]> git.ipfire.org Git - thirdparty/openssl.git/blob - test/quic_multistream_test.c
projects / thirdparty / openssl.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Copyright year updates
[thirdparty/openssl.git] / test / quic_multistream_test.c
1 /*
2 * Copyright 2023-2024 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9 #include <openssl/ssl.h>
10 #include <openssl/quic.h>
11 #include <openssl/bio.h>
12 #include <openssl/lhash.h>
13 #include <openssl/rand.h>
14 #include "internal/quic_tserver.h"
15 #include "internal/quic_ssl.h"
16 #include "internal/quic_error.h"
17 #include "internal/quic_stream_map.h"
18 #include "internal/quic_engine.h"
19 #include "testutil.h"
20 #include "helpers/quictestlib.h"
21 #if defined(OPENSSL_THREADS)
22 # include "internal/thread_arch.h"
23 #endif
24 #include "internal/numbers.h" /* UINT64_C */
25
26 static const char *certfile, *keyfile;
27
28 #if defined(OPENSSL_THREADS)
29 struct child_thread_args {
30 struct helper *h;
31 const struct script_op *script;
32 const char *script_name;
33 int thread_idx;
34
35 CRYPTO_THREAD *t;
36 CRYPTO_MUTEX *m;
37 int testresult;
38 int done;
39 int s_checked_out;
40 };
41 #endif
42
43 typedef struct stream_info {
44 const char *name;
45 SSL *c_stream;
46 uint64_t s_stream_id;
47 } STREAM_INFO;
48
49 DEFINE_LHASH_OF_EX(STREAM_INFO);
50
51 struct helper {
52 int s_fd;
53 BIO *s_net_bio, *s_net_bio_own, *s_qtf_wbio, *s_qtf_wbio_own;
54 /* The BIO_ADDR used for BIO_bind() */
55 BIO_ADDR *s_net_bio_orig_addr;
56 /* The resulting address, which is the one to connect to */
57 BIO_ADDR *s_net_bio_addr;
58
59 /*
60 * When doing a blocking mode test run, s_priv always points to the TSERVER
61 * and s is NULL when the main thread should not be touching s_priv.
62 */
63 QUIC_TSERVER *s, *s_priv;
64 LHASH_OF(STREAM_INFO) *s_streams;
65
66 int c_fd;
67 BIO *c_net_bio, *c_net_bio_own;
68 SSL_CTX *c_ctx;
69 SSL *c_conn;
70 LHASH_OF(STREAM_INFO) *c_streams;
71
72 #if defined(OPENSSL_THREADS)
73 struct child_thread_args *threads;
74 size_t num_threads;
75 CRYPTO_MUTEX *misc_m;
76 CRYPTO_CONDVAR *misc_cv;
77 #endif
78
79 OSSL_TIME start_time;
80
81 /*
82 * This is a duration recording the amount of time we have skipped forwards
83 * for testing purposes relative to the real ossl_time_now() clock. We add
84 * a quantity of time to this every time we skip some time.
85 */
86 CRYPTO_RWLOCK *time_lock;
87 OSSL_TIME time_slip; /* protected by time_lock */
88
89 QTEST_FAULT *qtf;
90
91 int init, blocking, check_spin_again;
92 int free_order, need_injector;
93
94 int (*qtf_packet_plain_cb)(struct helper *h, QUIC_PKT_HDR *hdr,
95 unsigned char *buf, size_t buf_len);
96 int (*qtf_handshake_cb)(struct helper *h,
97 unsigned char *buf, size_t buf_len);
98 int (*qtf_datagram_cb)(struct helper *h,
99 BIO_MSG *m, size_t stride);
100 uint64_t inject_word0, inject_word1;
101 uint64_t scratch0, scratch1, fail_count;
102 #if defined(OPENSSL_THREADS)
103 struct {
104 CRYPTO_THREAD *t;
105 CRYPTO_MUTEX *m;
106 CRYPTO_CONDVAR *c;
107 int ready, stop;
108 } server_thread;
109 int s_checked_out;
110 #endif
111 };
112
113 struct helper_local {
114 struct helper *h;
115 LHASH_OF(STREAM_INFO) *c_streams;
116 int thread_idx;
117 const struct script_op *check_op;
118 int explicit_event_handling;
119 };
120
121 struct script_op {
122 uint32_t op;
123 const void *arg0;
124 size_t arg1;
125 int (*check_func)(struct helper *h, struct helper_local *hl);
126 const char *stream_name;
127 uint64_t arg2;
128 int (*qtf_packet_plain_cb)(struct helper *h, QUIC_PKT_HDR *hdr,
129 unsigned char *buf, size_t buf_len);
130 int (*qtf_handshake_cb)(struct helper *h,
131 unsigned char *buf, size_t buf_len);
132 int (*qtf_datagram_cb)(struct helper *h,
133 BIO_MSG *m, size_t stride);
134 };
135
136 #define OPK_END 0
137 #define OPK_CHECK 1
138 #define OPK_C_SET_ALPN 2
139 #define OPK_C_CONNECT_WAIT 3
140 #define OPK_C_WRITE 4
141 #define OPK_S_WRITE 5
142 #define OPK_C_READ_EXPECT 6
143 #define OPK_S_READ_EXPECT 7
144 #define OPK_C_EXPECT_FIN 8
145 #define OPK_S_EXPECT_FIN 9
146 #define OPK_C_CONCLUDE 10
147 #define OPK_S_CONCLUDE 11
148 #define OPK_C_DETACH 12
149 #define OPK_C_ATTACH 13
150 #define OPK_C_NEW_STREAM 14
151 #define OPK_S_NEW_STREAM 15
152 #define OPK_C_ACCEPT_STREAM_WAIT 16
153 #define OPK_C_ACCEPT_STREAM_NONE 17
154 #define OPK_C_FREE_STREAM 18
155 #define OPK_C_SET_DEFAULT_STREAM_MODE 19
156 #define OPK_C_SET_INCOMING_STREAM_POLICY 20
157 #define OPK_C_SHUTDOWN_WAIT 21
158 #define OPK_C_EXPECT_CONN_CLOSE_INFO 22
159 #define OPK_S_EXPECT_CONN_CLOSE_INFO 23
160 #define OPK_S_BIND_STREAM_ID 24
161 #define OPK_C_WAIT_FOR_DATA 25
162 #define OPK_C_WRITE_FAIL 26
163 #define OPK_S_WRITE_FAIL 27
164 #define OPK_C_READ_FAIL 28
165 #define OPK_C_STREAM_RESET 29
166 #define OPK_S_ACCEPT_STREAM_WAIT 30
167 #define OPK_NEW_THREAD 31
168 #define OPK_BEGIN_REPEAT 32
169 #define OPK_END_REPEAT 33
170 #define OPK_S_UNBIND_STREAM_ID 34
171 #define OPK_C_READ_FAIL_WAIT 35
172 #define OPK_C_CLOSE_SOCKET 36
173 #define OPK_C_EXPECT_SSL_ERR 37
174 #define OPK_EXPECT_ERR_REASON 38
175 #define OPK_EXPECT_ERR_LIB 39
176 #define OPK_SLEEP 40
177 #define OPK_S_READ_FAIL 41
178 #define OPK_S_SET_INJECT_PLAIN 42
179 #define OPK_SET_INJECT_WORD 43
180 #define OPK_C_INHIBIT_TICK 44
181 #define OPK_C_SET_WRITE_BUF_SIZE 45
182 #define OPK_S_SET_INJECT_HANDSHAKE 46
183 #define OPK_S_NEW_TICKET 47
184 #define OPK_C_SKIP_IF_UNBOUND 48
185 #define OPK_S_SET_INJECT_DATAGRAM 49
186 #define OPK_S_SHUTDOWN 50
187 #define OPK_POP_ERR 51
188 #define OPK_C_WRITE_EX2 52
189 #define OPK_SKIP_IF_BLOCKING 53
190
191 #define EXPECT_CONN_CLOSE_APP (1U << 0)
192 #define EXPECT_CONN_CLOSE_REMOTE (1U << 1)
193
194 /* OPK_C_NEW_STREAM */
195 #define ALLOW_FAIL (1U << 16)
196
197 #define C_BIDI_ID(ordinal) \
198 (((ordinal) << 2) | QUIC_STREAM_INITIATOR_CLIENT | QUIC_STREAM_DIR_BIDI)
199 #define S_BIDI_ID(ordinal) \
200 (((ordinal) << 2) | QUIC_STREAM_INITIATOR_SERVER | QUIC_STREAM_DIR_BIDI)
201 #define C_UNI_ID(ordinal) \
202 (((ordinal) << 2) | QUIC_STREAM_INITIATOR_CLIENT | QUIC_STREAM_DIR_UNI)
203 #define S_UNI_ID(ordinal) \
204 (((ordinal) << 2) | QUIC_STREAM_INITIATOR_SERVER | QUIC_STREAM_DIR_UNI)
205
206 #define ANY_ID UINT64_MAX
207
208 #define OP_END \
209 {OPK_END}
210 #define OP_CHECK(func, arg2) \
211 {OPK_CHECK, NULL, 0, (func), NULL, (arg2)},
212 #define OP_C_SET_ALPN(alpn) \
213 {OPK_C_SET_ALPN, (alpn), 0, NULL, NULL},
214 #define OP_C_CONNECT_WAIT() \
215 {OPK_C_CONNECT_WAIT, NULL, 0, NULL, NULL},
216 #define OP_C_CONNECT_WAIT_OR_FAIL() \
217 {OPK_C_CONNECT_WAIT, NULL, 1, NULL, NULL},
218 #define OP_C_WRITE(stream_name, buf, buf_len) \
219 {OPK_C_WRITE, (buf), (buf_len), NULL, #stream_name},
220 #define OP_S_WRITE(stream_name, buf, buf_len) \
221 {OPK_S_WRITE, (buf), (buf_len), NULL, #stream_name},
222 #define OP_C_READ_EXPECT(stream_name, buf, buf_len) \
223 {OPK_C_READ_EXPECT, (buf), (buf_len), NULL, #stream_name},
224 #define OP_S_READ_EXPECT(stream_name, buf, buf_len) \
225 {OPK_S_READ_EXPECT, (buf), (buf_len), NULL, #stream_name},
226 #define OP_C_EXPECT_FIN(stream_name) \
227 {OPK_C_EXPECT_FIN, NULL, 0, NULL, #stream_name},
228 #define OP_S_EXPECT_FIN(stream_name) \
229 {OPK_S_EXPECT_FIN, NULL, 0, NULL, #stream_name},
230 #define OP_C_CONCLUDE(stream_name) \
231 {OPK_C_CONCLUDE, NULL, 0, NULL, #stream_name},
232 #define OP_S_CONCLUDE(stream_name) \
233 {OPK_S_CONCLUDE, NULL, 0, NULL, #stream_name},
234 #define OP_C_DETACH(stream_name) \
235 {OPK_C_DETACH, NULL, 0, NULL, #stream_name},
236 #define OP_C_ATTACH(stream_name) \
237 {OPK_C_ATTACH, NULL, 0, NULL, #stream_name},
238 #define OP_C_NEW_STREAM_BIDI(stream_name, expect_id) \
239 {OPK_C_NEW_STREAM, NULL, 0, NULL, #stream_name, (expect_id)},
240 #define OP_C_NEW_STREAM_BIDI_EX(stream_name, expect_id, flags) \
241 {OPK_C_NEW_STREAM, NULL, (flags), NULL, #stream_name, (expect_id)},
242 #define OP_C_NEW_STREAM_UNI(stream_name, expect_id) \
243 {OPK_C_NEW_STREAM, NULL, SSL_STREAM_FLAG_UNI, \
244 NULL, #stream_name, (expect_id)},
245 #define OP_C_NEW_STREAM_UNI_EX(stream_name, expect_id, flags) \
246 {OPK_C_NEW_STREAM, NULL, (flags) | SSL_STREAM_FLAG_UNI, \
247 NULL, #stream_name, (expect_id)},
248 #define OP_S_NEW_STREAM_BIDI(stream_name, expect_id) \
249 {OPK_S_NEW_STREAM, NULL, 0, NULL, #stream_name, (expect_id)},
250 #define OP_S_NEW_STREAM_UNI(stream_name, expect_id) \
251 {OPK_S_NEW_STREAM, NULL, 1, NULL, #stream_name, (expect_id)},
252 #define OP_C_ACCEPT_STREAM_WAIT(stream_name) \
253 {OPK_C_ACCEPT_STREAM_WAIT, NULL, 0, NULL, #stream_name},
254 #define OP_C_ACCEPT_STREAM_NONE() \
255 {OPK_C_ACCEPT_STREAM_NONE, NULL, 0, NULL, NULL},
256 #define OP_C_FREE_STREAM(stream_name) \
257 {OPK_C_FREE_STREAM, NULL, 0, NULL, #stream_name},
258 #define OP_C_SET_DEFAULT_STREAM_MODE(mode) \
259 {OPK_C_SET_DEFAULT_STREAM_MODE, NULL, (mode), NULL, NULL},
260 #define OP_C_SET_INCOMING_STREAM_POLICY(policy) \
261 {OPK_C_SET_INCOMING_STREAM_POLICY, NULL, (policy), NULL, NULL},
262 #define OP_C_SHUTDOWN_WAIT(reason, flags) \
263 {OPK_C_SHUTDOWN_WAIT, (reason), (flags), NULL, NULL},
264 #define OP_C_EXPECT_CONN_CLOSE_INFO(ec, app, remote) \
265 {OPK_C_EXPECT_CONN_CLOSE_INFO, NULL, \
266 ((app) ? EXPECT_CONN_CLOSE_APP : 0) | \
267 ((remote) ? EXPECT_CONN_CLOSE_REMOTE : 0), \
268 NULL, NULL, (ec)},
269 #define OP_S_EXPECT_CONN_CLOSE_INFO(ec, app, remote) \
270 {OPK_S_EXPECT_CONN_CLOSE_INFO, NULL, \
271 ((app) ? EXPECT_CONN_CLOSE_APP : 0) | \
272 ((remote) ? EXPECT_CONN_CLOSE_REMOTE : 0), \
273 NULL, NULL, (ec)},
274 #define OP_S_BIND_STREAM_ID(stream_name, stream_id) \
275 {OPK_S_BIND_STREAM_ID, NULL, 0, NULL, #stream_name, (stream_id)},
276 #define OP_C_WAIT_FOR_DATA(stream_name) \
277 {OPK_C_WAIT_FOR_DATA, NULL, 0, NULL, #stream_name},
278 #define OP_C_WRITE_FAIL(stream_name) \
279 {OPK_C_WRITE_FAIL, NULL, 0, NULL, #stream_name},
280 #define OP_S_WRITE_FAIL(stream_name) \
281 {OPK_S_WRITE_FAIL, NULL, 0, NULL, #stream_name},
282 #define OP_C_READ_FAIL(stream_name) \
283 {OPK_C_READ_FAIL, NULL, 0, NULL, #stream_name},
284 #define OP_S_READ_FAIL(stream_name, allow_zero_len) \
285 {OPK_S_READ_FAIL, NULL, (allow_zero_len), NULL, #stream_name},
286 #define OP_C_STREAM_RESET(stream_name, aec) \
287 {OPK_C_STREAM_RESET, NULL, 0, NULL, #stream_name, (aec)},
288 #define OP_S_ACCEPT_STREAM_WAIT(stream_name) \
289 {OPK_S_ACCEPT_STREAM_WAIT, NULL, 0, NULL, #stream_name},
290 #define OP_NEW_THREAD(num_threads, script) \
291 {OPK_NEW_THREAD, (script), (num_threads), NULL, NULL, 0 },
292 #define OP_BEGIN_REPEAT(n) \
293 {OPK_BEGIN_REPEAT, NULL, (n)},
294 #define OP_END_REPEAT() \
295 {OPK_END_REPEAT},
296 #define OP_S_UNBIND_STREAM_ID(stream_name) \
297 {OPK_S_UNBIND_STREAM_ID, NULL, 0, NULL, #stream_name},
298 #define OP_C_READ_FAIL_WAIT(stream_name) \
299 {OPK_C_READ_FAIL_WAIT, NULL, 0, NULL, #stream_name},
300 #define OP_C_CLOSE_SOCKET() \
301 {OPK_C_CLOSE_SOCKET},
302 #define OP_C_EXPECT_SSL_ERR(stream_name, err) \
303 {OPK_C_EXPECT_SSL_ERR, NULL, (err), NULL, #stream_name},
304 #define OP_EXPECT_ERR_REASON(err) \
305 {OPK_EXPECT_ERR_REASON, NULL, (err)},
306 #define OP_EXPECT_ERR_LIB(lib) \
307 {OPK_EXPECT_ERR_LIB, NULL, (lib)},
308 #define OP_SLEEP(ms) \
309 {OPK_SLEEP, NULL, 0, NULL, NULL, (ms)},
310 #define OP_S_SET_INJECT_PLAIN(f) \
311 {OPK_S_SET_INJECT_PLAIN, NULL, 0, NULL, NULL, 0, (f)},
312 #define OP_SET_INJECT_WORD(w0, w1) \
313 {OPK_SET_INJECT_WORD, NULL, (w0), NULL, NULL, (w1), NULL},
314 #define OP_C_INHIBIT_TICK(inhibit) \
315 {OPK_C_INHIBIT_TICK, NULL, (inhibit), NULL, NULL, 0, NULL},
316 #define OP_C_SET_WRITE_BUF_SIZE(stream_name, size) \
317 {OPK_C_SET_WRITE_BUF_SIZE, NULL, (size), NULL, #stream_name},
318 #define OP_S_SET_INJECT_HANDSHAKE(f) \
319 {OPK_S_SET_INJECT_HANDSHAKE, NULL, 0, NULL, NULL, 0, NULL, (f)},
320 #define OP_S_NEW_TICKET() \
321 {OPK_S_NEW_TICKET},
322 #define OP_C_SKIP_IF_UNBOUND(stream_name, n) \
323 {OPK_C_SKIP_IF_UNBOUND, NULL, (n), NULL, #stream_name},
324 #define OP_S_SET_INJECT_DATAGRAM(f) \
325 {OPK_S_SET_INJECT_DATAGRAM, NULL, 0, NULL, NULL, 0, NULL, NULL, (f)},
326 #define OP_S_SHUTDOWN(error_code) \
327 {OPK_S_SHUTDOWN, NULL, (error_code)},
328 #define OP_POP_ERR() \
329 {OPK_POP_ERR},
330 #define OP_C_WRITE_EX2(stream_name, buf, buf_len, flags) \
331 {OPK_C_WRITE_EX2, (buf), (buf_len), NULL, #stream_name, (flags)},
332 #define OP_CHECK2(func, arg1, arg2) \
333 {OPK_CHECK, NULL, (arg1), (func), NULL, (arg2)},
334 #define OP_SKIP_IF_BLOCKING(n) \
335 {OPK_SKIP_IF_BLOCKING, NULL, (n), NULL, 0},
336
337 static OSSL_TIME get_time(void *arg)
338 {
339 struct helper *h = arg;
340 OSSL_TIME t;
341
342 if (!TEST_true(CRYPTO_THREAD_read_lock(h->time_lock)))
343 return ossl_time_zero();
344
345 t = ossl_time_add(ossl_time_now(), h->time_slip);
346
347 CRYPTO_THREAD_unlock(h->time_lock);
348 return t;
349 }
350
351 static int skip_time_ms(struct helper *h, struct helper_local *hl)
352 {
353 if (!TEST_true(CRYPTO_THREAD_write_lock(h->time_lock)))
354 return 0;
355
356 h->time_slip = ossl_time_add(h->time_slip, ossl_ms2time(hl->check_op->arg2));
357
358 CRYPTO_THREAD_unlock(h->time_lock);
359 return 1;
360 }
361
362 static QUIC_TSERVER *s_lock(struct helper *h, struct helper_local *hl);
363 static void s_unlock(struct helper *h, struct helper_local *hl);
364
365 #define ACQUIRE_S() s_lock(h, hl)
366 #define ACQUIRE_S_NOHL() s_lock(h, NULL)
367
368 static int check_rejected(struct helper *h, struct helper_local *hl)
369 {
370 uint64_t stream_id = hl->check_op->arg2;
371
372 if (!ossl_quic_tserver_stream_has_peer_stop_sending(ACQUIRE_S(), stream_id, NULL)
373 || !ossl_quic_tserver_stream_has_peer_reset_stream(ACQUIRE_S(), stream_id, NULL)) {
374 h->check_spin_again = 1;
375 return 0;
376 }
377
378 return 1;
379 }
380
381 static int check_stream_reset(struct helper *h, struct helper_local *hl)
382 {
383 uint64_t stream_id = hl->check_op->arg2, aec = 0;
384
385 if (!ossl_quic_tserver_stream_has_peer_reset_stream(ACQUIRE_S(), stream_id, &aec)) {
386 h->check_spin_again = 1;
387 return 0;
388 }
389
390 return TEST_uint64_t_eq(aec, 42);
391 }
392
393 static int check_stream_stopped(struct helper *h, struct helper_local *hl)
394 {
395 uint64_t stream_id = hl->check_op->arg2;
396
397 if (!ossl_quic_tserver_stream_has_peer_stop_sending(ACQUIRE_S(), stream_id, NULL)) {
398 h->check_spin_again = 1;
399 return 0;
400 }
401
402 return 1;
403 }
404
405 static int override_key_update(struct helper *h, struct helper_local *hl)
406 {
407 QUIC_CHANNEL *ch = ossl_quic_conn_get_channel(h->c_conn);
408
409 ossl_quic_channel_set_txku_threshold_override(ch, hl->check_op->arg2);
410 return 1;
411 }
412
413 static int trigger_key_update(struct helper *h, struct helper_local *hl)
414 {
415 if (!TEST_true(SSL_key_update(h->c_conn, SSL_KEY_UPDATE_REQUESTED)))
416 return 0;
417
418 return 1;
419 }
420
421 static int check_key_update_ge(struct helper *h, struct helper_local *hl)
422 {
423 QUIC_CHANNEL *ch = ossl_quic_conn_get_channel(h->c_conn);
424 int64_t txke = (int64_t)ossl_quic_channel_get_tx_key_epoch(ch);
425 int64_t rxke = (int64_t)ossl_quic_channel_get_rx_key_epoch(ch);
426 int64_t diff = txke - rxke;
427
428 /*
429 * TXKE must always be equal to or ahead of RXKE.
430 * It can be ahead of RXKE by at most 1.
431 */
432 if (!TEST_int64_t_ge(diff, 0) || !TEST_int64_t_le(diff, 1))
433 return 0;
434
435 /* Caller specifies a minimum number of RXKEs which must have happened. */
436 if (!TEST_uint64_t_ge((uint64_t)rxke, hl->check_op->arg2))
437 return 0;
438
439 return 1;
440 }
441
442 static int check_key_update_lt(struct helper *h, struct helper_local *hl)
443 {
444 QUIC_CHANNEL *ch = ossl_quic_conn_get_channel(h->c_conn);
445 uint64_t txke = ossl_quic_channel_get_tx_key_epoch(ch);
446
447 /* Caller specifies a maximum number of TXKEs which must have happened. */
448 if (!TEST_uint64_t_lt(txke, hl->check_op->arg2))
449 return 0;
450
451 return 1;
452 }
453
454 static unsigned long stream_info_hash(const STREAM_INFO *info)
455 {
456 return OPENSSL_LH_strhash(info->name);
457 }
458
459 static int stream_info_cmp(const STREAM_INFO *a, const STREAM_INFO *b)
460 {
461 return strcmp(a->name, b->name);
462 }
463
464 static void cleanup_stream(STREAM_INFO *info)
465 {
466 SSL_free(info->c_stream);
467 OPENSSL_free(info);
468 }
469
470 static void helper_cleanup_streams(LHASH_OF(STREAM_INFO) **lh)
471 {
472 if (*lh == NULL)
473 return;
474
475 lh_STREAM_INFO_doall(*lh, cleanup_stream);
476 lh_STREAM_INFO_free(*lh);
477 *lh = NULL;
478 }
479
480 #if defined(OPENSSL_THREADS)
481 static CRYPTO_THREAD_RETVAL run_script_child_thread(void *arg);
482
483 static int join_threads(struct child_thread_args *threads, size_t num_threads)
484 {
485 int ok = 1;
486 size_t i;
487 CRYPTO_THREAD_RETVAL rv;
488
489 for (i = 0; i < num_threads; ++i) {
490 if (threads[i].t != NULL) {
491 ossl_crypto_thread_native_join(threads[i].t, &rv);
492
493 if (!threads[i].testresult)
494 /* Do not log failure here, worker will do it. */
495 ok = 0;
496
497 ossl_crypto_thread_native_clean(threads[i].t);
498 threads[i].t = NULL;
499 }
500
501 ossl_crypto_mutex_free(&threads[i].m);
502 }
503
504 return ok;
505 }
506
507 static int join_server_thread(struct helper *h)
508 {
509 CRYPTO_THREAD_RETVAL rv;
510
511 if (h->server_thread.t == NULL)
512 return 1;
513
514 ossl_crypto_mutex_lock(h->server_thread.m);
515 h->server_thread.stop = 1;
516 ossl_crypto_condvar_signal(h->server_thread.c);
517 ossl_crypto_mutex_unlock(h->server_thread.m);
518
519 ossl_crypto_thread_native_join(h->server_thread.t, &rv);
520 ossl_crypto_thread_native_clean(h->server_thread.t);
521 h->server_thread.t = NULL;
522 return 1;
523 }
524
525 /* Ensure the server-state lock is currently held. Idempotent. */
526 static int *s_checked_out_p(struct helper *h, int thread_idx)
527 {
528 return (thread_idx < 0) ? &h->s_checked_out
529 : &h->threads[thread_idx].s_checked_out;
530 }
531
532 static QUIC_TSERVER *s_lock(struct helper *h, struct helper_local *hl)
533 {
534 int *p_checked_out = s_checked_out_p(h, hl == NULL ? -1 : hl->thread_idx);
535
536 if (h->server_thread.m == NULL || *p_checked_out)
537 return h->s;
538
539 ossl_crypto_mutex_lock(h->server_thread.m);
540 h->s = h->s_priv;
541 *p_checked_out = 1;
542 return h->s;
543 }
544
545 /* Ensure the server-state lock is currently not held. Idempotent. */
546 static void s_unlock(struct helper *h, struct helper_local *hl)
547 {
548 int *p_checked_out = s_checked_out_p(h, hl->thread_idx);
549
550 if (h->server_thread.m == NULL || !*p_checked_out)
551 return;
552
553 *p_checked_out = 0;
554 h->s = NULL;
555 ossl_crypto_mutex_unlock(h->server_thread.m);
556 }
557
558 static unsigned int server_helper_thread(void *arg)
559 {
560 struct helper *h = arg;
561
562 ossl_crypto_mutex_lock(h->server_thread.m);
563
564 for (;;) {
565 int ready, stop;
566
567 ready = h->server_thread.ready;
568 stop = h->server_thread.stop;
569
570 if (stop)
571 break;
572
573 if (!ready) {
574 ossl_crypto_condvar_wait(h->server_thread.c, h->server_thread.m);
575 continue;
576 }
577
578 ossl_quic_tserver_tick(h->s_priv);
579 ossl_crypto_mutex_unlock(h->server_thread.m);
580 /*
581 * Give the main thread an opportunity to get the mutex, which is
582 * sometimes necessary in some script operations.
