]> git.ipfire.org Git - thirdparty/openssl.git/blob - test/quicapitest.c
projects / thirdparty / openssl.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
tparam_on_enc_ext(): Remove dead code in cleanup
[thirdparty/openssl.git] / test / quicapitest.c
1 /*
2 * Copyright 2022-2023 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 #include <stdio.h>
11 #include <string.h>
12
13 #include <openssl/opensslconf.h>
14 #include <openssl/quic.h>
15 #include <openssl/rand.h>
16
17 #include "helpers/ssltestlib.h"
18 #include "helpers/quictestlib.h"
19 #include "testutil.h"
20 #include "testutil/output.h"
21 #include "../ssl/ssl_local.h"
22 #include "internal/quic_error.h"
23
24 static OSSL_LIB_CTX *libctx = NULL;
25 static OSSL_PROVIDER *defctxnull = NULL;
26 static char *certsdir = NULL;
27 static char *cert = NULL;
28 static char *ccert = NULL;
29 static char *cauthca = NULL;
30 static char *privkey = NULL;
31 static char *cprivkey = NULL;
32 static char *datadir = NULL;
33
34 static int is_fips = 0;
35
36 /* The ssltrace test assumes some options are switched on/off */
37 #if !defined(OPENSSL_NO_SSL_TRACE) \
38 && defined(OPENSSL_NO_BROTLI) && defined(OPENSSL_NO_ZSTD) \
39 && !defined(OPENSSL_NO_ECX) && !defined(OPENSSL_NO_DH)
40 # define DO_SSL_TRACE_TEST
41 #endif
42
43 /*
44 * Test that we read what we've written.
45 * Test 0: Non-blocking
46 * Test 1: Blocking
47 * Test 2: Blocking, introduce socket error, test error handling.
48 */
49 static int test_quic_write_read(int idx)
50 {
51 SSL_CTX *cctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method());
52 SSL_CTX *sctx = NULL;
53 SSL *clientquic = NULL;
54 QUIC_TSERVER *qtserv = NULL;
55 int j, k, ret = 0;
56 unsigned char buf[20];
57 static char *msg = "A test message";
58 size_t msglen = strlen(msg);
59 size_t numbytes = 0;
60 int ssock = 0, csock = 0;
61 uint64_t sid = UINT64_MAX;
62 SSL_SESSION *sess = NULL;
63
64 if (idx >= 1 && !qtest_supports_blocking())
65 return TEST_skip("Blocking tests not supported in this build");
66
67 for (k = 0; k < 2; k++) {
68 if (!TEST_ptr(cctx)
69 || !TEST_true(qtest_create_quic_objects(libctx, cctx, sctx,
70 cert, privkey,
71 idx >= 1
72 ? QTEST_FLAG_BLOCK
73 : 0,
74 &qtserv, &clientquic,
75 NULL, NULL))
76 || !TEST_true(SSL_set_tlsext_host_name(clientquic, "localhost")))
77 goto end;
78
79 if (sess != NULL && !TEST_true(SSL_set_session(clientquic, sess)))
80 goto end;
81
82 if (!TEST_true(qtest_create_quic_connection(qtserv, clientquic)))
83 goto end;
84
85 if (idx >= 1) {
86 if (!TEST_true(BIO_get_fd(ossl_quic_tserver_get0_rbio(qtserv),
87 &ssock)))
88 goto end;
89 if (!TEST_int_gt(csock = SSL_get_rfd(clientquic), 0))
90 goto end;
91 }
92
93 sid = 0; /* client-initiated bidirectional stream */
94
95 for (j = 0; j < 2; j++) {
96 /* Check that sending and receiving app data is ok */
97 if (!TEST_true(SSL_write_ex(clientquic, msg, msglen, &numbytes))
98 || !TEST_size_t_eq(numbytes, msglen))
99 goto end;
100 if (idx >= 1) {
101 do {
102 if (!TEST_true(wait_until_sock_readable(ssock)))
103 goto end;
104
105 ossl_quic_tserver_tick(qtserv);
106
107 if (!TEST_true(ossl_quic_tserver_read(qtserv, sid, buf,
108 sizeof(buf),
109 &numbytes)))
110 goto end;
111 } while (numbytes == 0);
112
113 if (!TEST_mem_eq(buf, numbytes, msg, msglen))
114 goto end;
115 }
116
117 if (idx >= 2 && j > 0)
118 /* Introduce permanent socket error */
119 BIO_closesocket(csock);
120
121 ossl_quic_tserver_tick(qtserv);
122 if (!TEST_true(ossl_quic_tserver_write(qtserv, sid,
123 (unsigned char *)msg,
124 msglen, &numbytes)))
125 goto end;
126 ossl_quic_tserver_tick(qtserv);
127 SSL_handle_events(clientquic);
128
129 if (idx >= 2 && j > 0) {
130 if (!TEST_false(SSL_read_ex(clientquic, buf, 1, &numbytes))
131 || !TEST_int_eq(SSL_get_error(clientquic, 0),
132 SSL_ERROR_SYSCALL)
133 || !TEST_false(SSL_write_ex(clientquic, msg, msglen,
134 &numbytes))
135 || !TEST_int_eq(SSL_get_error(clientquic, 0),
136 SSL_ERROR_SYSCALL))
137 goto end;
138 break;
139 }
140
141 /*
142 * In blocking mode the SSL_read_ex call will block until the socket
143 * is readable and has our data. In non-blocking mode we're doing
144 * everything in memory, so it should be immediately available
145 */
146 if (!TEST_true(SSL_read_ex(clientquic, buf, 1, &numbytes))
147 || !TEST_size_t_eq(numbytes, 1)
148 || !TEST_true(SSL_has_pending(clientquic))
149 || !TEST_int_eq(SSL_pending(clientquic), msglen - 1)
150 || !TEST_true(SSL_read_ex(clientquic, buf + 1,
151 sizeof(buf) - 1, &numbytes))
152 || !TEST_mem_eq(buf, numbytes + 1, msg, msglen))
153 goto end;
154 }
155
156 if (sess == NULL) {
157 /* We didn't supply a session so we're not expecting resumption */
158 if (!TEST_false(SSL_session_reused(clientquic)))
159 goto end;
160 /* We should have a session ticket by now */
161 sess = SSL_get1_session(clientquic);
162 if (!TEST_ptr(sess))
163 goto end;
164 } else {
165 /* We supplied a session so we should have resumed */
166 if (!TEST_true(SSL_session_reused(clientquic)))
167 goto end;
168 }
169
170 if (!TEST_true(qtest_shutdown(qtserv, clientquic)))
171 goto end;
172
173 if (sctx == NULL) {
174 sctx = ossl_quic_tserver_get0_ssl_ctx(qtserv);
175 if (!TEST_true(SSL_CTX_up_ref(sctx))) {
176 sctx = NULL;
177 goto end;
178 }
179 }
180 ossl_quic_tserver_free(qtserv);
181 qtserv = NULL;
182 SSL_free(clientquic);
183 clientquic = NULL;
184
185 if (idx >= 2)
186 break;
187 }
188
189 ret = 1;
190
191 end:
192 SSL_SESSION_free(sess);
193 ossl_quic_tserver_free(qtserv);
194 SSL_free(clientquic);
195 SSL_CTX_free(cctx);
196 SSL_CTX_free(sctx);
197
198 return ret;
199 }
200
201 /*
202 * Test that sending FIN with no data to a client blocking in SSL_read_ex() will
203 * wake up the client.
