2 * Copyright 2022-2023 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
13 #include <openssl/opensslconf.h>
14 #include <openssl/quic.h>
15 #include <openssl/rand.h>
17 #include "helpers/ssltestlib.h"
18 #include "helpers/quictestlib.h"
20 #include "testutil/output.h"
21 #include "../ssl/ssl_local.h"
22 #include "internal/quic_error.h"
24 static OSSL_LIB_CTX
*libctx
= NULL
;
25 static OSSL_PROVIDER
*defctxnull
= NULL
;
26 static char *certsdir
= NULL
;
27 static char *cert
= NULL
;
28 static char *ccert
= NULL
;
29 static char *cauthca
= NULL
;
30 static char *privkey
= NULL
;
31 static char *cprivkey
= NULL
;
32 static char *datadir
= NULL
;
34 static int is_fips
= 0;
36 /* The ssltrace test assumes some options are switched on/off */
37 #if !defined(OPENSSL_NO_SSL_TRACE) \
38 && defined(OPENSSL_NO_BROTLI) && defined(OPENSSL_NO_ZSTD) \
39 && !defined(OPENSSL_NO_ECX) && !defined(OPENSSL_NO_DH)
40 # define DO_SSL_TRACE_TEST
44 * Test that we read what we've written.
45 * Test 0: Non-blocking
47 * Test 2: Blocking, introduce socket error, test error handling.
49 static int test_quic_write_read(int idx
)
51 SSL_CTX
*cctx
= SSL_CTX_new_ex(libctx
, NULL
, OSSL_QUIC_client_method());
53 SSL
*clientquic
= NULL
;
54 QUIC_TSERVER
*qtserv
= NULL
;
56 unsigned char buf
[20];
57 static char *msg
= "A test message";
58 size_t msglen
= strlen(msg
);
60 int ssock
= 0, csock
= 0;
61 uint64_t sid
= UINT64_MAX
;
62 SSL_SESSION
*sess
= NULL
;
64 if (idx
>= 1 && !qtest_supports_blocking())
65 return TEST_skip("Blocking tests not supported in this build");
67 for (k
= 0; k
< 2; k
++) {
69 || !TEST_true(qtest_create_quic_objects(libctx
, cctx
, sctx
,
76 || !TEST_true(SSL_set_tlsext_host_name(clientquic
, "localhost")))
79 if (sess
!= NULL
&& !TEST_true(SSL_set_session(clientquic
, sess
)))
82 if (!TEST_true(qtest_create_quic_connection(qtserv
, clientquic
)))
86 if (!TEST_true(BIO_get_fd(ossl_quic_tserver_get0_rbio(qtserv
),
89 if (!TEST_int_gt(csock
= SSL_get_rfd(clientquic
), 0))
93 sid
= 0; /* client-initiated bidirectional stream */
95 for (j
= 0; j
< 2; j
++) {
96 /* Check that sending and receiving app data is ok */
97 if (!TEST_true(SSL_write_ex(clientquic
, msg
, msglen
, &numbytes
))
98 || !TEST_size_t_eq(numbytes
, msglen
))
102 if (!TEST_true(wait_until_sock_readable(ssock
)))
105 ossl_quic_tserver_tick(qtserv
);
107 if (!TEST_true(ossl_quic_tserver_read(qtserv
, sid
, buf
,
111 } while (numbytes
== 0);
113 if (!TEST_mem_eq(buf
, numbytes
, msg
, msglen
))
117 if (idx
>= 2 && j
> 0)
118 /* Introduce permanent socket error */
119 BIO_closesocket(csock
);
121 ossl_quic_tserver_tick(qtserv
);
122 if (!TEST_true(ossl_quic_tserver_write(qtserv
, sid
,
123 (unsigned char *)msg
,
126 ossl_quic_tserver_tick(qtserv
);
127 SSL_handle_events(clientquic
);
129 if (idx
>= 2 && j
> 0) {
130 if (!TEST_false(SSL_read_ex(clientquic
, buf
, 1, &numbytes
))
131 || !TEST_int_eq(SSL_get_error(clientquic
, 0),
133 || !TEST_false(SSL_write_ex(clientquic
, msg
, msglen
,
135 || !TEST_int_eq(SSL_get_error(clientquic
, 0),
142 * In blocking mode the SSL_read_ex call will block until the socket
143 * is readable and has our data. In non-blocking mode we're doing
144 * everything in memory, so it should be immediately available
146 if (!TEST_true(SSL_read_ex(clientquic
, buf
, 1, &numbytes
))
147 || !TEST_size_t_eq(numbytes
, 1)
148 || !TEST_true(SSL_has_pending(clientquic
))
149 || !TEST_int_eq(SSL_pending(clientquic
), msglen
- 1)
150 || !TEST_true(SSL_read_ex(clientquic
, buf
+ 1,
151 sizeof(buf
) - 1, &numbytes
))
152 || !TEST_mem_eq(buf
, numbytes
+ 1, msg
, msglen
))
157 /* We didn't supply a session so we're not expecting resumption */
158 if (!TEST_false(SSL_session_reused(clientquic
)))
160 /* We should have a session ticket by now */
161 sess
= SSL_get1_session(clientquic
);
165 /* We supplied a session so we should have resumed */
166 if (!TEST_true(SSL_session_reused(clientquic
)))
170 if (!TEST_true(qtest_shutdown(qtserv
, clientquic
)))
174 sctx
= ossl_quic_tserver_get0_ssl_ctx(qtserv
);
175 if (!TEST_true(SSL_CTX_up_ref(sctx
))) {
180 ossl_quic_tserver_free(qtserv
);
182 SSL_free(clientquic
);
192 SSL_SESSION_free(sess
);
193 ossl_quic_tserver_free(qtserv
);
194 SSL_free(clientquic
);
202 * Test that sending FIN with no data to a client blocking in SSL_read_ex() will
203 * wake up the client.
205 static int test_fin_only_blocking(void)
207 SSL_CTX
*cctx
= SSL_CTX_new_ex(libctx
, NULL
, OSSL_QUIC_client_method());
208 SSL_CTX
*sctx
= NULL
;
209 SSL
*clientquic
= NULL
;
210 QUIC_TSERVER
*qtserv
= NULL
;
211 const char *msg
= "Hello World";
214 unsigned char buf
[32];
216 OSSL_TIME timer
, timediff
;
218 if (!qtest_supports_blocking())
219 return TEST_skip("Blocking tests not supported in this build");
222 || !TEST_true(qtest_create_quic_objects(libctx
, cctx
, sctx
,
225 &qtserv
, &clientquic
,
227 || !TEST_true(SSL_set_tlsext_host_name(clientquic
, "localhost")))
230 if (!TEST_true(qtest_create_quic_connection(qtserv
, clientquic
)))
233 if (!TEST_true(ossl_quic_tserver_stream_new(qtserv
, 0, &sid
))
234 || !TEST_true(ossl_quic_tserver_write(qtserv
, sid
,
235 (unsigned char *)msg
,
236 strlen(msg
), &numbytes
))
237 || !TEST_size_t_eq(strlen(msg
), numbytes
))
240 ossl_quic_tserver_tick(qtserv
);
242 if (!TEST_true(SSL_read_ex(clientquic
, buf
, sizeof(buf
), &numbytes
))
243 || !TEST_mem_eq(msg
, strlen(msg
), buf
, numbytes
))
248 if (!TEST_true(ossl_quic_tserver_conclude(qtserv
, sid
)))
251 timer
= ossl_time_now();
252 if (!TEST_false(SSL_read_ex(clientquic
, buf
, sizeof(buf
), &numbytes
)))
254 timediff
= ossl_time_subtract(ossl_time_now(), timer
);
256 if (!TEST_int_eq(SSL_get_error(clientquic
, 0), SSL_ERROR_ZERO_RETURN
)
258 * We expect the SSL_read_ex to not have blocked so this should
259 * be very fast. 20ms should be plenty.