583 */
584 OSSL_sleep(1);
585 ossl_crypto_mutex_lock(h->server_thread.m);
586 }
587
588 ossl_crypto_mutex_unlock(h->server_thread.m);
589 return 1;
590 }
591
592 #else
593
594 static QUIC_TSERVER *s_lock(struct helper *h, struct helper_local *hl)
595 {
596 return h->s;
597 }
598
599 static void s_unlock(struct helper *h, struct helper_local *hl)
600 {}
601
602 #endif
603
604 static void helper_cleanup(struct helper *h)
605 {
606 #if defined(OPENSSL_THREADS)
607 join_threads(h->threads, h->num_threads);
608 join_server_thread(h);
609 OPENSSL_free(h->threads);
610 h->threads = NULL;
611 h->num_threads = 0;
612 #endif
613
614 if (h->free_order == 0) {
615 /* order 0: streams, then conn */
616 helper_cleanup_streams(&h->c_streams);
617
618 SSL_free(h->c_conn);
619 h->c_conn = NULL;
620 } else {
621 /* order 1: conn, then streams */
622 SSL_free(h->c_conn);
623 h->c_conn = NULL;
624
625 helper_cleanup_streams(&h->c_streams);
626 }
627
628 helper_cleanup_streams(&h->s_streams);
629 ossl_quic_tserver_free(h->s_priv);
630 h->s_priv = h->s = NULL;
631
632 BIO_free(h->s_net_bio_own);
633 h->s_net_bio_own = NULL;
634
635 BIO_free(h->c_net_bio_own);
636 h->c_net_bio_own = NULL;
637
638 BIO_free(h->s_qtf_wbio_own);
639 h->s_qtf_wbio_own = NULL;
640
641 qtest_fault_free(h->qtf);
642 h->qtf = NULL;
643
644 if (h->s_fd >= 0) {
645 BIO_closesocket(h->s_fd);
646 h->s_fd = -1;
647 }
648
649 if (h->c_fd >= 0) {
650 BIO_closesocket(h->c_fd);
651 h->c_fd = -1;
652 }
653
654 BIO_ADDR_free(h->s_net_bio_addr);
655 h->s_net_bio_addr = NULL;
656 BIO_ADDR_free(h->s_net_bio_orig_addr);
657 h->s_net_bio_orig_addr = NULL;
658
659 SSL_CTX_free(h->c_ctx);
660 h->c_ctx = NULL;
661
662 CRYPTO_THREAD_lock_free(h->time_lock);
663 h->time_lock = NULL;
664
665 #if defined(OPENSSL_THREADS)
666 ossl_crypto_mutex_free(&h->misc_m);
667 ossl_crypto_condvar_free(&h->misc_cv);
668 ossl_crypto_mutex_free(&h->server_thread.m);
669 ossl_crypto_condvar_free(&h->server_thread.c);
670 #endif
671 }
672
673 static int helper_init(struct helper *h, const char *script_name,
674 int free_order, int blocking,
675 int need_injector)
676 {
677 struct in_addr ina = {0};
678 QUIC_TSERVER_ARGS s_args = {0};
679 union BIO_sock_info_u info;
680 char title[128];
681
682 memset(h, 0, sizeof(*h));
683 h->c_fd = -1;
684 h->s_fd = -1;
685 h->free_order = free_order;
686 h->blocking = blocking;
687 h->need_injector = need_injector;
688 h->time_slip = ossl_time_zero();
689
690 if (!TEST_ptr(h->time_lock = CRYPTO_THREAD_lock_new()))
691 goto err;
692
693 if (!TEST_ptr(h->s_streams = lh_STREAM_INFO_new(stream_info_hash,
694 stream_info_cmp)))
695 goto err;
696
697 if (!TEST_ptr(h->c_streams = lh_STREAM_INFO_new(stream_info_hash,
698 stream_info_cmp)))
699 goto err;
700
701 ina.s_addr = htonl(0x7f000001UL);
702
703 h->s_fd = BIO_socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP, 0);
704 if (!TEST_int_ge(h->s_fd, 0))
705 goto err;
706
707 if (!TEST_true(BIO_socket_nbio(h->s_fd, 1)))
708 goto err;
709
710 if (!TEST_ptr(h->s_net_bio_orig_addr = BIO_ADDR_new())
711 || !TEST_ptr(h->s_net_bio_addr = BIO_ADDR_new()))
712 goto err;
713
714 if (!TEST_true(BIO_ADDR_rawmake(h->s_net_bio_orig_addr, AF_INET,
715 &ina, sizeof(ina), 0)))
716 goto err;
717
718 if (!TEST_true(BIO_bind(h->s_fd, h->s_net_bio_orig_addr, 0)))
719 goto err;
720
721 info.addr = h->s_net_bio_addr;
722 if (!TEST_true(BIO_sock_info(h->s_fd, BIO_SOCK_INFO_ADDRESS, &info)))
723 goto err;
724
725 if (!TEST_int_gt(BIO_ADDR_rawport(h->s_net_bio_addr), 0))
726 goto err;
727
728 if (!TEST_ptr(h->s_net_bio = h->s_net_bio_own = BIO_new_dgram(h->s_fd, 0)))
729 goto err;
730
731 if (!BIO_up_ref(h->s_net_bio))
732 goto err;
733
734 if (need_injector) {
735 h->s_qtf_wbio = h->s_qtf_wbio_own = BIO_new(qtest_get_bio_method());
736 if (!TEST_ptr(h->s_qtf_wbio))
737 goto err;
738
739 if (!TEST_ptr(BIO_push(h->s_qtf_wbio, h->s_net_bio)))
740 goto err;
741
742 s_args.net_wbio = h->s_qtf_wbio;
743 } else {
744 s_args.net_wbio = h->s_net_bio;
745 }
746
747 s_args.net_rbio = h->s_net_bio;
748 s_args.alpn = NULL;
749 s_args.now_cb = get_time;
750 s_args.now_cb_arg = h;
751 s_args.ctx = NULL;
752
753 if (!TEST_ptr(h->s_priv = ossl_quic_tserver_new(&s_args, certfile, keyfile)))
754 goto err;
755
756 if (!blocking)
757 h->s = h->s_priv;
758
759 if (need_injector) {
760 h->qtf = qtest_create_injector(h->s_priv);
761 if (!TEST_ptr(h->qtf))
762 goto err;
763
764 BIO_set_data(h->s_qtf_wbio, h->qtf);
765 }
766
767 h->s_net_bio_own = NULL;
768 h->s_qtf_wbio_own = NULL;
769
770 h->c_fd = BIO_socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP, 0);
771 if (!TEST_int_ge(h->c_fd, 0))
772 goto err;
773
774 if (!TEST_true(BIO_socket_nbio(h->c_fd, 1)))
775 goto err;
776
777 if (!TEST_ptr(h->c_net_bio = h->c_net_bio_own = BIO_new_dgram(h->c_fd, 0)))
778 goto err;
779
780 if (!TEST_true(BIO_dgram_set_peer(h->c_net_bio, h->s_net_bio_addr)))
781 goto err;
782
783 if (!TEST_ptr(h->c_ctx = SSL_CTX_new(OSSL_QUIC_client_method())))
784 goto err;
785
786 /* Set title for qlog purposes. */
787 snprintf(title, sizeof(title), "quic_multistream_test: %s", script_name);
788 if (!TEST_true(ossl_quic_set_diag_title(h->c_ctx, title)))
789 goto err;
790
791 if (!TEST_ptr(h->c_conn = SSL_new(h->c_ctx)))
792 goto err;
793
794 /* Use custom time function for virtual time skip. */
795 if (!TEST_true(ossl_quic_conn_set_override_now_cb(h->c_conn, get_time, h)))
796 goto err;
797
798 /* Takes ownership of our reference to the BIO. */
799 SSL_set0_rbio(h->c_conn, h->c_net_bio);
800 h->c_net_bio_own = NULL;
801
802 if (!TEST_true(BIO_up_ref(h->c_net_bio)))
803 goto err;
804
805 SSL_set0_wbio(h->c_conn, h->c_net_bio);
806
807 if (!TEST_true(SSL_set_blocking_mode(h->c_conn, h->blocking)))
808 goto err;
809
810 #if defined(OPENSSL_THREADS)
811 if (!TEST_ptr(h->misc_m = ossl_crypto_mutex_new()))
812 goto err;
813 if (!TEST_ptr(h->misc_cv = ossl_crypto_condvar_new()))
814 goto err;
815 #endif
816
817 if (h->blocking) {
818 #if defined(OPENSSL_THREADS)
819 if (!TEST_ptr(h->server_thread.m = ossl_crypto_mutex_new()))
820 goto err;
821
822 if (!TEST_ptr(h->server_thread.c = ossl_crypto_condvar_new()))
823 goto err;
824
825 h->server_thread.t
826 = ossl_crypto_thread_native_start(server_helper_thread, h, 1);
827 if (!TEST_ptr(h->server_thread.t))
828 goto err;
829 #else
830 TEST_error("cannot support blocking mode without threads");
831 goto err;
832 #endif
833 }
834
835 h->start_time = ossl_time_now();
836 h->init = 1;
837 return 1;
838
839 err:
840 helper_cleanup(h);
841 return 0;
842 }
843
844 static int helper_local_init(struct helper_local *hl, struct helper *h,
845 int thread_idx)
846 {
847 hl->h = h;
848 hl->c_streams = NULL;
849 hl->thread_idx = thread_idx;
850 hl->explicit_event_handling = 0;
851
852 if (!TEST_ptr(h))
853 return 0;
854
855 if (thread_idx < 0) {
856 hl->c_streams = h->c_streams;
857 } else {
858 if (!TEST_ptr(hl->c_streams = lh_STREAM_INFO_new(stream_info_hash,
859 stream_info_cmp)))
860 return 0;
861 }
862
863 return 1;
864 }
865
866 static void helper_local_cleanup(struct helper_local *hl)
867 {
868 if (hl->h == NULL)
869 return;
870
871 if (hl->thread_idx >= 0)
872 helper_cleanup_streams(&hl->c_streams);
873
874 hl->h = NULL;
875 }
876
877 static STREAM_INFO *get_stream_info(LHASH_OF(STREAM_INFO) *lh,
878 const char *stream_name)
879 {
880 STREAM_INFO key, *info;
881
882 if (!TEST_ptr(stream_name))
883 return NULL;
884
885 if (!strcmp(stream_name, "DEFAULT"))
886 return NULL;
887
888 key.name = stream_name;
889 info = lh_STREAM_INFO_retrieve(lh, &key);
890 if (info == NULL) {
891 info = OPENSSL_zalloc(sizeof(*info));
892 if (info == NULL)
893 return NULL;
894
895 info->name = stream_name;
896 info->s_stream_id = UINT64_MAX;
897 lh_STREAM_INFO_insert(lh, info);
898 }
899
900 return info;
901 }
902
903 static int helper_local_set_c_stream(struct helper_local *hl,
904 const char *stream_name,
905 SSL *c_stream)
906 {
907 STREAM_INFO *info = get_stream_info(hl->c_streams, stream_name);
908
909 if (info == NULL)
910 return 0;
911
912 info->c_stream = c_stream;
913 info->s_stream_id = UINT64_MAX;
914 return 1;
915 }
916
917 static SSL *helper_local_get_c_stream(struct helper_local *hl,
918 const char *stream_name)
919 {
920 STREAM_INFO *info;
921
922 if (!strcmp(stream_name, "DEFAULT"))
923 return hl->h->c_conn;
924
925 info = get_stream_info(hl->c_streams, stream_name);
926 if (info == NULL)
927 return NULL;
928
929 return info->c_stream;
930 }
931
932 static int
933 helper_set_s_stream(struct helper *h, const char *stream_name,
934 uint64_t s_stream_id)
935 {
936 STREAM_INFO *info;
937
938 if (!strcmp(stream_name, "DEFAULT"))
939 return 0;
940
941 info = get_stream_info(h->s_streams, stream_name);
942 if (info == NULL)
943 return 0;
944
945 info->c_stream = NULL;
946 info->s_stream_id = s_stream_id;
947 return 1;
948 }
949
950 static uint64_t helper_get_s_stream(struct helper *h, const char *stream_name)
951 {
952 STREAM_INFO *info;
953
954 if (!strcmp(stream_name, "DEFAULT"))
955 return UINT64_MAX;
956
957 info = get_stream_info(h->s_streams, stream_name);
958 if (info == NULL)
959 return UINT64_MAX;
960
961 return info->s_stream_id;
962 }
963
964 static int helper_packet_plain_listener(QTEST_FAULT *qtf, QUIC_PKT_HDR *hdr,
965 unsigned char *buf, size_t buf_len,
966 void *arg)
967 {
968 struct helper *h = arg;
969
970 return h->qtf_packet_plain_cb(h, hdr, buf, buf_len);
971 }
972
973 static int helper_handshake_listener(QTEST_FAULT *fault,
974 unsigned char *buf, size_t buf_len,
975 void *arg)
976 {
977 struct helper *h = arg;
978
979 return h->qtf_handshake_cb(h, buf, buf_len);
980 }
981
982 static int helper_datagram_listener(QTEST_FAULT *fault,
983 BIO_MSG *msg, size_t stride,
984 void *arg)
985 {
986 struct helper *h = arg;
987
988 return h->qtf_datagram_cb(h, msg, stride);
989 }
990
991 static int is_want(SSL *s, int ret)
992 {
993 int ec = SSL_get_error(s, ret);
994
995 return ec == SSL_ERROR_WANT_READ || ec == SSL_ERROR_WANT_WRITE;
996 }
997
998 static int check_consistent_want(SSL *s, int ret)
999 {
1000 int ec = SSL_get_error(s, ret);
1001 int w = SSL_want(s);
1002
1003 int ok = TEST_true(
1004 (ec == SSL_ERROR_NONE && w == SSL_NOTHING)
1005 || (ec == SSL_ERROR_ZERO_RETURN && w == SSL_NOTHING)
1006 || (ec == SSL_ERROR_SSL && w == SSL_NOTHING)
1007 || (ec == SSL_ERROR_SYSCALL && w == SSL_NOTHING)
1008 || (ec == SSL_ERROR_WANT_READ && w == SSL_READING)
1009 || (ec == SSL_ERROR_WANT_WRITE && w == SSL_WRITING)
1010 || (ec == SSL_ERROR_WANT_CLIENT_HELLO_CB && w == SSL_CLIENT_HELLO_CB)
1011 || (ec == SSL_ERROR_WANT_X509_LOOKUP && w == SSL_X509_LOOKUP)
1012 || (ec == SSL_ERROR_WANT_RETRY_VERIFY && w == SSL_RETRY_VERIFY)
1013 );
1014
1015 if (!ok)
1016 TEST_error("got error=%d, want=%d", ec, w);
1017
1018 return ok;
1019 }
1020
1021 static int run_script_worker(struct helper *h, const struct script_op *script,
1022 const char *script_name,
1023 int thread_idx)
1024 {
1025 int testresult = 0;
1026 unsigned char *tmp_buf = NULL;
1027 int connect_started = 0;
1028 size_t offset = 0;
1029 size_t op_idx = 0;
1030 const struct script_op *op = NULL;
1031 int no_advance = 0, first = 1;
1032 #if defined(OPENSSL_THREADS)
1033 int end_wait_warning = 0;
1034 #endif
1035 OSSL_TIME op_start_time = ossl_time_zero(), op_deadline = ossl_time_zero();
1036 struct helper_local hl_, *hl = &hl_;
1037 #define REPEAT_SLOTS 8
1038 size_t repeat_stack_idx[REPEAT_SLOTS], repeat_stack_done[REPEAT_SLOTS];
1039 size_t repeat_stack_limit[REPEAT_SLOTS];
1040 size_t repeat_stack_len = 0;
1041
1042 if (!TEST_true(helper_local_init(hl, h, thread_idx)))
1043 goto out;
1044
1045 #define COMMON_SPIN_AGAIN() \
1046 { \
1047 no_advance = 1; \
1048 continue; \
1049 }
1050 #define S_SPIN_AGAIN() \
1051 { \
1052 s_lock(h, hl); \
1053 ossl_quic_tserver_tick(h->s); \
1054 COMMON_SPIN_AGAIN(); \
1055 }
1056 #define C_SPIN_AGAIN() \
1057 { \
1058 if (h->blocking) { \
1059 TEST_error("spin again in blocking mode"); \
1060 goto out; \
1061 } \
1062 COMMON_SPIN_AGAIN(); \
1063 }
1064
1065 for (;;) {
1066 SSL *c_tgt = h->c_conn;
1067 uint64_t s_stream_id = UINT64_MAX;
1068
1069 s_unlock(h, hl);
1070
1071 if (no_advance) {
1072 no_advance = 0;
1073 } else {
1074 if (!first)
1075 ++op_idx;
1076
1077 first = 0;
1078 offset = 0;
1079 op_start_time = ossl_time_now();
1080 op_deadline = ossl_time_add(op_start_time, ossl_ms2time(60000));
1081 }
1082
1083 if (!TEST_int_le(ossl_time_compare(ossl_time_now(), op_deadline), 0)) {
1084 TEST_error("op %zu timed out on thread %d", op_idx + 1, thread_idx);
1085 goto out;
1086 }
1087
1088 op = &script[op_idx];
1089
1090 if (op->stream_name != NULL) {
1091 c_tgt = helper_local_get_c_stream(hl, op->stream_name);
1092 if (thread_idx < 0)
1093 s_stream_id = helper_get_s_stream(h, op->stream_name);
1094 else
1095 s_stream_id = UINT64_MAX;
1096 }
1097
1098 if (thread_idx < 0) {
1099 if (!h->blocking) {
1100 ossl_quic_tserver_tick(h->s);
1101 }
1102 #if defined(OPENSSL_THREADS)
1103 else if (h->blocking && !h->server_thread.ready) {
1104 ossl_crypto_mutex_lock(h->server_thread.m);
1105 h->server_thread.ready = 1;
1106 ossl_crypto_condvar_signal(h->server_thread.c);
1107 ossl_crypto_mutex_unlock(h->server_thread.m);
1108 }
1109 if (h->blocking)
1110 assert(h->s == NULL);
1111 #endif
1112 }
1113
1114 if (!hl->explicit_event_handling
1115 && (thread_idx >= 0 || connect_started))
1116 SSL_handle_events(h->c_conn);
1117
1118 if (thread_idx >= 0) {
1119 /* Only allow certain opcodes on child threads. */
1120 switch (op->op) {
1121 case OPK_END:
1122 case OPK_CHECK:
1123 case OPK_C_ACCEPT_STREAM_WAIT:
1124 case OPK_C_NEW_STREAM:
1125 case OPK_C_READ_EXPECT:
1126 case OPK_C_EXPECT_FIN:
1127 case OPK_C_WRITE:
1128 case OPK_C_WRITE_EX2:
1129 case OPK_C_CONCLUDE:
1130 case OPK_C_FREE_STREAM:
1131 case OPK_BEGIN_REPEAT:
1132 case OPK_END_REPEAT:
1133 case OPK_C_READ_FAIL_WAIT:
1134 case OPK_C_EXPECT_SSL_ERR:
1135 case OPK_EXPECT_ERR_REASON:
1136 case OPK_EXPECT_ERR_LIB:
1137 case OPK_POP_ERR:
1138 case OPK_SLEEP:
1139 break;
1140
1141 default:
1142 TEST_error("opcode %lu not allowed on child thread",
1143 (unsigned long)op->op);
1144 goto out;
1145 }
1146 }
1147
1148 switch (op->op) {
1149 case OPK_END:
1150 if (!TEST_size_t_eq(repeat_stack_len, 0))
1151 goto out;
1152
1153 #if defined(OPENSSL_THREADS)
1154 if (thread_idx < 0) {
1155 int done;
1156 size_t i;
1157
1158 for (i = 0; i < h->num_threads; ++i) {
1159 if (h->threads[i].m == NULL)
1160 continue;
1161
1162 ossl_crypto_mutex_lock(h->threads[i].m);
1163 done = h->threads[i].done;
1164 ossl_crypto_mutex_unlock(h->threads[i].m);
1165
1166 if (!done) {
1167 if (!end_wait_warning) {
1168 TEST_info("still waiting for other threads to finish (%zu)", i);
1169 end_wait_warning = 1;
1170 }
1171
1172 S_SPIN_AGAIN();
1173 }
1174 }
1175 }
1176 #endif
1177
1178 TEST_info("script \"%s\" finished on thread %d", script_name, thread_idx);
1179 testresult = 1;
1180 goto out;
1181
1182 case OPK_BEGIN_REPEAT:
1183 if (!TEST_size_t_lt(repeat_stack_len, OSSL_NELEM(repeat_stack_idx)))
1184 goto out;
1185
1186 if (!TEST_size_t_gt(op->arg1, 0))
1187 goto out;
1188
1189 repeat_stack_idx[repeat_stack_len] = op_idx + 1;
1190 repeat_stack_done[repeat_stack_len] = 0;
1191 repeat_stack_limit[repeat_stack_len] = op->arg1;
1192 ++repeat_stack_len;
1193 break;
1194
1195 case OPK_C_SKIP_IF_UNBOUND:
1196 if (c_tgt != NULL)
1197 break;
1198
1199 op_idx += op->arg1;
1200 break;
1201
1202 case OPK_SKIP_IF_BLOCKING:
1203 if (!h->blocking)
1204 break;
1205
1206 op_idx += op->arg1;
1207 break;
1208
1209 case OPK_END_REPEAT:
1210 if (!TEST_size_t_gt(repeat_stack_len, 0))
1211 goto out;
1212
1213 if (++repeat_stack_done[repeat_stack_len - 1]
1214 == repeat_stack_limit[repeat_stack_len - 1]) {
1215 --repeat_stack_len;
1216 } else {
1217 op_idx = repeat_stack_idx[repeat_stack_len - 1];
1218 no_advance = 1;
1219 continue;
1220 }
1221
1222 break;
1223
1224 case OPK_CHECK:
1225 {
1226 int ok;
1227
1228 hl->check_op = op;
1229 ok = op->check_func(h, hl);
1230 hl->check_op = NULL;
1231
1232 if (thread_idx < 0 && h->check_spin_again) {
1233 h->check_spin_again = 0;
1234 S_SPIN_AGAIN();
1235 }
1236
1237 if (!TEST_true(ok))
1238 goto out;
1239 }
1240 break;
1241
1242 case OPK_C_SET_ALPN:
1243 {
1244 const char *alpn = op->arg0;
1245 size_t alpn_len = strlen(alpn);
1246
1247 if (!TEST_size_t_le(alpn_len, UINT8_MAX)
1248 || !TEST_ptr(tmp_buf = (unsigned char *)OPENSSL_malloc(alpn_len + 1)))
1249 goto out;
1250
1251 memcpy(tmp_buf + 1, alpn, alpn_len);
1252 tmp_buf[0] = (unsigned char)alpn_len;
1253
1254 /* 0 is the success case for SSL_set_alpn_protos(). */
1255 if (!TEST_false(SSL_set_alpn_protos(h->c_conn, tmp_buf,
1256 alpn_len + 1)))
1257 goto out;
1258
1259 OPENSSL_free(tmp_buf);
1260 tmp_buf = NULL;
1261 }
1262 break;
1263
1264 case OPK_C_CONNECT_WAIT:
1265 {
1266 int ret;
1267
1268 connect_started = 1;
1269
1270 ret = SSL_connect(h->c_conn);
1271 if (!check_consistent_want(c_tgt, ret))
1272 goto out;
1273 if (ret != 1) {
1274 if (!h->blocking && is_want(h->c_conn, ret))
1275 C_SPIN_AGAIN();
1276
1277 if (op->arg1 == 0 && !TEST_int_eq(ret, 1))
1278 goto out;
1279 }
1280 }
1281 break;
1282
1283 case OPK_C_WRITE:
1284 {
1285 size_t bytes_written = 0;
1286 int r;
1287
1288 if (!TEST_ptr(c_tgt))
1289 goto out;
1290
1291 r = SSL_write_ex(c_tgt, op->arg0, op->arg1, &bytes_written);
1292 if (!TEST_true(r)
1293 || !check_consistent_want(c_tgt, r)
1294 || !TEST_size_t_eq(bytes_written, op->arg1))
1295 goto out;
1296 }
1297 break;
1298
1299 case OPK_C_WRITE_EX2:
1300 {
1301 size_t bytes_written = 0;
1302 int r;
1303
1304 if (!TEST_ptr(c_tgt))
1305 goto out;
1306
1307 r = SSL_write_ex2(c_tgt, op->arg0, op->arg1, op->arg2,
1308 &bytes_written);
1309 if (!TEST_true(r)
1310 || !check_consistent_want(c_tgt, r)
1311 || !TEST_size_t_eq(bytes_written, op->arg1))
1312 goto out;
1313 }
1314 break;
1315
1316 case OPK_S_WRITE:
1317 {
1318 size_t bytes_written = 0;
1319
1320 if (!TEST_uint64_t_ne(s_stream_id, UINT64_MAX))
1321 goto out;
1322
1323 if (!TEST_true(ossl_quic_tserver_write(ACQUIRE_S(), s_stream_id,
1324 op->arg0, op->arg1,
1325 &bytes_written))
1326 || !TEST_size_t_eq(bytes_written, op->arg1))
1327 goto out;
1328 }
1329 break;
1330
1331 case OPK_C_CONCLUDE:
1332 {
1333 if (!TEST_true(SSL_stream_conclude(c_tgt, 0)))
1334 goto out;
1335 }
1336 break;
1337
1338 case OPK_S_CONCLUDE:
1339 {
1340 if (!TEST_uint64_t_ne(s_stream_id, UINT64_MAX))
1341 goto out;
1342
1343 ossl_quic_tserver_conclude(ACQUIRE_S(), s_stream_id);
1344 }
1345 break;
1346
1347 case OPK_C_WAIT_FOR_DATA:
1348 {
1349 char buf[1];
1350 size_t bytes_read = 0;
1351
1352 if (!TEST_ptr(c_tgt))
1353 goto out;
1354
1355 if (!SSL_peek_ex(c_tgt, buf, sizeof(buf), &bytes_read)
1356 || bytes_read == 0)
1357 C_SPIN_AGAIN();
1358 }
1359 break;
1360
1361 case OPK_C_READ_EXPECT:
1362 {
1363 size_t bytes_read = 0;
1364 int r;
1365
1366 if (op->arg1 > 0 && tmp_buf == NULL
1367 && !TEST_ptr(tmp_buf = OPENSSL_malloc(op->arg1)))
1368 goto out;
1369
1370 r = SSL_read_ex(c_tgt, tmp_buf + offset, op->arg1 - offset,
1371 &bytes_read);
1372 if (!check_consistent_want(c_tgt, r))
1373 goto out;
1374
1375 if (!r)
1376 C_SPIN_AGAIN();
1377
1378 if (bytes_read + offset != op->arg1) {
1379 offset += bytes_read;
1380 C_SPIN_AGAIN();
1381 }
1382
1383 if (op->arg1 > 0
1384 && !TEST_mem_eq(tmp_buf, op->arg1, op->arg0, op->arg1))
1385 goto out;
1386
1387 OPENSSL_free(tmp_buf);
1388 tmp_buf = NULL;
1389 }
1390 break;
1391
1392 case OPK_S_READ_EXPECT:
1393 {
1394 size_t bytes_read = 0;
1395
1396 if (!TEST_uint64_t_ne(s_stream_id, UINT64_MAX))
1397 goto out;
1398
1399 if (op->arg1 > 0 && tmp_buf == NULL
1400 && !TEST_ptr(tmp_buf = OPENSSL_malloc(op->arg1)))
1401 goto out;
1402
1403 if (!TEST_true(ossl_quic_tserver_read(ACQUIRE_S(), s_stream_id,