204 */
205 static int test_fin_only_blocking(void)
206 {
207 SSL_CTX *cctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method());
208 SSL_CTX *sctx = NULL;
209 SSL *clientquic = NULL;
210 QUIC_TSERVER *qtserv = NULL;
211 const char *msg = "Hello World";
212 uint64_t sid;
213 size_t numbytes;
214 unsigned char buf[32];
215 int ret = 0;
216 OSSL_TIME timer, timediff;
217
218 if (!qtest_supports_blocking())
219 return TEST_skip("Blocking tests not supported in this build");
220
221 if (!TEST_ptr(cctx)
222 || !TEST_true(qtest_create_quic_objects(libctx, cctx, sctx,
223 cert, privkey,
224 QTEST_FLAG_BLOCK,
225 &qtserv, &clientquic,
226 NULL, NULL))
227 || !TEST_true(SSL_set_tlsext_host_name(clientquic, "localhost")))
228 goto end;
229
230 if (!TEST_true(qtest_create_quic_connection(qtserv, clientquic)))
231 goto end;
232
233 if (!TEST_true(ossl_quic_tserver_stream_new(qtserv, 0, &sid))
234 || !TEST_true(ossl_quic_tserver_write(qtserv, sid,
235 (unsigned char *)msg,
236 strlen(msg), &numbytes))
237 || !TEST_size_t_eq(strlen(msg), numbytes))
238 goto end;
239
240 ossl_quic_tserver_tick(qtserv);
241
242 if (!TEST_true(SSL_read_ex(clientquic, buf, sizeof(buf), &numbytes))
243 || !TEST_mem_eq(msg, strlen(msg), buf, numbytes))
244
245
246 goto end;
247
248 if (!TEST_true(ossl_quic_tserver_conclude(qtserv, sid)))
249 goto end;
250
251 timer = ossl_time_now();
252 if (!TEST_false(SSL_read_ex(clientquic, buf, sizeof(buf), &numbytes)))
253 goto end;
254 timediff = ossl_time_subtract(ossl_time_now(), timer);
255
256 if (!TEST_int_eq(SSL_get_error(clientquic, 0), SSL_ERROR_ZERO_RETURN)
257 /*
258 * We expect the SSL_read_ex to not have blocked so this should
259 * be very fast. 20ms should be plenty.
260 */
261 || !TEST_uint64_t_le(ossl_time2ms(timediff), 20))
262 goto end;
263
264 if (!TEST_true(qtest_shutdown(qtserv, clientquic)))
265 goto end;
266
267 ret = 1;
268
269 end:
270 ossl_quic_tserver_free(qtserv);
271 SSL_free(clientquic);
272 SSL_CTX_free(cctx);
273 SSL_CTX_free(sctx);
274
275 return ret;
276 }
277
278 /* Test that a vanilla QUIC SSL object has the expected ciphersuites available */
279 static int test_ciphersuites(void)
280 {
281 SSL_CTX *ctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method());
282 SSL *ssl;
283 int testresult = 0;
284 const STACK_OF(SSL_CIPHER) *ciphers = NULL;
285 const SSL_CIPHER *cipher;
286 /* We expect this exact list of ciphersuites by default */
287 int cipherids[] = {
288 TLS1_3_CK_AES_256_GCM_SHA384,
289 #if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
290 TLS1_3_CK_CHACHA20_POLY1305_SHA256,
291 #endif
292 TLS1_3_CK_AES_128_GCM_SHA256
293 };
294 size_t i, j;
295
296 if (!TEST_ptr(ctx))
297 return 0;
298
299 ssl = SSL_new(ctx);
300 if (!TEST_ptr(ssl))
301 goto err;
302
303 ciphers = SSL_get_ciphers(ssl);
304
305 for (i = 0, j = 0; i < OSSL_NELEM(cipherids); i++) {
306 if (cipherids[i] == TLS1_3_CK_CHACHA20_POLY1305_SHA256 && is_fips)
307 continue;
308 cipher = sk_SSL_CIPHER_value(ciphers, j++);
309 if (!TEST_ptr(cipher))
310 goto err;
311 if (!TEST_uint_eq(SSL_CIPHER_get_id(cipher), cipherids[i]))
312 goto err;
313 }
314
315 /* We should have checked all the ciphers in the stack */
316 if (!TEST_int_eq(sk_SSL_CIPHER_num(ciphers), j))
317 goto err;
318
319 testresult = 1;
320 err:
321 SSL_free(ssl);
322 SSL_CTX_free(ctx);
323
324 return testresult;
325 }
326
327 static int test_cipher_find(void)
328 {
329 SSL_CTX *cctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method());
330 SSL *clientquic = NULL;
331 struct {
332 const unsigned char *cipherbytes;
333 int ok;
334 } testciphers[] = {
335 { TLS13_AES_128_GCM_SHA256_BYTES, 1 },
336 { TLS13_AES_256_GCM_SHA384_BYTES, 1 },
337 { TLS13_CHACHA20_POLY1305_SHA256_BYTES, 1 },
338 { TLS13_AES_128_CCM_SHA256_BYTES, 0 },
339 { TLS13_AES_128_CCM_8_SHA256_BYTES, 0 }
340 };
341 size_t i;
342 int testresult = 0;
343
344 if (!TEST_ptr(cctx))
345 goto err;
346
347 clientquic = SSL_new(cctx);
348 if (!TEST_ptr(clientquic))
349 goto err;
350
351 for (i = 0; i < OSSL_NELEM(testciphers); i++)
352 if (testciphers[i].ok) {
353 if (!TEST_ptr(SSL_CIPHER_find(clientquic,
354 testciphers[i].cipherbytes)))
355 goto err;
356 } else {
357 if (!TEST_ptr_null(SSL_CIPHER_find(clientquic,
358 testciphers[i].cipherbytes)))
359 goto err;
360 }
361
362 testresult = 1;
363 err:
364 SSL_free(clientquic);
365 SSL_CTX_free(cctx);
366
367 return testresult;
368 }
369
370 /*
371 * Test that SSL_version, SSL_get_version, SSL_is_quic, SSL_is_tls and
372 * SSL_is_dtls return the expected results for a QUIC connection. Compare with
373 * test_version() in sslapitest.c which does the same thing for TLS/DTLS
374 * connections.