261 || !TEST_uint64_t_le(ossl_time2ms(timediff
), 20))
264 if (!TEST_true(qtest_shutdown(qtserv
, clientquic
)))
270 ossl_quic_tserver_free(qtserv
);
271 SSL_free(clientquic
);
278 /* Test that a vanilla QUIC SSL object has the expected ciphersuites available */
279 static int test_ciphersuites(void)
281 SSL_CTX
*ctx
= SSL_CTX_new_ex(libctx
, NULL
, OSSL_QUIC_client_method());
284 const STACK_OF(SSL_CIPHER
) *ciphers
= NULL
;
285 const SSL_CIPHER
*cipher
;
286 /* We expect this exact list of ciphersuites by default */
288 TLS1_3_CK_AES_256_GCM_SHA384
,
289 #if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
290 TLS1_3_CK_CHACHA20_POLY1305_SHA256
,
292 TLS1_3_CK_AES_128_GCM_SHA256
303 ciphers
= SSL_get_ciphers(ssl
);
305 for (i
= 0, j
= 0; i
< OSSL_NELEM(cipherids
); i
++) {
306 if (cipherids
[i
] == TLS1_3_CK_CHACHA20_POLY1305_SHA256
&& is_fips
)
308 cipher
= sk_SSL_CIPHER_value(ciphers
, j
++);
309 if (!TEST_ptr(cipher
))
311 if (!TEST_uint_eq(SSL_CIPHER_get_id(cipher
), cipherids
[i
]))
315 /* We should have checked all the ciphers in the stack */
316 if (!TEST_int_eq(sk_SSL_CIPHER_num(ciphers
), j
))
327 static int test_cipher_find(void)
329 SSL_CTX
*cctx
= SSL_CTX_new_ex(libctx
, NULL
, OSSL_QUIC_client_method());
330 SSL
*clientquic
= NULL
;
332 const unsigned char *cipherbytes
;
335 { TLS13_AES_128_GCM_SHA256_BYTES
, 1 },
336 { TLS13_AES_256_GCM_SHA384_BYTES
, 1 },
337 { TLS13_CHACHA20_POLY1305_SHA256_BYTES
, 1 },
338 { TLS13_AES_128_CCM_SHA256_BYTES
, 0 },
339 { TLS13_AES_128_CCM_8_SHA256_BYTES
, 0 }
347 clientquic
= SSL_new(cctx
);
348 if (!TEST_ptr(clientquic
))
351 for (i
= 0; i
< OSSL_NELEM(testciphers
); i
++)
352 if (testciphers
[i
].ok
) {
353 if (!TEST_ptr(SSL_CIPHER_find(clientquic
,
354 testciphers
[i
].cipherbytes
)))
357 if (!TEST_ptr_null(SSL_CIPHER_find(clientquic
,
358 testciphers
[i
].cipherbytes
)))
364 SSL_free(clientquic
);
371 * Test that SSL_version, SSL_get_version, SSL_is_quic, SSL_is_tls and
372 * SSL_is_dtls return the expected results for a QUIC connection. Compare with
373 * test_version() in sslapitest.c which does the same thing for TLS/DTLS
376 static int test_version(void)
378 SSL_CTX
*cctx
= SSL_CTX_new_ex(libctx
, NULL
, OSSL_QUIC_client_method());
379 SSL
*clientquic
= NULL
;
380 QUIC_TSERVER
*qtserv
= NULL
;
384 || !TEST_true(qtest_create_quic_objects(libctx
, cctx
, NULL
, cert
,
386 &clientquic
, NULL
, NULL
))
387 || !TEST_true(qtest_create_quic_connection(qtserv
, clientquic
)))
390 if (!TEST_int_eq(SSL_version(clientquic
), OSSL_QUIC1_VERSION
)
391 || !TEST_str_eq(SSL_get_version(clientquic
), "QUICv1"))
394 if (!TEST_true(SSL_is_quic(clientquic
))
395 || !TEST_false(SSL_is_tls(clientquic
))
396 || !TEST_false(SSL_is_dtls(clientquic
)))
402 ossl_quic_tserver_free(qtserv
);
403 SSL_free(clientquic
);
409 #if defined(DO_SSL_TRACE_TEST)
410 static void strip_line_ends(char *str
)
414 for (i
= strlen(str
);
415 i
> 0 && (str
[i
- 1] == '\n' || str
[i
- 1] == '\r');
421 static int compare_with_file(BIO
*membio
)
423 BIO
*file
= NULL
, *newfile
= NULL
;
424 char buf1
[512], buf2
[512];
429 #ifdef OPENSSL_NO_ZLIB
430 reffile
= test_mk_file_path(datadir
, "ssltraceref.txt");
432 reffile
= test_mk_file_path(datadir
, "ssltraceref-zlib.txt");
434 if (!TEST_ptr(reffile
))
437 file
= BIO_new_file(reffile
, "rb");
441 newfile
= BIO_new_file("ssltraceref-new.txt", "wb");
442 if (!TEST_ptr(newfile
))
445 while (BIO_gets(membio
, buf2
, sizeof(buf2
)) > 0)
446 if (BIO_puts(newfile
, buf2
) <= 0) {
447 TEST_error("Failed writing new file data");
451 if (!TEST_int_ge(BIO_seek(membio
, 0), 0))
454 while (BIO_gets(file
, buf1
, sizeof(buf1
)) > 0) {
455 if (BIO_gets(membio
, buf2
, sizeof(buf2
)) <= 0) {
456 TEST_error("Failed reading mem data");
459 strip_line_ends(buf1
);
460 strip_line_ends(buf2
);
461 if (strlen(buf1
) != strlen(buf2
)) {
462 TEST_error("Actual and ref line data length mismatch");
463 TEST_info("%s", buf1
);
464 TEST_info("%s", buf2
);
467 for (i
= 0; i
< strlen(buf1
); i
++) {
468 /* '?' is a wild card character in the reference text */
472 if (!TEST_str_eq(buf1
, buf2
))
475 if (!TEST_true(BIO_eof(file
))
476 || !TEST_true(BIO_eof(membio
)))
481 OPENSSL_free(reffile
);
488 * Tests that the SSL_trace() msg_callback works as expected with a QUIC
489 * connection. This also provides testing of the msg_callback at the same time.
491 static int test_ssl_trace(void)
493 SSL_CTX
*cctx
= SSL_CTX_new_ex(libctx
, NULL
, OSSL_QUIC_client_method());
494 SSL
*clientquic
= NULL
;
495 QUIC_TSERVER
*qtserv
= NULL
;
497 BIO
*bio
= BIO_new(BIO_s_mem());
500 * Ensure we only configure ciphersuites that are available with both the
501 * default and fips providers to get the same output in both cases
503 if (!TEST_true(SSL_CTX_set_ciphersuites(cctx
, "TLS_AES_128_GCM_SHA256")))
508 || !TEST_true(qtest_create_quic_objects(libctx
, cctx
, NULL
, cert
,
510 QTEST_FLAG_FAKE_TIME
,
512 &clientquic
, NULL
, NULL
)))
515 SSL_set_msg_callback(clientquic
, SSL_trace
);
516 SSL_set_msg_callback_arg(clientquic
, bio
);
518 if (!TEST_true(qtest_create_quic_connection(qtserv
, clientquic
)))
521 if (!TEST_true(compare_with_file(bio
)))
526 ossl_quic_tserver_free(qtserv
);
527 SSL_free(clientquic
);
535 static int ensure_valid_ciphers(const STACK_OF(SSL_CIPHER
) *ciphers
)
539 /* Ensure ciphersuite list is suitably subsetted. */
540 for (i
= 0; i
< (size_t)sk_SSL_CIPHER_num(ciphers
); ++i
) {
541 const SSL_CIPHER
*cipher
= sk_SSL_CIPHER_value(ciphers
, i
);
542 switch (SSL_CIPHER_get_id(cipher
)) {
543 case TLS1_3_CK_AES_128_GCM_SHA256
:
544 case TLS1_3_CK_AES_256_GCM_SHA384
:
545 case TLS1_3_CK_CHACHA20_POLY1305_SHA256
:
548 TEST_error("forbidden cipher: %s", SSL_CIPHER_get_name(cipher
));
557 * Test that handshake-layer APIs which shouldn't work don't work with QUIC.
559 static int test_quic_forbidden_apis_ctx(void)
564 if (!TEST_ptr(ctx
= SSL_CTX_new_ex(libctx
, NULL
, OSSL_QUIC_client_method())))
567 #ifndef OPENSSL_NO_SRTP
568 /* This function returns 0 on success and 1 on error, and should fail. */
569 if (!TEST_true(SSL_CTX_set_tlsext_use_srtp(ctx
, "SRTP_AEAD_AES_128_GCM")))
574 * List of ciphersuites we do and don't allow in QUIC.
576 #define QUIC_CIPHERSUITES \
577 "TLS_AES_128_GCM_SHA256:" \
578 "TLS_AES_256_GCM_SHA384:" \
579 "TLS_CHACHA20_POLY1305_SHA256"
581 #define NON_QUIC_CIPHERSUITES \
582 "TLS_AES_128_CCM_SHA256:" \
583 "TLS_AES_256_CCM_SHA384:" \
584 "TLS_AES_128_CCM_8_SHA256"
586 /* Set TLSv1.3 ciphersuite list for the SSL_CTX. */
587 if (!TEST_true(SSL_CTX_set_ciphersuites(ctx
,
588 QUIC_CIPHERSUITES
":"
589 NON_QUIC_CIPHERSUITES
)))
593 * Forbidden ciphersuites should show up in SSL_CTX accessors, they are only
594 * filtered in SSL_get1_supported_ciphers, so we don't check for
595 * non-inclusion here.