1404 tmp_buf + offset,
1405 op->arg1 - offset,
1406 &bytes_read)))
1407 goto out;
1408
1409 if (bytes_read + offset != op->arg1) {
1410 offset += bytes_read;
1411 S_SPIN_AGAIN();
1412 }
1413
1414 if (op->arg1 > 0
1415 && !TEST_mem_eq(tmp_buf, op->arg1, op->arg0, op->arg1))
1416 goto out;
1417
1418 OPENSSL_free(tmp_buf);
1419 tmp_buf = NULL;
1420 }
1421 break;
1422
1423 case OPK_C_EXPECT_FIN:
1424 {
1425 char buf[1];
1426 size_t bytes_read = 0;
1427 int r;
1428
1429 r = SSL_read_ex(c_tgt, buf, sizeof(buf), &bytes_read);
1430 if (!check_consistent_want(c_tgt, r)
1431 || !TEST_false(r)
1432 || !TEST_size_t_eq(bytes_read, 0))
1433 goto out;
1434
1435 if (is_want(c_tgt, 0))
1436 C_SPIN_AGAIN();
1437
1438 if (!TEST_int_eq(SSL_get_error(c_tgt, 0),
1439 SSL_ERROR_ZERO_RETURN))
1440 goto out;
1441
1442 if (!TEST_int_eq(SSL_want(c_tgt), SSL_NOTHING))
1443 goto out;
1444 }
1445 break;
1446
1447 case OPK_S_EXPECT_FIN:
1448 {
1449 if (!TEST_uint64_t_ne(s_stream_id, UINT64_MAX))
1450 goto out;
1451
1452 if (!ossl_quic_tserver_has_read_ended(ACQUIRE_S(), s_stream_id))
1453 S_SPIN_AGAIN();
1454 }
1455 break;
1456
1457 case OPK_C_DETACH:
1458 {
1459 SSL *c_stream;
1460
1461 if (!TEST_ptr_null(c_tgt))
1462 goto out; /* don't overwrite existing stream with same name */
1463
1464 if (!TEST_ptr(op->stream_name))
1465 goto out;
1466
1467 if (!TEST_ptr(c_stream = ossl_quic_detach_stream(h->c_conn)))
1468 goto out;
1469
1470 if (!TEST_true(helper_local_set_c_stream(hl, op->stream_name, c_stream)))
1471 goto out;
1472 }
1473 break;
1474
1475 case OPK_C_ATTACH:
1476 {
1477 if (!TEST_ptr(c_tgt))
1478 goto out;
1479
1480 if (!TEST_ptr(op->stream_name))
1481 goto out;
1482
1483 if (!TEST_true(ossl_quic_attach_stream(h->c_conn, c_tgt)))
1484 goto out;
1485
1486 if (!TEST_true(helper_local_set_c_stream(hl, op->stream_name, NULL)))
1487 goto out;
1488 }
1489 break;
1490
1491 case OPK_C_NEW_STREAM:
1492 {
1493 SSL *c_stream;
1494 uint64_t flags = op->arg1;
1495 int allow_fail = ((flags & ALLOW_FAIL) != 0);
1496
1497 flags &= ~(uint64_t)ALLOW_FAIL;
1498
1499 if (!TEST_ptr_null(c_tgt))
1500 goto out; /* don't overwrite existing stream with same name */
1501
1502 if (!TEST_ptr(op->stream_name))
1503 goto out;
1504
1505 c_stream = SSL_new_stream(h->c_conn, flags);
1506 if (!allow_fail && !TEST_ptr(c_stream))
1507 goto out;
1508
1509 if (allow_fail && c_stream == NULL) {
1510 if (!TEST_size_t_eq(ERR_GET_REASON(ERR_get_error()),
1511 SSL_R_STREAM_COUNT_LIMITED))
1512 goto out;
1513
1514 ++h->fail_count;
1515 break;
1516 }
1517
1518 if (op->arg2 != UINT64_MAX
1519 && !TEST_uint64_t_eq(SSL_get_stream_id(c_stream),
1520 op->arg2))
1521 goto out;
1522
1523 if (!TEST_true(helper_local_set_c_stream(hl, op->stream_name, c_stream)))
1524 goto out;
1525 }
1526 break;
1527
1528 case OPK_S_NEW_STREAM:
1529 {
1530 uint64_t stream_id = UINT64_MAX;
1531
1532 if (!TEST_uint64_t_eq(s_stream_id, UINT64_MAX))
1533 goto out; /* don't overwrite existing stream with same name */
1534
1535 if (!TEST_ptr(op->stream_name))
1536 goto out;
1537
1538 if (!TEST_true(ossl_quic_tserver_stream_new(ACQUIRE_S(),
1539 op->arg1 > 0,
1540 &stream_id)))
1541 goto out;
1542
1543 if (op->arg2 != UINT64_MAX
1544 && !TEST_uint64_t_eq(stream_id, op->arg2))
1545 goto out;
1546
1547 if (!TEST_true(helper_set_s_stream(h, op->stream_name,
1548 stream_id)))
1549 goto out;
1550 }
1551 break;
1552
1553 case OPK_C_ACCEPT_STREAM_WAIT:
1554 {
1555 SSL *c_stream;
1556
1557 if (!TEST_ptr_null(c_tgt))
1558 goto out; /* don't overwrite existing stream with same name */
1559
1560 if (!TEST_ptr(op->stream_name))
1561 goto out;
1562
1563 if ((c_stream = SSL_accept_stream(h->c_conn, 0)) == NULL)
1564 C_SPIN_AGAIN();
1565
1566 if (!TEST_true(helper_local_set_c_stream(hl, op->stream_name,
1567 c_stream)))
1568 goto out;
1569 }
1570 break;
1571
1572 case OPK_S_ACCEPT_STREAM_WAIT:
1573 {
1574 uint64_t new_stream_id;
1575
1576 if (!TEST_uint64_t_eq(s_stream_id, UINT64_MAX))
1577 goto out;
1578
1579 if (!TEST_ptr(op->stream_name))
1580 goto out;
1581
1582 new_stream_id = ossl_quic_tserver_pop_incoming_stream(ACQUIRE_S());
1583 if (new_stream_id == UINT64_MAX)
1584 S_SPIN_AGAIN();
1585
1586 if (!TEST_true(helper_set_s_stream(h, op->stream_name, new_stream_id)))
1587 goto out;
1588 }
1589 break;
1590
1591 case OPK_C_ACCEPT_STREAM_NONE:
1592 {
1593 SSL *c_stream;
1594
1595 if (!TEST_ptr_null(c_stream = SSL_accept_stream(h->c_conn,
1596 SSL_ACCEPT_STREAM_NO_BLOCK))) {
1597 SSL_free(c_stream);
1598 goto out;
1599 }
1600 }
1601 break;
1602
1603 case OPK_C_FREE_STREAM:
1604 {
1605 if (!TEST_ptr(c_tgt)
1606 || !TEST_true(!SSL_is_connection(c_tgt)))
1607 goto out;
1608
1609 if (!TEST_ptr(op->stream_name))
1610 goto out;
1611
1612 if (!TEST_true(helper_local_set_c_stream(hl, op->stream_name, NULL)))
1613 goto out;
1614
1615 SSL_free(c_tgt);
1616 c_tgt = NULL;
1617 }
1618 break;
1619
1620 case OPK_C_SET_DEFAULT_STREAM_MODE:
1621 {
1622 if (!TEST_ptr(c_tgt))
1623 goto out;
1624
1625 if (!TEST_true(SSL_set_default_stream_mode(c_tgt, op->arg1)))
1626 goto out;
1627 }
1628 break;
1629
1630 case OPK_C_SET_INCOMING_STREAM_POLICY:
1631 {
1632 if (!TEST_ptr(c_tgt))
1633 goto out;
1634
1635 if (!TEST_true(SSL_set_incoming_stream_policy(c_tgt,
1636 op->arg1, 0)))
1637 goto out;
1638 }
1639 break;
1640
1641 case OPK_C_SHUTDOWN_WAIT:
1642 {
1643 int ret;
1644 QUIC_CHANNEL *ch = ossl_quic_conn_get_channel(h->c_conn);
1645 SSL_SHUTDOWN_EX_ARGS args = {0};
1646
1647 ossl_quic_engine_set_inhibit_tick(ossl_quic_channel_get0_engine(ch), 0);
1648
1649 if (!TEST_ptr(c_tgt))
1650 goto out;
1651
1652 args.quic_reason = (const char *)op->arg0;
1653
1654 ret = SSL_shutdown_ex(c_tgt, op->arg1, &args, sizeof(args));
1655 if (!TEST_int_ge(ret, 0))
1656 goto out;
1657
1658 if (ret == 0)
1659 C_SPIN_AGAIN();
1660 }
1661 break;
1662
1663 case OPK_S_SHUTDOWN:
1664 {
1665 ossl_quic_tserver_shutdown(ACQUIRE_S(), op->arg1);
1666 }
1667 break;
1668
1669 case OPK_C_EXPECT_CONN_CLOSE_INFO:
1670 {
1671 SSL_CONN_CLOSE_INFO cc_info = {0};
1672 int expect_app = (op->arg1 & EXPECT_CONN_CLOSE_APP) != 0;
1673 int expect_remote = (op->arg1 & EXPECT_CONN_CLOSE_REMOTE) != 0;
1674 uint64_t error_code = op->arg2;
1675
1676 if (!TEST_ptr(c_tgt))
1677 goto out;
1678
1679 if (h->blocking
1680 && !TEST_true(SSL_shutdown_ex(c_tgt,
1681 SSL_SHUTDOWN_FLAG_WAIT_PEER,
1682 NULL, 0)))
1683 goto out;
1684
1685 if (!SSL_get_conn_close_info(c_tgt, &cc_info, sizeof(cc_info)))
1686 C_SPIN_AGAIN();
1687
1688 if (!TEST_int_eq(expect_app,
1689 (cc_info.flags
1690 & SSL_CONN_CLOSE_FLAG_TRANSPORT) == 0)
1691 || !TEST_int_eq(expect_remote,
1692 (cc_info.flags
1693 & SSL_CONN_CLOSE_FLAG_LOCAL) == 0)
1694 || !TEST_uint64_t_eq(error_code, cc_info.error_code)) {
1695 TEST_info("Connection close reason: %s", cc_info.reason);
1696 goto out;
1697 }
1698 }
1699 break;
1700
1701 case OPK_S_EXPECT_CONN_CLOSE_INFO:
1702 {
1703 const QUIC_TERMINATE_CAUSE *tc;
1704 int expect_app = (op->arg1 & EXPECT_CONN_CLOSE_APP) != 0;
1705 int expect_remote = (op->arg1 & EXPECT_CONN_CLOSE_REMOTE) != 0;
1706 uint64_t error_code = op->arg2;
1707
1708 if (!ossl_quic_tserver_is_term_any(ACQUIRE_S())) {
1709 ossl_quic_tserver_ping(ACQUIRE_S());
1710 S_SPIN_AGAIN();
1711 }
1712
1713 if (!TEST_ptr(tc = ossl_quic_tserver_get_terminate_cause(ACQUIRE_S())))
1714 goto out;
1715
1716 if (!TEST_uint64_t_eq(error_code, tc->error_code)
1717 || !TEST_int_eq(expect_app, tc->app)
1718 || !TEST_int_eq(expect_remote, tc->remote))
1719 goto out;
1720 }
1721 break;
1722
1723 case OPK_S_BIND_STREAM_ID:
1724 {
1725 if (!TEST_uint64_t_eq(s_stream_id, UINT64_MAX))
1726 goto out;
1727
1728 if (!TEST_ptr(op->stream_name))
1729 goto out;
1730
1731 if (!TEST_true(helper_set_s_stream(h, op->stream_name, op->arg2)))
1732 goto out;
1733 }
1734 break;
1735
1736 case OPK_S_UNBIND_STREAM_ID:
1737 {
1738 if (!TEST_uint64_t_ne(s_stream_id, UINT64_MAX))
1739 goto out;
1740
1741 if (!TEST_ptr(op->stream_name))
1742 goto out;
1743
1744 if (!TEST_true(helper_set_s_stream(h, op->stream_name, UINT64_MAX)))
1745 goto out;
1746 }
1747 break;
1748
1749 case OPK_C_WRITE_FAIL:
1750 {
1751 size_t bytes_written = 0;
1752 int r;
1753
1754 if (!TEST_ptr(c_tgt))
1755 goto out;
1756
1757 r = SSL_write_ex(c_tgt, "apple", 5, &bytes_written);
1758 if (!TEST_false(r)
1759 || !check_consistent_want(c_tgt, r))
1760 goto out;
1761 }
1762 break;
1763
1764 case OPK_S_WRITE_FAIL:
1765 {
1766 size_t bytes_written = 0;
1767
1768 if (!TEST_uint64_t_ne(s_stream_id, UINT64_MAX))
1769 goto out;
1770
1771 if (!TEST_false(ossl_quic_tserver_write(ACQUIRE_S(), s_stream_id,
1772 (const unsigned char *)"apple", 5,
1773 &bytes_written)))
1774 goto out;
1775 }
1776 break;
1777
1778 case OPK_C_READ_FAIL:
1779 {
1780 size_t bytes_read = 0;
1781 char buf[1];
1782 int r;
1783
1784 if (!TEST_ptr(c_tgt))
1785 goto out;
1786
1787 r = SSL_read_ex(c_tgt, buf, sizeof(buf), &bytes_read);
1788 if (!TEST_false(r))
1789 goto out;
1790 if (!check_consistent_want(c_tgt, r))
1791 goto out;
1792 }
1793 break;
1794
1795 case OPK_C_READ_FAIL_WAIT:
1796 {
1797 size_t bytes_read = 0;
1798 char buf[1];
1799 int r;
1800
1801 if (!TEST_ptr(c_tgt))
1802 goto out;
1803
1804 r = SSL_read_ex(c_tgt, buf, sizeof(buf), &bytes_read);
1805 if (!TEST_false(r))
1806 goto out;
1807 if (!check_consistent_want(c_tgt, r))
1808 goto out;
1809
1810 if (is_want(c_tgt, 0))
1811 C_SPIN_AGAIN();
1812 }
1813 break;
1814
1815 case OPK_S_READ_FAIL:
1816 {
1817 int ret;
1818 size_t bytes_read = 0;
1819 unsigned char buf[1];
1820
1821 if (!TEST_uint64_t_ne(s_stream_id, UINT64_MAX))
1822 goto out;
1823
1824 ret = ossl_quic_tserver_read(ACQUIRE_S(), s_stream_id,
1825 buf, sizeof(buf),
1826 &bytes_read);
1827 if (!TEST_true(ret == 0 || (op->arg1 && bytes_read == 0)))
1828 goto out;
1829 }
1830 break;
1831
1832 case OPK_C_STREAM_RESET:
1833 {
1834 SSL_STREAM_RESET_ARGS args = {0};
1835
1836 if (!TEST_ptr(c_tgt))
1837 goto out;
1838
1839 args.quic_error_code = op->arg2;
1840
1841 if (!TEST_true(SSL_stream_reset(c_tgt, &args, sizeof(args))))
1842 goto out;
1843 }
1844 break;
1845
1846 case OPK_NEW_THREAD:
1847 {
1848 #if !defined(OPENSSL_THREADS)
1849 /*
1850 * If this test script requires threading and we do not have
1851 * support for it, skip the rest of it.
1852 */
1853 TEST_skip("threading not supported, skipping");
1854 testresult = 1;
1855 goto out;
1856 #else
1857 size_t i;
1858
1859 if (!TEST_ptr_null(h->threads)) {
1860 TEST_error("max one NEW_THREAD operation per script");
1861 goto out;
1862 }
1863
1864 h->threads = OPENSSL_zalloc(op->arg1 * sizeof(struct child_thread_args));
1865 if (!TEST_ptr(h->threads))
1866 goto out;
1867
1868 h->num_threads = op->arg1;
1869
1870 for (i = 0; i < op->arg1; ++i) {
1871 h->threads[i].h = h;
1872 h->threads[i].script = op->arg0;
1873 h->threads[i].script_name = script_name;
1874 h->threads[i].thread_idx = i;
1875
1876 h->threads[i].m = ossl_crypto_mutex_new();
1877 if (!TEST_ptr(h->threads[i].m))
1878 goto out;
1879
1880 h->threads[i].t
1881 = ossl_crypto_thread_native_start(run_script_child_thread,
1882 &h->threads[i], 1);
1883 if (!TEST_ptr(h->threads[i].t))
1884 goto out;
1885 }
1886 #endif
1887 }
1888 break;
1889
1890 case OPK_C_CLOSE_SOCKET:
1891 {
1892 BIO_closesocket(h->c_fd);
1893 h->c_fd = -1;
1894 }
1895 break;
1896
1897 case OPK_C_EXPECT_SSL_ERR:
1898 {
1899 if (!TEST_size_t_eq((size_t)SSL_get_error(c_tgt, 0), op->arg1))
1900 goto out;
1901 if (!TEST_int_eq(SSL_want(c_tgt), SSL_NOTHING))
1902 goto out;
1903 }
1904 break;
1905
1906 case OPK_EXPECT_ERR_REASON:
1907 {
1908 if (!TEST_size_t_eq((size_t)ERR_GET_REASON(ERR_peek_last_error()), op->arg1))
1909 goto out;
1910 }
1911 break;
1912
1913 case OPK_EXPECT_ERR_LIB:
1914 {
1915 if (!TEST_size_t_eq((size_t)ERR_GET_LIB(ERR_peek_last_error()), op->arg1))
1916 goto out;
1917 }
1918 break;
1919
1920 case OPK_POP_ERR:
1921 ERR_pop();
1922 break;
1923
1924 case OPK_SLEEP:
1925 {
1926 OSSL_sleep(op->arg2);
1927 }
1928 break;
1929
1930 case OPK_S_SET_INJECT_PLAIN:
1931 h->qtf_packet_plain_cb = op->qtf_packet_plain_cb;
1932
1933 if (!TEST_true(qtest_fault_set_packet_plain_listener(h->qtf,
1934 h->qtf_packet_plain_cb != NULL ?
1935 helper_packet_plain_listener : NULL,
1936 h)))
1937 goto out;
1938
1939 break;
1940
1941 case OPK_S_SET_INJECT_HANDSHAKE:
1942 h->qtf_handshake_cb = op->qtf_handshake_cb;
1943
1944 if (!TEST_true(qtest_fault_set_handshake_listener(h->qtf,
1945 h->qtf_handshake_cb != NULL ?
1946 helper_handshake_listener : NULL,
1947 h)))
1948 goto out;
1949
1950 break;
1951
1952 case OPK_S_SET_INJECT_DATAGRAM:
1953 h->qtf_datagram_cb = op->qtf_datagram_cb;
1954
1955 if (!TEST_true(qtest_fault_set_datagram_listener(h->qtf,
1956 h->qtf_datagram_cb != NULL ?
1957 helper_datagram_listener : NULL,
1958 h)))
1959 goto out;
1960
1961 break;
1962
1963 case OPK_SET_INJECT_WORD:
1964 /*
1965 * Must hold server tick lock - callbacks can be called from other
1966 * thread when running test in blocking mode (tsan).
1967 */
1968 ACQUIRE_S();
1969 h->inject_word0 = op->arg1;
1970 h->inject_word1 = op->arg2;
1971 break;
1972
1973 case OPK_C_INHIBIT_TICK:
1974 {
1975 QUIC_CHANNEL *ch = ossl_quic_conn_get_channel(h->c_conn);
1976
1977 ossl_quic_engine_set_inhibit_tick(ossl_quic_channel_get0_engine(ch),
1978 op->arg1);
1979 }
1980 break;
1981
1982 case OPK_C_SET_WRITE_BUF_SIZE:
1983 if (!TEST_ptr(c_tgt))
1984 goto out;
1985
1986 if (!TEST_true(ossl_quic_set_write_buffer_size(c_tgt, op->arg1)))
1987 goto out;
1988
1989 break;
1990
1991 case OPK_S_NEW_TICKET:
1992 if (!TEST_true(ossl_quic_tserver_new_ticket(ACQUIRE_S())))
1993 goto out;
1994 break;
1995
1996 default:
1997 TEST_error("unknown op");
1998 goto out;
1999 }
2000 }
2001
2002 out:
2003 s_unlock(h, hl); /* idempotent */
2004 if (!testresult) {
2005 size_t i;
2006 const QUIC_TERMINATE_CAUSE *tcause;
2007 const char *e_str, *f_str;
2008
2009 TEST_error("failed in script \"%s\" at op %zu, thread %d\n",
2010 script_name, op_idx + 1, thread_idx);
2011
2012 for (i = 0; i < repeat_stack_len; ++i)
2013 TEST_info("while repeating, iteration %zu of %zu, starting at script op %zu",
2014 repeat_stack_done[i],
2015 repeat_stack_limit[i],
2016 repeat_stack_idx[i]);
2017
2018 ERR_print_errors_fp(stderr);
2019
2020 if (h->c_conn != NULL) {
2021 SSL_CONN_CLOSE_INFO cc_info = {0};
2022
2023 if (SSL_get_conn_close_info(h->c_conn, &cc_info, sizeof(cc_info))) {
2024 e_str = ossl_quic_err_to_string(cc_info.error_code);
2025 f_str = ossl_quic_frame_type_to_string(cc_info.frame_type);
2026
2027 if (e_str == NULL)
2028 e_str = "?";
2029 if (f_str == NULL)
2030 f_str = "?";
2031
2032 TEST_info("client side is closed: %llu(%s)/%llu(%s), "
2033 "%s, %s, reason: \"%s\"",
2034 (unsigned long long)cc_info.error_code,
2035 e_str,
2036 (unsigned long long)cc_info.frame_type,
2037 f_str,
2038 (cc_info.flags & SSL_CONN_CLOSE_FLAG_LOCAL) != 0
2039 ? "local" : "remote",
2040 (cc_info.flags & SSL_CONN_CLOSE_FLAG_TRANSPORT) != 0
2041 ? "transport" : "app",
2042 cc_info.reason != NULL ? cc_info.reason : "-");
2043 }
2044 }
2045
2046 tcause = (h->s != NULL
2047 ? ossl_quic_tserver_get_terminate_cause(h->s) : NULL);
2048 if (tcause != NULL) {
2049 e_str = ossl_quic_err_to_string(tcause->error_code);
2050 f_str = ossl_quic_frame_type_to_string(tcause->frame_type);
2051
2052 if (e_str == NULL)
2053 e_str = "?";
2054 if (f_str == NULL)
2055 f_str = "?";
2056
2057 TEST_info("server side is closed: %llu(%s)/%llu(%s), "
2058 "%s, %s, reason: \"%s\"",
2059 (unsigned long long)tcause->error_code,
2060 e_str,
2061 (unsigned long long)tcause->frame_type,
2062 f_str,
2063 tcause->remote ? "remote" : "local",
2064 tcause->app ? "app" : "transport",
2065 tcause->reason != NULL ? tcause->reason : "-");
2066 }
2067 }
2068
2069 OPENSSL_free(tmp_buf);
2070 helper_local_cleanup(hl);
2071 return testresult;
2072 }
2073
2074 static int run_script(const struct script_op *script,
2075 const char *script_name,
2076 int free_order,
2077 int blocking)
2078 {
2079 int testresult = 0;
2080 struct helper h;
2081
2082 if (!TEST_true(helper_init(&h, script_name,
2083 free_order, blocking, 1)))
2084 goto out;
2085
2086 if (!TEST_true(run_script_worker(&h, script, script_name, -1)))
2087 goto out;
2088
2089 #if defined(OPENSSL_THREADS)
2090 if (!TEST_true(join_threads(h.threads, h.num_threads)))
2091 goto out;
2092 #endif
2093
2094 testresult = 1;
2095 out:
2096 helper_cleanup(&h);
2097 return testresult;
2098 }
2099
2100 #if defined(OPENSSL_THREADS)
2101 static CRYPTO_THREAD_RETVAL run_script_child_thread(void *arg)
2102 {
2103 int testresult;
2104 struct child_thread_args *args = arg;
2105
2106 testresult = run_script_worker(args->h, args->script,
2107 args->script_name,
2108 args->thread_idx);
2109
2110 ossl_crypto_mutex_lock(args->m);
2111 args->testresult = testresult;
2112 args->done = 1;
2113 ossl_crypto_mutex_unlock(args->m);
2114 return 1;
2115 }
2116 #endif
2117
2118 /* 1. Simple single-stream test */
2119 static const struct script_op script_1[] = {
2120 OP_C_SET_ALPN ("ossltest")
2121 OP_C_CONNECT_WAIT ()
2122 OP_C_WRITE (DEFAULT, "apple", 5)
2123 OP_C_CONCLUDE (DEFAULT)
2124 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
2125 OP_S_READ_EXPECT (a, "apple", 5)
2126 OP_S_EXPECT_FIN (a)
2127 OP_S_WRITE (a, "orange", 6)
2128 OP_S_CONCLUDE (a)
2129 OP_C_READ_EXPECT (DEFAULT, "orange", 6)
2130 OP_C_EXPECT_FIN (DEFAULT)
2131 OP_END
2132 };
2133
2134 /* 2. Multi-stream test */
2135 static const struct script_op script_2[] = {
2136 OP_C_SET_ALPN ("ossltest")
2137 OP_C_CONNECT_WAIT ()
2138 OP_C_SET_INCOMING_STREAM_POLICY(SSL_INCOMING_STREAM_POLICY_ACCEPT)
2139 OP_C_WRITE (DEFAULT, "apple", 5)
2140 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
2141 OP_S_READ_EXPECT (a, "apple", 5)
2142 OP_S_WRITE (a, "orange", 6)
2143 OP_C_READ_EXPECT (DEFAULT, "orange", 6)
2144
2145 OP_C_NEW_STREAM_BIDI (b, C_BIDI_ID(1))
2146 OP_C_WRITE (b, "flamingo", 8)
2147 OP_C_CONCLUDE (b)
2148 OP_S_BIND_STREAM_ID (b, C_BIDI_ID(1))
2149 OP_S_READ_EXPECT (b, "flamingo", 8)
2150 OP_S_EXPECT_FIN (b)
2151 OP_S_WRITE (b, "gargoyle", 8)
2152 OP_S_CONCLUDE (b)
2153 OP_C_READ_EXPECT (b, "gargoyle", 8)
2154 OP_C_EXPECT_FIN (b)
2155
2156 OP_C_NEW_STREAM_UNI (c, C_UNI_ID(0))
2157 OP_C_WRITE (c, "elephant", 8)
2158 OP_C_CONCLUDE (c)
2159 OP_S_BIND_STREAM_ID (c, C_UNI_ID(0))
2160 OP_S_READ_EXPECT (c, "elephant", 8)
2161 OP_S_EXPECT_FIN (c)
2162 OP_S_WRITE_FAIL (c)
2163
2164 OP_C_ACCEPT_STREAM_NONE ()
2165
2166 OP_S_NEW_STREAM_BIDI (d, S_BIDI_ID(0))
2167 OP_S_WRITE (d, "frog", 4)
2168 OP_S_CONCLUDE (d)
2169
2170 OP_C_ACCEPT_STREAM_WAIT (d)
2171 OP_C_ACCEPT_STREAM_NONE ()
2172 OP_C_READ_EXPECT (d, "frog", 4)
2173 OP_C_EXPECT_FIN (d)
2174
2175 OP_S_NEW_STREAM_BIDI (e, S_BIDI_ID(1))
2176 OP_S_WRITE (e, "mixture", 7)
2177 OP_S_CONCLUDE (e)
2178
2179 OP_C_ACCEPT_STREAM_WAIT (e)
2180 OP_C_READ_EXPECT (e, "mixture", 7)
2181 OP_C_EXPECT_FIN (e)
2182 OP_C_WRITE (e, "ramble", 6)
2183 OP_S_READ_EXPECT (e, "ramble", 6)
2184 OP_C_CONCLUDE (e)
2185 OP_S_EXPECT_FIN (e)
2186
2187 OP_S_NEW_STREAM_UNI (f, S_UNI_ID(0))
2188 OP_S_WRITE (f, "yonder", 6)
2189 OP_S_CONCLUDE (f)
2190
2191 OP_C_ACCEPT_STREAM_WAIT (f)
2192 OP_C_ACCEPT_STREAM_NONE ()
2193 OP_C_READ_EXPECT (f, "yonder", 6)
2194 OP_C_EXPECT_FIN (f)
2195 OP_C_WRITE_FAIL (f)
2196
2197 OP_C_SET_INCOMING_STREAM_POLICY(SSL_INCOMING_STREAM_POLICY_REJECT)
2198 OP_S_NEW_STREAM_BIDI (g, S_BIDI_ID(2))
2199 OP_S_WRITE (g, "unseen", 6)
2200 OP_S_CONCLUDE (g)
2201
2202 OP_C_ACCEPT_STREAM_NONE ()
2203
2204 OP_C_SET_INCOMING_STREAM_POLICY(SSL_INCOMING_STREAM_POLICY_AUTO)
2205 OP_S_NEW_STREAM_BIDI (h, S_BIDI_ID(3))
2206 OP_S_WRITE (h, "UNSEEN", 6)
2207 OP_S_CONCLUDE (h)
2208
2209 OP_C_ACCEPT_STREAM_NONE ()
2210
2211 /*
2212 * Streams g, h should have been rejected, so server should have got
2213 * STOP_SENDING/RESET_STREAM.