375 */
376 static int test_version(void)
377 {
378 SSL_CTX *cctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method());
379 SSL *clientquic = NULL;
380 QUIC_TSERVER *qtserv = NULL;
381 int testresult = 0;
382
383 if (!TEST_ptr(cctx)
384 || !TEST_true(qtest_create_quic_objects(libctx, cctx, NULL, cert,
385 privkey, 0, &qtserv,
386 &clientquic, NULL, NULL))
387 || !TEST_true(qtest_create_quic_connection(qtserv, clientquic)))
388 goto err;
389
390 if (!TEST_int_eq(SSL_version(clientquic), OSSL_QUIC1_VERSION)
391 || !TEST_str_eq(SSL_get_version(clientquic), "QUICv1"))
392 goto err;
393
394 if (!TEST_true(SSL_is_quic(clientquic))
395 || !TEST_false(SSL_is_tls(clientquic))
396 || !TEST_false(SSL_is_dtls(clientquic)))
397 goto err;
398
399
400 testresult = 1;
401 err:
402 ossl_quic_tserver_free(qtserv);
403 SSL_free(clientquic);
404 SSL_CTX_free(cctx);
405
406 return testresult;
407 }
408
409 #if defined(DO_SSL_TRACE_TEST)
410 static void strip_line_ends(char *str)
411 {
412 size_t i;
413
414 for (i = strlen(str);
415 i > 0 && (str[i - 1] == '\n' || str[i - 1] == '\r');
416 i--);
417
418 str[i] = '\0';
419 }
420
421 static int compare_with_file(BIO *membio)
422 {
423 BIO *file = NULL, *newfile = NULL;
424 char buf1[512], buf2[512];
425 char *reffile;
426 int ret = 0;
427 size_t i;
428
429 #ifdef OPENSSL_NO_ZLIB
430 reffile = test_mk_file_path(datadir, "ssltraceref.txt");
431 #else
432 reffile = test_mk_file_path(datadir, "ssltraceref-zlib.txt");
433 #endif
434 if (!TEST_ptr(reffile))
435 goto err;
436
437 file = BIO_new_file(reffile, "rb");
438 if (!TEST_ptr(file))
439 goto err;
440
441 newfile = BIO_new_file("ssltraceref-new.txt", "wb");
442 if (!TEST_ptr(newfile))
443 goto err;
444
445 while (BIO_gets(membio, buf2, sizeof(buf2)) > 0)
446 if (BIO_puts(newfile, buf2) <= 0) {
447 TEST_error("Failed writing new file data");
448 goto err;
449 }
450
451 if (!TEST_int_ge(BIO_seek(membio, 0), 0))
452 goto err;
453
454 while (BIO_gets(file, buf1, sizeof(buf1)) > 0) {
455 if (BIO_gets(membio, buf2, sizeof(buf2)) <= 0) {
456 TEST_error("Failed reading mem data");
457 goto err;
458 }
459 strip_line_ends(buf1);
460 strip_line_ends(buf2);
461 if (strlen(buf1) != strlen(buf2)) {
462 TEST_error("Actual and ref line data length mismatch");
463 TEST_info("%s", buf1);
464 TEST_info("%s", buf2);
465 goto err;
466 }
467 for (i = 0; i < strlen(buf1); i++) {
468 /* '?' is a wild card character in the reference text */
469 if (buf1[i] == '?')
470 buf2[i] = '?';
471 }
472 if (!TEST_str_eq(buf1, buf2))
473 goto err;
474 }
475 if (!TEST_true(BIO_eof(file))
476 || !TEST_true(BIO_eof(membio)))
477 goto err;
478
479 ret = 1;
480 err:
481 OPENSSL_free(reffile);
482 BIO_free(file);
483 BIO_free(newfile);
484 return ret;
485 }
486
487 /*
488 * Tests that the SSL_trace() msg_callback works as expected with a QUIC
489 * connection. This also provides testing of the msg_callback at the same time.
490 */
491 static int test_ssl_trace(void)
492 {
493 SSL_CTX *cctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method());
494 SSL *clientquic = NULL;
495 QUIC_TSERVER *qtserv = NULL;
496 int testresult = 0;
497 BIO *bio = BIO_new(BIO_s_mem());
498
499 /*
500 * Ensure we only configure ciphersuites that are available with both the
501 * default and fips providers to get the same output in both cases
502 */
503 if (!TEST_true(SSL_CTX_set_ciphersuites(cctx, "TLS_AES_128_GCM_SHA256")))
504 goto err;
505
506 if (!TEST_ptr(cctx)
507 || !TEST_ptr(bio)
508 || !TEST_true(qtest_create_quic_objects(libctx, cctx, NULL, cert,
509 privkey,
510 QTEST_FLAG_FAKE_TIME,
511 &qtserv,
512 &clientquic, NULL, NULL)))
513 goto err;
514
515 SSL_set_msg_callback(clientquic, SSL_trace);
516 SSL_set_msg_callback_arg(clientquic, bio);
517
518 if (!TEST_true(qtest_create_quic_connection(qtserv, clientquic)))
519 goto err;
520
521 if (!TEST_true(compare_with_file(bio)))
522 goto err;
523
524 testresult = 1;
525 err:
526 ossl_quic_tserver_free(qtserv);
527 SSL_free(clientquic);
528 SSL_CTX_free(cctx);
529 BIO_free(bio);
530
531 return testresult;
532 }
533 #endif
534
535 static int ensure_valid_ciphers(const STACK_OF(SSL_CIPHER) *ciphers)
536 {
537 size_t i;
538
539 /* Ensure ciphersuite list is suitably subsetted. */
540 for (i = 0; i < (size_t)sk_SSL_CIPHER_num(ciphers); ++i) {
541 const SSL_CIPHER *cipher = sk_SSL_CIPHER_value(ciphers, i);
542 switch (SSL_CIPHER_get_id(cipher)) {
543 case TLS1_3_CK_AES_128_GCM_SHA256:
544 case TLS1_3_CK_AES_256_GCM_SHA384:
545 case TLS1_3_CK_CHACHA20_POLY1305_SHA256:
546 break;
547 default:
548 TEST_error("forbidden cipher: %s", SSL_CIPHER_get_name(cipher));
549 return 0;
550 }
551 }
552
553 return 1;
554 }
555
556 /*
557 * Test that handshake-layer APIs which shouldn't work don't work with QUIC.
