libctx);
1654}
A mirror of the official openssl repository