2214 */
2215 OP_CHECK (check_rejected, S_BIDI_ID(2))
2216 OP_CHECK (check_rejected, S_BIDI_ID(3))
2217
2218 OP_END
2219 };
2220
2221 /* 3. Default stream detach/reattach test */
2222 static const struct script_op script_3[] = {
2223 OP_C_SET_ALPN ("ossltest")
2224 OP_C_CONNECT_WAIT ()
2225
2226 OP_C_WRITE (DEFAULT, "apple", 5)
2227 OP_C_DETACH (a) /* DEFAULT becomes stream 'a' */
2228 OP_C_WRITE_FAIL (DEFAULT)
2229
2230 OP_C_WRITE (a, "by", 2)
2231
2232 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
2233 OP_S_READ_EXPECT (a, "appleby", 7)
2234
2235 OP_S_WRITE (a, "hello", 5)
2236 OP_C_READ_EXPECT (a, "hello", 5)
2237
2238 OP_C_WRITE_FAIL (DEFAULT)
2239 OP_C_ATTACH (a)
2240 OP_C_WRITE (DEFAULT, "is here", 7)
2241 OP_S_READ_EXPECT (a, "is here", 7)
2242
2243 OP_C_DETACH (a)
2244 OP_C_CONCLUDE (a)
2245 OP_S_EXPECT_FIN (a)
2246
2247 OP_END
2248 };
2249
2250 /* 4. Default stream mode test */
2251 static const struct script_op script_4[] = {
2252 OP_C_SET_ALPN ("ossltest")
2253 OP_C_CONNECT_WAIT ()
2254
2255 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
2256 OP_C_WRITE_FAIL (DEFAULT)
2257
2258 OP_S_NEW_STREAM_BIDI (a, S_BIDI_ID(0))
2259 OP_S_WRITE (a, "apple", 5)
2260
2261 OP_C_READ_FAIL (DEFAULT)
2262
2263 OP_C_ACCEPT_STREAM_WAIT (a)
2264 OP_C_READ_EXPECT (a, "apple", 5)
2265
2266 OP_C_ATTACH (a)
2267 OP_C_WRITE (DEFAULT, "orange", 6)
2268 OP_S_READ_EXPECT (a, "orange", 6)
2269
2270 OP_END
2271 };
2272
2273 /* 5. Test stream reset functionality */
2274 static const struct script_op script_5[] = {
2275 OP_C_SET_ALPN ("ossltest")
2276 OP_C_CONNECT_WAIT ()
2277
2278 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
2279 OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
2280 OP_C_NEW_STREAM_BIDI (b, C_BIDI_ID(1))
2281
2282 OP_C_WRITE (a, "apple", 5)
2283 OP_C_STREAM_RESET (a, 42)
2284
2285 OP_C_WRITE (b, "strawberry", 10)
2286
2287 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
2288 OP_S_BIND_STREAM_ID (b, C_BIDI_ID(1))
2289 OP_S_READ_EXPECT (b, "strawberry", 10)
2290 /* Reset disrupts read of already sent data */
2291 OP_S_READ_FAIL (a, 0)
2292 OP_CHECK (check_stream_reset, C_BIDI_ID(0))
2293
2294 OP_END
2295 };
2296
2297 /* 6. Test STOP_SENDING functionality */
2298 static const struct script_op script_6[] = {
2299 OP_C_SET_ALPN ("ossltest")
2300 OP_C_CONNECT_WAIT ()
2301
2302 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
2303 OP_S_NEW_STREAM_BIDI (a, S_BIDI_ID(0))
2304 OP_S_WRITE (a, "apple", 5)
2305
2306 OP_C_ACCEPT_STREAM_WAIT (a)
2307 OP_C_FREE_STREAM (a)
2308 OP_C_ACCEPT_STREAM_NONE ()
2309
2310 OP_CHECK (check_stream_stopped, S_BIDI_ID(0))
2311
2312 OP_END
2313 };
2314
2315 /* 7. Unidirectional default stream mode test (client sends first) */
2316 static const struct script_op script_7[] = {
2317 OP_C_SET_ALPN ("ossltest")
2318 OP_C_CONNECT_WAIT ()
2319
2320 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_AUTO_UNI)
2321 OP_C_WRITE (DEFAULT, "apple", 5)
2322
2323 OP_S_BIND_STREAM_ID (a, C_UNI_ID(0))
2324 OP_S_READ_EXPECT (a, "apple", 5)
2325 OP_S_WRITE_FAIL (a)
2326
2327 OP_END
2328 };
2329
2330 /* 8. Unidirectional default stream mode test (server sends first) */
2331 static const struct script_op script_8[] = {
2332 OP_C_SET_ALPN ("ossltest")
2333 OP_C_CONNECT_WAIT ()
2334
2335 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_AUTO_UNI)
2336 OP_S_NEW_STREAM_UNI (a, S_UNI_ID(0))
2337 OP_S_WRITE (a, "apple", 5)
2338 OP_C_READ_EXPECT (DEFAULT, "apple", 5)
2339 OP_C_WRITE_FAIL (DEFAULT)
2340
2341 OP_END
2342 };
2343
2344 /* 9. Unidirectional default stream mode test (server sends first on bidi) */
2345 static const struct script_op script_9[] = {
2346 OP_C_SET_ALPN ("ossltest")
2347 OP_C_CONNECT_WAIT ()
2348
2349 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_AUTO_UNI)
2350 OP_S_NEW_STREAM_BIDI (a, S_BIDI_ID(0))
2351 OP_S_WRITE (a, "apple", 5)
2352 OP_C_READ_EXPECT (DEFAULT, "apple", 5)
2353 OP_C_WRITE (DEFAULT, "orange", 6)
2354 OP_S_READ_EXPECT (a, "orange", 6)
2355
2356 OP_END
2357 };
2358
2359 /* 10. Shutdown */
2360 static const struct script_op script_10[] = {
2361 OP_C_SET_ALPN ("ossltest")
2362 OP_C_CONNECT_WAIT ()
2363
2364 OP_C_WRITE (DEFAULT, "apple", 5)
2365 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
2366 OP_S_READ_EXPECT (a, "apple", 5)
2367
2368 OP_C_SHUTDOWN_WAIT (NULL, 0)
2369 OP_C_EXPECT_CONN_CLOSE_INFO(0, 1, 0)
2370 OP_S_EXPECT_CONN_CLOSE_INFO(0, 1, 1)
2371
2372 OP_END
2373 };
2374
2375 /* 11. Many threads accepted on the same client connection */
2376 static const struct script_op script_11_child[] = {
2377 OP_C_ACCEPT_STREAM_WAIT (a)
2378 OP_C_READ_EXPECT (a, "foo", 3)
2379 OP_C_EXPECT_FIN (a)
2380
2381 OP_END
2382 };
2383
2384 static const struct script_op script_11[] = {
2385 OP_C_SET_ALPN ("ossltest")
2386 OP_C_CONNECT_WAIT ()
2387 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
2388
2389 OP_NEW_THREAD (5, script_11_child)
2390
2391 OP_S_NEW_STREAM_BIDI (a, ANY_ID)
2392 OP_S_WRITE (a, "foo", 3)
2393 OP_S_CONCLUDE (a)
2394
2395 OP_S_NEW_STREAM_BIDI (b, ANY_ID)
2396 OP_S_WRITE (b, "foo", 3)
2397 OP_S_CONCLUDE (b)
2398
2399 OP_S_NEW_STREAM_BIDI (c, ANY_ID)
2400 OP_S_WRITE (c, "foo", 3)
2401 OP_S_CONCLUDE (c)
2402
2403 OP_S_NEW_STREAM_BIDI (d, ANY_ID)
2404 OP_S_WRITE (d, "foo", 3)
2405 OP_S_CONCLUDE (d)
2406
2407 OP_S_NEW_STREAM_BIDI (e, ANY_ID)
2408 OP_S_WRITE (e, "foo", 3)
2409 OP_S_CONCLUDE (e)
2410
2411 OP_END
2412 };
2413
2414 /* 12. Many threads initiated on the same client connection */
2415 static const struct script_op script_12_child[] = {
2416 OP_C_NEW_STREAM_BIDI (a, ANY_ID)
2417 OP_C_WRITE (a, "foo", 3)
2418 OP_C_CONCLUDE (a)
2419 OP_C_FREE_STREAM (a)
2420
2421 OP_END
2422 };
2423
2424 static const struct script_op script_12[] = {
2425 OP_C_SET_ALPN ("ossltest")
2426 OP_C_CONNECT_WAIT ()
2427 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
2428
2429 OP_NEW_THREAD (5, script_12_child)
2430
2431 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
2432 OP_S_READ_EXPECT (a, "foo", 3)
2433 OP_S_EXPECT_FIN (a)
2434 OP_S_BIND_STREAM_ID (b, C_BIDI_ID(1))
2435 OP_S_READ_EXPECT (b, "foo", 3)
2436 OP_S_EXPECT_FIN (b)
2437 OP_S_BIND_STREAM_ID (c, C_BIDI_ID(2))
2438 OP_S_READ_EXPECT (c, "foo", 3)
2439 OP_S_EXPECT_FIN (c)
2440 OP_S_BIND_STREAM_ID (d, C_BIDI_ID(3))
2441 OP_S_READ_EXPECT (d, "foo", 3)
2442 OP_S_EXPECT_FIN (d)
2443 OP_S_BIND_STREAM_ID (e, C_BIDI_ID(4))
2444 OP_S_READ_EXPECT (e, "foo", 3)
2445 OP_S_EXPECT_FIN (e)
2446
2447 OP_END
2448 };
2449
2450 /* 13. Many threads accepted on the same client connection (stress test) */
2451 static const struct script_op script_13_child[] = {
2452 OP_BEGIN_REPEAT (10)
2453
2454 OP_C_ACCEPT_STREAM_WAIT (a)
2455 OP_C_READ_EXPECT (a, "foo", 3)
2456 OP_C_EXPECT_FIN (a)
2457 OP_C_FREE_STREAM (a)
2458
2459 OP_END_REPEAT ()
2460
2461 OP_END
2462 };
2463
2464 static const struct script_op script_13[] = {
2465 OP_C_SET_ALPN ("ossltest")
2466 OP_C_CONNECT_WAIT ()
2467 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
2468
2469 OP_NEW_THREAD (5, script_13_child)
2470
2471 OP_BEGIN_REPEAT (50)
2472
2473 OP_S_NEW_STREAM_BIDI (a, ANY_ID)
2474 OP_S_WRITE (a, "foo", 3)
2475 OP_S_CONCLUDE (a)
2476 OP_S_UNBIND_STREAM_ID (a)
2477
2478 OP_END_REPEAT ()
2479
2480 OP_END
2481 };
2482
2483 /* 14. Many threads initiating on the same client connection (stress test) */
2484 static const struct script_op script_14_child[] = {
2485 OP_BEGIN_REPEAT (10)
2486
2487 OP_C_NEW_STREAM_BIDI (a, ANY_ID)
2488 OP_C_WRITE (a, "foo", 3)
2489 OP_C_CONCLUDE (a)
2490 OP_C_FREE_STREAM (a)
2491
2492 OP_END_REPEAT ()
2493
2494 OP_END
2495 };
2496
2497 static const struct script_op script_14[] = {
2498 OP_C_SET_ALPN ("ossltest")
2499 OP_C_CONNECT_WAIT ()
2500 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
2501
2502 OP_NEW_THREAD (5, script_14_child)
2503
2504 OP_BEGIN_REPEAT (50)
2505
2506 OP_S_ACCEPT_STREAM_WAIT (a)
2507 OP_S_READ_EXPECT (a, "foo", 3)
2508 OP_S_EXPECT_FIN (a)
2509 OP_S_UNBIND_STREAM_ID (a)
2510
2511 OP_END_REPEAT ()
2512
2513 OP_END
2514 };
2515
2516 /* 15. Client sending large number of streams, MAX_STREAMS test */
2517 static const struct script_op script_15[] = {
2518 OP_C_SET_ALPN ("ossltest")
2519 OP_C_CONNECT_WAIT ()
2520 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
2521
2522 /*
2523 * This will cause a protocol violation to be raised by the server if we are
2524 * not handling the stream limit correctly on the TX side.
2525 */
2526 OP_BEGIN_REPEAT (200)
2527
2528 OP_C_NEW_STREAM_BIDI_EX (a, ANY_ID, SSL_STREAM_FLAG_ADVANCE)
2529 OP_C_WRITE (a, "foo", 3)
2530 OP_C_CONCLUDE (a)
2531 OP_C_FREE_STREAM (a)
2532
2533 OP_END_REPEAT ()
2534
2535 /* Prove the connection is still good. */
2536 OP_S_NEW_STREAM_BIDI (a, S_BIDI_ID(0))
2537 OP_S_WRITE (a, "bar", 3)
2538 OP_S_CONCLUDE (a)
2539
2540 OP_C_ACCEPT_STREAM_WAIT (a)
2541 OP_C_READ_EXPECT (a, "bar", 3)
2542 OP_C_EXPECT_FIN (a)
2543
2544 /*
2545 * Drain the queue of incoming streams. We should be able to get all 200
2546 * even though only 100 can be initiated at a time.
2547 */
2548 OP_BEGIN_REPEAT (200)
2549
2550 OP_S_ACCEPT_STREAM_WAIT (b)
2551 OP_S_READ_EXPECT (b, "foo", 3)
2552 OP_S_EXPECT_FIN (b)
2553 OP_S_UNBIND_STREAM_ID (b)
2554
2555 OP_END_REPEAT ()
2556
2557 OP_END
2558 };
2559
2560 /* 16. Server sending large number of streams, MAX_STREAMS test */
2561 static const struct script_op script_16[] = {
2562 OP_C_SET_ALPN ("ossltest")
2563 OP_C_CONNECT_WAIT ()
2564 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
2565
2566 /*
2567 * This will cause a protocol violation to be raised by the client if we are
2568 * not handling the stream limit correctly on the TX side.
2569 */
2570 OP_BEGIN_REPEAT (200)
2571
2572 OP_S_NEW_STREAM_BIDI (a, ANY_ID)
2573 OP_S_WRITE (a, "foo", 3)
2574 OP_S_CONCLUDE (a)
2575 OP_S_UNBIND_STREAM_ID (a)
2576
2577 OP_END_REPEAT ()
2578
2579 /* Prove that the connection is still good. */
2580 OP_C_NEW_STREAM_BIDI (a, ANY_ID)
2581 OP_C_WRITE (a, "bar", 3)
2582 OP_C_CONCLUDE (a)
2583
2584 OP_S_ACCEPT_STREAM_WAIT (b)
2585 OP_S_READ_EXPECT (b, "bar", 3)
2586 OP_S_EXPECT_FIN (b)
2587
2588 /* Drain the queue of incoming streams. */
2589 OP_BEGIN_REPEAT (200)
2590
2591 OP_C_ACCEPT_STREAM_WAIT (b)
2592 OP_C_READ_EXPECT (b, "foo", 3)
2593 OP_C_EXPECT_FIN (b)
2594 OP_C_FREE_STREAM (b)
2595
2596 OP_END_REPEAT ()
2597
2598 OP_END
2599 };
2600
2601 /* 17. Key update test - unlimited */
2602 static const struct script_op script_17[] = {
2603 OP_C_SET_ALPN ("ossltest")
2604 OP_C_CONNECT_WAIT ()
2605
2606 OP_C_WRITE (DEFAULT, "apple", 5)
2607
2608 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
2609 OP_S_READ_EXPECT (a, "apple", 5)
2610
2611 OP_CHECK (override_key_update, 1)
2612
2613 OP_BEGIN_REPEAT (200)
2614
2615 OP_C_WRITE (DEFAULT, "apple", 5)
2616 OP_S_READ_EXPECT (a, "apple", 5)
2617
2618 /*
2619 * TXKU frequency is bounded by RTT because a previous TXKU needs to be
2620 * acknowledged by the peer first before another one can be begin. By
2621 * waiting this long, we eliminate any such concern and ensure as many key
2622 * updates as possible can occur for the purposes of this test.
2623 */
2624 OP_CHECK (skip_time_ms, 100)
2625
2626 OP_END_REPEAT ()
2627
2628 /* At least 5 RXKUs detected */
2629 OP_CHECK (check_key_update_ge, 5)
2630
2631 /*
2632 * Prove the connection is still healthy by sending something in both
2633 * directions.
2634 */
2635 OP_C_WRITE (DEFAULT, "xyzzy", 5)
2636 OP_S_READ_EXPECT (a, "xyzzy", 5)
2637
2638 OP_S_WRITE (a, "plugh", 5)
2639 OP_C_READ_EXPECT (DEFAULT, "plugh", 5)
2640
2641 OP_END
2642 };
2643
2644 /* 18. Key update test - RTT-bounded */
2645 static const struct script_op script_18[] = {
2646 OP_C_SET_ALPN ("ossltest")
2647 OP_C_CONNECT_WAIT ()
2648
2649 OP_C_WRITE (DEFAULT, "apple", 5)
2650
2651 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
2652 OP_S_READ_EXPECT (a, "apple", 5)
2653
2654 OP_CHECK (override_key_update, 1)
2655
2656 OP_BEGIN_REPEAT (200)
2657
2658 OP_C_WRITE (DEFAULT, "apple", 5)
2659 OP_S_READ_EXPECT (a, "apple", 5)
2660 OP_CHECK (skip_time_ms, 8)
2661
2662 OP_END_REPEAT ()
2663
2664 /*
2665 * This time we simulate far less time passing between writes, so there are
2666 * fewer opportunities to initiate TXKUs. Note that we ask for a TXKU every
2667 * 1 packet above, which is absurd; thus this ensures we only actually
2668 * generate TXKUs when we are allowed to.
2669 */
2670 OP_CHECK (check_key_update_lt, 240)
2671
2672 /*
2673 * Prove the connection is still healthy by sending something in both
2674 * directions.
2675 */
2676 OP_C_WRITE (DEFAULT, "xyzzy", 5)
2677 OP_S_READ_EXPECT (a, "xyzzy", 5)
2678
2679 OP_S_WRITE (a, "plugh", 5)
2680 OP_C_READ_EXPECT (DEFAULT, "plugh", 5)
2681
2682 OP_END
2683 };
2684
2685 /* 19. Key update test - artificially triggered */
2686 static const struct script_op script_19[] = {
2687 OP_C_SET_ALPN ("ossltest")
2688 OP_C_CONNECT_WAIT ()
2689
2690 OP_C_WRITE (DEFAULT, "apple", 5)
2691
2692 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
2693 OP_S_READ_EXPECT (a, "apple", 5)
2694
2695 OP_C_WRITE (DEFAULT, "orange", 6)
2696 OP_S_READ_EXPECT (a, "orange", 6)
2697
2698 OP_S_WRITE (a, "strawberry", 10)
2699 OP_C_READ_EXPECT (DEFAULT, "strawberry", 10)
2700
2701 OP_CHECK (check_key_update_lt, 1)
2702 OP_CHECK (trigger_key_update, 0)
2703
2704 OP_C_WRITE (DEFAULT, "orange", 6)
2705 OP_S_READ_EXPECT (a, "orange", 6)
2706 OP_S_WRITE (a, "ok", 2)
2707
2708 OP_C_READ_EXPECT (DEFAULT, "ok", 2)
2709 OP_CHECK (check_key_update_ge, 1)
2710
2711 OP_END
2712 };
2713
2714 /* 20. Multiple threads accept stream with socket forcibly closed (error test) */
2715 static int script_20_trigger(struct helper *h, volatile uint64_t *counter)
2716 {
2717 #if defined(OPENSSL_THREADS)
2718 ossl_crypto_mutex_lock(h->misc_m);
2719 ++*counter;
2720 ossl_crypto_condvar_broadcast(h->misc_cv);
2721 ossl_crypto_mutex_unlock(h->misc_m);
2722 #endif
2723 return 1;
2724 }
2725
2726 static int script_20_wait(struct helper *h, volatile uint64_t *counter, uint64_t threshold)
2727 {
2728 #if defined(OPENSSL_THREADS)
2729 int stop = 0;
2730
2731 ossl_crypto_mutex_lock(h->misc_m);
2732 while (!stop) {
2733 stop = (*counter >= threshold);
2734 if (stop)
2735 break;
2736
2737 ossl_crypto_condvar_wait(h->misc_cv, h->misc_m);
2738 }
2739
2740 ossl_crypto_mutex_unlock(h->misc_m);
2741 #endif
2742 return 1;
2743 }
2744
2745 static int script_20_trigger1(struct helper *h, struct helper_local *hl)
2746 {
2747 return script_20_trigger(h, &h->scratch0);
2748 }
2749
2750 static int script_20_wait1(struct helper *h, struct helper_local *hl)
2751 {
2752 return script_20_wait(h, &h->scratch0, hl->check_op->arg2);
2753 }
2754
2755 static int script_20_trigger2(struct helper *h, struct helper_local *hl)
2756 {
2757 return script_20_trigger(h, &h->scratch1);
2758 }
2759
2760 static int script_20_wait2(struct helper *h, struct helper_local *hl)
2761 {
2762 return script_20_wait(h, &h->scratch1, hl->check_op->arg2);
2763 }
2764
2765 static const struct script_op script_20_child[] = {
2766 OP_C_ACCEPT_STREAM_WAIT (a)
2767 OP_C_READ_EXPECT (a, "foo", 3)
2768
2769 OP_CHECK (script_20_trigger1, 0)
2770 OP_CHECK (script_20_wait2, 1)
2771
2772 OP_C_READ_FAIL_WAIT (a)
2773 OP_C_EXPECT_SSL_ERR (a, SSL_ERROR_SYSCALL)
2774
2775 OP_EXPECT_ERR_LIB (ERR_LIB_SSL)
2776 OP_EXPECT_ERR_REASON (SSL_R_PROTOCOL_IS_SHUTDOWN)
2777
2778 OP_POP_ERR ()
2779 OP_EXPECT_ERR_LIB (ERR_LIB_SSL)
2780 OP_EXPECT_ERR_REASON (SSL_R_QUIC_NETWORK_ERROR)
2781
2782 OP_C_FREE_STREAM (a)
2783
2784 OP_END
2785 };
2786
2787 static const struct script_op script_20[] = {
2788 OP_C_SET_ALPN ("ossltest")
2789 OP_C_CONNECT_WAIT ()
2790 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
2791
2792 OP_NEW_THREAD (5, script_20_child)
2793
2794 OP_BEGIN_REPEAT (5)
2795
2796 OP_S_NEW_STREAM_BIDI (a, ANY_ID)
2797 OP_S_WRITE (a, "foo", 3)
2798 OP_S_UNBIND_STREAM_ID (a)
2799
2800 OP_END_REPEAT ()
2801
2802 OP_CHECK (script_20_wait1, 5)
2803
2804 OP_C_CLOSE_SOCKET ()
2805 OP_CHECK (script_20_trigger2, 0)
2806
2807 OP_END
2808 };
2809
2810 /* 21. Fault injection - unknown frame in 1-RTT packet */
2811 static int script_21_inject_plain(struct helper *h, QUIC_PKT_HDR *hdr,
2812 unsigned char *buf, size_t len)
2813 {
2814 int ok = 0;
2815 WPACKET wpkt;
2816 unsigned char frame_buf[8];
2817 size_t written;
2818
2819 if (h->inject_word0 == 0 || hdr->type != h->inject_word0)
2820 return 1;
2821
2822 if (!TEST_true(WPACKET_init_static_len(&wpkt, frame_buf,
2823 sizeof(frame_buf), 0)))
2824 return 0;
2825
2826 if (!TEST_true(WPACKET_quic_write_vlint(&wpkt, h->inject_word1)))
2827 goto err;
2828
2829 if (!TEST_true(WPACKET_get_total_written(&wpkt, &written)))
2830 goto err;
2831
2832 if (!qtest_fault_prepend_frame(h->qtf, frame_buf, written))
2833 goto err;
2834
2835 ok = 1;
2836 err:
2837 if (ok)
2838 WPACKET_finish(&wpkt);
2839 else
2840 WPACKET_cleanup(&wpkt);
2841 return ok;
2842 }
2843
2844 static const struct script_op script_21[] = {
2845 OP_S_SET_INJECT_PLAIN (script_21_inject_plain)
2846 OP_C_SET_ALPN ("ossltest")
2847 OP_C_CONNECT_WAIT ()
2848
2849 OP_C_WRITE (DEFAULT, "apple", 5)
2850 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
2851 OP_S_READ_EXPECT (a, "apple", 5)
2852
2853 OP_SET_INJECT_WORD (QUIC_PKT_TYPE_1RTT, OSSL_QUIC_VLINT_MAX)
2854
2855 OP_S_WRITE (a, "orange", 6)
2856
2857 OP_C_EXPECT_CONN_CLOSE_INFO(OSSL_QUIC_ERR_FRAME_ENCODING_ERROR,0,0)
2858
2859 OP_END
2860 };
2861
2862 /* 22. Fault injection - non-zero packet header reserved bits */
2863 static int script_22_inject_plain(struct helper *h, QUIC_PKT_HDR *hdr,
2864 unsigned char *buf, size_t len)
2865 {
2866 if (h->inject_word0 == 0)
2867 return 1;
2868
2869 hdr->reserved = 1;
2870 return 1;
2871 }
2872
2873 static const struct script_op script_22[] = {
2874 OP_S_SET_INJECT_PLAIN (script_22_inject_plain)
2875 OP_C_SET_ALPN ("ossltest")
2876 OP_C_CONNECT_WAIT ()
2877
2878 OP_C_WRITE (DEFAULT, "apple", 5)
2879 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
2880 OP_S_READ_EXPECT (a, "apple", 5)
2881
2882 OP_SET_INJECT_WORD (1, 0)
2883
2884 OP_S_WRITE (a, "orange", 6)
2885
2886 OP_C_EXPECT_CONN_CLOSE_INFO(OSSL_QUIC_ERR_PROTOCOL_VIOLATION,0,0)
2887
2888 OP_END
2889 };
2890
2891 /* 23. Fault injection - empty NEW_TOKEN */
2892 static int script_23_inject_plain(struct helper *h, QUIC_PKT_HDR *hdr,
2893 unsigned char *buf, size_t len)
2894 {
2895 int ok = 0;
2896 WPACKET wpkt;
2897 unsigned char frame_buf[16];
2898 size_t written;
2899
2900 if (h->inject_word0 == 0 || hdr->type != QUIC_PKT_TYPE_1RTT)
2901 return 1;
2902
2903 if (!TEST_true(WPACKET_init_static_len(&wpkt, frame_buf,
2904 sizeof(frame_buf), 0)))
2905 return 0;
2906
2907 if (!TEST_true(WPACKET_quic_write_vlint(&wpkt, OSSL_QUIC_FRAME_TYPE_NEW_TOKEN))
2908 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, 0)))
2909 goto err;
2910
2911 if (!TEST_true(WPACKET_get_total_written(&wpkt, &written)))
2912 goto err;
2913
2914 if (!qtest_fault_prepend_frame(h->qtf, frame_buf, written))
2915 goto err;
2916
2917 ok = 1;
2918 err:
2919 if (ok)
2920 WPACKET_finish(&wpkt);
2921 else
2922 WPACKET_cleanup(&wpkt);
2923 return ok;
2924 }
2925
2926 static const struct script_op script_23[] = {
2927 OP_S_SET_INJECT_PLAIN (script_23_inject_plain)
2928 OP_C_SET_ALPN ("ossltest")
2929 OP_C_CONNECT_WAIT ()
2930
2931 OP_C_WRITE (DEFAULT, "apple", 5)
2932 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
2933 OP_S_READ_EXPECT (a, "apple", 5)
2934
2935 OP_SET_INJECT_WORD (1, 0)
2936
2937 OP_S_WRITE (a, "orange", 6)
2938
2939 OP_C_EXPECT_CONN_CLOSE_INFO(OSSL_QUIC_ERR_FRAME_ENCODING_ERROR,0,0)
2940
2941 OP_END
2942 };
2943
2944 /* 24. Fault injection - excess value of MAX_STREAMS_BIDI */
2945 static int script_24_inject_plain(struct helper *h, QUIC_PKT_HDR *hdr,
2946 unsigned char *buf, size_t len)
2947 {
2948 int ok = 0;
2949 WPACKET wpkt;
2950 unsigned char frame_buf[16];
2951 size_t written;
2952
2953 if (h->inject_word0 == 0 || hdr->type != QUIC_PKT_TYPE_1RTT)
2954 return 1;
2955
2956 if (!TEST_true(WPACKET_init_static_len(&wpkt, frame_buf,
2957 sizeof(frame_buf), 0)))
2958 return 0;
2959
2960 if (!TEST_true(WPACKET_quic_write_vlint(&wpkt, h->inject_word1))
2961 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, (((uint64_t)1) << 60) + 1)))
2962 goto err;
2963
2964 if (!TEST_true(WPACKET_get_total_written(&wpkt, &written)))
2965 goto err;
2966
2967 if (!qtest_fault_prepend_frame(h->qtf, frame_buf, written))
2968 goto err;
2969
2970 ok = 1;
2971 err:
2972 if (ok)
2973 WPACKET_finish(&wpkt);
2974 else
2975 WPACKET_cleanup(&wpkt);
2976 return ok;
2977 }
2978
2979 static const struct script_op script_24[] = {
2980 OP_S_SET_INJECT_PLAIN (script_24_inject_plain)
2981 OP_C_SET_ALPN ("ossltest")
2982 OP_C_CONNECT_WAIT ()
2983