558 */
559 static int test_quic_forbidden_apis_ctx(void)
560 {
561 int testresult = 0;
562 SSL_CTX *ctx = NULL;
563
564 if (!TEST_ptr(ctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method())))
565 goto err;
566
567 #ifndef OPENSSL_NO_SRTP
568 /* This function returns 0 on success and 1 on error, and should fail. */
569 if (!TEST_true(SSL_CTX_set_tlsext_use_srtp(ctx, "SRTP_AEAD_AES_128_GCM")))
570 goto err;
571 #endif
572
573 /*
574 * List of ciphersuites we do and don't allow in QUIC.
575 */
576 #define QUIC_CIPHERSUITES \
577 "TLS_AES_128_GCM_SHA256:" \
578 "TLS_AES_256_GCM_SHA384:" \
579 "TLS_CHACHA20_POLY1305_SHA256"
580
581 #define NON_QUIC_CIPHERSUITES \
582 "TLS_AES_128_CCM_SHA256:" \
583 "TLS_AES_256_CCM_SHA384:" \
584 "TLS_AES_128_CCM_8_SHA256"
585
586 /* Set TLSv1.3 ciphersuite list for the SSL_CTX. */
587 if (!TEST_true(SSL_CTX_set_ciphersuites(ctx,
588 QUIC_CIPHERSUITES ":"
589 NON_QUIC_CIPHERSUITES)))
590 goto err;
591
592 /*
593 * Forbidden ciphersuites should show up in SSL_CTX accessors, they are only
594 * filtered in SSL_get1_supported_ciphers, so we don't check for
595 * non-inclusion here.
596 */
597
598 testresult = 1;
599 err:
600 SSL_CTX_free(ctx);
601 return testresult;
602 }
603
604 static int test_quic_forbidden_apis(void)
605 {
606 int testresult = 0;
607 SSL_CTX *ctx = NULL;
608 SSL *ssl = NULL;
609 STACK_OF(SSL_CIPHER) *ciphers = NULL;
610
611 if (!TEST_ptr(ctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method())))
612 goto err;
613
614 if (!TEST_ptr(ssl = SSL_new(ctx)))
615 goto err;
616
617 #ifndef OPENSSL_NO_SRTP
618 /* This function returns 0 on success and 1 on error, and should fail. */
619 if (!TEST_true(SSL_set_tlsext_use_srtp(ssl, "SRTP_AEAD_AES_128_GCM")))
620 goto err;
621 #endif
622
623 /* Set TLSv1.3 ciphersuite list for the SSL_CTX. */
624 if (!TEST_true(SSL_set_ciphersuites(ssl,
625 QUIC_CIPHERSUITES ":"
626 NON_QUIC_CIPHERSUITES)))
627 goto err;
628
629 /* Non-QUIC ciphersuites must not appear in supported ciphers list. */
630 if (!TEST_ptr(ciphers = SSL_get1_supported_ciphers(ssl))
631 || !TEST_true(ensure_valid_ciphers(ciphers)))
632 goto err;
633
634 testresult = 1;
635 err:
636 sk_SSL_CIPHER_free(ciphers);
637 SSL_free(ssl);
638 SSL_CTX_free(ctx);
639 return testresult;
640 }
641
642 static int test_quic_forbidden_options(void)
643 {
644 int testresult = 0;
645 SSL_CTX *ctx = NULL;
646 SSL *ssl = NULL;
647 char buf[16];
648 size_t len;
649
650 if (!TEST_ptr(ctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method())))
651 goto err;
652
653 /* QUIC options restrictions do not affect SSL_CTX */
654 SSL_CTX_set_options(ctx, UINT64_MAX);
655
656 if (!TEST_uint64_t_eq(SSL_CTX_get_options(ctx), UINT64_MAX))
657 goto err;
658
659 /* Set options on CTX which should not be inherited (tested below). */
660 SSL_CTX_set_read_ahead(ctx, 1);
661 SSL_CTX_set_max_early_data(ctx, 1);
662 SSL_CTX_set_recv_max_early_data(ctx, 1);
663 SSL_CTX_set_quiet_shutdown(ctx, 1);
664
665 if (!TEST_ptr(ssl = SSL_new(ctx)))
666 goto err;
667
668 /* Only permitted options get transferred to SSL object */
669 if (!TEST_uint64_t_eq(SSL_get_options(ssl), OSSL_QUIC_PERMITTED_OPTIONS))
670 goto err;
671
672 /* Try again using SSL_set_options */
673 SSL_set_options(ssl, UINT64_MAX);
674
675 if (!TEST_uint64_t_eq(SSL_get_options(ssl), OSSL_QUIC_PERMITTED_OPTIONS))
676 goto err;
677
678 /* Clear everything */
679 SSL_clear_options(ssl, UINT64_MAX);
680
681 if (!TEST_uint64_t_eq(SSL_get_options(ssl), 0))
682 goto err;
683
684 /* Readahead */
685 if (!TEST_false(SSL_get_read_ahead(ssl)))
686 goto err;
687
688 SSL_set_read_ahead(ssl, 1);
689 if (!TEST_false(SSL_get_read_ahead(ssl)))
690 goto err;
691
692 /* Block padding */
693 if (!TEST_true(SSL_set_block_padding(ssl, 0))
694 || !TEST_true(SSL_set_block_padding(ssl, 1))
695 || !TEST_false(SSL_set_block_padding(ssl, 2)))
696 goto err;
697
698 /* Max fragment length */
699 if (!TEST_true(SSL_set_tlsext_max_fragment_length(ssl, TLSEXT_max_fragment_length_DISABLED))
700 || !TEST_false(SSL_set_tlsext_max_fragment_length(ssl, TLSEXT_max_fragment_length_512)))
701 goto err;
702
703 /* Max early data */
704 if (!TEST_false(SSL_set_recv_max_early_data(ssl, 1))
705 || !TEST_false(SSL_set_max_early_data(ssl, 1)))
706 goto err;
707
708 /* Read/Write */
709 if (!TEST_false(SSL_read_early_data(ssl, buf, sizeof(buf), &len))
710 || !TEST_false(SSL_write_early_data(ssl, buf, sizeof(buf), &len)))
711 goto err;
712
713 /* Buffer Management */
714 if (!TEST_true(SSL_alloc_buffers(ssl))
715 || !TEST_false(SSL_free_buffers(ssl)))
716 goto err;
717
718 /* Pipelining */
719 if (!TEST_false(SSL_set_max_send_fragment(ssl, 2))
720 || !TEST_false(SSL_set_split_send_fragment(ssl, 2))
721 || !TEST_false(SSL_set_max_pipelines(ssl, 2)))
722 goto err;
723
724 /* HRR */
725 if (!TEST_false(SSL_stateless(ssl)))
726 goto err;
727
728 /* Quiet Shutdown */
729 if (!TEST_false(SSL_get_quiet_shutdown(ssl)))
730 goto err;
731
732 /* No duplication */
733 if (!TEST_ptr_null(SSL_dup(ssl)))
734 goto err;
735
736 /* No clear */
737 if (!TEST_false(SSL_clear(ssl)))
738 goto err;
739
740 testresult = 1;
741 err:
742 SSL_free(ssl);
743 SSL_CTX_free(ctx);
744 return testresult;
745 }
746
747 static int test_quic_set_fd(int idx)