604 static int test_quic_forbidden_apis(void)
609 STACK_OF(SSL_CIPHER
) *ciphers
= NULL
;
611 if (!TEST_ptr(ctx
= SSL_CTX_new_ex(libctx
, NULL
, OSSL_QUIC_client_method())))
614 if (!TEST_ptr(ssl
= SSL_new(ctx
)))
617 #ifndef OPENSSL_NO_SRTP
618 /* This function returns 0 on success and 1 on error, and should fail. */
619 if (!TEST_true(SSL_set_tlsext_use_srtp(ssl
, "SRTP_AEAD_AES_128_GCM")))
623 /* Set TLSv1.3 ciphersuite list for the SSL_CTX. */
624 if (!TEST_true(SSL_set_ciphersuites(ssl
,
625 QUIC_CIPHERSUITES
":"
626 NON_QUIC_CIPHERSUITES
)))
629 /* Non-QUIC ciphersuites must not appear in supported ciphers list. */
630 if (!TEST_ptr(ciphers
= SSL_get1_supported_ciphers(ssl
))
631 || !TEST_true(ensure_valid_ciphers(ciphers
)))
636 sk_SSL_CIPHER_free(ciphers
);
642 static int test_quic_forbidden_options(void)
650 if (!TEST_ptr(ctx
= SSL_CTX_new_ex(libctx
, NULL
, OSSL_QUIC_client_method())))
653 /* QUIC options restrictions do not affect SSL_CTX */
654 SSL_CTX_set_options(ctx
, UINT64_MAX
);
656 if (!TEST_uint64_t_eq(SSL_CTX_get_options(ctx
), UINT64_MAX
))
659 /* Set options on CTX which should not be inherited (tested below). */
660 SSL_CTX_set_read_ahead(ctx
, 1);
661 SSL_CTX_set_max_early_data(ctx
, 1);
662 SSL_CTX_set_recv_max_early_data(ctx
, 1);
663 SSL_CTX_set_quiet_shutdown(ctx
, 1);
665 if (!TEST_ptr(ssl
= SSL_new(ctx
)))
668 /* Only permitted options get transferred to SSL object */
669 if (!TEST_uint64_t_eq(SSL_get_options(ssl
), OSSL_QUIC_PERMITTED_OPTIONS
))
672 /* Try again using SSL_set_options */
673 SSL_set_options(ssl
, UINT64_MAX
);
675 if (!TEST_uint64_t_eq(SSL_get_options(ssl
), OSSL_QUIC_PERMITTED_OPTIONS
))
678 /* Clear everything */
679 SSL_clear_options(ssl
, UINT64_MAX
);
681 if (!TEST_uint64_t_eq(SSL_get_options(ssl
), 0))
685 if (!TEST_false(SSL_get_read_ahead(ssl
)))
688 SSL_set_read_ahead(ssl
, 1);
689 if (!TEST_false(SSL_get_read_ahead(ssl
)))
693 if (!TEST_true(SSL_set_block_padding(ssl
, 0))
694 || !TEST_true(SSL_set_block_padding(ssl
, 1))
695 || !TEST_false(SSL_set_block_padding(ssl
, 2)))
698 /* Max fragment length */
699 if (!TEST_true(SSL_set_tlsext_max_fragment_length(ssl
, TLSEXT_max_fragment_length_DISABLED
))
700 || !TEST_false(SSL_set_tlsext_max_fragment_length(ssl
, TLSEXT_max_fragment_length_512
)))
704 if (!TEST_false(SSL_set_recv_max_early_data(ssl
, 1))
705 || !TEST_false(SSL_set_max_early_data(ssl
, 1)))
709 if (!TEST_false(SSL_read_early_data(ssl
, buf
, sizeof(buf
), &len
))
710 || !TEST_false(SSL_write_early_data(ssl
, buf
, sizeof(buf
), &len
)))
713 /* Buffer Management */
714 if (!TEST_true(SSL_alloc_buffers(ssl
))
715 || !TEST_false(SSL_free_buffers(ssl
)))
719 if (!TEST_false(SSL_set_max_send_fragment(ssl
, 2))
720 || !TEST_false(SSL_set_split_send_fragment(ssl
, 2))
721 || !TEST_false(SSL_set_max_pipelines(ssl
, 2)))
725 if (!TEST_false(SSL_stateless(ssl
)))
729 if (!TEST_false(SSL_get_quiet_shutdown(ssl
)))
733 if (!TEST_ptr_null(SSL_dup(ssl
)))
737 if (!TEST_false(SSL_clear(ssl
)))
747 static int test_quic_set_fd(int idx
)
752 int fd
= -1, resfd
= -1;
755 if (!TEST_ptr(ctx
= SSL_CTX_new_ex(libctx
, NULL
, OSSL_QUIC_client_method())))
758 if (!TEST_ptr(ssl
= SSL_new(ctx
)))
761 if (!TEST_int_ge(fd
= BIO_socket(AF_INET
, SOCK_DGRAM
, IPPROTO_UDP
, 0), 0))
765 if (!TEST_true(SSL_set_fd(ssl
, fd
)))
767 if (!TEST_ptr(bio
= SSL_get_rbio(ssl
)))
769 if (!TEST_ptr_eq(bio
, SSL_get_wbio(ssl
)))
771 } else if (idx
== 1) {
772 if (!TEST_true(SSL_set_rfd(ssl
, fd
)))
774 if (!TEST_ptr(bio
= SSL_get_rbio(ssl
)))
776 if (!TEST_ptr_null(SSL_get_wbio(ssl
)))
779 if (!TEST_true(SSL_set_wfd(ssl
, fd
)))
781 if (!TEST_ptr(bio
= SSL_get_wbio(ssl
)))
783 if (!TEST_ptr_null(SSL_get_rbio(ssl
)))
787 if (!TEST_int_eq(BIO_method_type(bio
), BIO_TYPE_DGRAM
))
790 if (!TEST_true(BIO_get_fd(bio
, &resfd
))
791 || !TEST_int_eq(resfd
, fd
))
803 #define MAXLOOPS 1000
805 static int test_bio_ssl(void)
808 * We just use OSSL_QUIC_client_method() rather than
809 * OSSL_QUIC_client_thread_method(). We will never leave the connection idle
810 * so we will always be implicitly handling time events anyway via other
813 SSL_CTX
*cctx
= SSL_CTX_new_ex(libctx
, NULL
, OSSL_QUIC_client_method());
814 SSL
*clientquic
= NULL
, *stream
= NULL
;
815 QUIC_TSERVER
*qtserv
= NULL
;
817 BIO
*cbio
= NULL
, *strbio
= NULL
, *thisbio
;
818 const char *msg
= "Hello world";
819 int abortctr
= 0, err
, clienterr
= 0, servererr
= 0, retc
= 0, rets
= 0;
820 size_t written
, readbytes
, msglen
;
822 unsigned char buf
[80];
827 cbio
= BIO_new_ssl(cctx
, 1);
832 * We must configure the ALPN/peer address etc so we get the SSL object in
833 * order to pass it to qtest_create_quic_objects for configuration.
835 if (!TEST_int_eq(BIO_get_ssl(cbio
, &clientquic
), 1))
838 if (!TEST_true(qtest_create_quic_objects(libctx
, NULL
, NULL
, cert
, privkey
,
839 0, &qtserv
, &clientquic
, NULL
,
843 msglen
= strlen(msg
);
846 err
= BIO_FLAGS_WRITE
;
847 while (!clienterr
&& !retc
&& err
== BIO_FLAGS_WRITE
) {
848 retc
= BIO_write_ex(cbio
, msg
, msglen
, &written
);
850 if (BIO_should_retry(cbio
))
851 err
= BIO_retry_type(cbio
);
857 if (!clienterr
&& retc
<= 0 && err
!= BIO_FLAGS_READ
) {
858 TEST_info("BIO_write_ex() failed %d, %d", retc
, err
);
859 TEST_openssl_errors();
863 if (!servererr
&& rets
<= 0) {
864 ossl_quic_tserver_tick(qtserv
);
865 servererr
= ossl_quic_tserver_is_term_any(qtserv
);
867 rets
= ossl_quic_tserver_is_handshake_confirmed(qtserv
);
870 if (clienterr
&& servererr
)
873 if (++abortctr
== MAXLOOPS
) {
874 TEST_info("No progress made");
877 } while ((!retc
&& !clienterr
) || (rets
<= 0 && !servererr
));
880 * 2 loops: The first using the default stream, and the second using a new
881 * client initiated bidi stream.
883 for (i
= 0, thisbio
= cbio
; i
< 2; i
++) {
884 if (!TEST_true(ossl_quic_tserver_read(qtserv
, sid
, buf
, sizeof(buf
),
886 || !TEST_mem_eq(msg
, msglen
, buf
, readbytes
))
889 if (!TEST_true(ossl_quic_tserver_write(qtserv
, sid
, (unsigned char *)msg
,
892 ossl_quic_tserver_tick(qtserv
);
894 if (!TEST_true(BIO_read_ex(thisbio
, buf
, sizeof(buf
), &readbytes
))
895 || !TEST_mem_eq(msg
, msglen
, buf
, readbytes
))
902 * Now create a new stream and repeat. The bottom two bits of the stream
903 * id represents whether the stream is bidi and whether it is client
904 * initiated or not. For client initiated bidi they are both 0. So the
905 * first client initiated bidi stream is 0 and the next one is 4.
908 stream
= SSL_new_stream(clientquic
, 0);
909 if (!TEST_ptr(stream
))
912 thisbio
= strbio
= BIO_new(BIO_f_ssl());
913 if (!TEST_ptr(strbio
))
916 if (!TEST_int_eq(BIO_set_ssl(thisbio
, stream
, BIO_CLOSE
), 1))
920 if (!TEST_true(BIO_write_ex(thisbio
, msg
, msglen
, &written
)))
923 ossl_quic_tserver_tick(qtserv
);
929 BIO_free_all(strbio
);
931 ossl_quic_tserver_free(qtserv
);
937 #define BACK_PRESSURE_NUM_LOOPS 10000
939 * Test that sending data from the client to the server faster than the server
940 * can process it eventually results in back pressure on the client.