2984 OP_C_WRITE (DEFAULT, "apple", 5)
2985 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
2986 OP_S_READ_EXPECT (a, "apple", 5)
2987
2988 OP_SET_INJECT_WORD (1, OSSL_QUIC_FRAME_TYPE_MAX_STREAMS_BIDI)
2989
2990 OP_S_WRITE (a, "orange", 6)
2991
2992 OP_C_EXPECT_CONN_CLOSE_INFO(OSSL_QUIC_ERR_FRAME_ENCODING_ERROR,0,0)
2993
2994 OP_END
2995 };
2996
2997 /* 25. Fault injection - excess value of MAX_STREAMS_UNI */
2998 static const struct script_op script_25[] = {
2999 OP_S_SET_INJECT_PLAIN (script_24_inject_plain)
3000 OP_C_SET_ALPN ("ossltest")
3001 OP_C_CONNECT_WAIT ()
3002
3003 OP_C_WRITE (DEFAULT, "apple", 5)
3004 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
3005 OP_S_READ_EXPECT (a, "apple", 5)
3006
3007 OP_SET_INJECT_WORD (1, OSSL_QUIC_FRAME_TYPE_MAX_STREAMS_UNI)
3008
3009 OP_S_WRITE (a, "orange", 6)
3010
3011 OP_C_EXPECT_CONN_CLOSE_INFO(OSSL_QUIC_ERR_FRAME_ENCODING_ERROR,0,0)
3012
3013 OP_END
3014 };
3015
3016 /* 26. Fault injection - excess value of STREAMS_BLOCKED_BIDI */
3017 static const struct script_op script_26[] = {
3018 OP_S_SET_INJECT_PLAIN (script_24_inject_plain)
3019 OP_C_SET_ALPN ("ossltest")
3020 OP_C_CONNECT_WAIT ()
3021
3022 OP_C_WRITE (DEFAULT, "apple", 5)
3023 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
3024 OP_S_READ_EXPECT (a, "apple", 5)
3025
3026 OP_SET_INJECT_WORD (1, OSSL_QUIC_FRAME_TYPE_STREAMS_BLOCKED_BIDI)
3027
3028 OP_S_WRITE (a, "orange", 6)
3029
3030 OP_C_EXPECT_CONN_CLOSE_INFO(OSSL_QUIC_ERR_STREAM_LIMIT_ERROR,0,0)
3031
3032 OP_END
3033 };
3034
3035 /* 27. Fault injection - excess value of STREAMS_BLOCKED_UNI */
3036 static const struct script_op script_27[] = {
3037 OP_S_SET_INJECT_PLAIN (script_24_inject_plain)
3038 OP_C_SET_ALPN ("ossltest")
3039 OP_C_CONNECT_WAIT ()
3040
3041 OP_C_WRITE (DEFAULT, "apple", 5)
3042 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
3043 OP_S_READ_EXPECT (a, "apple", 5)
3044
3045 OP_SET_INJECT_WORD (1, OSSL_QUIC_FRAME_TYPE_STREAMS_BLOCKED_UNI)
3046
3047 OP_S_WRITE (a, "orange", 6)
3048
3049 OP_C_EXPECT_CONN_CLOSE_INFO(OSSL_QUIC_ERR_STREAM_LIMIT_ERROR,0,0)
3050
3051 OP_END
3052 };
3053
3054 /* 28. Fault injection - received RESET_STREAM for send-only stream */
3055 static int script_28_inject_plain(struct helper *h, QUIC_PKT_HDR *hdr,
3056 unsigned char *buf, size_t len)
3057 {
3058 int ok = 0;
3059 WPACKET wpkt;
3060 unsigned char frame_buf[32];
3061 size_t written;
3062
3063 if (h->inject_word0 == 0 || hdr->type != QUIC_PKT_TYPE_1RTT)
3064 return 1;
3065
3066 if (!TEST_true(WPACKET_init_static_len(&wpkt, frame_buf,
3067 sizeof(frame_buf), 0)))
3068 return 0;
3069
3070 if (!TEST_true(WPACKET_quic_write_vlint(&wpkt, h->inject_word1))
3071 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, /* stream ID */
3072 h->inject_word0 - 1))
3073 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, 123))
3074 || (h->inject_word1 == OSSL_QUIC_FRAME_TYPE_RESET_STREAM
3075 && !TEST_true(WPACKET_quic_write_vlint(&wpkt, 5)))) /* final size */
3076 goto err;
3077
3078 if (!TEST_true(WPACKET_get_total_written(&wpkt, &written)))
3079 goto err;
3080
3081 if (!qtest_fault_prepend_frame(h->qtf, frame_buf, written))
3082 goto err;
3083
3084 ok = 1;
3085 err:
3086 if (ok)
3087 WPACKET_finish(&wpkt);
3088 else
3089 WPACKET_cleanup(&wpkt);
3090 return ok;
3091 }
3092
3093 static const struct script_op script_28[] = {
3094 OP_S_SET_INJECT_PLAIN (script_28_inject_plain)
3095 OP_C_SET_ALPN ("ossltest")
3096 OP_C_CONNECT_WAIT ()
3097 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
3098
3099 OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
3100 OP_C_WRITE (a, "orange", 6)
3101
3102 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
3103 OP_S_READ_EXPECT (a, "orange", 6)
3104
3105 OP_C_NEW_STREAM_UNI (b, C_UNI_ID(0))
3106 OP_C_WRITE (b, "apple", 5)
3107
3108 OP_S_BIND_STREAM_ID (b, C_UNI_ID(0))
3109 OP_S_READ_EXPECT (b, "apple", 5)
3110
3111 OP_SET_INJECT_WORD (C_UNI_ID(0) + 1, OSSL_QUIC_FRAME_TYPE_RESET_STREAM)
3112 OP_S_WRITE (a, "fruit", 5)
3113
3114 OP_C_EXPECT_CONN_CLOSE_INFO(OSSL_QUIC_ERR_STREAM_STATE_ERROR,0,0)
3115
3116 OP_END
3117 };
3118
3119 /* 29. Fault injection - received RESET_STREAM for nonexistent send-only stream */
3120 static const struct script_op script_29[] = {
3121 OP_S_SET_INJECT_PLAIN (script_28_inject_plain)
3122 OP_C_SET_ALPN ("ossltest")
3123 OP_C_CONNECT_WAIT ()
3124 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
3125
3126 OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
3127 OP_C_WRITE (a, "orange", 6)
3128
3129 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
3130 OP_S_READ_EXPECT (a, "orange", 6)
3131
3132 OP_C_NEW_STREAM_UNI (b, C_UNI_ID(0))
3133 OP_C_WRITE (b, "apple", 5)
3134
3135 OP_S_BIND_STREAM_ID (b, C_UNI_ID(0))
3136 OP_S_READ_EXPECT (b, "apple", 5)
3137
3138 OP_SET_INJECT_WORD (C_UNI_ID(1) + 1, OSSL_QUIC_FRAME_TYPE_RESET_STREAM)
3139 OP_S_WRITE (a, "fruit", 5)
3140
3141 OP_C_EXPECT_CONN_CLOSE_INFO(OSSL_QUIC_ERR_STREAM_STATE_ERROR,0,0)
3142
3143 OP_END
3144 };
3145
3146 /* 30. Fault injection - received STOP_SENDING for receive-only stream */
3147 static const struct script_op script_30[] = {
3148 OP_S_SET_INJECT_PLAIN (script_28_inject_plain)
3149 OP_C_SET_ALPN ("ossltest")
3150 OP_C_CONNECT_WAIT ()
3151 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
3152
3153 OP_S_NEW_STREAM_UNI (a, S_UNI_ID(0))
3154 OP_S_WRITE (a, "apple", 5)
3155
3156 OP_C_ACCEPT_STREAM_WAIT (a)
3157 OP_C_READ_EXPECT (a, "apple", 5)
3158
3159 OP_SET_INJECT_WORD (S_UNI_ID(0) + 1, OSSL_QUIC_FRAME_TYPE_STOP_SENDING)
3160 OP_S_WRITE (a, "orange", 6)
3161
3162 OP_C_EXPECT_CONN_CLOSE_INFO(OSSL_QUIC_ERR_STREAM_STATE_ERROR,0,0)
3163
3164 OP_END
3165 };
3166
3167 /* 31. Fault injection - received STOP_SENDING for nonexistent receive-only stream */
3168 static const struct script_op script_31[] = {
3169 OP_S_SET_INJECT_PLAIN (script_28_inject_plain)
3170 OP_C_SET_ALPN ("ossltest")
3171 OP_C_CONNECT_WAIT ()
3172 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
3173
3174 OP_S_NEW_STREAM_UNI (a, S_UNI_ID(0))
3175 OP_S_WRITE (a, "apple", 5)
3176
3177 OP_C_ACCEPT_STREAM_WAIT (a)
3178 OP_C_READ_EXPECT (a, "apple", 5)
3179
3180 OP_SET_INJECT_WORD (C_UNI_ID(0) + 1, OSSL_QUIC_FRAME_TYPE_STOP_SENDING)
3181 OP_S_WRITE (a, "orange", 6)
3182
3183 OP_C_EXPECT_CONN_CLOSE_INFO(OSSL_QUIC_ERR_STREAM_STATE_ERROR,0,0)
3184
3185 OP_END
3186 };
3187
3188 /* 32. Fault injection - STREAM frame for nonexistent stream */
3189 static int script_32_inject_plain(struct helper *h, QUIC_PKT_HDR *hdr,
3190 unsigned char *buf, size_t len)
3191 {
3192 int ok = 0;
3193 WPACKET wpkt;
3194 unsigned char frame_buf[64];
3195 size_t written;
3196 uint64_t type = OSSL_QUIC_FRAME_TYPE_STREAM_OFF_LEN, offset, flen, i;
3197
3198 if (hdr->type != QUIC_PKT_TYPE_1RTT)
3199 return 1;
3200
3201 switch (h->inject_word1) {
3202 default:
3203 return 0;
3204 case 0:
3205 return 1;
3206 case 1:
3207 offset = 0;
3208 flen = 0;
3209 break;
3210 case 2:
3211 offset = (((uint64_t)1)<<62) - 1;
3212 flen = 5;
3213 break;
3214 case 3:
3215 offset = 1 * 1024 * 1024 * 1024; /* 1G */
3216 flen = 5;
3217 break;
3218 case 4:
3219 offset = 0;
3220 flen = 1;
3221 break;
3222 }
3223
3224 if (!TEST_true(WPACKET_init_static_len(&wpkt, frame_buf,
3225 sizeof(frame_buf), 0)))
3226 return 0;
3227
3228 if (!TEST_true(WPACKET_quic_write_vlint(&wpkt, type))
3229 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, /* stream ID */
3230 h->inject_word0 - 1))
3231 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, offset))
3232 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, flen)))
3233 goto err;
3234
3235 for (i = 0; i < flen; ++i)
3236 if (!TEST_true(WPACKET_put_bytes_u8(&wpkt, 0x42)))
3237 goto err;
3238
3239 if (!TEST_true(WPACKET_get_total_written(&wpkt, &written)))
3240 goto err;
3241
3242 if (!qtest_fault_prepend_frame(h->qtf, frame_buf, written))
3243 goto err;
3244
3245 ok = 1;
3246 err:
3247 if (ok)
3248 WPACKET_finish(&wpkt);
3249 else
3250 WPACKET_cleanup(&wpkt);
3251 return ok;
3252 }
3253
3254 static const struct script_op script_32[] = {
3255 OP_S_SET_INJECT_PLAIN (script_32_inject_plain)
3256 OP_C_SET_ALPN ("ossltest")
3257 OP_C_CONNECT_WAIT ()
3258 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
3259
3260 OP_S_NEW_STREAM_UNI (a, S_UNI_ID(0))
3261 OP_S_WRITE (a, "apple", 5)
3262
3263 OP_C_ACCEPT_STREAM_WAIT (a)
3264 OP_C_READ_EXPECT (a, "apple", 5)
3265
3266 OP_SET_INJECT_WORD (C_UNI_ID(0) + 1, 1)
3267 OP_S_WRITE (a, "orange", 6)
3268
3269 OP_C_EXPECT_CONN_CLOSE_INFO(OSSL_QUIC_ERR_STREAM_STATE_ERROR,0,0)
3270
3271 OP_END
3272 };
3273
3274 /* 33. Fault injection - STREAM frame with illegal offset */
3275 static const struct script_op script_33[] = {
3276 OP_S_SET_INJECT_PLAIN (script_32_inject_plain)
3277 OP_C_SET_ALPN ("ossltest")
3278 OP_C_CONNECT_WAIT ()
3279 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
3280
3281 OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
3282 OP_C_WRITE (a, "apple", 5)
3283
3284 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
3285 OP_S_READ_EXPECT (a, "apple", 5)
3286
3287 OP_SET_INJECT_WORD (C_BIDI_ID(0) + 1, 2)
3288 OP_S_WRITE (a, "orange", 6)
3289
3290 OP_C_EXPECT_CONN_CLOSE_INFO(OSSL_QUIC_ERR_FRAME_ENCODING_ERROR,0,0)
3291
3292 OP_END
3293 };
3294
3295 /* 34. Fault injection - STREAM frame which exceeds FC */
3296 static const struct script_op script_34[] = {
3297 OP_S_SET_INJECT_PLAIN (script_32_inject_plain)
3298 OP_C_SET_ALPN ("ossltest")
3299 OP_C_CONNECT_WAIT ()
3300 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
3301
3302 OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
3303 OP_C_WRITE (a, "apple", 5)
3304
3305 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
3306 OP_S_READ_EXPECT (a, "apple", 5)
3307
3308 OP_SET_INJECT_WORD (C_BIDI_ID(0) + 1, 3)
3309 OP_S_WRITE (a, "orange", 6)
3310
3311 OP_C_EXPECT_CONN_CLOSE_INFO(OSSL_QUIC_ERR_FLOW_CONTROL_ERROR,0,0)
3312
3313 OP_END
3314 };
3315
3316 /* 35. Fault injection - MAX_STREAM_DATA for receive-only stream */
3317 static const struct script_op script_35[] = {
3318 OP_S_SET_INJECT_PLAIN (script_28_inject_plain)
3319 OP_C_SET_ALPN ("ossltest")
3320 OP_C_CONNECT_WAIT ()
3321 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
3322
3323 OP_S_NEW_STREAM_UNI (a, S_UNI_ID(0))
3324 OP_S_WRITE (a, "apple", 5)
3325
3326 OP_C_ACCEPT_STREAM_WAIT (a)
3327 OP_C_READ_EXPECT (a, "apple", 5)
3328
3329 OP_SET_INJECT_WORD (S_UNI_ID(0) + 1, OSSL_QUIC_FRAME_TYPE_MAX_STREAM_DATA)
3330 OP_S_WRITE (a, "orange", 6)
3331
3332 OP_C_EXPECT_CONN_CLOSE_INFO(OSSL_QUIC_ERR_STREAM_STATE_ERROR,0,0)
3333
3334 OP_END
3335 };
3336
3337 /* 36. Fault injection - MAX_STREAM_DATA for nonexistent stream */
3338 static const struct script_op script_36[] = {
3339 OP_S_SET_INJECT_PLAIN (script_28_inject_plain)
3340 OP_C_SET_ALPN ("ossltest")
3341 OP_C_CONNECT_WAIT ()
3342 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
3343
3344 OP_S_NEW_STREAM_UNI (a, S_UNI_ID(0))
3345 OP_S_WRITE (a, "apple", 5)
3346
3347 OP_C_ACCEPT_STREAM_WAIT (a)
3348 OP_C_READ_EXPECT (a, "apple", 5)
3349
3350 OP_SET_INJECT_WORD (C_BIDI_ID(0) + 1, OSSL_QUIC_FRAME_TYPE_MAX_STREAM_DATA)
3351 OP_S_WRITE (a, "orange", 6)
3352
3353 OP_C_EXPECT_CONN_CLOSE_INFO(OSSL_QUIC_ERR_STREAM_STATE_ERROR,0,0)
3354
3355 OP_END
3356 };
3357
3358 /* 37. Fault injection - STREAM_DATA_BLOCKED for send-only stream */
3359 static const struct script_op script_37[] = {
3360 OP_S_SET_INJECT_PLAIN (script_28_inject_plain)
3361 OP_C_SET_ALPN ("ossltest")
3362 OP_C_CONNECT_WAIT ()
3363 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
3364
3365 OP_C_NEW_STREAM_UNI (a, C_UNI_ID(0))
3366 OP_C_WRITE (a, "apple", 5)
3367
3368 OP_S_BIND_STREAM_ID (a, C_UNI_ID(0))
3369 OP_S_READ_EXPECT (a, "apple", 5)
3370
3371 OP_S_NEW_STREAM_UNI (b, S_UNI_ID(0))
3372 OP_SET_INJECT_WORD (C_UNI_ID(0) + 1, OSSL_QUIC_FRAME_TYPE_STREAM_DATA_BLOCKED)
3373 OP_S_WRITE (b, "orange", 5)
3374
3375 OP_C_EXPECT_CONN_CLOSE_INFO(OSSL_QUIC_ERR_STREAM_STATE_ERROR,0,0)
3376
3377 OP_END
3378 };
3379
3380 /* 38. Fault injection - STREAM_DATA_BLOCKED for non-existent stream */
3381 static const struct script_op script_38[] = {
3382 OP_S_SET_INJECT_PLAIN (script_28_inject_plain)
3383 OP_C_SET_ALPN ("ossltest")
3384 OP_C_CONNECT_WAIT ()
3385 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
3386
3387 OP_C_NEW_STREAM_UNI (a, C_UNI_ID(0))
3388 OP_C_WRITE (a, "apple", 5)
3389
3390 OP_S_BIND_STREAM_ID (a, C_UNI_ID(0))
3391 OP_S_READ_EXPECT (a, "apple", 5)
3392
3393 OP_SET_INJECT_WORD (C_BIDI_ID(0) + 1, OSSL_QUIC_FRAME_TYPE_STREAM_DATA_BLOCKED)
3394
3395 OP_S_NEW_STREAM_UNI (b, S_UNI_ID(0))
3396 OP_S_WRITE (b, "orange", 5)
3397
3398 OP_C_EXPECT_CONN_CLOSE_INFO(OSSL_QUIC_ERR_STREAM_STATE_ERROR,0,0)
3399
3400 OP_END
3401 };
3402
3403 /* 39. Fault injection - NEW_CONN_ID with zero-len CID */
3404 static int script_39_inject_plain(struct helper *h, QUIC_PKT_HDR *hdr,
3405 unsigned char *buf, size_t len)
3406 {
3407 int ok = 0;
3408 WPACKET wpkt;
3409 unsigned char frame_buf[64];
3410 size_t i, written;
3411 uint64_t seq_no = 0, retire_prior_to = 0;
3412 QUIC_CONN_ID new_cid = {0};
3413 QUIC_CHANNEL *ch = ossl_quic_tserver_get_channel(h->s_priv);
3414
3415 if (hdr->type != QUIC_PKT_TYPE_1RTT)
3416 return 1;
3417
3418 switch (h->inject_word1) {
3419 case 0:
3420 return 1;
3421 case 1:
3422 new_cid.id_len = 0;
3423 break;
3424 case 2:
3425 new_cid.id_len = 21;
3426 break;
3427 case 3:
3428 new_cid.id_len = 1;
3429 new_cid.id[0] = 0x55;
3430
3431 seq_no = 0;
3432 retire_prior_to = 1;
3433 break;
3434 case 4:
3435 /* Use our actual CID so we don't break connectivity. */
3436 ossl_quic_channel_get_diag_local_cid(ch, &new_cid);
3437
3438 seq_no = 2;
3439 retire_prior_to = 2;
3440 break;
3441 case 5:
3442 /*
3443 * Use a bogus CID which will need to be ignored if connectivity is to
3444 * be continued.
3445 */
3446 new_cid.id_len = 8;
3447 new_cid.id[0] = 0x55;
3448
3449 seq_no = 1;
3450 retire_prior_to = 1;
3451 break;
3452 }
3453
3454 if (!TEST_true(WPACKET_init_static_len(&wpkt, frame_buf,
3455 sizeof(frame_buf), 0)))
3456 return 0;
3457
3458 if (!TEST_true(WPACKET_quic_write_vlint(&wpkt, OSSL_QUIC_FRAME_TYPE_NEW_CONN_ID))
3459 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, seq_no)) /* seq no */
3460 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, retire_prior_to)) /* retire prior to */
3461 || !TEST_true(WPACKET_put_bytes_u8(&wpkt, new_cid.id_len))) /* len */
3462 goto err;
3463
3464 for (i = 0; i < new_cid.id_len && i < OSSL_NELEM(new_cid.id); ++i)
3465 if (!TEST_true(WPACKET_put_bytes_u8(&wpkt, new_cid.id[i])))
3466 goto err;
3467
3468 for (; i < new_cid.id_len; ++i)
3469 if (!TEST_true(WPACKET_put_bytes_u8(&wpkt, 0x55)))
3470 goto err;
3471
3472 for (i = 0; i < QUIC_STATELESS_RESET_TOKEN_LEN; ++i)
3473 if (!TEST_true(WPACKET_put_bytes_u8(&wpkt, 0x42)))
3474 goto err;
3475
3476 if (!TEST_true(WPACKET_get_total_written(&wpkt, &written)))
3477 goto err;
3478
3479 if (!qtest_fault_prepend_frame(h->qtf, frame_buf, written))
3480 goto err;
3481
3482 ok = 1;
3483 err:
3484 if (ok)
3485 WPACKET_finish(&wpkt);
3486 else
3487 WPACKET_cleanup(&wpkt);
3488 return ok;
3489 }
3490
3491 static const struct script_op script_39[] = {
3492 OP_S_SET_INJECT_PLAIN (script_39_inject_plain)
3493 OP_C_SET_ALPN ("ossltest")
3494 OP_C_CONNECT_WAIT ()
3495 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
3496
3497 OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
3498 OP_C_WRITE (a, "apple", 5)
3499 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
3500 OP_S_READ_EXPECT (a, "apple", 5)
3501
3502 OP_SET_INJECT_WORD (0, 1)
3503 OP_S_WRITE (a, "orange", 5)
3504
3505 OP_C_EXPECT_CONN_CLOSE_INFO(OSSL_QUIC_ERR_FRAME_ENCODING_ERROR,0,0)
3506
3507 OP_END
3508 };
3509
3510 /* 40. Shutdown flush test */
3511 static const unsigned char script_40_data[1024] = "strawberry";
3512
3513 static const struct script_op script_40[] = {
3514 OP_C_SET_ALPN ("ossltest")
3515 OP_C_CONNECT_WAIT ()
3516 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
3517
3518 OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
3519 OP_C_WRITE (a, "apple", 5)
3520
3521 OP_C_INHIBIT_TICK (1)
3522 OP_C_SET_WRITE_BUF_SIZE (a, 1024 * 100 * 3)
3523
3524 OP_BEGIN_REPEAT (100)
3525
3526 OP_C_WRITE (a, script_40_data, sizeof(script_40_data))
3527
3528 OP_END_REPEAT ()
3529
3530 OP_C_CONCLUDE (a)
3531 OP_C_SHUTDOWN_WAIT (NULL, 0) /* disengages tick inhibition */
3532
3533 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
3534 OP_S_READ_EXPECT (a, "apple", 5)
3535
3536 OP_BEGIN_REPEAT (100)
3537
3538 OP_S_READ_EXPECT (a, script_40_data, sizeof(script_40_data))
3539
3540 OP_END_REPEAT ()
3541
3542 OP_S_EXPECT_FIN (a)
3543
3544 OP_C_EXPECT_CONN_CLOSE_INFO(0, 1, 0)
3545 OP_S_EXPECT_CONN_CLOSE_INFO(0, 1, 1)
3546
3547 OP_END
3548 };
3549
3550 /* 41. Fault injection - PATH_CHALLENGE yields PATH_RESPONSE */
3551 static const uint64_t path_challenge = UINT64_C(0xbdeb9451169c83aa);
3552
3553 static int script_41_inject_plain(struct helper *h, QUIC_PKT_HDR *hdr,
3554 unsigned char *buf, size_t len)
3555 {
3556 int ok = 0;
3557 WPACKET wpkt;
3558 unsigned char frame_buf[16];
3559 size_t written;
3560
3561 if (h->inject_word0 == 0 || hdr->type != QUIC_PKT_TYPE_1RTT)
3562 return 1;
3563
3564 if (!TEST_true(WPACKET_init_static_len(&wpkt, frame_buf,
3565 sizeof(frame_buf), 0)))
3566 return 0;
3567
3568 if (!TEST_true(WPACKET_quic_write_vlint(&wpkt, h->inject_word1))
3569 || !TEST_true(WPACKET_put_bytes_u64(&wpkt, path_challenge)))
3570 goto err;
3571
3572 if (!TEST_true(WPACKET_get_total_written(&wpkt, &written))
3573 || !TEST_size_t_eq(written, 9))
3574 goto err;
3575
3576 if (!qtest_fault_prepend_frame(h->qtf, frame_buf, written))
3577 goto err;
3578
3579 --h->inject_word0;
3580 ok = 1;
3581 err:
3582 if (ok)
3583 WPACKET_finish(&wpkt);
3584 else
3585 WPACKET_cleanup(&wpkt);
3586 return ok;
3587 }
3588
3589 static void script_41_trace(int write_p, int version, int content_type,
3590 const void *buf, size_t len, SSL *ssl, void *arg)
3591 {
3592 uint64_t frame_type, frame_data;
3593 int was_minimal;
3594 struct helper *h = arg;
3595 PACKET pkt;
3596
3597 if (version != OSSL_QUIC1_VERSION
3598 || content_type != SSL3_RT_QUIC_FRAME_FULL
3599 || len < 1)
3600 return;
3601
3602 if (!TEST_true(PACKET_buf_init(&pkt, buf, len))) {
3603 ++h->scratch1;
3604 return;
3605 }
3606
3607 if (!TEST_true(ossl_quic_wire_peek_frame_header(&pkt, &frame_type,
3608 &was_minimal))) {
3609 ++h->scratch1;
3610 return;
3611 }
3612
3613 if (frame_type != OSSL_QUIC_FRAME_TYPE_PATH_RESPONSE)
3614 return;
3615
3616 if (!TEST_true(ossl_quic_wire_decode_frame_path_response(&pkt, &frame_data))
3617 || !TEST_uint64_t_eq(frame_data, path_challenge)) {
3618 ++h->scratch1;
3619 return;
3620 }
3621
3622 ++h->scratch0;
3623 }
3624
3625 static int script_41_setup(struct helper *h, struct helper_local *hl)
3626 {
3627 ossl_quic_tserver_set_msg_callback(ACQUIRE_S(), script_41_trace, h);
3628 return 1;
3629 }
3630
3631 static int script_41_check(struct helper *h, struct helper_local *hl)
3632 {
3633 /* At least one valid challenge/response echo? */
3634 if (!TEST_uint64_t_gt(h->scratch0, 0))
3635 return 0;
3636
3637 /* No failed tests? */
3638 if (!TEST_uint64_t_eq(h->scratch1, 0))
3639 return 0;
3640
3641 return 1;
3642 }
3643
3644 static const struct script_op script_41[] = {
3645 OP_S_SET_INJECT_PLAIN (script_41_inject_plain)
3646 OP_C_SET_ALPN ("ossltest")
3647 OP_C_CONNECT_WAIT ()
3648 OP_CHECK (script_41_setup, 0)
3649
3650 OP_C_WRITE (DEFAULT, "apple", 5)
3651 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
3652 OP_S_READ_EXPECT (a, "apple", 5)
3653
3654 OP_SET_INJECT_WORD (1, OSSL_QUIC_FRAME_TYPE_PATH_CHALLENGE)
3655
3656 OP_S_WRITE (a, "orange", 6)
3657 OP_C_READ_EXPECT (DEFAULT, "orange", 6)
3658
3659 OP_C_WRITE (DEFAULT, "strawberry", 10)
3660 OP_S_READ_EXPECT (a, "strawberry", 10)
3661
3662 OP_CHECK (script_41_check, 0)
3663 OP_END
3664 };
3665
3666 /* 42. Fault injection - CRYPTO frame with illegal offset */
3667 static int script_42_inject_plain(struct helper *h, QUIC_PKT_HDR *hdr,
3668 unsigned char *buf, size_t len)
3669 {
3670 int ok = 0;
3671 unsigned char frame_buf[64];
3672 size_t written;
3673 WPACKET wpkt;
3674
3675 if (h->inject_word0 == 0)
3676 return 1;
3677
3678 --h->inject_word0;
3679
3680 if (!TEST_true(WPACKET_init_static_len(&wpkt, frame_buf,
3681 sizeof(frame_buf), 0)))
3682 return 0;
3683
3684 if (!TEST_true(WPACKET_quic_write_vlint(&wpkt, OSSL_QUIC_FRAME_TYPE_CRYPTO))
3685 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, h->inject_word1))
3686 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, 1))
3687 || !TEST_true(WPACKET_put_bytes_u8(&wpkt, 0x42)))
3688 goto err;
3689
3690 if (!TEST_true(WPACKET_get_total_written(&wpkt, &written)))