748 {
749 int testresult = 0;
750 SSL_CTX *ctx = NULL;
751 SSL *ssl = NULL;
752 int fd = -1, resfd = -1;
753 BIO *bio = NULL;
754
755 if (!TEST_ptr(ctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method())))
756 goto err;
757
758 if (!TEST_ptr(ssl = SSL_new(ctx)))
759 goto err;
760
761 if (!TEST_int_ge(fd = BIO_socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP, 0), 0))
762 goto err;
763
764 if (idx == 0) {
765 if (!TEST_true(SSL_set_fd(ssl, fd)))
766 goto err;
767 if (!TEST_ptr(bio = SSL_get_rbio(ssl)))
768 goto err;
769 if (!TEST_ptr_eq(bio, SSL_get_wbio(ssl)))
770 goto err;
771 } else if (idx == 1) {
772 if (!TEST_true(SSL_set_rfd(ssl, fd)))
773 goto err;
774 if (!TEST_ptr(bio = SSL_get_rbio(ssl)))
775 goto err;
776 if (!TEST_ptr_null(SSL_get_wbio(ssl)))
777 goto err;
778 } else {
779 if (!TEST_true(SSL_set_wfd(ssl, fd)))
780 goto err;
781 if (!TEST_ptr(bio = SSL_get_wbio(ssl)))
782 goto err;
783 if (!TEST_ptr_null(SSL_get_rbio(ssl)))
784 goto err;
785 }
786
787 if (!TEST_int_eq(BIO_method_type(bio), BIO_TYPE_DGRAM))
788 goto err;
789
790 if (!TEST_true(BIO_get_fd(bio, &resfd))
791 || !TEST_int_eq(resfd, fd))
792 goto err;
793
794 testresult = 1;
795 err:
796 SSL_free(ssl);
797 SSL_CTX_free(ctx);
798 if (fd >= 0)
799 BIO_closesocket(fd);
800 return testresult;
801 }
802
803 #define MAXLOOPS 1000
804
805 static int test_bio_ssl(void)
806 {
807 /*
808 * We just use OSSL_QUIC_client_method() rather than
809 * OSSL_QUIC_client_thread_method(). We will never leave the connection idle
810 * so we will always be implicitly handling time events anyway via other
811 * IO calls.
812 */
813 SSL_CTX *cctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method());
814 SSL *clientquic = NULL, *stream = NULL;
815 QUIC_TSERVER *qtserv = NULL;
816 int testresult = 0;
817 BIO *cbio = NULL, *strbio = NULL, *thisbio;
818 const char *msg = "Hello world";
819 int abortctr = 0, err, clienterr = 0, servererr = 0, retc = 0, rets = 0;
820 size_t written, readbytes, msglen;
821 int sid = 0, i;
822 unsigned char buf[80];
823
824 if (!TEST_ptr(cctx))
825 goto err;
826
827 cbio = BIO_new_ssl(cctx, 1);
828 if (!TEST_ptr(cbio))
829 goto err;
830
831 /*
832 * We must configure the ALPN/peer address etc so we get the SSL object in
833 * order to pass it to qtest_create_quic_objects for configuration.
834 */
835 if (!TEST_int_eq(BIO_get_ssl(cbio, &clientquic), 1))
836 goto err;
837
838 if (!TEST_true(qtest_create_quic_objects(libctx, NULL, NULL, cert, privkey,
839 0, &qtserv, &clientquic, NULL,
840 NULL)))
841 goto err;
842
843 msglen = strlen(msg);
844
845 do {
846 err = BIO_FLAGS_WRITE;
847 while (!clienterr && !retc && err == BIO_FLAGS_WRITE) {
848 retc = BIO_write_ex(cbio, msg, msglen, &written);
849 if (!retc) {
850 if (BIO_should_retry(cbio))
851 err = BIO_retry_type(cbio);
852 else
853 err = 0;
854 }
855 }
856
857 if (!clienterr && retc <= 0 && err != BIO_FLAGS_READ) {
858 TEST_info("BIO_write_ex() failed %d, %d", retc, err);
859 TEST_openssl_errors();
860 clienterr = 1;
861 }
862
863 if (!servererr && rets <= 0) {
864 ossl_quic_tserver_tick(qtserv);
865 servererr = ossl_quic_tserver_is_term_any(qtserv);
866 if (!servererr)
867 rets = ossl_quic_tserver_is_handshake_confirmed(qtserv);
868 }
869
870 if (clienterr && servererr)
871 goto err;
872
873 if (++abortctr == MAXLOOPS) {
874 TEST_info("No progress made");
875 goto err;
876 }
877 } while ((!retc && !clienterr) || (rets <= 0 && !servererr));
878
879 /*
880 * 2 loops: The first using the default stream, and the second using a new
881 * client initiated bidi stream.
882 */
883 for (i = 0, thisbio = cbio; i < 2; i++) {
884 if (!TEST_true(ossl_quic_tserver_read(qtserv, sid, buf, sizeof(buf),
885 &readbytes))
886 || !TEST_mem_eq(msg, msglen, buf, readbytes))
887 goto err;
888
889 if (!TEST_true(ossl_quic_tserver_write(qtserv, sid, (unsigned char *)msg,
890 msglen, &written)))
891 goto err;
892 ossl_quic_tserver_tick(qtserv);
893
894 if (!TEST_true(BIO_read_ex(thisbio, buf, sizeof(buf), &readbytes))
895 || !TEST_mem_eq(msg, msglen, buf, readbytes))
896 goto err;
897
898 if (i == 1)
899 break;
900
901 /*
902 * Now create a new stream and repeat. The bottom two bits of the stream
903 * id represents whether the stream is bidi and whether it is client
904 * initiated or not. For client initiated bidi they are both 0. So the
905 * first client initiated bidi stream is 0 and the next one is 4.
906 */
907 sid = 4;
908 stream = SSL_new_stream(clientquic, 0);
909 if (!TEST_ptr(stream))
910 goto err;
911
912 thisbio = strbio = BIO_new(BIO_f_ssl());
913 if (!TEST_ptr(strbio))
914 goto err;
915
916 if (!TEST_int_eq(BIO_set_ssl(thisbio, stream, BIO_CLOSE), 1))
917 goto err;
918 stream = NULL;
919
920 if (!TEST_true(BIO_write_ex(thisbio, msg, msglen, &written)))
921 goto err;
922
923 ossl_quic_tserver_tick(qtserv);
924 }
925
926 testresult = 1;
927 err:
928 BIO_free_all(cbio);
929 BIO_free_all(strbio);
930 SSL_free(stream);
931 ossl_quic_tserver_free(qtserv);
932 SSL_CTX_free(cctx);
933
934 return testresult;
935 }
936
937 #define BACK_PRESSURE_NUM_LOOPS 10000
938 /*
939 * Test that sending data from the client to the server faster than the server
940 * can process it eventually results in back pressure on the client.