942 static int test_back_pressure(void)
944 SSL_CTX
*cctx
= SSL_CTX_new_ex(libctx
, NULL
, OSSL_QUIC_client_method());
945 SSL
*clientquic
= NULL
;
946 QUIC_TSERVER
*qtserv
= NULL
;
948 unsigned char *msg
= NULL
;
949 const size_t msglen
= 1024;
950 unsigned char buf
[64];
951 size_t readbytes
, written
;
955 || !TEST_true(qtest_create_quic_objects(libctx
, cctx
, NULL
, cert
,
957 &clientquic
, NULL
, NULL
))
958 || !TEST_true(qtest_create_quic_connection(qtserv
, clientquic
)))
961 msg
= OPENSSL_malloc(msglen
);
964 if (!TEST_int_eq(RAND_bytes_ex(libctx
, msg
, msglen
, 0), 1))
968 * Limit to 10000 loops. If we've not seen any back pressure after that
969 * we're going to run out of memory, so abort.
971 for (i
= 0; i
< BACK_PRESSURE_NUM_LOOPS
; i
++) {
972 /* Send data from the client */
973 if (!SSL_write_ex(clientquic
, msg
, msglen
, &written
)) {
974 /* Check if we are seeing back pressure */
975 if (SSL_get_error(clientquic
, 0) == SSL_ERROR_WANT_WRITE
)
977 TEST_error("Unexpected client failure");
981 /* Receive data at the server */
982 ossl_quic_tserver_tick(qtserv
);
983 if (!TEST_true(ossl_quic_tserver_read(qtserv
, 0, buf
, sizeof(buf
),
988 if (i
== BACK_PRESSURE_NUM_LOOPS
) {
989 TEST_error("No back pressure seen");
995 SSL_free(clientquic
);
996 ossl_quic_tserver_free(qtserv
);
1004 static int dgram_ctr
= 0;
1006 static void dgram_cb(int write_p
, int version
, int content_type
,
1007 const void *buf
, size_t msglen
, SSL
*ssl
, void *arg
)
1012 if (content_type
!= SSL3_RT_QUIC_DATAGRAM
)
1018 /* Test that we send multiple datagrams in one go when appropriate */
1019 static int test_multiple_dgrams(void)
1021 SSL_CTX
*cctx
= SSL_CTX_new_ex(libctx
, NULL
, OSSL_QUIC_client_method());
1022 SSL
*clientquic
= NULL
;
1023 QUIC_TSERVER
*qtserv
= NULL
;
1026 const size_t buflen
= 1400;
1029 buf
= OPENSSL_zalloc(buflen
);
1033 || !TEST_true(qtest_create_quic_objects(libctx
, cctx
, NULL
, cert
,
1034 privkey
, 0, &qtserv
,
1035 &clientquic
, NULL
, NULL
))
1036 || !TEST_true(qtest_create_quic_connection(qtserv
, clientquic
)))
1040 SSL_set_msg_callback(clientquic
, dgram_cb
);
1041 if (!TEST_true(SSL_write_ex(clientquic
, buf
, buflen
, &written
))
1042 || !TEST_size_t_eq(written
, buflen
)
1043 /* We wrote enough data for 2 datagrams */
1044 || !TEST_int_eq(dgram_ctr
, 2))
1050 SSL_free(clientquic
);
1051 ossl_quic_tserver_free(qtserv
);
1057 static int non_io_retry_cert_verify_cb(X509_STORE_CTX
*ctx
, void *arg
)
1059 int idx
= SSL_get_ex_data_X509_STORE_CTX_idx();
1061 const int *allow
= (int *)arg
;
1063 /* this should not happen but check anyway */
1065 || (ssl
= X509_STORE_CTX_get_ex_data(ctx
, idx
)) == NULL
)
1068 /* If this is our first attempt then retry */
1070 return SSL_set_retry_verify(ssl
);
1072 /* Otherwise do nothing - verification succeeds. Continue as normal */
1076 /* Test that we can handle a non-io related retry error
1077 * Test 0: Non-blocking
1080 static int test_non_io_retry(int idx
)
1083 SSL
*clientquic
= NULL
;
1084 QUIC_TSERVER
*qtserv
= NULL
;
1086 int flags
= 0, allow
= 0;
1088 if (idx
>= 1 && !qtest_supports_blocking())
1089 return TEST_skip("Blocking tests not supported in this build");
1091 cctx
= SSL_CTX_new_ex(libctx
, NULL
, OSSL_QUIC_client_method());
1092 if (!TEST_ptr(cctx
))
1095 SSL_CTX_set_cert_verify_callback(cctx
, non_io_retry_cert_verify_cb
, &allow
);
1097 flags
= (idx
>= 1) ? QTEST_FLAG_BLOCK
: 0;
1098 if (!TEST_true(qtest_create_quic_objects(libctx
, cctx
, NULL
, cert
, privkey
,
1099 flags
, &qtserv
, &clientquic
, NULL
,
1101 || !TEST_true(qtest_create_quic_connection_ex(qtserv
, clientquic
,
1102 SSL_ERROR_WANT_RETRY_VERIFY
))
1103 || !TEST_int_eq(SSL_want(clientquic
), SSL_RETRY_VERIFY
))
1107 if (!TEST_true(qtest_create_quic_connection(qtserv
, clientquic
)))
1112 SSL_free(clientquic
);
1113 ossl_quic_tserver_free(qtserv
);
1119 static int use_session_cb_cnt
= 0;
1120 static int find_session_cb_cnt
= 0;
1121 static const char *pskid
= "Identity";
1122 static SSL_SESSION
*serverpsk
= NULL
, *clientpsk
= NULL
;
1124 static int use_session_cb(SSL
*ssl
, const EVP_MD
*md
, const unsigned char **id
,
1125 size_t *idlen
, SSL_SESSION
**sess
)
1127 use_session_cb_cnt
++;
1129 if (clientpsk
== NULL
)
1132 SSL_SESSION_up_ref(clientpsk
);
1135 *id
= (const unsigned char *)pskid
;
1136 *idlen
= strlen(pskid
);
1141 static int find_session_cb(SSL
*ssl
, const unsigned char *identity
,
1142 size_t identity_len
, SSL_SESSION
**sess
)
1144 find_session_cb_cnt
++;
1146 if (serverpsk
== NULL
)
1149 /* Identity should match that set by the client */
1150 if (strlen(pskid
) != identity_len
1151 || strncmp(pskid
, (const char *)identity
, identity_len
) != 0)
1154 SSL_SESSION_up_ref(serverpsk
);
1160 static int test_quic_psk(void)
1162 SSL_CTX
*cctx
= SSL_CTX_new_ex(libctx
, NULL
, OSSL_QUIC_client_method());
1163 SSL
*clientquic
= NULL
;
1164 QUIC_TSERVER
*qtserv
= NULL
;
1168 /* No cert or private key for the server, i.e. PSK only */
1169 || !TEST_true(qtest_create_quic_objects(libctx
, cctx
, NULL
, NULL
,
1171 &clientquic
, NULL
, NULL
)))
1174 SSL_set_psk_use_session_callback(clientquic
, use_session_cb
);
1175 ossl_quic_tserver_set_psk_find_session_cb(qtserv
, find_session_cb
);
1176 use_session_cb_cnt
= 0;
1177 find_session_cb_cnt
= 0;
1179 clientpsk
= serverpsk
= create_a_psk(clientquic
, SHA384_DIGEST_LENGTH
);
1180 if (!TEST_ptr(clientpsk
))
1182 /* We already had one ref. Add another one */
1183 SSL_SESSION_up_ref(clientpsk
);
1185 if (!TEST_true(qtest_create_quic_connection(qtserv
, clientquic
))
1186 || !TEST_int_eq(1, find_session_cb_cnt
)
1187 || !TEST_int_eq(1, use_session_cb_cnt
)
1188 /* Check that we actually used the PSK */
1189 || !TEST_true(SSL_session_reused(clientquic
)))
1195 SSL_free(clientquic
);
1196 ossl_quic_tserver_free(qtserv
);
1198 SSL_SESSION_free(clientpsk
);
1199 SSL_SESSION_free(serverpsk
);
1200 clientpsk
= serverpsk
= NULL
;
1205 static int test_client_auth(int idx
)
1207 SSL_CTX
*cctx
= SSL_CTX_new_ex(libctx
, NULL
, OSSL_QUIC_client_method());
1208 SSL_CTX
*sctx
= SSL_CTX_new_ex(libctx
, NULL
, TLS_method());
1209 SSL
*clientquic
= NULL
;
1210 QUIC_TSERVER
*qtserv
= NULL
;
1212 unsigned char buf
[20];
1213 static char *msg
= "A test message";
1214 size_t msglen
= strlen(msg
);
1215 size_t numbytes
= 0;
1217 if (!TEST_ptr(cctx
) || !TEST_ptr(sctx
))
1220 SSL_CTX_set_verify(sctx
, SSL_VERIFY_PEER
| SSL_VERIFY_FAIL_IF_NO_PEER_CERT
1221 | SSL_VERIFY_CLIENT_ONCE
, NULL
);
1223 if (!TEST_true(SSL_CTX_load_verify_file(sctx
, cauthca
)))
1227 && (!TEST_true(SSL_CTX_use_certificate_chain_file(cctx