3691 goto err;
3692
3693 if (!qtest_fault_prepend_frame(h->qtf, frame_buf, written))
3694 goto err;
3695
3696 ok = 1;
3697 err:
3698 if (ok)
3699 WPACKET_finish(&wpkt);
3700 else
3701 WPACKET_cleanup(&wpkt);
3702 return ok;
3703 }
3704
3705 static const struct script_op script_42[] = {
3706 OP_S_SET_INJECT_PLAIN (script_42_inject_plain)
3707 OP_C_SET_ALPN ("ossltest")
3708 OP_C_CONNECT_WAIT ()
3709 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
3710
3711 OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
3712 OP_C_WRITE (a, "apple", 5)
3713
3714 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
3715 OP_S_READ_EXPECT (a, "apple", 5)
3716
3717 OP_SET_INJECT_WORD (1, (((uint64_t)1) << 62) - 1)
3718 OP_S_WRITE (a, "orange", 6)
3719
3720 OP_C_EXPECT_CONN_CLOSE_INFO(OSSL_QUIC_ERR_FRAME_ENCODING_ERROR,0,0)
3721
3722 OP_END
3723 };
3724
3725 /* 43. Fault injection - CRYPTO frame exceeding FC */
3726 static const struct script_op script_43[] = {
3727 OP_S_SET_INJECT_PLAIN (script_42_inject_plain)
3728 OP_C_SET_ALPN ("ossltest")
3729 OP_C_CONNECT_WAIT ()
3730 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
3731
3732 OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
3733 OP_C_WRITE (a, "apple", 5)
3734
3735 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
3736 OP_S_READ_EXPECT (a, "apple", 5)
3737
3738 OP_SET_INJECT_WORD (1, 0x100000 /* 1 MiB */)
3739 OP_S_WRITE (a, "orange", 6)
3740
3741 OP_C_EXPECT_CONN_CLOSE_INFO(OSSL_QUIC_ERR_CRYPTO_BUFFER_EXCEEDED,0,0)
3742
3743 OP_END
3744 };
3745
3746 /* 44. Fault injection - PADDING */
3747 static int script_44_inject_plain(struct helper *h, QUIC_PKT_HDR *hdr,
3748 unsigned char *buf, size_t len)
3749 {
3750 int ok = 0;
3751 WPACKET wpkt;
3752 unsigned char frame_buf[16];
3753 size_t written;
3754
3755 if (h->inject_word0 == 0 || hdr->type != QUIC_PKT_TYPE_1RTT)
3756 return 1;
3757
3758 if (!TEST_true(WPACKET_init_static_len(&wpkt, frame_buf,
3759 sizeof(frame_buf), 0)))
3760 return 0;
3761
3762 if (!TEST_true(ossl_quic_wire_encode_padding(&wpkt, 1)))
3763 goto err;
3764
3765 if (!TEST_true(WPACKET_get_total_written(&wpkt, &written)))
3766 goto err;
3767
3768 if (!qtest_fault_prepend_frame(h->qtf, frame_buf, written))
3769 goto err;
3770
3771 ok = 1;
3772 err:
3773 if (ok)
3774 WPACKET_finish(&wpkt);
3775 else
3776 WPACKET_cleanup(&wpkt);
3777 return ok;
3778 }
3779
3780 static const struct script_op script_44[] = {
3781 OP_S_SET_INJECT_PLAIN (script_44_inject_plain)
3782 OP_C_SET_ALPN ("ossltest")
3783 OP_C_CONNECT_WAIT ()
3784
3785 OP_C_WRITE (DEFAULT, "apple", 5)
3786 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
3787 OP_S_READ_EXPECT (a, "apple", 5)
3788
3789 OP_SET_INJECT_WORD (1, 0)
3790
3791 OP_S_WRITE (a, "Strawberry", 10)
3792 OP_C_READ_EXPECT (DEFAULT, "Strawberry", 10)
3793
3794 OP_END
3795 };
3796
3797 /* 45. PING must generate ACK */
3798 static int force_ping(struct helper *h, struct helper_local *hl)
3799 {
3800 QUIC_CHANNEL *ch = ossl_quic_tserver_get_channel(ACQUIRE_S());
3801
3802 h->scratch0 = ossl_quic_channel_get_diag_num_rx_ack(ch);
3803
3804 if (!TEST_true(ossl_quic_tserver_ping(ACQUIRE_S())))
3805 return 0;
3806
3807 return 1;
3808 }
3809
3810 static int wait_incoming_acks_increased(struct helper *h, struct helper_local *hl)
3811 {
3812 QUIC_CHANNEL *ch = ossl_quic_tserver_get_channel(ACQUIRE_S());
3813 uint16_t count;
3814
3815 count = ossl_quic_channel_get_diag_num_rx_ack(ch);
3816
3817 if (count == h->scratch0) {
3818 h->check_spin_again = 1;
3819 return 0;
3820 }
3821
3822 return 1;
3823 }
3824
3825 static const struct script_op script_45[] = {
3826 OP_C_SET_ALPN ("ossltest")
3827 OP_C_CONNECT_WAIT ()
3828
3829 OP_C_WRITE (DEFAULT, "apple", 5)
3830 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
3831 OP_S_READ_EXPECT (a, "apple", 5)
3832
3833 OP_BEGIN_REPEAT (2)
3834
3835 OP_CHECK (force_ping, 0)
3836 OP_CHECK (wait_incoming_acks_increased, 0)
3837
3838 OP_END_REPEAT ()
3839
3840 OP_S_WRITE (a, "Strawberry", 10)
3841 OP_C_READ_EXPECT (DEFAULT, "Strawberry", 10)
3842
3843 OP_END
3844 };
3845
3846 /* 46. Fault injection - ACK - malformed initial range */
3847 static int script_46_inject_plain(struct helper *h, QUIC_PKT_HDR *hdr,
3848 unsigned char *buf, size_t len)
3849 {
3850 int ok = 0;
3851 WPACKET wpkt;
3852 unsigned char frame_buf[16];
3853 size_t written;
3854 uint64_t type = 0, largest_acked = 0, first_range = 0, range_count = 0;
3855 uint64_t agap = 0, alen = 0;
3856 uint64_t ect0 = 0, ect1 = 0, ecnce = 0;
3857
3858 if (h->inject_word0 == 0)
3859 return 1;
3860
3861 if (!TEST_true(WPACKET_init_static_len(&wpkt, frame_buf,
3862 sizeof(frame_buf), 0)))
3863 return 0;
3864
3865 type = OSSL_QUIC_FRAME_TYPE_ACK_WITHOUT_ECN;
3866
3867 switch (h->inject_word0) {
3868 case 1:
3869 largest_acked = 100;
3870 first_range = 101;
3871 range_count = 0;
3872 break;
3873 case 2:
3874 largest_acked = 100;
3875 first_range = 80;
3876 /* [20..100]; [0..18] */
3877 range_count = 1;
3878 agap = 0;
3879 alen = 19;
3880 break;
3881 case 3:
3882 largest_acked = 100;
3883 first_range = 80;
3884 range_count = 1;
3885 agap = 18;
3886 alen = 1;
3887 break;
3888 case 4:
3889 type = OSSL_QUIC_FRAME_TYPE_ACK_WITH_ECN;
3890 largest_acked = 100;
3891 first_range = 1;
3892 range_count = 0;
3893 break;
3894 case 5:
3895 type = OSSL_QUIC_FRAME_TYPE_ACK_WITH_ECN;
3896 largest_acked = 0;
3897 first_range = 0;
3898 range_count = 0;
3899 ect0 = 0;
3900 ect1 = 50;
3901 ecnce = 200;
3902 break;
3903 }
3904
3905 h->inject_word0 = 0;
3906
3907 if (!TEST_true(WPACKET_quic_write_vlint(&wpkt, type))
3908 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, largest_acked))
3909 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, /*ack_delay=*/0))
3910 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, /*ack_range_count=*/range_count))
3911 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, /*first_ack_range=*/first_range)))
3912 goto err;
3913
3914 if (range_count > 0)
3915 if (!TEST_true(WPACKET_quic_write_vlint(&wpkt, /*range[0].gap=*/agap))
3916 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, /*range[0].len=*/alen)))
3917 goto err;
3918
3919 if (type == OSSL_QUIC_FRAME_TYPE_ACK_WITH_ECN)
3920 if (!TEST_true(WPACKET_quic_write_vlint(&wpkt, ect0))
3921 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, ect1))
3922 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, ecnce)))
3923 goto err;
3924
3925 if (!TEST_true(WPACKET_get_total_written(&wpkt, &written)))
3926 goto err;
3927
3928 if (!qtest_fault_prepend_frame(h->qtf, frame_buf, written))
3929 goto err;
3930
3931 ok = 1;
3932 err:
3933 if (ok)
3934 WPACKET_finish(&wpkt);
3935 else
3936 WPACKET_cleanup(&wpkt);
3937 return ok;
3938 }
3939
3940 static const struct script_op script_46[] = {
3941 OP_S_SET_INJECT_PLAIN (script_46_inject_plain)
3942 OP_C_SET_ALPN ("ossltest")
3943 OP_C_CONNECT_WAIT ()
3944
3945 OP_C_WRITE (DEFAULT, "apple", 5)
3946 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
3947 OP_S_READ_EXPECT (a, "apple", 5)
3948
3949 OP_SET_INJECT_WORD (1, 0)
3950
3951 OP_S_WRITE (a, "Strawberry", 10)
3952
3953 OP_C_EXPECT_CONN_CLOSE_INFO(OSSL_QUIC_ERR_FRAME_ENCODING_ERROR,0,0)
3954
3955 OP_END
3956 };
3957
3958 /* 47. Fault injection - ACK - malformed subsequent range */
3959 static const struct script_op script_47[] = {
3960 OP_S_SET_INJECT_PLAIN (script_46_inject_plain)
3961 OP_C_SET_ALPN ("ossltest")
3962 OP_C_CONNECT_WAIT ()
3963
3964 OP_C_WRITE (DEFAULT, "apple", 5)
3965 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
3966 OP_S_READ_EXPECT (a, "apple", 5)
3967
3968 OP_SET_INJECT_WORD (2, 0)
3969
3970 OP_S_WRITE (a, "Strawberry", 10)
3971
3972 OP_C_EXPECT_CONN_CLOSE_INFO(OSSL_QUIC_ERR_FRAME_ENCODING_ERROR,0,0)
3973
3974 OP_END
3975 };
3976
3977 /* 48. Fault injection - ACK - malformed subsequent range */
3978 static const struct script_op script_48[] = {
3979 OP_S_SET_INJECT_PLAIN (script_46_inject_plain)
3980 OP_C_SET_ALPN ("ossltest")
3981 OP_C_CONNECT_WAIT ()
3982
3983 OP_C_WRITE (DEFAULT, "apple", 5)
3984 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
3985 OP_S_READ_EXPECT (a, "apple", 5)
3986
3987 OP_SET_INJECT_WORD (3, 0)
3988
3989 OP_S_WRITE (a, "Strawberry", 10)
3990
3991 OP_C_EXPECT_CONN_CLOSE_INFO(OSSL_QUIC_ERR_FRAME_ENCODING_ERROR,0,0)
3992
3993 OP_END
3994 };
3995
3996 /* 49. Fault injection - ACK - fictional PN */
3997 static const struct script_op script_49[] = {
3998 OP_S_SET_INJECT_PLAIN (script_46_inject_plain)
3999 OP_C_SET_ALPN ("ossltest")
4000 OP_C_CONNECT_WAIT ()
4001
4002 OP_C_WRITE (DEFAULT, "apple", 5)
4003 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
4004 OP_S_READ_EXPECT (a, "apple", 5)
4005
4006 OP_SET_INJECT_WORD (4, 0)
4007
4008 OP_S_WRITE (a, "Strawberry", 10)
4009 OP_C_READ_EXPECT (DEFAULT, "Strawberry", 10)
4010
4011 OP_END
4012 };
4013
4014 /* 50. Fault injection - ACK - duplicate PN */
4015 static const struct script_op script_50[] = {
4016 OP_S_SET_INJECT_PLAIN (script_46_inject_plain)
4017 OP_C_SET_ALPN ("ossltest")
4018 OP_C_CONNECT_WAIT ()
4019
4020 OP_C_WRITE (DEFAULT, "apple", 5)
4021 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
4022 OP_S_READ_EXPECT (a, "apple", 5)
4023
4024 OP_BEGIN_REPEAT (2)
4025
4026 OP_SET_INJECT_WORD (5, 0)
4027
4028 OP_S_WRITE (a, "Strawberry", 10)
4029 OP_C_READ_EXPECT (DEFAULT, "Strawberry", 10)
4030
4031 OP_END_REPEAT ()
4032
4033 OP_END
4034 };
4035
4036 /* 51. Fault injection - PATH_RESPONSE is ignored */
4037 static const struct script_op script_51[] = {
4038 OP_S_SET_INJECT_PLAIN (script_41_inject_plain)
4039 OP_C_SET_ALPN ("ossltest")
4040 OP_C_CONNECT_WAIT ()
4041
4042 OP_C_WRITE (DEFAULT, "apple", 5)
4043 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
4044 OP_S_READ_EXPECT (a, "apple", 5)
4045
4046 OP_SET_INJECT_WORD (1, OSSL_QUIC_FRAME_TYPE_PATH_RESPONSE)
4047
4048 OP_S_WRITE (a, "orange", 6)
4049 OP_C_READ_EXPECT (DEFAULT, "orange", 6)
4050
4051 OP_C_WRITE (DEFAULT, "Strawberry", 10)
4052 OP_S_READ_EXPECT (a, "Strawberry", 10)
4053
4054 OP_END
4055 };
4056
4057 /* 52. Fault injection - ignore BLOCKED frames with bogus values */
4058 static int script_52_inject_plain(struct helper *h, QUIC_PKT_HDR *hdr,
4059 unsigned char *buf, size_t len)
4060 {
4061 int ok = 0;
4062 unsigned char frame_buf[64];
4063 size_t written;
4064 WPACKET wpkt;
4065 uint64_t type = h->inject_word1;
4066
4067 if (h->inject_word0 == 0 || hdr->type != QUIC_PKT_TYPE_1RTT)
4068 return 1;
4069
4070 --h->inject_word0;
4071
4072 if (!TEST_true(WPACKET_init_static_len(&wpkt, frame_buf,
4073 sizeof(frame_buf), 0)))
4074 return 0;
4075
4076 if (!TEST_true(WPACKET_quic_write_vlint(&wpkt, type)))
4077 goto err;
4078
4079 if (type == OSSL_QUIC_FRAME_TYPE_STREAM_DATA_BLOCKED)
4080 if (!TEST_true(WPACKET_quic_write_vlint(&wpkt, C_BIDI_ID(0))))
4081 goto err;
4082
4083 if (!TEST_true(WPACKET_quic_write_vlint(&wpkt, 0xFFFFFF)))
4084 goto err;
4085
4086 if (!TEST_true(WPACKET_get_total_written(&wpkt, &written)))
4087 goto err;
4088
4089 if (!qtest_fault_prepend_frame(h->qtf, frame_buf, written))
4090 goto err;
4091
4092 ok = 1;
4093 err:
4094 if (ok)
4095 WPACKET_finish(&wpkt);
4096 else
4097 WPACKET_cleanup(&wpkt);
4098 return ok;
4099 }
4100
4101 static const struct script_op script_52[] = {
4102 OP_S_SET_INJECT_PLAIN (script_52_inject_plain)
4103 OP_C_SET_ALPN ("ossltest")
4104 OP_C_CONNECT_WAIT ()
4105
4106 OP_C_WRITE (DEFAULT, "apple", 5)
4107 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
4108 OP_S_READ_EXPECT (a, "apple", 5)
4109
4110 OP_SET_INJECT_WORD (1, OSSL_QUIC_FRAME_TYPE_DATA_BLOCKED)
4111
4112 OP_S_WRITE (a, "orange", 6)
4113 OP_C_READ_EXPECT (DEFAULT, "orange", 6)
4114
4115 OP_C_WRITE (DEFAULT, "Strawberry", 10)
4116 OP_S_READ_EXPECT (a, "Strawberry", 10)
4117
4118 OP_SET_INJECT_WORD (1, OSSL_QUIC_FRAME_TYPE_STREAM_DATA_BLOCKED)
4119
4120 OP_S_WRITE (a, "orange", 6)
4121 OP_C_READ_EXPECT (DEFAULT, "orange", 6)
4122
4123 OP_C_WRITE (DEFAULT, "Strawberry", 10)
4124 OP_S_READ_EXPECT (a, "Strawberry", 10)
4125
4126 OP_SET_INJECT_WORD (1, OSSL_QUIC_FRAME_TYPE_STREAMS_BLOCKED_UNI)
4127
4128 OP_S_WRITE (a, "orange", 6)
4129 OP_C_READ_EXPECT (DEFAULT, "orange", 6)
4130
4131 OP_C_WRITE (DEFAULT, "Strawberry", 10)
4132 OP_S_READ_EXPECT (a, "Strawberry", 10)
4133
4134 OP_SET_INJECT_WORD (1, OSSL_QUIC_FRAME_TYPE_STREAMS_BLOCKED_BIDI)
4135
4136 OP_S_WRITE (a, "orange", 6)
4137 OP_C_READ_EXPECT (DEFAULT, "orange", 6)
4138
4139 OP_C_WRITE (DEFAULT, "Strawberry", 10)
4140 OP_S_READ_EXPECT (a, "Strawberry", 10)
4141
4142 OP_END
4143 };
4144
4145 /* 53. Fault injection - excess CRYPTO buffer size */
4146 static int script_53_inject_plain(struct helper *h, QUIC_PKT_HDR *hdr,
4147 unsigned char *buf, size_t len)
4148 {
4149 int ok = 0;
4150 size_t written;
4151 WPACKET wpkt;
4152 uint64_t offset = 0, data_len = 100;
4153 unsigned char *frame_buf = NULL;
4154 size_t frame_len, i;
4155
4156 if (h->inject_word0 == 0 || hdr->type != QUIC_PKT_TYPE_1RTT)
4157 return 1;
4158
4159 h->inject_word0 = 0;
4160
4161 switch (h->inject_word1) {
4162 case 0:
4163 /*
4164 * Far out offset which will not have been reached during handshake.
4165 * This will not be delivered to the QUIC_TLS instance since it will be
4166 * waiting for in-order delivery of previous bytes. This tests our flow
4167 * control on CRYPTO stream buffering.
4168 */
4169 offset = 100000;
4170 data_len = 1;
4171 break;
4172 }
4173
4174 frame_len = 1 + 8 + 8 + (size_t)data_len;
4175 if (!TEST_ptr(frame_buf = OPENSSL_malloc(frame_len)))
4176 return 0;
4177
4178 if (!TEST_true(WPACKET_init_static_len(&wpkt, frame_buf, frame_len, 0)))
4179 goto err;
4180
4181 if (!TEST_true(WPACKET_quic_write_vlint(&wpkt, OSSL_QUIC_FRAME_TYPE_CRYPTO))
4182 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, offset))
4183 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, data_len)))
4184 goto err;
4185
4186 for (i = 0; i < data_len; ++i)
4187 if (!TEST_true(WPACKET_put_bytes_u8(&wpkt, 0x42)))
4188 goto err;
4189
4190 if (!TEST_true(WPACKET_get_total_written(&wpkt, &written)))
4191 goto err;
4192
4193 if (!qtest_fault_prepend_frame(h->qtf, frame_buf, written))
4194 goto err;
4195
4196 ok = 1;
4197 err:
4198 if (ok)
4199 WPACKET_finish(&wpkt);
4200 else
4201 WPACKET_cleanup(&wpkt);
4202 OPENSSL_free(frame_buf);
4203 return ok;
4204 }
4205
4206 static const struct script_op script_53[] = {
4207 OP_S_SET_INJECT_PLAIN (script_53_inject_plain)
4208 OP_C_SET_ALPN ("ossltest")
4209 OP_C_CONNECT_WAIT ()
4210
4211 OP_C_WRITE (DEFAULT, "apple", 5)
4212 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
4213 OP_S_READ_EXPECT (a, "apple", 5)
4214
4215 OP_SET_INJECT_WORD (1, 0)
4216 OP_S_WRITE (a, "Strawberry", 10)
4217
4218 OP_C_EXPECT_CONN_CLOSE_INFO(OSSL_QUIC_ERR_CRYPTO_BUFFER_EXCEEDED,0,0)
4219
4220 OP_END
4221 };
4222
4223 /* 54. Fault injection - corrupted crypto stream data */
4224 static int script_54_inject_handshake(struct helper *h,
4225 unsigned char *buf, size_t buf_len)
4226 {
4227 size_t i;
4228
4229 for (i = 0; i < buf_len; ++i)
4230 buf[i] ^= 0xff;
4231
4232 return 1;
4233 }
4234
4235 static const struct script_op script_54[] = {
4236 OP_S_SET_INJECT_HANDSHAKE(script_54_inject_handshake)
4237 OP_C_SET_ALPN ("ossltest")
4238 OP_C_CONNECT_WAIT_OR_FAIL()
4239
4240 OP_C_EXPECT_CONN_CLOSE_INFO(OSSL_QUIC_ERR_CRYPTO_UNEXPECTED_MESSAGE,0,0)
4241
4242 OP_END
4243 };
4244
4245 /* 55. Fault injection - NEW_CONN_ID with >20 byte CID */
4246 static const struct script_op script_55[] = {
4247 OP_S_SET_INJECT_PLAIN (script_39_inject_plain)
4248 OP_C_SET_ALPN ("ossltest")
4249 OP_C_CONNECT_WAIT ()
4250 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
4251
4252 OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
4253 OP_C_WRITE (a, "apple", 5)
4254 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
4255 OP_S_READ_EXPECT (a, "apple", 5)
4256
4257 OP_SET_INJECT_WORD (0, 2)
4258 OP_S_WRITE (a, "orange", 5)
4259
4260 OP_C_EXPECT_CONN_CLOSE_INFO(OSSL_QUIC_ERR_FRAME_ENCODING_ERROR,0,0)
4261
4262 OP_END
4263 };
4264
4265 /* 56. Fault injection - NEW_CONN_ID with seq no < retire prior to */
4266 static const struct script_op script_56[] = {
4267 OP_S_SET_INJECT_PLAIN (script_39_inject_plain)
4268 OP_C_SET_ALPN ("ossltest")
4269 OP_C_CONNECT_WAIT ()
4270 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
4271
4272 OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
4273 OP_C_WRITE (a, "apple", 5)
4274 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
4275 OP_S_READ_EXPECT (a, "apple", 5)
4276
4277 OP_SET_INJECT_WORD (0, 3)
4278 OP_S_WRITE (a, "orange", 5)
4279
4280 OP_C_EXPECT_CONN_CLOSE_INFO(OSSL_QUIC_ERR_FRAME_ENCODING_ERROR,0,0)
4281
4282 OP_END
4283 };
4284
4285 /* 57. Fault injection - NEW_CONN_ID with lower seq so ignored */
4286 static const struct script_op script_57[] = {
4287 OP_S_SET_INJECT_PLAIN (script_39_inject_plain)
4288 OP_C_SET_ALPN ("ossltest")
4289 OP_C_CONNECT_WAIT ()
4290 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
4291
4292 OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
4293 OP_C_WRITE (a, "apple", 5)
4294 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
4295 OP_S_READ_EXPECT (a, "apple", 5)
4296
4297 OP_SET_INJECT_WORD (0, 4)
4298 OP_S_WRITE (a, "orange", 5)
4299 OP_C_READ_EXPECT (a, "orange", 5)
4300
4301 OP_C_WRITE (a, "Strawberry", 10)
4302 OP_S_READ_EXPECT (a, "Strawberry", 10)
4303
4304 /*
4305 * Now we send a NEW_CONN_ID with a bogus CID. However the sequence number
4306 * is old so it should be ignored and we should still be able to
4307 * communicate.
4308 */
4309 OP_SET_INJECT_WORD (0, 5)
4310 OP_S_WRITE (a, "raspberry", 9)
4311 OP_C_READ_EXPECT (a, "raspberry", 9)
4312
4313 OP_C_WRITE (a, "peach", 5)
4314 OP_S_READ_EXPECT (a, "peach", 5)
4315
4316 OP_END
4317 };
4318
4319 /* 58. Fault injection - repeated HANDSHAKE_DONE */
4320 static int script_58_inject_plain(struct helper *h, QUIC_PKT_HDR *hdr,
4321 unsigned char *buf, size_t len)
4322 {
4323 int ok = 0;
4324 unsigned char frame_buf[64];
4325 size_t written;
4326 WPACKET wpkt;
4327
4328 if (h->inject_word0 == 0 || hdr->type != QUIC_PKT_TYPE_1RTT)
4329 return 1;
4330
4331 if (!TEST_true(WPACKET_init_static_len(&wpkt, frame_buf,
4332 sizeof(frame_buf), 0)))
4333 return 0;
4334
4335 if (h->inject_word0 == 1) {
4336 if (!TEST_true(WPACKET_quic_write_vlint(&wpkt, OSSL_QUIC_FRAME_TYPE_HANDSHAKE_DONE)))
4337 goto err;
4338 } else {
4339 /* Needless multi-byte encoding */
4340 if (!TEST_true(WPACKET_put_bytes_u8(&wpkt, 0x40))
4341 || !TEST_true(WPACKET_put_bytes_u8(&wpkt, 0x1E)))
4342 goto err;
4343 }
4344
4345 if (!TEST_true(WPACKET_get_total_written(&wpkt, &written)))
4346 goto err;
4347
4348 if (!qtest_fault_prepend_frame(h->qtf, frame_buf, written))
4349 goto err;
4350
4351 ok = 1;
4352 err:
4353 if (ok)
4354 WPACKET_finish(&wpkt);
4355 else
4356 WPACKET_cleanup(&wpkt);
4357 return ok;
4358 }
4359
4360 static const struct script_op script_58[] = {
4361 OP_S_SET_INJECT_PLAIN (script_58_inject_plain)
4362 OP_C_SET_ALPN ("ossltest")
4363 OP_C_CONNECT_WAIT ()
4364
4365 OP_C_WRITE (DEFAULT, "apple", 5)
4366 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
4367 OP_S_READ_EXPECT (a, "apple", 5)
4368
4369 OP_SET_INJECT_WORD (1, 0)
4370
4371 OP_S_WRITE (a, "orange", 6)
4372 OP_C_READ_EXPECT (DEFAULT, "orange", 6)
4373
4374 OP_C_WRITE (DEFAULT, "Strawberry", 10)
4375 OP_S_READ_EXPECT (a, "Strawberry", 10)
4376
4377 OP_END
4378 };
4379
4380 /* 59. Fault injection - multi-byte frame encoding */
4381 static const struct script_op script_59[] = {
4382 OP_S_SET_INJECT_PLAIN (script_58_inject_plain)
4383 OP_C_SET_ALPN ("ossltest")
4384 OP_C_CONNECT_WAIT ()
4385
4386 OP_C_WRITE (DEFAULT, "apple", 5)
4387 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
4388 OP_S_READ_EXPECT (a, "apple", 5)
4389
4390 OP_SET_INJECT_WORD (2, 0)
4391
4392 OP_S_WRITE (a, "orange", 6)
4393
4394 OP_C_EXPECT_CONN_CLOSE_INFO(OSSL_QUIC_ERR_PROTOCOL_VIOLATION,0,0)
4395
4396 OP_END
4397 };
4398
4399 /* 60. Connection close reason truncation */
4400 static char long_reason[2048];
4401
4402 static int init_reason(struct helper *h, struct helper_local *hl)
4403 {
4404 memset(long_reason, '~', sizeof(long_reason));
4405 memcpy(long_reason, "This is a long reason string.", 29);
4406 long_reason[OSSL_NELEM(long_reason) - 1] = '\0';
4407 return 1;
4408 }
4409
4410 static int check_shutdown_reason(struct helper *h, struct helper_local *hl)
4411 {
4412 const QUIC_TERMINATE_CAUSE *tc = ossl_quic_tserver_get_terminate_cause(ACQUIRE_S());
4413
4414 if (tc == NULL) {
4415 h->check_spin_again = 1;
4416 return 0;
4417 }
4418
4419 if (!TEST_size_t_ge(tc->reason_len, 50)
4420 || !TEST_mem_eq(long_reason, tc->reason_len,
4421 tc->reason, tc->reason_len))
4422 return 0;
4423
4424 return 1;
4425 }
4426