941 */
942 static int test_back_pressure(void)
943 {
944 SSL_CTX *cctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method());
945 SSL *clientquic = NULL;
946 QUIC_TSERVER *qtserv = NULL;
947 int testresult = 0;
948 unsigned char *msg = NULL;
949 const size_t msglen = 1024;
950 unsigned char buf[64];
951 size_t readbytes, written;
952 int i;
953
954 if (!TEST_ptr(cctx)
955 || !TEST_true(qtest_create_quic_objects(libctx, cctx, NULL, cert,
956 privkey, 0, &qtserv,
957 &clientquic, NULL, NULL))
958 || !TEST_true(qtest_create_quic_connection(qtserv, clientquic)))
959 goto err;
960
961 msg = OPENSSL_malloc(msglen);
962 if (!TEST_ptr(msg))
963 goto err;
964 if (!TEST_int_eq(RAND_bytes_ex(libctx, msg, msglen, 0), 1))
965 goto err;
966
967 /*
968 * Limit to 10000 loops. If we've not seen any back pressure after that
969 * we're going to run out of memory, so abort.
970 */
971 for (i = 0; i < BACK_PRESSURE_NUM_LOOPS; i++) {
972 /* Send data from the client */
973 if (!SSL_write_ex(clientquic, msg, msglen, &written)) {
974 /* Check if we are seeing back pressure */
975 if (SSL_get_error(clientquic, 0) == SSL_ERROR_WANT_WRITE)
976 break;
977 TEST_error("Unexpected client failure");
978 goto err;
979 }
980
981 /* Receive data at the server */
982 ossl_quic_tserver_tick(qtserv);
983 if (!TEST_true(ossl_quic_tserver_read(qtserv, 0, buf, sizeof(buf),
984 &readbytes)))
985 goto err;
986 }
987
988 if (i == BACK_PRESSURE_NUM_LOOPS) {
989 TEST_error("No back pressure seen");
990 goto err;
991 }
992
993 testresult = 1;
994 err:
995 SSL_free(clientquic);
996 ossl_quic_tserver_free(qtserv);
997 SSL_CTX_free(cctx);
998 OPENSSL_free(msg);
999
1000 return testresult;
1001 }
1002
1003
1004 static int dgram_ctr = 0;
1005
1006 static void dgram_cb(int write_p, int version, int content_type,
1007 const void *buf, size_t msglen, SSL *ssl, void *arg)
1008 {
1009 if (!write_p)
1010 return;
1011
1012 if (content_type != SSL3_RT_QUIC_DATAGRAM)
1013 return;
1014
1015 dgram_ctr++;
1016 }
1017
1018 /* Test that we send multiple datagrams in one go when appropriate */
1019 static int test_multiple_dgrams(void)
1020 {
1021 SSL_CTX *cctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method());
1022 SSL *clientquic = NULL;
1023 QUIC_TSERVER *qtserv = NULL;
1024 int testresult = 0;
1025 unsigned char *buf;
1026 const size_t buflen = 1400;
1027 size_t written;
1028
1029 buf = OPENSSL_zalloc(buflen);
1030
1031 if (!TEST_ptr(cctx)
1032 || !TEST_ptr(buf)
1033 || !TEST_true(qtest_create_quic_objects(libctx, cctx, NULL, cert,
1034 privkey, 0, &qtserv,
1035 &clientquic, NULL, NULL))
1036 || !TEST_true(qtest_create_quic_connection(qtserv, clientquic)))
1037 goto err;
1038
1039 dgram_ctr = 0;
1040 SSL_set_msg_callback(clientquic, dgram_cb);
1041 if (!TEST_true(SSL_write_ex(clientquic, buf, buflen, &written))
1042 || !TEST_size_t_eq(written, buflen)
1043 /* We wrote enough data for 2 datagrams */
1044 || !TEST_int_eq(dgram_ctr, 2))
1045 goto err;
1046
1047 testresult = 1;
1048 err:
1049 OPENSSL_free(buf);
1050 SSL_free(clientquic);
1051 ossl_quic_tserver_free(qtserv);
1052 SSL_CTX_free(cctx);
1053
1054 return testresult;
1055 }
1056
1057 static int non_io_retry_cert_verify_cb(X509_STORE_CTX *ctx, void *arg)
1058 {
1059 int idx = SSL_get_ex_data_X509_STORE_CTX_idx();
1060 SSL *ssl;
1061 const int *allow = (int *)arg;
1062
1063 /* this should not happen but check anyway */
1064 if (idx < 0
1065 || (ssl = X509_STORE_CTX_get_ex_data(ctx, idx)) == NULL)
1066 return 0;
1067
1068 /* If this is our first attempt then retry */
1069 if (*allow == 0)
1070 return SSL_set_retry_verify(ssl);
1071
1072 /* Otherwise do nothing - verification succeeds. Continue as normal */
1073 return 1;
1074 }
1075
1076 /* Test that we can handle a non-io related retry error
1077 * Test 0: Non-blocking
1078 * Test 1: Blocking
1079 */
1080 static int test_non_io_retry(int idx)
1081 {
1082 SSL_CTX *cctx;
1083 SSL *clientquic = NULL;
1084 QUIC_TSERVER *qtserv = NULL;
1085 int testresult = 0;
1086 int flags = 0, allow = 0;
1087
1088 if (idx >= 1 && !qtest_supports_blocking())
1089 return TEST_skip("Blocking tests not supported in this build");
1090
1091 cctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method());
1092 if (!TEST_ptr(cctx))
1093 goto err;
1094
1095 SSL_CTX_set_cert_verify_callback(cctx, non_io_retry_cert_verify_cb, &allow);
1096
1097 flags = (idx >= 1) ? QTEST_FLAG_BLOCK : 0;
1098 if (!TEST_true(qtest_create_quic_objects(libctx, cctx, NULL, cert, privkey,
1099 flags, &qtserv, &clientquic, NULL,
1100 NULL))
1101 || !TEST_true(qtest_create_quic_connection_ex(qtserv, clientquic,
1102 SSL_ERROR_WANT_RETRY_VERIFY))
1103 || !TEST_int_eq(SSL_want(clientquic), SSL_RETRY_VERIFY))
1104 goto err;
1105
1106 allow = 1;
1107 if (!TEST_true(qtest_create_quic_connection(qtserv, clientquic)))
1108 goto err;
1109
1110 testresult = 1;
1111 err:
1112 SSL_free(clientquic);
1113 ossl_quic_tserver_free(qtserv);
1114 SSL_CTX_free(cctx);
1115
1116 return testresult;
1117 }
1118
1119 static int use_session_cb_cnt = 0;
1120 static int find_session_cb_cnt = 0;
1121 static const char *pskid = "Identity";
1122 static SSL_SESSION *serverpsk = NULL, *clientpsk = NULL;
1123
1124 static int use_session_cb(SSL *ssl, const EVP_MD *md, const unsigned char **id,
1125 size_t *idlen, SSL_SESSION **sess)
1126 {
1127 use_session_cb_cnt++;
1128
1129 if (clientpsk == NULL)
1130 return 0;
1131
1132 SSL_SESSION_up_ref(clientpsk);
1133