, ccert
))
1228 || !TEST_true(SSL_CTX_use_PrivateKey_file(cctx
, cprivkey
,
1229 SSL_FILETYPE_PEM
))))
1232 if (!TEST_true(qtest_create_quic_objects(libctx
, cctx
, sctx
, cert
,
1233 privkey
, 0, &qtserv
,
1234 &clientquic
, NULL
, NULL
)))
1238 if (!TEST_true(ssl_ctx_add_large_cert_chain(libctx
, cctx
, ccert
))
1239 || !TEST_true(ssl_ctx_add_large_cert_chain(libctx
, sctx
, cert
)))
1244 if (!TEST_false(qtest_create_quic_connection(qtserv
, clientquic
)))
1247 /* negative test passed */
1252 if (!TEST_true(qtest_create_quic_connection(qtserv
, clientquic
)))
1255 /* Check that sending and receiving app data is ok */
1256 if (!TEST_true(SSL_write_ex(clientquic
, msg
, msglen
, &numbytes
))
1257 || !TEST_size_t_eq(numbytes
, msglen
))
1260 ossl_quic_tserver_tick(qtserv
);
1261 if (!TEST_true(ossl_quic_tserver_write(qtserv
, 0,
1262 (unsigned char *)msg
,
1263 msglen
, &numbytes
)))
1266 ossl_quic_tserver_tick(qtserv
);
1267 SSL_handle_events(clientquic
);
1269 if (!TEST_true(SSL_read_ex(clientquic
, buf
, sizeof(buf
), &numbytes
))
1270 || !TEST_size_t_eq(numbytes
, msglen
)
1271 || !TEST_mem_eq(buf
, numbytes
, msg
, msglen
))
1274 if (!TEST_true(qtest_shutdown(qtserv
, clientquic
)))
1280 SSL_free(clientquic
);
1281 ossl_quic_tserver_free(qtserv
);
1289 * Test that we correctly handle ALPN supplied by the application
1290 * Test 0: ALPN is provided
1291 * Test 1: No ALPN is provided
1293 static int test_alpn(int idx
)
1295 SSL_CTX
*cctx
= SSL_CTX_new_ex(libctx
, NULL
, OSSL_QUIC_client_method());
1296 SSL
*clientquic
= NULL
;
1297 QUIC_TSERVER
*qtserv
= NULL
;
1302 * Ensure we only configure ciphersuites that are available with both the
1303 * default and fips providers to get the same output in both cases
1305 if (!TEST_true(SSL_CTX_set_ciphersuites(cctx
, "TLS_AES_128_GCM_SHA256")))
1309 || !TEST_true(qtest_create_quic_objects(libctx
, cctx
, NULL
, cert
,
1311 QTEST_FLAG_FAKE_TIME
,
1313 &clientquic
, NULL
, NULL
)))
1318 * Clear the ALPN we set in qtest_create_quic_objects. We use TEST_false
1319 * because SSL_set_alpn_protos returns 0 for success.
1321 if (!TEST_false(SSL_set_alpn_protos(clientquic
, NULL
, 0)))
1325 ret
= SSL_connect(clientquic
);
1326 if (!TEST_int_le(ret
, 0))
1329 /* We expect an immediate error due to lack of ALPN */
1330 if (!TEST_int_eq(SSL_get_error(clientquic
, ret
), SSL_ERROR_SSL
))
1333 /* ALPN was provided so we expect the connection to succeed */
1334 if (!TEST_int_eq(SSL_get_error(clientquic
, ret
), SSL_ERROR_WANT_READ
)
1335 || !TEST_true(qtest_create_quic_connection(qtserv
, clientquic
)))
1341 ossl_quic_tserver_free(qtserv
);
1342 SSL_free(clientquic
);
1349 * Test SSL_get_shutdown() behavior.
1351 static int test_get_shutdown(void)
1353 SSL_CTX
*cctx
= SSL_CTX_new_ex(libctx
, NULL
, OSSL_QUIC_client_method());
1354 SSL
*clientquic
= NULL
;
1355 QUIC_TSERVER
*qtserv
= NULL
;
1359 || !TEST_true(qtest_create_quic_objects(libctx
, cctx
, NULL
, cert
,
1361 QTEST_FLAG_FAKE_TIME
,
1362 &qtserv
, &clientquic
,
1364 || !TEST_true(qtest_create_quic_connection(qtserv
, clientquic
)))
1367 if (!TEST_int_eq(SSL_get_shutdown(clientquic
), 0))
1370 if (!TEST_int_eq(SSL_shutdown(clientquic
), 0))
1373 if (!TEST_int_eq(SSL_get_shutdown(clientquic
), SSL_SENT_SHUTDOWN
))
1377 ossl_quic_tserver_tick(qtserv
);
1378 qtest_add_time(100);
1379 } while (SSL_shutdown(clientquic
) == 0);
1381 if (!TEST_int_eq(SSL_get_shutdown(clientquic
),
1382 SSL_SENT_SHUTDOWN
| SSL_RECEIVED_SHUTDOWN
))
1387 ossl_quic_tserver_free(qtserv
);
1388 SSL_free(clientquic
);
1394 #define MAX_LOOPS 2000
1397 * Keep retrying SSL_read_ex until it succeeds or we give up. Accept a stream
1398 * if we don't already have one
1400 static int unreliable_client_read(SSL
*clientquic
, SSL
**stream
, void *buf
,
1401 size_t buflen
, size_t *readbytes
,
1402 QUIC_TSERVER
*qtserv
)
1406 /* We just do this in a loop with a sleep for simplicity */
1407 for (abortctr
= 0; abortctr
< MAX_LOOPS
; abortctr
++) {
1408 if (*stream
== NULL
) {
1409 SSL_handle_events(clientquic
);
1410 *stream
= SSL_accept_stream(clientquic
, 0);
1413 if (*stream
!= NULL
) {
1414 if (SSL_read_ex(*stream
, buf
, buflen
, readbytes
))
1416 if (!TEST_int_eq(SSL_get_error(*stream
, 0), SSL_ERROR_WANT_READ
))
1419 ossl_quic_tserver_tick(qtserv
);
1421 qtest_wait_for_timeout(clientquic
, qtserv
);
1424 TEST_error("No progress made");
1428 /* Keep retrying ossl_quic_tserver_read until it succeeds or we give up */
1429 static int unreliable_server_read(QUIC_TSERVER
*qtserv
, uint64_t sid
,
1430 void *buf
, size_t buflen
, size_t *readbytes
,
1435 /* We just do this in a loop with a sleep for simplicity */
1436 for (abortctr
= 0; abortctr
< MAX_LOOPS
; abortctr
++) {
1437 if (ossl_quic_tserver_read(qtserv
, sid
, buf
, buflen
, readbytes
)
1440 ossl_quic_tserver_tick(qtserv
);
1441 SSL_handle_events(clientquic
);
1443 qtest_wait_for_timeout(clientquic
, qtserv
);
1446 TEST_error("No progress made");
1451 * Create a connection and send data using an unreliable transport. We introduce
1452 * random noise to drop, delay and duplicate datagrams.
1453 * Test 0: Introduce random noise to datagrams
1454 * Test 1: As with test 0 but also split datagrams containing multiple packets
1455 * into individual datagrams so that individual packets can be affected
1456 * by noise - not just a whole datagram.
1458 static int test_noisy_dgram(int idx
)
1460 SSL_CTX
*cctx
= SSL_CTX_new_ex(libctx
, NULL
, OSSL_QUIC_client_method());
1461 SSL
*clientquic
= NULL
, *stream
[2] = { NULL
, NULL
};
1462 QUIC_TSERVER
*qtserv
= NULL
;
1465 char *msg
= "Hello world!";
1466 size_t msglen
= strlen(msg
), written
, readbytes
, i
, j
;
1467 unsigned char buf
[80];
1468 int flags
= QTEST_FLAG_NOISE
| QTEST_FLAG_FAKE_TIME
;
1469 QTEST_FAULT
*fault
= NULL
;
1472 flags
|= QTEST_FLAG_PACKET_SPLIT
;
1475 || !TEST_true(qtest_create_quic_objects(libctx
, cctx
, NULL
, cert
,
1478 &clientquic
, &fault
, NULL
)))
1481 if (!TEST_true(qtest_create_quic_connection(qtserv
, clientquic
)))
1484 if (!TEST_true(SSL_set_incoming_stream_policy(clientquic
,
1485 SSL_INCOMING_STREAM_POLICY_ACCEPT
,
1487 || !TEST_true(SSL_set_default_stream_mode(clientquic
,
1488 SSL_DEFAULT_STREAM_MODE_NONE
)))
1491 for (j
= 0; j
< 2; j
++) {
1492 if (!TEST_true(ossl_quic_tserver_stream_new(qtserv
, 0, &sid
)))
1494 ossl_quic_tserver_tick(qtserv
);
1498 * Send data from the server to the client. Some datagrams may get
1499 * lost, modified, dropped or re-ordered. We repeat 20 times to ensure
1500 * we are sending enough datagrams for problems to be noticed.