4427 static const struct script_op script_60[] = {
4428 OP_C_SET_ALPN ("ossltest")
4429 OP_C_CONNECT_WAIT ()
4430
4431 OP_C_WRITE (DEFAULT, "apple", 5)
4432 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
4433 OP_S_READ_EXPECT (a, "apple", 5)
4434
4435 OP_CHECK (init_reason, 0)
4436 OP_C_SHUTDOWN_WAIT (long_reason, 0)
4437 OP_CHECK (check_shutdown_reason, 0)
4438
4439 OP_END
4440 };
4441
4442 /* 61. Fault injection - RESET_STREAM exceeding stream count FC */
4443 static int script_61_inject_plain(struct helper *h, QUIC_PKT_HDR *hdr,
4444 unsigned char *buf, size_t len)
4445 {
4446 int ok = 0;
4447 WPACKET wpkt;
4448 unsigned char frame_buf[32];
4449 size_t written;
4450
4451 if (h->inject_word0 == 0 || hdr->type != QUIC_PKT_TYPE_1RTT)
4452 return 1;
4453
4454 if (!TEST_true(WPACKET_init_static_len(&wpkt, frame_buf,
4455 sizeof(frame_buf), 0)))
4456 return 0;
4457
4458 if (!TEST_true(WPACKET_quic_write_vlint(&wpkt, h->inject_word0))
4459 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, /* stream ID */
4460 h->inject_word1))
4461 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, 123))
4462 || (h->inject_word0 == OSSL_QUIC_FRAME_TYPE_RESET_STREAM
4463 && !TEST_true(WPACKET_quic_write_vlint(&wpkt, 0)))) /* final size */
4464 goto err;
4465
4466 if (!TEST_true(WPACKET_get_total_written(&wpkt, &written)))
4467 goto err;
4468
4469 if (!qtest_fault_prepend_frame(h->qtf, frame_buf, written))
4470 goto err;
4471
4472 ok = 1;
4473 err:
4474 if (ok)
4475 WPACKET_finish(&wpkt);
4476 else
4477 WPACKET_cleanup(&wpkt);
4478 return ok;
4479 }
4480
4481 static const struct script_op script_61[] = {
4482 OP_S_SET_INJECT_PLAIN (script_61_inject_plain)
4483 OP_C_SET_ALPN ("ossltest")
4484 OP_C_CONNECT_WAIT ()
4485 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
4486
4487 OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
4488 OP_C_WRITE (a, "orange", 6)
4489
4490 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
4491 OP_S_READ_EXPECT (a, "orange", 6)
4492
4493 OP_SET_INJECT_WORD (OSSL_QUIC_FRAME_TYPE_RESET_STREAM,
4494 S_BIDI_ID(OSSL_QUIC_VLINT_MAX / 4))
4495 OP_S_WRITE (a, "fruit", 5)
4496
4497 OP_C_EXPECT_CONN_CLOSE_INFO(OSSL_QUIC_ERR_STREAM_LIMIT_ERROR,0,0)
4498
4499 OP_END
4500 };
4501
4502 /* 62. Fault injection - STOP_SENDING with high ID */
4503 static const struct script_op script_62[] = {
4504 OP_S_SET_INJECT_PLAIN (script_61_inject_plain)
4505 OP_C_SET_ALPN ("ossltest")
4506 OP_C_CONNECT_WAIT ()
4507 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
4508
4509 OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
4510 OP_C_WRITE (a, "orange", 6)
4511
4512 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
4513 OP_S_READ_EXPECT (a, "orange", 6)
4514
4515 OP_SET_INJECT_WORD (OSSL_QUIC_FRAME_TYPE_STOP_SENDING,
4516 C_BIDI_ID(OSSL_QUIC_VLINT_MAX / 4))
4517 OP_S_WRITE (a, "fruit", 5)
4518
4519 OP_C_EXPECT_CONN_CLOSE_INFO(OSSL_QUIC_ERR_STREAM_STATE_ERROR,0,0)
4520
4521 OP_END
4522 };
4523
4524 /* 63. Fault injection - STREAM frame exceeding stream limit */
4525 static const struct script_op script_63[] = {
4526 OP_S_SET_INJECT_PLAIN (script_32_inject_plain)
4527 OP_C_SET_ALPN ("ossltest")
4528 OP_C_CONNECT_WAIT ()
4529 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
4530
4531 OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
4532 OP_C_WRITE (a, "apple", 5)
4533
4534 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
4535 OP_S_READ_EXPECT (a, "apple", 5)
4536
4537 OP_SET_INJECT_WORD (S_BIDI_ID(5000) + 1, 4)
4538 OP_S_WRITE (a, "orange", 6)
4539
4540 OP_C_EXPECT_CONN_CLOSE_INFO(OSSL_QUIC_ERR_STREAM_LIMIT_ERROR,0,0)
4541
4542 OP_END
4543 };
4544
4545 /* 64. Fault injection - STREAM - zero-length no-FIN is accepted */
4546 static const struct script_op script_64[] = {
4547 OP_S_SET_INJECT_PLAIN (script_32_inject_plain)
4548 OP_C_SET_ALPN ("ossltest")
4549 OP_C_CONNECT_WAIT ()
4550 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
4551
4552 OP_S_NEW_STREAM_UNI (a, S_UNI_ID(0))
4553 OP_S_WRITE (a, "apple", 5)
4554
4555 OP_C_ACCEPT_STREAM_WAIT (a)
4556 OP_C_READ_EXPECT (a, "apple", 5)
4557
4558 OP_SET_INJECT_WORD (S_BIDI_ID(20) + 1, 1)
4559 OP_S_WRITE (a, "orange", 6)
4560 OP_C_READ_EXPECT (a, "orange", 6)
4561
4562 OP_END
4563 };
4564
4565 /* 65. Fault injection - CRYPTO - zero-length is accepted */
4566 static int script_65_inject_plain(struct helper *h, QUIC_PKT_HDR *hdr,
4567 unsigned char *buf, size_t len)
4568 {
4569 int ok = 0;
4570 unsigned char frame_buf[64];
4571 size_t written;
4572 WPACKET wpkt;
4573
4574 if (h->inject_word0 == 0)
4575 return 1;
4576
4577 --h->inject_word0;
4578
4579 if (!TEST_true(WPACKET_init_static_len(&wpkt, frame_buf,
4580 sizeof(frame_buf), 0)))
4581 return 0;
4582
4583 if (!TEST_true(WPACKET_quic_write_vlint(&wpkt, OSSL_QUIC_FRAME_TYPE_CRYPTO))
4584 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, 0))
4585 || !TEST_true(WPACKET_quic_write_vlint(&wpkt, 0)))
4586 goto err;
4587
4588 if (!TEST_true(WPACKET_get_total_written(&wpkt, &written)))
4589 goto err;
4590
4591 if (!qtest_fault_prepend_frame(h->qtf, frame_buf, written))
4592 goto err;
4593
4594 ok = 1;
4595 err:
4596 if (ok)
4597 WPACKET_finish(&wpkt);
4598 else
4599 WPACKET_cleanup(&wpkt);
4600 return ok;
4601 }
4602
4603 static const struct script_op script_65[] = {
4604 OP_S_SET_INJECT_PLAIN (script_65_inject_plain)
4605 OP_C_SET_ALPN ("ossltest")
4606 OP_C_CONNECT_WAIT ()
4607 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
4608
4609 OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
4610 OP_C_WRITE (a, "apple", 5)
4611
4612 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
4613 OP_S_READ_EXPECT (a, "apple", 5)
4614
4615 OP_SET_INJECT_WORD (1, 0)
4616 OP_S_WRITE (a, "orange", 6)
4617 OP_C_READ_EXPECT (a, "orange", 6)
4618
4619 OP_END
4620 };
4621
4622 /* 66. Fault injection - large MAX_STREAM_DATA */
4623 static int script_66_inject_plain(struct helper *h, QUIC_PKT_HDR *hdr,
4624 unsigned char *buf, size_t len)
4625 {
4626 int ok = 0;
4627 WPACKET wpkt;
4628 unsigned char frame_buf[64];
4629 size_t written;
4630
4631 if (h->inject_word0 == 0 || hdr->type != QUIC_PKT_TYPE_1RTT)
4632 return 1;
4633
4634 if (!TEST_true(WPACKET_init_static_len(&wpkt, frame_buf,
4635 sizeof(frame_buf), 0)))
4636 return 0;
4637
4638 if (!TEST_true(WPACKET_quic_write_vlint(&wpkt, h->inject_word1)))
4639 goto err;
4640
4641 if (h->inject_word1 == OSSL_QUIC_FRAME_TYPE_MAX_STREAM_DATA)
4642 if (!TEST_true(WPACKET_quic_write_vlint(&wpkt, /* stream ID */
4643 h->inject_word0 - 1)))
4644 goto err;
4645
4646 if (!TEST_true(WPACKET_quic_write_vlint(&wpkt, OSSL_QUIC_VLINT_MAX)))
4647 goto err;
4648
4649 if (!TEST_true(WPACKET_get_total_written(&wpkt, &written)))
4650 goto err;
4651
4652 if (!qtest_fault_prepend_frame(h->qtf, frame_buf, written))
4653 goto err;
4654
4655 ok = 1;
4656 err:
4657 if (ok)
4658 WPACKET_finish(&wpkt);
4659 else
4660 WPACKET_cleanup(&wpkt);
4661 return ok;
4662 }
4663
4664 static const struct script_op script_66[] = {
4665 OP_S_SET_INJECT_PLAIN (script_66_inject_plain)
4666 OP_C_SET_ALPN ("ossltest")
4667 OP_C_CONNECT_WAIT ()
4668 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
4669
4670 OP_S_NEW_STREAM_BIDI (a, S_BIDI_ID(0))
4671 OP_S_WRITE (a, "apple", 5)
4672
4673 OP_C_ACCEPT_STREAM_WAIT (a)
4674 OP_C_READ_EXPECT (a, "apple", 5)
4675
4676 OP_SET_INJECT_WORD (S_BIDI_ID(0) + 1, OSSL_QUIC_FRAME_TYPE_MAX_STREAM_DATA)
4677 OP_S_WRITE (a, "orange", 6)
4678 OP_C_READ_EXPECT (a, "orange", 6)
4679 OP_C_WRITE (a, "Strawberry", 10)
4680 OP_S_READ_EXPECT (a, "Strawberry", 10)
4681
4682 OP_END
4683 };
4684
4685 /* 67. Fault injection - large MAX_DATA */
4686 static const struct script_op script_67[] = {
4687 OP_S_SET_INJECT_PLAIN (script_66_inject_plain)
4688 OP_C_SET_ALPN ("ossltest")
4689 OP_C_CONNECT_WAIT ()
4690 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
4691
4692 OP_S_NEW_STREAM_BIDI (a, S_BIDI_ID(0))
4693 OP_S_WRITE (a, "apple", 5)
4694
4695 OP_C_ACCEPT_STREAM_WAIT (a)
4696 OP_C_READ_EXPECT (a, "apple", 5)
4697
4698 OP_SET_INJECT_WORD (1, OSSL_QUIC_FRAME_TYPE_MAX_DATA)
4699 OP_S_WRITE (a, "orange", 6)
4700 OP_C_READ_EXPECT (a, "orange", 6)
4701 OP_C_WRITE (a, "Strawberry", 10)
4702 OP_S_READ_EXPECT (a, "Strawberry", 10)
4703
4704 OP_END
4705 };
4706
4707 /* 68. Fault injection - Unexpected TLS messages */
4708 static int script_68_inject_handshake(struct helper *h, unsigned char *msg,
4709 size_t msglen)
4710 {
4711 const unsigned char *data;
4712 size_t datalen;
4713 const unsigned char certreq[] = {
4714 SSL3_MT_CERTIFICATE_REQUEST, /* CertificateRequest message */
4715 0, 0, 12, /* Length of message */
4716 1, 1, /* certificate_request_context */
4717 0, 8, /* Extensions block length */
4718 0, TLSEXT_TYPE_signature_algorithms, /* sig_algs extension*/
4719 0, 4, /* 4 bytes of sig algs extension*/
4720 0, 2, /* sigalgs list is 2 bytes long */
4721 8, 4 /* rsa_pss_rsae_sha256 */
4722 };
4723 const unsigned char keyupdate[] = {
4724 SSL3_MT_KEY_UPDATE, /* KeyUpdate message */
4725 0, 0, 1, /* Length of message */
4726 SSL_KEY_UPDATE_NOT_REQUESTED /* update_not_requested */
4727 };
4728
4729 /* We transform the NewSessionTicket message into something else */
4730 switch(h->inject_word0) {
4731 case 0:
4732 return 1;
4733
4734 case 1:
4735 /* CertificateRequest message */
4736 data = certreq;
4737 datalen = sizeof(certreq);
4738 break;
4739
4740 case 2:
4741 /* KeyUpdate message */
4742 data = keyupdate;
4743 datalen = sizeof(keyupdate);
4744 break;
4745
4746 default:
4747 return 0;
4748 }
4749
4750 if (!TEST_true(qtest_fault_resize_message(h->qtf,
4751 datalen - SSL3_HM_HEADER_LENGTH)))
4752 return 0;
4753
4754 memcpy(msg, data, datalen);
4755
4756 return 1;
4757 }
4758
4759 /* Send a CerticateRequest message post-handshake */
4760 static const struct script_op script_68[] = {
4761 OP_S_SET_INJECT_HANDSHAKE(script_68_inject_handshake)
4762 OP_C_SET_ALPN ("ossltest")
4763 OP_C_CONNECT_WAIT ()
4764 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
4765
4766 OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
4767 OP_C_WRITE (a, "apple", 5)
4768 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
4769 OP_S_READ_EXPECT (a, "apple", 5)
4770
4771 OP_SET_INJECT_WORD (1, 0)
4772 OP_S_NEW_TICKET ()
4773 OP_S_WRITE (a, "orange", 6)
4774
4775 OP_C_EXPECT_CONN_CLOSE_INFO(OSSL_QUIC_ERR_PROTOCOL_VIOLATION, 0, 0)
4776
4777 OP_END
4778 };
4779
4780 /* 69. Send a TLS KeyUpdate message post-handshake */
4781 static const struct script_op script_69[] = {
4782 OP_S_SET_INJECT_HANDSHAKE(script_68_inject_handshake)
4783 OP_C_SET_ALPN ("ossltest")
4784 OP_C_CONNECT_WAIT ()
4785 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
4786
4787 OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
4788 OP_C_WRITE (a, "apple", 5)
4789 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
4790 OP_S_READ_EXPECT (a, "apple", 5)
4791
4792 OP_SET_INJECT_WORD (2, 0)
4793 OP_S_NEW_TICKET ()
4794 OP_S_WRITE (a, "orange", 6)
4795
4796 OP_C_EXPECT_CONN_CLOSE_INFO(OSSL_QUIC_ERR_CRYPTO_ERR_BEGIN
4797 + SSL_AD_UNEXPECTED_MESSAGE, 0, 0)
4798
4799 OP_END
4800 };
4801
4802 static int set_max_early_data(struct helper *h, struct helper_local *hl)
4803 {
4804
4805 if (!TEST_true(ossl_quic_tserver_set_max_early_data(ACQUIRE_S(),
4806 (uint32_t)hl->check_op->arg2)))
4807 return 0;
4808
4809 return 1;
4810 }
4811
4812 /* 70. Send a TLS NewSessionTicket message with invalid max_early_data */
4813 static const struct script_op script_70[] = {
4814 OP_C_SET_ALPN ("ossltest")
4815 OP_C_CONNECT_WAIT ()
4816 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
4817
4818 OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
4819 OP_C_WRITE (a, "apple", 5)
4820 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
4821 OP_S_READ_EXPECT (a, "apple", 5)
4822
4823 OP_CHECK (set_max_early_data, 0xfffffffe)
4824 OP_S_NEW_TICKET ()
4825 OP_S_WRITE (a, "orange", 6)
4826
4827 OP_C_EXPECT_CONN_CLOSE_INFO(OSSL_QUIC_ERR_PROTOCOL_VIOLATION, 0, 0)
4828
4829 OP_END
4830 };
4831
4832 /* 71. Send a TLS NewSessionTicket message with valid max_early_data */
4833 static const struct script_op script_71[] = {
4834 OP_C_SET_ALPN ("ossltest")
4835 OP_C_CONNECT_WAIT ()
4836 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
4837
4838 OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
4839 OP_C_WRITE (a, "apple", 5)
4840 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
4841 OP_S_READ_EXPECT (a, "apple", 5)
4842
4843 OP_CHECK (set_max_early_data, 0xffffffff)
4844 OP_S_NEW_TICKET ()
4845 OP_S_WRITE (a, "orange", 6)
4846 OP_C_READ_EXPECT (a, "orange", 6)
4847
4848 OP_END
4849 };
4850
4851 /* 72. Test that APL stops handing out streams after limit reached (bidi) */
4852 static int script_72_check(struct helper *h, struct helper_local *hl)
4853 {
4854 if (!TEST_uint64_t_ge(h->fail_count, 50))
4855 return 0;
4856
4857 return 1;
4858 }
4859
4860 static const struct script_op script_72[] = {
4861 OP_C_SET_ALPN ("ossltest")
4862 OP_C_CONNECT_WAIT ()
4863 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
4864
4865 /*
4866 * Request more streams than a server will initially hand out and test that
4867 * they fail properly.
4868 */
4869 OP_BEGIN_REPEAT (200)
4870
4871 OP_C_NEW_STREAM_BIDI_EX (a, ANY_ID, ALLOW_FAIL | SSL_STREAM_FLAG_NO_BLOCK)
4872 OP_C_SKIP_IF_UNBOUND (a, 2)
4873 OP_C_WRITE (a, "apple", 5)
4874 OP_C_FREE_STREAM (a)
4875
4876 OP_END_REPEAT ()
4877
4878 OP_CHECK (script_72_check, 0)
4879
4880 OP_END
4881 };
4882
4883 /* 73. Test that APL stops handing out streams after limit reached (uni) */
4884 static const struct script_op script_73[] = {
4885 OP_C_SET_ALPN ("ossltest")
4886 OP_C_CONNECT_WAIT ()
4887 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
4888
4889 /*
4890 * Request more streams than a server will initially hand out and test that
4891 * they fail properly.
4892 */
4893 OP_BEGIN_REPEAT (200)
4894
4895 OP_C_NEW_STREAM_UNI_EX (a, ANY_ID, ALLOW_FAIL | SSL_STREAM_FLAG_NO_BLOCK)
4896 OP_C_SKIP_IF_UNBOUND (a, 2)
4897 OP_C_WRITE (a, "apple", 5)
4898 OP_C_FREE_STREAM (a)
4899
4900 OP_END_REPEAT ()
4901
4902 OP_CHECK (script_72_check, 0)
4903
4904 OP_END
4905 };
4906
4907 /* 74. Version negotiation: QUIC_VERSION_1 ignored */
4908 static int generate_version_neg(WPACKET *wpkt, uint32_t version)
4909 {
4910 QUIC_PKT_HDR hdr = {0};
4911
4912 hdr.type = QUIC_PKT_TYPE_VERSION_NEG;
4913 hdr.fixed = 1;
4914 hdr.dst_conn_id.id_len = 0;
4915 hdr.src_conn_id.id_len = 8;
4916 memset(hdr.src_conn_id.id, 0x55, 8);
4917
4918 if (!TEST_true(ossl_quic_wire_encode_pkt_hdr(wpkt, 0, &hdr, NULL)))
4919 return 0;
4920
4921 if (!TEST_true(WPACKET_put_bytes_u32(wpkt, version)))
4922 return 0;
4923
4924 return 1;
4925 }
4926
4927 static int server_gen_version_neg(struct helper *h, BIO_MSG *msg, size_t stride)
4928 {
4929 int rc = 0, have_wpkt = 0;
4930 size_t l;
4931 WPACKET wpkt;
4932 BUF_MEM *buf = NULL;
4933 uint32_t version;
4934
4935 switch (h->inject_word0) {
4936 case 0:
4937 return 1;
4938 case 1:
4939 version = QUIC_VERSION_1;
4940 break;
4941 default:
4942 version = 0x5432abcd;
4943 break;
4944 }
4945
4946 if (!TEST_ptr(buf = BUF_MEM_new()))
4947 goto err;
4948
4949 if (!TEST_true(WPACKET_init(&wpkt, buf)))
4950 goto err;
4951
4952 have_wpkt = 1;
4953
4954 generate_version_neg(&wpkt, version);
4955
4956 if (!TEST_true(WPACKET_get_total_written(&wpkt, &l)))
4957 goto err;
4958
4959 if (!TEST_true(qtest_fault_resize_datagram(h->qtf, l)))
4960 return 0;
4961
4962 memcpy(msg->data, buf->data, l);
4963 h->inject_word0 = 0;
4964
4965 rc = 1;
4966 err:
4967 if (have_wpkt)
4968 WPACKET_finish(&wpkt);
4969
4970 BUF_MEM_free(buf);
4971 return rc;
4972 }
4973
4974 static const struct script_op script_74[] = {
4975 OP_S_SET_INJECT_DATAGRAM (server_gen_version_neg)
4976 OP_SET_INJECT_WORD (1, 0)
4977
4978 OP_C_SET_ALPN ("ossltest")
4979 OP_C_CONNECT_WAIT ()
4980
4981 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
4982
4983 OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
4984 OP_C_WRITE (a, "apple", 5)
4985 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
4986 OP_S_READ_EXPECT (a, "apple", 5)
4987
4988 OP_END
4989 };
4990
4991 /* 75. Version negotiation: Unknown version causes connection abort */
4992 static const struct script_op script_75[] = {
4993 OP_S_SET_INJECT_DATAGRAM (server_gen_version_neg)
4994 OP_SET_INJECT_WORD (2, 0)
4995
4996 OP_C_SET_ALPN ("ossltest")
4997 OP_C_CONNECT_WAIT_OR_FAIL()
4998
4999 OP_C_EXPECT_CONN_CLOSE_INFO(OSSL_QUIC_ERR_CONNECTION_REFUSED,0,0)
5000
5001 OP_END
5002 };
5003
5004 /* 76. Test peer-initiated shutdown wait */
5005 static int script_76_check(struct helper *h, struct helper_local *hl)
5006 {
5007 if (!TEST_false(SSL_shutdown_ex(h->c_conn,
5008 SSL_SHUTDOWN_FLAG_WAIT_PEER
5009 | SSL_SHUTDOWN_FLAG_NO_BLOCK,
5010 NULL, 0)))
5011 return 0;
5012
5013 return 1;
5014 }
5015
5016 static const struct script_op script_76[] = {
5017 OP_C_SET_ALPN ("ossltest")
5018 OP_C_CONNECT_WAIT ()
5019 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
5020
5021 OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
5022 OP_C_WRITE (a, "apple", 5)
5023
5024 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
5025 OP_S_READ_EXPECT (a, "apple", 5)
5026
5027 /* Check a WAIT_PEER call doesn't succeed yet. */
5028 OP_CHECK (script_76_check, 0)
5029 OP_S_SHUTDOWN (42)
5030
5031 OP_C_SHUTDOWN_WAIT (NULL, SSL_SHUTDOWN_FLAG_WAIT_PEER)
5032 OP_C_EXPECT_CONN_CLOSE_INFO(42, 1, 1)
5033
5034 OP_END
5035 };
5036
5037 /* 77. Ensure default stream popping operates correctly */
5038 static const struct script_op script_77[] = {
5039 OP_C_SET_ALPN ("ossltest")
5040 OP_C_CONNECT_WAIT ()
5041
5042 OP_C_SET_INCOMING_STREAM_POLICY(SSL_INCOMING_STREAM_POLICY_ACCEPT)
5043
5044 OP_S_NEW_STREAM_BIDI (a, S_BIDI_ID(0))
5045 OP_S_WRITE (a, "Strawberry", 10)
5046
5047 OP_C_READ_EXPECT (DEFAULT, "Strawberry", 10)
5048
5049 OP_S_NEW_STREAM_BIDI (b, S_BIDI_ID(1))
5050 OP_S_WRITE (b, "xyz", 3)
5051
5052 OP_C_ACCEPT_STREAM_WAIT (b)
5053 OP_C_READ_EXPECT (b, "xyz", 3)
5054
5055 OP_END
5056 };
5057
5058 /* 78. Post-connection session ticket handling */
5059 static size_t new_session_count;
5060
5061 static int on_new_session(SSL *s, SSL_SESSION *sess)
5062 {
5063 ++new_session_count;
5064 return 0; /* do not ref session, we aren't keeping it */
5065 }
5066
5067 static int setup_session(struct helper *h, struct helper_local *hl)
5068 {
5069 SSL_CTX_set_session_cache_mode(h->c_ctx, SSL_SESS_CACHE_BOTH);
5070 SSL_CTX_sess_set_new_cb(h->c_ctx, on_new_session);
5071 return 1;
5072 }
5073
5074 static int trigger_late_session_ticket(struct helper *h, struct helper_local *hl)
5075 {
5076 new_session_count = 0;
5077
5078 if (!TEST_true(ossl_quic_tserver_new_ticket(ACQUIRE_S())))
5079 return 0;
5080
5081 return 1;
5082 }
5083
5084 static int check_got_session_ticket(struct helper *h, struct helper_local *hl)
5085 {
5086 if (!TEST_size_t_gt(new_session_count, 0))
5087 return 0;
5088
5089 return 1;
5090 }
5091
5092 static int check_idle_timeout(struct helper *h, struct helper_local *hl);
5093
5094 static const struct script_op script_78[] = {
5095 OP_C_SET_ALPN ("ossltest")
5096 OP_CHECK (setup_session, 0)
5097 OP_C_CONNECT_WAIT ()
5098
5099 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
5100
5101 OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
5102 OP_C_WRITE (a, "apple", 5)
5103
5104 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
5105 OP_S_READ_EXPECT (a, "apple", 5)
5106
5107 OP_S_WRITE (a, "orange", 6)
5108 OP_C_READ_EXPECT (a, "orange", 6)
5109
5110 OP_CHECK (trigger_late_session_ticket, 0)
5111
5112 OP_S_WRITE (a, "Strawberry", 10)
5113 OP_C_READ_EXPECT (a, "Strawberry", 10)
5114
5115 OP_CHECK (check_got_session_ticket, 0)
5116 OP_CHECK2 (check_idle_timeout,
5117 SSL_VALUE_CLASS_FEATURE_NEGOTIATED, 30000)
5118
5119 OP_END
5120 };
5121
5122 /* 79. Optimised FIN test */
5123 static const struct script_op script_79[] = {
5124 OP_C_SET_ALPN ("ossltest")
5125 OP_C_CONNECT_WAIT ()
5126 OP_C_WRITE_EX2 (DEFAULT, "apple", 5, SSL_WRITE_FLAG_CONCLUDE)
5127 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
5128 OP_S_READ_EXPECT (a, "apple", 5)
5129 OP_S_EXPECT_FIN (a)
5130 OP_S_WRITE (a, "orange", 6)
5131 OP_S_CONCLUDE (a)
5132 OP_C_READ_EXPECT (DEFAULT, "orange", 6)
5133 OP_C_EXPECT_FIN (DEFAULT)
5134 OP_END
5135 };
5136
5137 /* 80. Stateless reset detection test */
5138 static QUIC_STATELESS_RESET_TOKEN test_reset_token = {
5139 { 0xde, 0xad, 0xbe, 0xef, 0xde, 0xad, 0xbe, 0xef, 0xde, 0xad, 0xbe, 0xef,
5140 0xde, 0xad, 0xbe, 0xef }};
5141
5142 /*
5143 * Generate a packet in the following format:
5144 * https://www.rfc-editor.org/rfc/rfc9000.html#name-stateless-reset
5145 * Stateless Reset {
5146 * Fixed Bits (2): 1
5147 * Unpredictable bits (38..)