1134 *sess = clientpsk;
1135 *id = (const unsigned char *)pskid;
1136 *idlen = strlen(pskid);
1137
1138 return 1;
1139 }
1140
1141 static int find_session_cb(SSL *ssl, const unsigned char *identity,
1142 size_t identity_len, SSL_SESSION **sess)
1143 {
1144 find_session_cb_cnt++;
1145
1146 if (serverpsk == NULL)
1147 return 0;
1148
1149 /* Identity should match that set by the client */
1150 if (strlen(pskid) != identity_len
1151 || strncmp(pskid, (const char *)identity, identity_len) != 0)
1152 return 0;
1153
1154 SSL_SESSION_up_ref(serverpsk);
1155 *sess = serverpsk;
1156
1157 return 1;
1158 }
1159
1160 static int test_quic_psk(void)
1161 {
1162 SSL_CTX *cctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method());
1163 SSL *clientquic = NULL;
1164 QUIC_TSERVER *qtserv = NULL;
1165 int testresult = 0;
1166
1167 if (!TEST_ptr(cctx)
1168 /* No cert or private key for the server, i.e. PSK only */
1169 || !TEST_true(qtest_create_quic_objects(libctx, cctx, NULL, NULL,
1170 NULL, 0, &qtserv,
1171 &clientquic, NULL, NULL)))
1172 goto end;
1173
1174 SSL_set_psk_use_session_callback(clientquic, use_session_cb);
1175 ossl_quic_tserver_set_psk_find_session_cb(qtserv, find_session_cb);
1176 use_session_cb_cnt = 0;
1177 find_session_cb_cnt = 0;
1178
1179 clientpsk = serverpsk = create_a_psk(clientquic, SHA384_DIGEST_LENGTH);
1180 if (!TEST_ptr(clientpsk))
1181 goto end;
1182 /* We already had one ref. Add another one */
1183 SSL_SESSION_up_ref(clientpsk);
1184
1185 if (!TEST_true(qtest_create_quic_connection(qtserv, clientquic))
1186 || !TEST_int_eq(1, find_session_cb_cnt)
1187 || !TEST_int_eq(1, use_session_cb_cnt)
1188 /* Check that we actually used the PSK */
1189 || !TEST_true(SSL_session_reused(clientquic)))
1190 goto end;
1191
1192 testresult = 1;
1193
1194 end:
1195 SSL_free(clientquic);
1196 ossl_quic_tserver_free(qtserv);
1197 SSL_CTX_free(cctx);
1198 SSL_SESSION_free(clientpsk);
1199 SSL_SESSION_free(serverpsk);
1200 clientpsk = serverpsk = NULL;
1201
1202 return testresult;
1203 }
1204
1205 static int test_client_auth(int idx)
1206 {
1207 SSL_CTX *cctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method());
1208 SSL_CTX *sctx = SSL_CTX_new_ex(libctx, NULL, TLS_method());
1209 SSL *clientquic = NULL;
1210 QUIC_TSERVER *qtserv = NULL;
1211 int testresult = 0;
1212 unsigned char buf[20];
1213 static char *msg = "A test message";
1214 size_t msglen = strlen(msg);
1215 size_t numbytes = 0;
1216
1217 if (!TEST_ptr(cctx) || !TEST_ptr(sctx))
1218 goto err;
1219
1220 SSL_CTX_set_verify(sctx, SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT
1221 | SSL_VERIFY_CLIENT_ONCE, NULL);
1222
1223 if (!TEST_true(SSL_CTX_load_verify_file(sctx, cauthca)))
1224 goto err;
1225
1226 if (idx > 0
1227 && (!TEST_true(SSL_CTX_use_certificate_chain_file(cctx, ccert))
1228 || !TEST_true(SSL_CTX_use_PrivateKey_file(cctx, cprivkey,
1229 SSL_FILETYPE_PEM))))
1230 goto err;
1231
1232 if (!TEST_true(qtest_create_quic_objects(libctx, cctx, sctx, cert,
1233 privkey, 0, &qtserv,
1234 &clientquic, NULL, NULL)))
1235 goto err;
1236
1237 if (idx > 1) {
1238 if (!TEST_true(ssl_ctx_add_large_cert_chain(libctx, cctx, ccert))
1239 || !TEST_true(ssl_ctx_add_large_cert_chain(libctx, sctx, cert)))
1240 goto err;
1241 }
1242
1243 if (idx == 0) {
1244 if (!TEST_false(qtest_create_quic_connection(qtserv, clientquic)))
1245 goto err;
1246
1247 /* negative test passed */
1248 testresult = 1;
1249 goto err;
1250 }
1251
1252 if (!TEST_true(qtest_create_quic_connection(qtserv, clientquic)))
1253 goto err;
1254
1255 /* Check that sending and receiving app data is ok */
1256 if (!TEST_true(SSL_write_ex(clientquic, msg, msglen, &numbytes))
1257 || !TEST_size_t_eq(numbytes, msglen))
1258 goto err;
1259
1260 ossl_quic_tserver_tick(qtserv);
1261 if (!TEST_true(ossl_quic_tserver_write(qtserv, 0,
1262 (unsigned char *)msg,
1263 msglen, &numbytes)))
1264 goto err;
1265
1266 ossl_quic_tserver_tick(qtserv);
1267 SSL_handle_events(clientquic);
1268
1269 if (!TEST_true(SSL_read_ex(clientquic, buf, sizeof(buf), &numbytes))
1270 || !TEST_size_t_eq(numbytes, msglen)
1271 || !TEST_mem_eq(buf, numbytes, msg, msglen))
1272 goto err;
1273
1274 if (!TEST_true(qtest_shutdown(qtserv, clientquic)))
1275 goto err;
1276
1277 testresult = 1;
1278
1279 err:
1280 SSL_free(clientquic);
1281 ossl_quic_tserver_free(qtserv);
1282 SSL_CTX_free(sctx);
1283 SSL_CTX_free(cctx);
1284
1285 return testresult;
1286 }
1287
1288 /*
1289 * Test that we correctly handle ALPN supplied by the application
1290 * Test 0: ALPN is provided
1291 * Test 1: No ALPN is provided
1292 */
1293 static int test_alpn(int idx)
1294 {
1295 SSL_CTX *cctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method());
1296 SSL *clientquic = NULL;
1297 QUIC_TSERVER *qtserv = NULL;
1298 int testresult = 0;
1299 int ret;
1300
1301 /*
1302 * Ensure we only configure ciphersuites that are available with both the
1303 * default and fips providers to get the same output in both cases
1304 */
1305 if (!TEST_true(SSL_CTX_set_ciphersuites(cctx, "TLS_AES_128_GCM_SHA256")))
1306 goto err;
1307
1308 if (!TEST_ptr(cctx)
1309 || !TEST_true(qtest_create_quic_objects(libctx, cctx, NULL, cert,
1310 privkey,
1311 QTEST_FLAG_FAKE_TIME,
1312 &qtserv,
1313 &clientquic, NULL, NULL)))
1314 goto err;
1315
1316 if (idx == 0) {
1317 /*
1318 * Clear the ALPN we set in qtest_create_quic_objects. We use TEST_false
1319 * because SSL_set_alpn_protos returns 0 for success.