1502 for (i
= 0; i
< 20; i
++) {
1503 if (!TEST_true(ossl_quic_tserver_write(qtserv
, sid
,
1504 (unsigned char *)msg
, msglen
,
1506 || !TEST_size_t_eq(msglen
, written
))
1508 ossl_quic_tserver_tick(qtserv
);
1512 * Since the underlying BIO is now noisy we may get failures that
1513 * need to be retried - so we use unreliable_client_read() to
1516 if (!TEST_true(unreliable_client_read(clientquic
, &stream
[j
], buf
,
1517 sizeof(buf
), &readbytes
,
1519 || !TEST_mem_eq(msg
, msglen
, buf
, readbytes
))
1523 /* Send data from the client to the server */
1524 for (i
= 0; i
< 20; i
++) {
1525 if (!TEST_true(SSL_write_ex(stream
[j
], (unsigned char *)msg
,
1527 || !TEST_size_t_eq(msglen
, written
))
1530 ossl_quic_tserver_tick(qtserv
);
1534 * Since the underlying BIO is now noisy we may get failures that
1535 * need to be retried - so we use unreliable_server_read() to
1538 if (!TEST_true(unreliable_server_read(qtserv
, sid
, buf
, sizeof(buf
),
1539 &readbytes
, clientquic
))
1540 || !TEST_mem_eq(msg
, msglen
, buf
, readbytes
))
1547 ossl_quic_tserver_free(qtserv
);
1548 SSL_free(stream
[0]);
1549 SSL_free(stream
[1]);
1550 SSL_free(clientquic
);
1552 qtest_fault_free(fault
);
1561 TPARAM_OP_INJECT_TWICE
,
1562 TPARAM_OP_INJECT_RAW
,
1563 TPARAM_OP_DROP_INJECT
,
1567 #define TPARAM_CHECK_DUP(name, reason) \
1568 { QUIC_TPARAM_##name, TPARAM_OP_DUP, (reason) },
1569 #define TPARAM_CHECK_DROP(name, reason) \
1570 { QUIC_TPARAM_##name, TPARAM_OP_DROP, (reason) },
1571 #define TPARAM_CHECK_INJECT(name, buf, buf_len, reason) \
1572 { QUIC_TPARAM_##name, TPARAM_OP_INJECT, (reason), \
1574 #define TPARAM_CHECK_INJECT_A(name, buf, reason) \
1575 TPARAM_CHECK_INJECT(name, buf, sizeof(buf), reason)
1576 #define TPARAM_CHECK_DROP_INJECT(name, buf, buf_len, reason) \
1577 { QUIC_TPARAM_##name, TPARAM_OP_DROP_INJECT, (reason), \
1579 #define TPARAM_CHECK_DROP_INJECT_A(name, buf, reason) \
1580 TPARAM_CHECK_DROP_INJECT(name, buf, sizeof(buf), reason)
1581 #define TPARAM_CHECK_INJECT_TWICE(name, buf, buf_len, reason) \
1582 { QUIC_TPARAM_##name, TPARAM_OP_INJECT_TWICE, (reason), \
1584 #define TPARAM_CHECK_INJECT_TWICE_A(name, buf, reason) \
1585 TPARAM_CHECK_INJECT_TWICE(name, buf, sizeof(buf), reason)
1586 #define TPARAM_CHECK_INJECT_RAW(buf, buf_len, reason) \
1587 { 0, TPARAM_OP_INJECT_RAW, (reason), \
1589 #define TPARAM_CHECK_INJECT_RAW_A(buf, reason) \
1590 TPARAM_CHECK_INJECT_RAW(buf, sizeof(buf), reason)
1591 #define TPARAM_CHECK_MUTATE(name, reason) \
1592 { QUIC_TPARAM_##name, TPARAM_OP_MUTATE, (reason) },
1593 #define TPARAM_CHECK_INT(name, reason) \
1594 TPARAM_CHECK_DROP_INJECT(name, NULL, 0, reason) \
1595 TPARAM_CHECK_DROP_INJECT_A(name, bogus_int, reason) \
1596 TPARAM_CHECK_DROP_INJECT_A(name, int_with_trailer, reason)
1598 struct tparam_test
{
1601 const char *expect_fail
; /* substring to expect in reason */
1606 static const unsigned char retry_scid_1
[8] = { 0 };
1608 static const unsigned char disable_active_migration_1
[] = {
1612 static const unsigned char malformed_stateless_reset_token_1
[] = {
1616 static const unsigned char malformed_stateless_reset_token_2
[] = {
1620 static const unsigned char malformed_stateless_reset_token_3
[15] = { 0 };
1622 static const unsigned char malformed_stateless_reset_token_4
[17] = { 0 };
1624 static const unsigned char malformed_preferred_addr_1
[] = {
1628 static const unsigned char malformed_preferred_addr_2
[42] = {
1629 0x0d, 0x28, /* too short */
1632 static const unsigned char malformed_preferred_addr_3
[64] = {
1633 0x0d, 0x3e, /* too long */
1636 static const unsigned char malformed_preferred_addr_4
[] = {
1637 /* TPARAM too short for CID length indicated */
1638 0x0d, 0x29, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1639 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1640 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1641 0x00, 0x00, 0x01, 0x55,
1642 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1643 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1646 static const unsigned char malformed_unknown_1
[] = {
1650 static const unsigned char malformed_unknown_2
[] = {
1654 static const unsigned char malformed_unknown_3
[] = {
1658 static const unsigned char ack_delay_exp
[] = {
1662 static const unsigned char stateless_reset_token
[16] = { 0x42 };
1664 static const unsigned char preferred_addr
[] = {
1665 0x44, 0x44, 0x44, 0x44,
1667 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66,
1668 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66,
1671 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99,
1672 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99,
1675 static const unsigned char long_cid
[21] = { 0x42 };
1677 static const unsigned char excess_ack_delay_exp
[] = {
1681 static const unsigned char excess_max_ack_delay
[] = {
1682 0xC0, 0x00, 0x00, 0x00, 0x00, 0x00, 0x40, 0x00,
1685 static const unsigned char excess_initial_max_streams
[] = {
1686 0xD0, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
1689 static const unsigned char undersize_udp_payload_size
[] = {
1690 0xC0, 0x00, 0x00, 0x00, 0x00, 0x00, 0x04, 0xaf,
1693 static const unsigned char undersize_active_conn_id_limit
[] = {
1694 0xC0, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
1697 static const unsigned char bogus_int
[9] = { 0 };
1699 static const unsigned char int_with_trailer
[2] = { 0x01 };
1701 #define QUIC_TPARAM_UNKNOWN_1 0xf1f1
1703 static const struct tparam_test tparam_tests
[] = {
1704 TPARAM_CHECK_DUP(ORIG_DCID
,
1705 "ORIG_DCID appears multiple times")
1706 TPARAM_CHECK_DUP(INITIAL_SCID
,
1707 "INITIAL_SCID appears multiple times")
1708 TPARAM_CHECK_DUP(INITIAL_MAX_DATA
,
1709 "INITIAL_MAX_DATA appears multiple times")
1710 TPARAM_CHECK_DUP(INITIAL_MAX_STREAM_DATA_BIDI_LOCAL
,
1711 "INITIAL_MAX_STREAM_DATA_BIDI_LOCAL appears multiple times")
1712 TPARAM_CHECK_DUP(INITIAL_MAX_STREAM_DATA_BIDI_REMOTE
,
1713 "INITIAL_MAX_STREAM_DATA_BIDI_REMOTE appears multiple times")
1714 TPARAM_CHECK_DUP(INITIAL_MAX_STREAM_DATA_UNI
,
1715 "INITIAL_MAX_STREAM_DATA_UNI appears multiple times")
1716 TPARAM_CHECK_DUP(INITIAL_MAX_STREAMS_BIDI
,