5148 * Stateless reset token (128)
5149 * }
5150 */
5151 static int script_80_send_stateless_reset(struct helper *h, QUIC_PKT_HDR *hdr,
5152 unsigned char *buf, size_t len)
5153 {
5154 unsigned char databuf[64];
5155
5156 if (h->inject_word1 == 0)
5157 return 1;
5158
5159 h->inject_word1 = 0;
5160
5161 fprintf(stderr, "Sending stateless reset\n");
5162
5163 RAND_bytes(databuf, 64);
5164 databuf[0] = 0x40;
5165 memcpy(&databuf[48], test_reset_token.token,
5166 sizeof(test_reset_token.token));
5167
5168 if (!TEST_int_eq(SSL_inject_net_dgram(h->c_conn, databuf, sizeof(databuf),
5169 NULL, h->s_net_bio_addr), 1))
5170 return 0;
5171
5172 return 1;
5173 }
5174
5175 static int script_80_gen_new_conn_id(struct helper *h, QUIC_PKT_HDR *hdr,
5176 unsigned char *buf, size_t len)
5177 {
5178 int rc = 0;
5179 size_t l;
5180 unsigned char frame_buf[64];
5181 WPACKET wpkt;
5182 QUIC_CONN_ID new_cid = {0};
5183 OSSL_QUIC_FRAME_NEW_CONN_ID ncid = {0};
5184 QUIC_CHANNEL *ch = ossl_quic_tserver_get_channel(ACQUIRE_S_NOHL());
5185
5186 if (h->inject_word0 == 0)
5187 return 1;
5188
5189 h->inject_word0 = 0;
5190
5191 fprintf(stderr, "sending new conn id\n");
5192 if (!TEST_true(WPACKET_init_static_len(&wpkt, frame_buf,
5193 sizeof(frame_buf), 0)))
5194 return 0;
5195
5196 ossl_quic_channel_get_diag_local_cid(ch, &new_cid);
5197
5198 ncid.seq_num = 2;
5199 ncid.retire_prior_to = 2;
5200 ncid.conn_id = new_cid;
5201 memcpy(ncid.stateless_reset.token, test_reset_token.token,
5202 sizeof(test_reset_token.token));
5203
5204 if (!TEST_true(ossl_quic_wire_encode_frame_new_conn_id(&wpkt, &ncid)))
5205 goto err;
5206
5207 if (!TEST_true(WPACKET_get_total_written(&wpkt, &l)))
5208 goto err;
5209
5210 if (!qtest_fault_prepend_frame(h->qtf, frame_buf, l))
5211 goto err;
5212
5213 rc = 1;
5214 err:
5215 if (rc)
5216 WPACKET_finish(&wpkt);
5217 else
5218 WPACKET_cleanup(&wpkt);
5219
5220 return rc;
5221 }
5222
5223 static int script_80_inject_pkt(struct helper *h, QUIC_PKT_HDR *hdr,
5224 unsigned char *buf, size_t len)
5225 {
5226 if (h->inject_word1 == 1)
5227 return script_80_send_stateless_reset(h, hdr, buf, len);
5228 else if (h->inject_word0 == 1)
5229 return script_80_gen_new_conn_id(h, hdr, buf, len);
5230
5231 return 1;
5232 }
5233
5234 static const struct script_op script_80[] = {
5235 OP_S_SET_INJECT_PLAIN (script_80_inject_pkt)
5236 OP_C_SET_ALPN ("ossltest")
5237 OP_C_CONNECT_WAIT ()
5238 OP_C_WRITE (DEFAULT, "apple", 5)
5239 OP_C_CONCLUDE (DEFAULT)
5240 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
5241 OP_S_READ_EXPECT (a, "apple", 5)
5242 OP_SET_INJECT_WORD (1, 0)
5243 OP_S_WRITE (a, "apple", 5)
5244 OP_C_READ_EXPECT (DEFAULT, "apple", 5)
5245 OP_SET_INJECT_WORD (0, 1)
5246 OP_S_WRITE (a, "apple", 5)
5247 OP_C_EXPECT_CONN_CLOSE_INFO (0, 0, 1)
5248 OP_END
5249 };
5250
5251 /* 81. Idle timeout configuration */
5252 static int modify_idle_timeout(struct helper *h, struct helper_local *hl)
5253 {
5254 uint64_t v = 0;
5255
5256 /* Test bad value is rejected. */
5257 if (!TEST_false(SSL_set_feature_request_uint(h->c_conn,
5258 SSL_VALUE_QUIC_IDLE_TIMEOUT,
5259 (1ULL << 62))))
5260 return 0;
5261
5262 /* Set value. */
5263 if (!TEST_true(SSL_set_feature_request_uint(h->c_conn,
5264 SSL_VALUE_QUIC_IDLE_TIMEOUT,
5265 hl->check_op->arg2)))
5266 return 0;
5267
5268 if (!TEST_true(SSL_get_feature_request_uint(h->c_conn,
5269 SSL_VALUE_QUIC_IDLE_TIMEOUT,
5270 &v)))
5271 return 0;
5272
5273 if (!TEST_uint64_t_eq(v, hl->check_op->arg2))
5274 return 0;
5275
5276 return 1;
5277 }
5278
5279 static int check_idle_timeout(struct helper *h, struct helper_local *hl)
5280 {
5281 uint64_t v = 0;
5282
5283 if (!TEST_true(SSL_get_value_uint(h->c_conn, hl->check_op->arg1,
5284 SSL_VALUE_QUIC_IDLE_TIMEOUT,
5285 &v)))
5286 return 0;
5287
5288 if (!TEST_uint64_t_eq(v, hl->check_op->arg2))
5289 return 0;
5290
5291 return 1;
5292 }
5293
5294 static const struct script_op script_81[] = {
5295 OP_C_SET_ALPN ("ossltest")
5296 OP_CHECK (modify_idle_timeout, 25000)
5297 OP_C_CONNECT_WAIT ()
5298
5299 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
5300
5301 OP_CHECK2 (check_idle_timeout,
5302 SSL_VALUE_CLASS_FEATURE_PEER_REQUEST, 30000)
5303 OP_CHECK2 (check_idle_timeout,
5304 SSL_VALUE_CLASS_FEATURE_NEGOTIATED, 25000)
5305
5306 OP_END
5307 };
5308
5309 /* 82. Negotiated default idle timeout if not configured */
5310 static const struct script_op script_82[] = {
5311 OP_C_SET_ALPN ("ossltest")
5312 OP_C_CONNECT_WAIT ()
5313
5314 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
5315
5316 OP_CHECK2 (check_idle_timeout,
5317 SSL_VALUE_CLASS_FEATURE_PEER_REQUEST, 30000)
5318 OP_CHECK2 (check_idle_timeout,
5319 SSL_VALUE_CLASS_FEATURE_NEGOTIATED, 30000)
5320
5321 OP_END
5322 };
5323
5324 /* 83. No late changes to idle timeout */
5325 static int cannot_change_idle_timeout(struct helper *h, struct helper_local *hl)
5326 {
5327 uint64_t v = 0;
5328
5329 if (!TEST_true(SSL_get_feature_request_uint(h->c_conn,
5330 SSL_VALUE_QUIC_IDLE_TIMEOUT,
5331 &v)))
5332 return 0;
5333
5334 if (!TEST_uint64_t_eq(v, 30000))
5335 return 0;
5336
5337 if (!TEST_false(SSL_set_feature_request_uint(h->c_conn,
5338 SSL_VALUE_QUIC_IDLE_TIMEOUT,
5339 5000)))
5340 return 0;
5341
5342 return 1;
5343 }
5344
5345 static const struct script_op script_83[] = {
5346 OP_C_SET_ALPN ("ossltest")
5347 OP_C_CONNECT_WAIT ()
5348
5349 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
5350
5351 OP_CHECK (cannot_change_idle_timeout, 0)
5352 OP_CHECK2 (check_idle_timeout,
5353 SSL_VALUE_CLASS_FEATURE_PEER_REQUEST, 30000)
5354 OP_CHECK2 (check_idle_timeout,
5355 SSL_VALUE_CLASS_FEATURE_NEGOTIATED, 30000)
5356
5357 OP_END
5358 };
5359
5360 /* 84. Test query of available streams */
5361 static int check_avail_streams(struct helper *h, struct helper_local *hl)
5362 {
5363 uint64_t v = 0;
5364
5365 switch (hl->check_op->arg1) {
5366 case 0:
5367 if (!TEST_true(SSL_get_quic_stream_bidi_local_avail(h->c_conn, &v)))
5368 return 0;
5369 break;
5370 case 1:
5371 if (!TEST_true(SSL_get_quic_stream_bidi_remote_avail(h->c_conn, &v)))
5372 return 0;
5373 break;
5374 case 2:
5375 if (!TEST_true(SSL_get_quic_stream_uni_local_avail(h->c_conn, &v)))
5376 return 0;
5377 break;
5378 case 3:
5379 if (!TEST_true(SSL_get_quic_stream_uni_remote_avail(h->c_conn, &v)))
5380 return 0;
5381 break;
5382 default:
5383 return 0;
5384 }
5385
5386 if (!TEST_uint64_t_eq(v, hl->check_op->arg2))
5387 return 0;
5388
5389 return 1;
5390 }
5391
5392 static int set_event_handling_mode_conn(struct helper *h, struct helper_local *hl);
5393 static int reenable_test_event_handling(struct helper *h, struct helper_local *hl);
5394
5395 static int check_write_buf_stat(struct helper *h, struct helper_local *hl)
5396 {
5397 SSL *c_a;
5398 uint64_t size, used, avail;
5399
5400 if (!TEST_ptr(c_a = helper_local_get_c_stream(hl, "a")))
5401 return 0;
5402
5403 if (!TEST_true(SSL_get_stream_write_buf_size(c_a, &size))
5404 || !TEST_true(SSL_get_stream_write_buf_used(c_a, &used))
5405 || !TEST_true(SSL_get_stream_write_buf_avail(c_a, &avail))
5406 || !TEST_uint64_t_ge(size, avail)
5407 || !TEST_uint64_t_ge(size, used)
5408 || !TEST_uint64_t_eq(avail + used, size))
5409 return 0;
5410
5411 if (!TEST_uint64_t_eq(used, hl->check_op->arg1))
5412 return 0;
5413
5414 return 1;
5415 }
5416
5417 static const struct script_op script_84[] = {
5418 OP_C_SET_ALPN ("ossltest")
5419 OP_C_CONNECT_WAIT ()
5420
5421 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
5422
5423 OP_CHECK2 (check_avail_streams, 0, 100)
5424 OP_CHECK2 (check_avail_streams, 1, 100)
5425 OP_CHECK2 (check_avail_streams, 2, 100)
5426 OP_CHECK2 (check_avail_streams, 3, 100)
5427
5428 OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
5429
5430 OP_CHECK2 (check_avail_streams, 0, 99)
5431 OP_CHECK2 (check_avail_streams, 1, 100)
5432 OP_CHECK2 (check_avail_streams, 2, 100)
5433 OP_CHECK2 (check_avail_streams, 3, 100)
5434
5435 OP_C_NEW_STREAM_UNI (b, C_UNI_ID(0))
5436
5437 OP_CHECK2 (check_avail_streams, 0, 99)
5438 OP_CHECK2 (check_avail_streams, 1, 100)
5439 OP_CHECK2 (check_avail_streams, 2, 99)
5440 OP_CHECK2 (check_avail_streams, 3, 100)
5441
5442 OP_S_NEW_STREAM_BIDI (c, S_BIDI_ID(0))
5443 OP_S_WRITE (c, "x", 1)
5444
5445 OP_C_ACCEPT_STREAM_WAIT (c)
5446 OP_C_READ_EXPECT (c, "x", 1)
5447
5448 OP_CHECK2 (check_avail_streams, 0, 99)
5449 OP_CHECK2 (check_avail_streams, 1, 99)
5450 OP_CHECK2 (check_avail_streams, 2, 99)
5451 OP_CHECK2 (check_avail_streams, 3, 100)
5452
5453 OP_S_NEW_STREAM_UNI (d, S_UNI_ID(0))
5454 OP_S_WRITE (d, "x", 1)
5455
5456 OP_C_ACCEPT_STREAM_WAIT (d)
5457 OP_C_READ_EXPECT (d, "x", 1)
5458
5459 OP_CHECK2 (check_avail_streams, 0, 99)
5460 OP_CHECK2 (check_avail_streams, 1, 99)
5461 OP_CHECK2 (check_avail_streams, 2, 99)
5462 OP_CHECK2 (check_avail_streams, 3, 99)
5463
5464 OP_CHECK2 (check_write_buf_stat, 0, 0)
5465 OP_CHECK (set_event_handling_mode_conn,
5466 SSL_VALUE_EVENT_HANDLING_MODE_EXPLICIT)
5467 OP_C_WRITE (a, "apple", 5)
5468 OP_CHECK2 (check_write_buf_stat, 5, 0)
5469
5470 OP_CHECK (reenable_test_event_handling, 0)
5471
5472 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
5473 OP_S_READ_EXPECT (a, "apple", 5)
5474 OP_S_WRITE (a, "orange", 6)
5475 OP_C_READ_EXPECT (a, "orange", 6)
5476 OP_CHECK2 (check_write_buf_stat, 0, 0)
5477
5478 OP_END
5479 };
5480
5481 /* 85. Test SSL_poll (lite, non-blocking) */
5482 ossl_unused static int script_85_poll(struct helper *h, struct helper_local *hl)
5483 {
5484 int ok = 1, ret, expected_ret = 1;
5485 static const struct timeval timeout = {0};
5486 static const struct timeval nz_timeout = {0, 1};
5487 size_t result_count, expected_result_count = 0;
5488 SSL_POLL_ITEM items[5] = {0}, *item = items;
5489 SSL *c_a, *c_b, *c_c, *c_d;
5490 size_t i;
5491 uint64_t mode, expected_revents[5] = {0};
5492
5493 if (!TEST_ptr(c_a = helper_local_get_c_stream(hl, "a"))
5494 || !TEST_ptr(c_b = helper_local_get_c_stream(hl, "b"))
5495 || !TEST_ptr(c_c = helper_local_get_c_stream(hl, "c"))
5496 || !TEST_ptr(c_d = helper_local_get_c_stream(hl, "d")))
5497 return 0;
5498
5499 item->desc = SSL_as_poll_descriptor(c_a);
5500 item->events = UINT64_MAX;
5501 item->revents = UINT64_MAX;
5502 ++item;
5503
5504 item->desc = SSL_as_poll_descriptor(c_b);
5505 item->events = UINT64_MAX;
5506 item->revents = UINT64_MAX;
5507 ++item;
5508
5509 item->desc = SSL_as_poll_descriptor(c_c);
5510 item->events = UINT64_MAX;
5511 item->revents = UINT64_MAX;
5512 ++item;
5513
5514 item->desc = SSL_as_poll_descriptor(c_d);
5515 item->events = UINT64_MAX;
5516 item->revents = UINT64_MAX;
5517 ++item;
5518
5519 item->desc = SSL_as_poll_descriptor(h->c_conn);
5520 item->events = UINT64_MAX;
5521 item->revents = UINT64_MAX;
5522 ++item;
5523
5524 /* Non-zero timeout is not supported. */
5525 result_count = SIZE_MAX;
5526 ERR_set_mark();
5527 if (!TEST_false(SSL_poll(items, OSSL_NELEM(items), sizeof(SSL_POLL_ITEM),
5528 &nz_timeout, 0,
5529 &result_count))
5530 || !TEST_size_t_eq(result_count, 0))
5531 return 0;
5532
5533 ERR_pop_to_mark();
5534 result_count = SIZE_MAX;
5535 ret = SSL_poll(items, OSSL_NELEM(items), sizeof(SSL_POLL_ITEM),
5536 &timeout, 0,
5537 &result_count);
5538
5539 mode = hl->check_op->arg2;
5540 switch (mode) {
5541 case 0:
5542 /* No incoming data yet */
5543 expected_revents[0] = SSL_POLL_EVENT_W;
5544 expected_revents[1] = SSL_POLL_EVENT_W;
5545 expected_revents[2] = SSL_POLL_EVENT_W;
5546 expected_revents[3] = SSL_POLL_EVENT_W;
5547 expected_revents[4] = SSL_POLL_EVENT_OS;
5548 expected_result_count = 5;
5549 break;
5550 case 1:
5551 /* Expect more events */
5552 expected_revents[0] = SSL_POLL_EVENT_W | SSL_POLL_EVENT_R;
5553 expected_revents[1] = SSL_POLL_EVENT_W | SSL_POLL_EVENT_ER;
5554 expected_revents[2] = SSL_POLL_EVENT_EW;
5555 expected_revents[3] = SSL_POLL_EVENT_W;
5556 expected_revents[4] = SSL_POLL_EVENT_OS | SSL_POLL_EVENT_ISB;
5557 expected_result_count = 5;
5558 break;
5559 default:
5560 return 0;
5561 }
5562
5563 if (!TEST_int_eq(ret, expected_ret)
5564 || !TEST_size_t_eq(result_count, expected_result_count))
5565 ok = 0;
5566
5567 for (i = 0; i < OSSL_NELEM(items); ++i)
5568 if (!TEST_uint64_t_eq(items[i].revents, expected_revents[i])) {
5569 TEST_error("mismatch at index %zu in poll results, mode %d",
5570 i, (int)mode);
5571 ok = 0;
5572 }
5573
5574 return ok;
5575 }
5576
5577 static const struct script_op script_85[] = {
5578 OP_C_SET_ALPN ("ossltest")
5579 OP_C_CONNECT_WAIT ()
5580
5581 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
5582
5583 OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
5584 OP_C_WRITE (a, "flamingo", 8)
5585
5586 OP_C_NEW_STREAM_BIDI (b, C_BIDI_ID(1))
5587 OP_C_WRITE (b, "orange", 6)
5588
5589 OP_C_NEW_STREAM_BIDI (c, C_BIDI_ID(2))
5590 OP_C_WRITE (c, "Strawberry", 10)
5591
5592 OP_C_NEW_STREAM_BIDI (d, C_BIDI_ID(3))
5593 OP_C_WRITE (d, "sync", 4)
5594
5595 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
5596 OP_S_BIND_STREAM_ID (b, C_BIDI_ID(1))
5597 OP_S_BIND_STREAM_ID (c, C_BIDI_ID(2))
5598 OP_S_BIND_STREAM_ID (d, C_BIDI_ID(3))
5599
5600 /* Check nothing readable yet. */
5601 OP_CHECK (script_85_poll, 0)
5602
5603 /* Send something that will make client sockets readable. */
5604 OP_S_READ_EXPECT (a, "flamingo", 8)
5605 OP_S_WRITE (a, "herringbone", 11)
5606
5607 /* Send something that will make 'b' reset. */
5608 OP_S_SET_INJECT_PLAIN (script_28_inject_plain)
5609 OP_SET_INJECT_WORD (C_BIDI_ID(1) + 1, OSSL_QUIC_FRAME_TYPE_RESET_STREAM)
5610
5611 /* Ensure sync. */
5612 OP_S_READ_EXPECT (d, "sync", 4)
5613 OP_S_WRITE (d, "x", 1)
5614 OP_C_READ_EXPECT (d, "x", 1)
5615
5616 /* Send something that will make 'c' reset. */
5617 OP_S_SET_INJECT_PLAIN (script_28_inject_plain)
5618 OP_SET_INJECT_WORD (C_BIDI_ID(2) + 1, OSSL_QUIC_FRAME_TYPE_STOP_SENDING)
5619
5620 OP_S_NEW_STREAM_BIDI (z, S_BIDI_ID(0))
5621 OP_S_WRITE (z, "z", 1)
5622
5623 /* Ensure sync. */
5624 OP_S_WRITE (d, "x", 1)
5625 OP_C_READ_EXPECT (d, "x", 1)
5626
5627 /* Check a is now readable. */
5628 OP_CHECK (script_85_poll, 1)
5629
5630 OP_END
5631 };
5632
5633 /* 86. Event Handling Mode Configuration */
5634 static int set_event_handling_mode_conn(struct helper *h, struct helper_local *hl)
5635 {
5636 hl->explicit_event_handling = 1;
5637 return SSL_set_event_handling_mode(h->c_conn, hl->check_op->arg2);
5638 }
5639
5640 static int reenable_test_event_handling(struct helper *h, struct helper_local *hl)
5641 {
5642 hl->explicit_event_handling = 0;
5643 return 1;
5644 }
5645
5646 static ossl_unused int set_event_handling_mode_stream(struct helper *h, struct helper_local *hl)
5647 {
5648 SSL *ssl = helper_local_get_c_stream(hl, "a");
5649
5650 if (!TEST_ptr(ssl))
5651 return 0;
5652
5653 return SSL_set_event_handling_mode(ssl, hl->check_op->arg2);
5654 }
5655
5656 static const struct script_op script_86[] = {
5657 OP_SKIP_IF_BLOCKING (23)
5658
5659 OP_C_SET_ALPN ("ossltest")
5660 OP_C_CONNECT_WAIT ()
5661
5662 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
5663
5664 /* Turn on explicit handling mode. */
5665 OP_CHECK (set_event_handling_mode_conn,
5666 SSL_VALUE_EVENT_HANDLING_MODE_EXPLICIT)
5667
5668 /*
5669 * Create a new stream and write data. This won't get sent
5670 * to the network net because we are in explicit mode
5671 * and we haven't called SSL_handle_events().
5672 */
5673 OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
5674 OP_C_WRITE (a, "apple", 5)
5675
5676 /* Put connection back into implicit handling mode. */
5677 OP_CHECK (set_event_handling_mode_conn,
5678 SSL_VALUE_EVENT_HANDLING_MODE_IMPLICIT)
5679
5680 /* Override at stream level. */
5681 OP_CHECK (set_event_handling_mode_stream,
5682 SSL_VALUE_EVENT_HANDLING_MODE_EXPLICIT)
5683 OP_C_WRITE (a, "orange", 6)
5684 OP_C_CONCLUDE (a)
5685
5686 /*
5687 * Confirm the data isn't going to arrive. OP_SLEEP is always undesirable
5688 * but we have no reasonable way to synchronise on something not arriving
5689 * given all network traffic is essentially stopped and there are no other
5690 * signals arriving from the peer which could be used for synchronisation.
5691 * Slow OSes will pass this anyway (fail-open).
5692 */
5693 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
5694
5695 OP_BEGIN_REPEAT (20)
5696 OP_S_READ_FAIL (a, 1)
5697 OP_SLEEP (10)
5698 OP_END_REPEAT ()
5699
5700 /* Now let the data arrive and confirm it arrives. */
5701 OP_CHECK (reenable_test_event_handling, 0)
5702 OP_S_READ_EXPECT (a, "appleorange", 11)
5703 OP_S_EXPECT_FIN (a)
5704
5705 /* Back into explicit mode. */
5706 OP_CHECK (set_event_handling_mode_conn,
5707 SSL_VALUE_EVENT_HANDLING_MODE_EXPLICIT)
5708 OP_S_WRITE (a, "ok", 2)
5709 OP_C_READ_FAIL (a)
5710
5711 /* Works once event handling is done. */
5712 OP_CHECK (reenable_test_event_handling, 0)
5713 OP_C_READ_EXPECT (a, "ok", 2)
5714
5715 OP_END
5716 };
5717
5718 static const struct script_op *const scripts[] = {
5719 script_1,
5720 script_2,
5721 script_3,
5722 script_4,
5723 script_5,
5724 script_6,
5725 script_7,
5726 script_8,
5727 script_9,
5728 script_10,
5729 script_11,
5730 script_12,
5731 script_13,
5732 script_14,
5733 script_15,
5734 script_16,
5735 script_17,
5736 script_18,
5737 script_19,
5738 script_20,
5739 script_21,
5740 script_22,
5741 script_23,
5742 script_24,
5743 script_25,
5744 script_26,
5745 script_27,
5746 script_28,
5747 script_29,
5748 script_30,
5749 script_31,
5750 script_32,
5751 script_33,
5752 script_34,
5753 script_35,
5754 script_36,
5755 script_37,
5756 script_38,
5757 script_39,
5758 script_40,
5759 script_41,
5760 script_42,
5761 script_43,
5762 script_44,
5763 script_45,
5764 script_46,
5765 script_47,
5766 script_48,
5767 script_49,
5768 script_50,
5769 script_51,
5770 script_52,
5771 script_53,
5772 script_54,
5773 script_55,
5774 script_56,
5775 script_57,
5776 script_58,
5777 script_59,
5778 script_60,
5779 script_61,
5780 script_62,
5781 script_63,
5782 script_64,
5783 script_65,
5784 script_66,
5785 script_67,
5786 script_68,
5787 script_69,
5788 script_70,
5789 script_71,
5790 script_72,
5791 script_73,
5792 script_74,
5793 script_75,
5794 script_76,
5795 script_77,
5796 script_78,
5797 script_79,
5798 script_80,
5799 script_81,
5800 script_82,
5801 script_83,
5802 script_84,
5803 script_85,
5804 script_86
5805 };
5806
5807 static int test_script(int idx)
5808 {
5809 int script_idx, free_order, blocking;
5810 char script_name[64];
5811
5812 free_order = idx % 2;
5813 idx /= 2;
5814
5815 blocking = idx % 2;
5816 idx /= 2;
5817
5818 script_idx = idx;
5819
5820 if (blocking && free_order)
5821 return 1; /* don't need to test free_order twice */
5822
5823 #if !defined(OPENSSL_THREADS)
5824 if (blocking) {
5825 TEST_skip("cannot test in blocking mode without threads");
5826 return 1;
5827 }
5828 #endif
5829
5830 snprintf(script_name, sizeof(script_name), "script %d", script_idx + 1);
5831
5832 TEST_info("Running script %d (order=%d, blocking=%d)", script_idx + 1,
5833 free_order, blocking);
5834 return run_script(scripts[script_idx], script_name, free_order, blocking);
5835 }
5836
5837 /* Dynamically generated tests. */
5838 static struct script_op dyn_frame_types_script[] = {
5839 OP_S_SET_INJECT_PLAIN (script_21_inject_plain)
5840 OP_SET_INJECT_WORD (0, 0) /* dynamic */
5841
5842 OP_C_SET_ALPN ("ossltest")
5843 OP_C_CONNECT_WAIT_OR_FAIL()
5844
5845 OP_C_EXPECT_CONN_CLOSE_INFO(OSSL_QUIC_ERR_FRAME_ENCODING_ERROR,0,0)
5846
5847 OP_END
5848 };
5849
5850 struct forbidden_frame_type {
5851 uint64_t pkt_type, frame_type, expected_err;
5852 };
5853
5854 static const struct forbidden_frame_type forbidden_frame_types[] = {
5855 { QUIC_PKT_TYPE_INITIAL, OSSL_QUIC_VLINT_MAX, OSSL_QUIC_ERR_FRAME_ENCODING_ERROR },
5856 { QUIC_PKT_TYPE_HANDSHAKE, OSSL_QUIC_VLINT_MAX, OSSL_QUIC_ERR_FRAME_ENCODING_ERROR },
5857 { QUIC_PKT_TYPE_1RTT, OSSL_QUIC_VLINT_MAX, OSSL_QUIC_ERR_FRAME_ENCODING_ERROR },
5858
5859 { QUIC_PKT_TYPE_INITIAL, OSSL_QUIC_FRAME_TYPE_STREAM, OSSL_QUIC_ERR_PROTOCOL_VIOLATION },
5860 { QUIC_PKT_TYPE_INITIAL, OSSL_QUIC_FRAME_TYPE_RESET_STREAM, OSSL_QUIC_ERR_PROTOCOL_VIOLATION },
5861 { QUIC_PKT_TYPE_INITIAL, OSSL_QUIC_FRAME_TYPE_STOP_SENDING, OSSL_QUIC_ERR_PROTOCOL_VIOLATION },
5862 { QUIC_PKT_TYPE_INITIAL, OSSL_QUIC_FRAME_TYPE_NEW_TOKEN, OSSL_QUIC_ERR_PROTOCOL_VIOLATION },
5863 { QUIC_PKT_TYPE_INITIAL, OSSL_QUIC_FRAME_TYPE_MAX_DATA, OSSL_QUIC_ERR_PROTOCOL_VIOLATION },
5864 { QUIC_PKT_TYPE_INITIAL, OSSL_QUIC_FRAME_TYPE_MAX_STREAM_DATA, OSSL_QUIC_ERR_PROTOCOL_VIOLATION },
5865 { QUIC_PKT_TYPE_INITIAL, OSSL_QUIC_FRAME_TYPE_MAX_STREAMS_BIDI, OSSL_QUIC_ERR_PROTOCOL_VIOLATION },
5866 { QUIC_PKT_TYPE_INITIAL, OSSL_QUIC_FRAME_TYPE_MAX_STREAMS_UNI, OSSL_QUIC_ERR_PROTOCOL_VIOLATION },
5867 { QUIC_PKT_TYPE_INITIAL, OSSL_QUIC_FRAME_TYPE_DATA_BLOCKED, OSSL_QUIC_ERR_PROTOCOL_VIOLATION },
5868 { QUIC_PKT_TYPE_INITIAL, OSSL_QUIC_FRAME_TYPE_STREAM_DATA_BLOCKED, OSSL_QUIC_ERR_PROTOCOL_VIOLATION },
5869 { QUIC_PKT_TYPE_INITIAL, OSSL_QUIC_FRAME_TYPE_STREAMS_BLOCKED_BIDI, OSSL_QUIC_ERR_PROTOCOL_VIOLATION },
5870 { QUIC_PKT_TYPE_INITIAL, OSSL_QUIC_FRAME_TYPE_STREAMS_BLOCKED_UNI, OSSL_QUIC_ERR_PROTOCOL_VIOLATION },
5871 { QUIC_PKT_TYPE_INITIAL, OSSL_QUIC_FRAME_TYPE_NEW_CONN_ID, OSSL_QUIC_ERR_PROTOCOL_VIOLATION },
5872 { QUIC_PKT_TYPE_INITIAL, OSSL_QUIC_FRAME_TYPE_RETIRE_CONN_ID, OSSL_QUIC_ERR_PROTOCOL_VIOLATION },
5873 { QUIC_PKT_TYPE_INITIAL, OSSL_QUIC_FRAME_TYPE_PATH_CHALLENGE, OSSL_QUIC_ERR_PROTOCOL_VIOLATION },
5874 { QUIC_PKT_TYPE_INITIAL, OSSL_QUIC_FRAME_TYPE_PATH_RESPONSE, OSSL_QUIC_ERR_PROTOCOL_VIOLATION },
5875 { QUIC_PKT_TYPE_INITIAL, OSSL_QUIC_FRAME_TYPE_CONN_CLOSE_APP, OSSL_QUIC_ERR_PROTOCOL_VIOLATION },
5876 { QUIC_PKT_TYPE_INITIAL, OSSL_QUIC_FRAME_TYPE_HANDSHAKE_DONE, OSSL_QUIC_ERR_PROTOCOL_VIOLATION },
5877
5878 { QUIC_PKT_TYPE_HANDSHAKE, OSSL_QUIC_FRAME_TYPE_STREAM, OSSL_QUIC_ERR_PROTOCOL_VIOLATION },
5879 { QUIC_PKT_TYPE_HANDSHAKE, OSSL_QUIC_FRAME_TYPE_RESET_STREAM, OSSL_QUIC_ERR_PROTOCOL_VIOLATION },
5880 { QUIC_PKT_TYPE_HANDSHAKE, OSSL_QUIC_FRAME_TYPE_STOP_SENDING, OSSL_QUIC_ERR_PROTOCOL_VIOLATION },
5881 { QUIC_PKT_TYPE_HANDSHAKE, OSSL_QUIC_FRAME_TYPE_NEW_TOKEN, OSSL_QUIC_ERR_PROTOCOL_VIOLATION },
5882 { QUIC_PKT_TYPE_HANDSHAKE, OSSL_QUIC_FRAME_TYPE_MAX_DATA, OSSL_QUIC_ERR_PROTOCOL_VIOLATION },
5883 { QUIC_PKT_TYPE_HANDSHAKE, OSSL_QUIC_FRAME_TYPE_MAX_STREAM_DATA, OSSL_QUIC_ERR_PROTOCOL_VIOLATION },
5884 { QUIC_PKT_TYPE_HANDSHAKE, OSSL_QUIC_FRAME_TYPE_MAX_STREAMS_BIDI, OSSL_QUIC_ERR_PROTOCOL_VIOLATION },
5885 { QUIC_PKT_TYPE_HANDSHAKE, OSSL_QUIC_FRAME_TYPE_MAX_STREAMS_UNI, OSSL_QUIC_ERR_PROTOCOL_VIOLATION },
5886 { QUIC_PKT_TYPE_HANDSHAKE, OSSL_QUIC_FRAME_TYPE_DATA_BLOCKED, OSSL_QUIC_ERR_PROTOCOL_VIOLATION },
5887 { QUIC_PKT_TYPE_HANDSHAKE, OSSL_QUIC_FRAME_TYPE_STREAM_DATA_BLOCKED, OSSL_QUIC_ERR_PROTOCOL_VIOLATION },
5888 { QUIC_PKT_TYPE_HANDSHAKE, OSSL_QUIC_FRAME_TYPE_STREAMS_BLOCKED_BIDI, OSSL_QUIC_ERR_PROTOCOL_VIOLATION },
5889 { QUIC_PKT_TYPE_HANDSHAKE, OSSL_QUIC_FRAME_TYPE_STREAMS_BLOCKED_UNI, OSSL_QUIC_ERR_PROTOCOL_VIOLATION },
5890 { QUIC_PKT_TYPE_HANDSHAKE, OSSL_QUIC_FRAME_TYPE_NEW_CONN_ID, OSSL_QUIC_ERR_PROTOCOL_VIOLATION },
5891 { QUIC_PKT_TYPE_HANDSHAKE, OSSL_QUIC_FRAME_TYPE_RETIRE_CONN_ID, OSSL_QUIC_ERR_PROTOCOL_VIOLATION },
5892 { QUIC_PKT_TYPE_HANDSHAKE, OSSL_QUIC_FRAME_TYPE_PATH_CHALLENGE, OSSL_QUIC_ERR_PROTOCOL_VIOLATION },
5893 { QUIC_PKT_TYPE_HANDSHAKE, OSSL_QUIC_FRAME_TYPE_PATH_RESPONSE, OSSL_QUIC_ERR_PROTOCOL_VIOLATION },
5894 { QUIC_PKT_TYPE_HANDSHAKE, OSSL_QUIC_FRAME_TYPE_CONN_CLOSE_APP, OSSL_QUIC_ERR_PROTOCOL_VIOLATION },
5895 { QUIC_PKT_TYPE_HANDSHAKE, OSSL_QUIC_FRAME_TYPE_HANDSHAKE_DONE, OSSL_QUIC_ERR_PROTOCOL_VIOLATION },
5896
5897 /* Client uses a zero-length CID so this is not allowed. */
5898 { QUIC_PKT_TYPE_1RTT, OSSL_QUIC_FRAME_TYPE_RETIRE_CONN_ID, OSSL_QUIC_ERR_PROTOCOL_VIOLATION },
5899 };
5900
5901 static ossl_unused int test_dyn_frame_types(int idx)
5902 {
5903 size_t i;
5904 char script_name[64];
5905 struct script_op *s = dyn_frame_types_script;
5906
5907 for (i = 0; i < OSSL_NELEM(dyn_frame_types_script); ++i)
5908 if (s[i].op == OPK_SET_INJECT_WORD) {
5909 s[i].arg1 = (size_t)forbidden_frame_types[idx].pkt_type;
5910 s[i].arg2 = forbidden_frame_types[idx].frame_type;
5911 } else if (s[i].op == OPK_C_EXPECT_CONN_CLOSE_INFO) {
5912 s[i].arg2 = forbidden_frame_types[idx].expected_err;
5913 }
5914
5915 snprintf(script_name, sizeof(script_name),
5916 "dyn script %d", idx);
5917
5918 return run_script(dyn_frame_types_script, script_name, 0, 0);
5919 }
5920
5921 OPT_TEST_DECLARE_USAGE("certfile privkeyfile\n")
5922
5923 int setup_tests(void)
5924 {
5925 if (!test_skip_common_options()) {
5926 TEST_error("Error parsing test options\n");
5927 return 0;
5928 }
5929
5930 if (!TEST_ptr(certfile = test_get_argument(0))
5931 || !TEST_ptr(keyfile = test_get_argument(1)))
5932 return 0;
5933
5934 ADD_ALL_TESTS(test_dyn_frame_types, OSSL_NELEM(forbidden_frame_types));
5935 ADD_ALL_TESTS(test_script, OSSL_NELEM(scripts) * 2 * 2);
5936 return 1;
5937 }
A mirror of the official openssl repository