1717 "INITIAL_MAX_STREAMS_BIDI appears multiple times")
1718 TPARAM_CHECK_DUP(INITIAL_MAX_STREAMS_UNI
,
1719 "INITIAL_MAX_STREAMS_UNI appears multiple times")
1720 TPARAM_CHECK_DUP(MAX_IDLE_TIMEOUT
,
1721 "MAX_IDLE_TIMEOUT appears multiple times")
1722 TPARAM_CHECK_DUP(MAX_UDP_PAYLOAD_SIZE
,
1723 "MAX_UDP_PAYLOAD_SIZE appears multiple times")
1724 TPARAM_CHECK_DUP(ACTIVE_CONN_ID_LIMIT
,
1725 "ACTIVE_CONN_ID_LIMIT appears multiple times")
1726 TPARAM_CHECK_DUP(DISABLE_ACTIVE_MIGRATION
,
1727 "DISABLE_ACTIVE_MIGRATION appears multiple times")
1729 TPARAM_CHECK_DROP(INITIAL_SCID
,
1730 "INITIAL_SCID was not sent but is required")
1731 TPARAM_CHECK_DROP(ORIG_DCID
,
1732 "ORIG_DCID was not sent but is required")
1734 TPARAM_CHECK_INJECT_A(RETRY_SCID
, retry_scid_1
,
1735 "RETRY_SCID sent when not performing a retry")
1736 TPARAM_CHECK_DROP_INJECT_A(DISABLE_ACTIVE_MIGRATION
, disable_active_migration_1
,
1737 "DISABLE_ACTIVE_MIGRATION is malformed")
1738 TPARAM_CHECK_INJECT(UNKNOWN_1
, NULL
, 0,
1740 TPARAM_CHECK_INJECT_RAW_A(malformed_stateless_reset_token_1
,
1741 "STATELESS_RESET_TOKEN is malformed")
1742 TPARAM_CHECK_INJECT_A(STATELESS_RESET_TOKEN
,
1743 malformed_stateless_reset_token_2
,
1744 "STATELESS_RESET_TOKEN is malformed")
1745 TPARAM_CHECK_INJECT_A(STATELESS_RESET_TOKEN
,
1746 malformed_stateless_reset_token_3
,
1747 "STATELESS_RESET_TOKEN is malformed")
1748 TPARAM_CHECK_INJECT_A(STATELESS_RESET_TOKEN
,
1749 malformed_stateless_reset_token_4
,
1750 "STATELESS_RESET_TOKEN is malformed")
1751 TPARAM_CHECK_INJECT(STATELESS_RESET_TOKEN
,
1753 "STATELESS_RESET_TOKEN is malformed")
1754 TPARAM_CHECK_INJECT_RAW_A(malformed_preferred_addr_1
,
1755 "PREFERRED_ADDR is malformed")
1756 TPARAM_CHECK_INJECT_RAW_A(malformed_preferred_addr_2
,
1757 "PREFERRED_ADDR is malformed")
1758 TPARAM_CHECK_INJECT_RAW_A(malformed_preferred_addr_3
,
1759 "PREFERRED_ADDR is malformed")
1760 TPARAM_CHECK_INJECT_RAW_A(malformed_preferred_addr_4
,
1761 "PREFERRED_ADDR is malformed")
1762 TPARAM_CHECK_INJECT_RAW_A(malformed_unknown_1
,
1763 "bad transport parameter")
1764 TPARAM_CHECK_INJECT_RAW_A(malformed_unknown_2
,
1765 "bad transport parameter")
1766 TPARAM_CHECK_INJECT_RAW_A(malformed_unknown_3
,
1767 "bad transport parameter")
1769 TPARAM_CHECK_INJECT_A(ACK_DELAY_EXP
, excess_ack_delay_exp
,
1770 "ACK_DELAY_EXP is malformed")
1771 TPARAM_CHECK_INJECT_A(MAX_ACK_DELAY
, excess_max_ack_delay
,
1772 "MAX_ACK_DELAY is malformed")
1773 TPARAM_CHECK_DROP_INJECT_A(INITIAL_MAX_STREAMS_BIDI
, excess_initial_max_streams
,
1774 "INITIAL_MAX_STREAMS_BIDI is malformed")
1775 TPARAM_CHECK_DROP_INJECT_A(INITIAL_MAX_STREAMS_UNI
, excess_initial_max_streams
,
1776 "INITIAL_MAX_STREAMS_UNI is malformed")
1778 TPARAM_CHECK_DROP_INJECT_A(MAX_UDP_PAYLOAD_SIZE
, undersize_udp_payload_size
,
1779 "MAX_UDP_PAYLOAD_SIZE is malformed")
1780 TPARAM_CHECK_DROP_INJECT_A(ACTIVE_CONN_ID_LIMIT
, undersize_active_conn_id_limit
,
1781 "ACTIVE_CONN_ID_LIMIT is malformed")
1783 TPARAM_CHECK_INJECT_TWICE_A(ACK_DELAY_EXP
, ack_delay_exp
,
1784 "ACK_DELAY_EXP appears multiple times")
1785 TPARAM_CHECK_INJECT_TWICE_A(MAX_ACK_DELAY
, ack_delay_exp
,
1786 "MAX_ACK_DELAY appears multiple times")
1787 TPARAM_CHECK_INJECT_TWICE_A(STATELESS_RESET_TOKEN
, stateless_reset_token
,
1788 "STATELESS_RESET_TOKEN appears multiple times")
1789 TPARAM_CHECK_INJECT_TWICE_A(PREFERRED_ADDR
, preferred_addr
,
1790 "PREFERRED_ADDR appears multiple times")
1792 TPARAM_CHECK_MUTATE(ORIG_DCID
,
1793 "ORIG_DCID does not match expected value")
1794 TPARAM_CHECK_MUTATE(INITIAL_SCID
,
1795 "INITIAL_SCID does not match expected value")
1797 TPARAM_CHECK_DROP_INJECT_A(ORIG_DCID
, long_cid
,
1798 "ORIG_DCID is malformed")
1799 TPARAM_CHECK_DROP_INJECT_A(INITIAL_SCID
, long_cid
,
1800 "INITIAL_SCID is malformed")
1802 TPARAM_CHECK_INT(INITIAL_MAX_DATA
,
1803 "INITIAL_MAX_DATA is malformed")
1804 TPARAM_CHECK_INT(INITIAL_MAX_STREAM_DATA_BIDI_LOCAL
,
1805 "INITIAL_MAX_STREAM_DATA_BIDI_LOCAL is malformed")
1806 TPARAM_CHECK_INT(INITIAL_MAX_STREAM_DATA_BIDI_REMOTE
,
1807 "INITIAL_MAX_STREAM_DATA_BIDI_REMOTE is malformed")
1808 TPARAM_CHECK_INT(INITIAL_MAX_STREAM_DATA_UNI
,
1809 "INITIAL_MAX_STREAM_DATA_UNI is malformed")
1810 TPARAM_CHECK_INT(ACK_DELAY_EXP
,
1811 "ACK_DELAY_EXP is malformed")
1812 TPARAM_CHECK_INT(MAX_ACK_DELAY
,
1813 "MAX_ACK_DELAY is malformed")
1814 TPARAM_CHECK_INT(INITIAL_MAX_STREAMS_BIDI
,
1815 "INITIAL_MAX_STREAMS_BIDI is malformed")
1816 TPARAM_CHECK_INT(INITIAL_MAX_STREAMS_UNI
,
1817 "INITIAL_MAX_STREAMS_UNI is malformed")
1818 TPARAM_CHECK_INT(MAX_IDLE_TIMEOUT
,
1819 "MAX_IDLE_TIMEOUT is malformed")
1820 TPARAM_CHECK_INT(MAX_UDP_PAYLOAD_SIZE
,
1821 "MAX_UDP_PAYLOAD_SIZE is malformed")
1822 TPARAM_CHECK_INT(ACTIVE_CONN_ID_LIMIT
,
1823 "ACTIVE_CONN_ID_LIMIT is malformed")
1827 const struct tparam_test
*t
;
1830 static int tparam_handle(struct tparam_ctx
*ctx
,
1831 uint64_t id
, unsigned char *data
,
1835 const struct tparam_test
*t
= ctx
->t
;
1839 if (!TEST_ptr(ossl_quic_wire_encode_transport_param_bytes(wpkt
, id
,
1844 * If this is the matching ID, write it again, duplicating the TPARAM.
1847 && !TEST_ptr(ossl_quic_wire_encode_transport_param_bytes(wpkt
, id
,
1853 case TPARAM_OP_DROP
:
1854 case TPARAM_OP_DROP_INJECT
:
1855 /* Pass through unless ID matches. */
1857 && !TEST_ptr(ossl_quic_wire_encode_transport_param_bytes(wpkt
, id
,
1863 case TPARAM_OP_INJECT
:
1864 case TPARAM_OP_INJECT_TWICE
:
1865 case TPARAM_OP_INJECT_RAW
:
1866 /* Always pass through. */
1867 if (!TEST_ptr(ossl_quic_wire_encode_transport_param_bytes(wpkt
, id
,
1873 case TPARAM_OP_MUTATE
:
1875 if (!TEST_size_t_gt(data_len
, 0))
1881 if (!TEST_ptr(ossl_quic_wire_encode_transport_param_bytes(wpkt
, id
,
1895 static int tparam_on_enc_ext(QTEST_FAULT
*qtf
, QTEST_ENCRYPTED_EXTENSIONS
*ee
,
1896 size_t ee_len
, void *arg
)
1899 struct tparam_ctx
*ctx
= arg
;
1903 BUF_MEM
*old_bufm
= NULL
, *new_bufm
= NULL
;
1904 unsigned char *tp_p
;
1905 size_t tp_len
, written
, old_len
, eb_len
;
1908 if (!TEST_ptr(old_bufm
= BUF_MEM_new()))
1912 * Delete transport parameters TLS extension and capture the contents of the
1913 * extension which was removed.
1915 if (!TEST_true(qtest_fault_delete_extension(qtf
, TLSEXT_TYPE_quic_transport_parameters
,
1916 ee
->extensions
, &ee
->extensionslen
,
1920 if (!TEST_true(PACKET_buf_init(&pkt
, (unsigned char *)old_bufm
->data
, old_bufm
->length
))
1921 || !TEST_ptr(new_bufm
= BUF_MEM_new())
1922 || !TEST_true(WPACKET_init(&wpkt
, new_bufm
)))
1928 * Open transport parameters TLS extension:
1930 * u16 Extension ID (quic_transport_parameters)
1931 * u16 Extension Data Length
1932 * ... Extension Data
1935 if (!TEST_true(WPACKET_put_bytes_u16(&wpkt
,
1936 TLSEXT_TYPE_quic_transport_parameters
))
1937 || !TEST_true(WPACKET_start_sub_packet_u16(&wpkt
)))
1940 for (; PACKET_remaining(&pkt
) > 0; ) {
1941 tp_p
= (unsigned char *)ossl_quic_wire_decode_transport_param_bytes(&pkt
,
1944 if (!TEST_ptr(tp_p
)) {
1945 TEST_mem_eq(PACKET_data(&pkt
), PACKET_remaining(&pkt
), NULL
, 0);
1949 if (!TEST_true(tparam_handle(ctx
, id
, tp_p
, tp_len
, &wpkt
)))
1953 if (ctx
->t
->op
== TPARAM_OP_INJECT
|| ctx
->t
->op
== TPARAM_OP_DROP_INJECT
1954 || ctx
->t
->op
== TPARAM_OP_INJECT_TWICE
) {
1955 if (!TEST_ptr(ossl_quic_wire_encode_transport_param_bytes(&wpkt
, ctx
->t
->id
,
1960 if (ctx
->t
->op
== TPARAM_OP_INJECT_TWICE
1961 && !TEST_ptr(ossl_quic_wire_encode_transport_param_bytes(&wpkt
, ctx
->t
->id
,
1965 } else if (ctx
->t
->op
== TPARAM_OP_INJECT_RAW
) {
1966 if (!TEST_true(WPACKET_memcpy(&wpkt
, ctx
->t
->buf
, ctx
->t
->buf_len
)))
1970 if (!TEST_true(WPACKET_close(&wpkt
))) /* end extension data, set length */
1973 if (!TEST_true(WPACKET_get_total_written(&wpkt
, &written
)))
1976 WPACKET_finish(&wpkt
);
1980 * Append the constructed extension blob to the extension block.
1982 old_len
= ee
->extensionslen
;
1984 if (!qtest_fault_resize_message(qtf
, ee
->extensionslen
+ written
))
1987 memcpy(ee
->extensions
+ old_len
, new_bufm
->data
, written
);
1989 /* Fixup the extension block header (u16 length of entire block). */
1990 eb_len
= (((uint16_t)ee
->extensions
[0]) << 8) + (uint16_t)ee
->extensions
[1];
1992 ee
->extensions
[0] = (unsigned char)((eb_len
>> 8) & 0xFF);
1993 ee
->extensions
[1] = (unsigned char)( eb_len
& 0xFF);
1998 WPACKET_cleanup(&wpkt
);
1999 BUF_MEM_free(old_bufm
);
2000 BUF_MEM_free(new_bufm
);
2004 static int test_tparam(int idx
)
2007 SSL_CTX
*c_ctx
= NULL
;
2009 QUIC_TSERVER
*s
= NULL
;
2010 QTEST_FAULT
*qtf
= NULL
;
2011 struct tparam_ctx ctx
= {0};
2013 ctx
.t
= &tparam_tests
[idx
];
2015 if (!TEST_ptr(c_ctx
= SSL_CTX_new_ex(libctx
, NULL
, OSSL_QUIC_client_method())))
2018 if (!TEST_true(qtest_create_quic_objects(libctx
, c_ctx
, NULL
, cert
,
2020 &c_ssl
, &qtf
, NULL
)))
2023 if (!TEST_true(qtest_fault_set_hand_enc_ext_listener(qtf
, tparam_on_enc_ext
,
2027 if (!TEST_true(qtest_create_quic_connection_ex(s
, c_ssl
,
2028 ctx
.t
->expect_fail
!= NULL
)))
2031 if (ctx
.t
->expect_fail
!= NULL
) {
2032 SSL_CONN_CLOSE_INFO info
= {0};
2034 if (!TEST_true(SSL_get_conn_close_info(c_ssl
, &info
, sizeof(info
))))
2037 if (!TEST_true((info
.flags
& SSL_CONN_CLOSE_FLAG_TRANSPORT
) != 0)
2038 || !TEST_uint64_t_eq(info
.error_code
, QUIC_ERR_TRANSPORT_PARAMETER_ERROR
)
2039 || !TEST_ptr(strstr(info
.reason
, ctx
.t
->expect_fail
))) {
2040 TEST_error("expected connection closure information mismatch"
2041 " during TPARAM test: flags=%llu ec=%llu reason='%s'",
2042 (unsigned long long)info
.flags
,
2043 (unsigned long long)info
.error_code
,
2052 if (ctx
.t
->expect_fail
!= NULL
)
2053 TEST_info("failed during test for id=%llu, op=%d, bl=%zu, "
2054 "expected failure='%s'", (unsigned long long)ctx
.t
->id
,
2055 ctx
.t
->op
, ctx
.t
->buf_len
, ctx
.t
->expect_fail
);
2057 TEST_info("failed during test for id=%llu, op=%d, bl=%zu",
2058 (unsigned long long)ctx
.t
->id
, ctx
.t
->op
, ctx
.t
->buf_len
);
2061 ossl_quic_tserver_free(s
);
2063 SSL_CTX_free(c_ctx
);
2064 qtest_fault_free(qtf
);
2067 /***********************************************************************************/
2069 OPT_TEST_DECLARE_USAGE("provider config certsdir datadir\n")
2071 int setup_tests(void)
2076 libctx
= OSSL_LIB_CTX_new();
2077 if (!TEST_ptr(libctx
))
2080 defctxnull
= OSSL_PROVIDER_load(NULL
, "null");
2083 * Verify that the default and fips providers in the default libctx are not
2086 if (!TEST_false(OSSL_PROVIDER_available(NULL
, "default"))
2087 || !TEST_false(OSSL_PROVIDER_available(NULL
, "fips")))
2090 if (!test_skip_common_options()) {
2091 TEST_error("Error parsing test options\n");
2095 if (!TEST_ptr(modulename
= test_get_argument(0))
2096 || !TEST_ptr(configfile
= test_get_argument(1))
2097 || !TEST_ptr(certsdir
= test_get_argument(2))
2098 || !TEST_ptr(datadir
= test_get_argument(3)))
2101 if (!TEST_true(OSSL_LIB_CTX_load_config(libctx
, configfile
)))
2104 /* Check we have the expected provider available */
2105 if (!TEST_true(OSSL_PROVIDER_available(libctx
, modulename
)))
2108 /* Check the default provider is not available */
2109 if (strcmp(modulename
, "default") != 0
2110 && !TEST_false(OSSL_PROVIDER_available(libctx
, "default")))
2113 if (strcmp(modulename
, "fips") == 0)
2116 cert
= test_mk_file_path(certsdir
, "servercert.pem");
2120 ccert
= test_mk_file_path(certsdir
, "ee-client-chain.pem");
2124 cauthca
= test_mk_file_path(certsdir
, "root-cert.pem");
2125 if (cauthca
== NULL
)
2128 privkey
= test_mk_file_path(certsdir
, "serverkey.pem");
2129 if (privkey
== NULL
)
2132 cprivkey
= test_mk_file_path(certsdir
, "ee-key.pem");
2133 if (privkey
== NULL
)
2136 ADD_ALL_TESTS(test_quic_write_read
, 3);
2137 ADD_TEST(test_fin_only_blocking
);
2138 ADD_TEST(test_ciphersuites
);
2139 ADD_TEST(test_cipher_find
);
2140 ADD_TEST(test_version
);
2141 #if defined(DO_SSL_TRACE_TEST)
2142 ADD_TEST(test_ssl_trace
);
2144 ADD_TEST(test_quic_forbidden_apis_ctx
);
2145 ADD_TEST(test_quic_forbidden_apis
);
2146 ADD_TEST(test_quic_forbidden_options
);
2147 ADD_ALL_TESTS(test_quic_set_fd
, 3);
2148 ADD_TEST(test_bio_ssl
);
2149 ADD_TEST(test_back_pressure
);
2150 ADD_TEST(test_multiple_dgrams
);
2151 ADD_ALL_TESTS(test_non_io_retry
, 2);
2152 ADD_TEST(test_quic_psk
);
2153 ADD_ALL_TESTS(test_client_auth
, 3);
2154 ADD_ALL_TESTS(test_alpn
, 2);
2155 ADD_ALL_TESTS(test_noisy_dgram
, 2);
2156 ADD_TEST(test_get_shutdown
);
2157 ADD_ALL_TESTS(test_tparam
, OSSL_NELEM(tparam_tests
));
2165 void cleanup_tests(void)
2167 bio_f_noisy_dgram_filter_free();
2168 bio_f_pkt_split_dgram_filter_free();
2170 OPENSSL_free(privkey
);
2171 OPENSSL_free(ccert
);
2172 OPENSSL_free(cauthca
);
2173 OPENSSL_free(cprivkey
);
2174 OSSL_PROVIDER_unload(defctxnull
);
2175 OSSL_LIB_CTX_free(libctx
);