1320 */
1321 if (!TEST_false(SSL_set_alpn_protos(clientquic, NULL, 0)))
1322 goto err;
1323 }
1324
1325 ret = SSL_connect(clientquic);
1326 if (!TEST_int_le(ret, 0))
1327 goto err;
1328 if (idx == 0) {
1329 /* We expect an immediate error due to lack of ALPN */
1330 if (!TEST_int_eq(SSL_get_error(clientquic, ret), SSL_ERROR_SSL))
1331 goto err;
1332 } else {
1333 /* ALPN was provided so we expect the connection to succeed */
1334 if (!TEST_int_eq(SSL_get_error(clientquic, ret), SSL_ERROR_WANT_READ)
1335 || !TEST_true(qtest_create_quic_connection(qtserv, clientquic)))
1336 goto err;
1337 }
1338
1339 testresult = 1;
1340 err:
1341 ossl_quic_tserver_free(qtserv);
1342 SSL_free(clientquic);
1343 SSL_CTX_free(cctx);
1344
1345 return testresult;
1346 }
1347
1348 /*
1349 * Test SSL_get_shutdown() behavior.
1350 */
1351 static int test_get_shutdown(void)
1352 {
1353 SSL_CTX *cctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method());
1354 SSL *clientquic = NULL;
1355 QUIC_TSERVER *qtserv = NULL;
1356 int testresult = 0;
1357
1358 if (!TEST_ptr(cctx)
1359 || !TEST_true(qtest_create_quic_objects(libctx, cctx, NULL, cert,
1360 privkey,
1361 QTEST_FLAG_FAKE_TIME,
1362 &qtserv, &clientquic,
1363 NULL, NULL))
1364 || !TEST_true(qtest_create_quic_connection(qtserv, clientquic)))
1365 goto err;
1366
1367 if (!TEST_int_eq(SSL_get_shutdown(clientquic), 0))
1368 goto err;
1369
1370 if (!TEST_int_eq(SSL_shutdown(clientquic), 0))
1371 goto err;
1372
1373 if (!TEST_int_eq(SSL_get_shutdown(clientquic), SSL_SENT_SHUTDOWN))
1374 goto err;
1375
1376 do {
1377 ossl_quic_tserver_tick(qtserv);
1378 qtest_add_time(100);
1379 } while (SSL_shutdown(clientquic) == 0);
1380
1381 if (!TEST_int_eq(SSL_get_shutdown(clientquic),
1382 SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN))
1383 goto err;
1384
1385 testresult = 1;
1386 err:
1387 ossl_quic_tserver_free(qtserv);
1388 SSL_free(clientquic);
1389 SSL_CTX_free(cctx);
1390
1391 return testresult;
1392 }
1393
1394 #define MAX_LOOPS 2000
1395
1396 /*
1397 * Keep retrying SSL_read_ex until it succeeds or we give up. Accept a stream
1398 * if we don't already have one
1399 */
1400 static int unreliable_client_read(SSL *clientquic, SSL **stream, void *buf,
1401 size_t buflen, size_t *readbytes,
1402 QUIC_TSERVER *qtserv)
1403 {
1404 int abortctr;
1405
1406 /* We just do this in a loop with a sleep for simplicity */
1407 for (abortctr = 0; abortctr < MAX_LOOPS; abortctr++) {
1408 if (*stream == NULL) {
1409 SSL_handle_events(clientquic);
1410 *stream = SSL_accept_stream(clientquic, 0);
1411 }
1412
1413 if (*stream != NULL) {
1414 if (SSL_read_ex(*stream, buf, buflen, readbytes))
1415 return 1;
1416 if (!TEST_int_eq(SSL_get_error(*stream, 0), SSL_ERROR_WANT_READ))
1417 return 0;
1418 }
1419 ossl_quic_tserver_tick(qtserv);
1420 qtest_add_time(1);
1421 qtest_wait_for_timeout(clientquic, qtserv);
1422 }
1423
1424 TEST_error("No progress made");
1425 return 0;
1426 }
1427
1428 /* Keep retrying ossl_quic_tserver_read until it succeeds or we give up */
1429 static int unreliable_server_read(QUIC_TSERVER *qtserv, uint64_t sid,
1430 void *buf, size_t buflen, size_t *readbytes,
1431 SSL *clientquic)
1432 {
1433 int abortctr;
1434
1435 /* We just do this in a loop with a sleep for simplicity */
1436 for (abortctr = 0; abortctr < MAX_LOOPS; abortctr++) {
1437 if (ossl_quic_tserver_read(qtserv, sid, buf, buflen, readbytes)
1438 && *readbytes > 1)
1439 return 1;
1440 ossl_quic_tserver_tick(qtserv);
1441 SSL_handle_events(clientquic);
1442 qtest_add_time(1);
1443 qtest_wait_for_timeout(clientquic, qtserv);
1444 }
1445
1446 TEST_error("No progress made");
1447 return 0;
1448 }
1449
1450 /*
1451 * Create a connection and send data using an unreliable transport. We introduce
1452 * random noise to drop, delay and duplicate datagrams.
1453 * Test 0: Introduce random noise to datagrams
1454 * Test 1: As with test 0 but also split datagrams containing multiple packets
1455 * into individual datagrams so that individual packets can be affected
1456 * by noise - not just a whole datagram.
1457 */
1458 static int test_noisy_dgram(int idx)
1459 {
1460 SSL_CTX *cctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method());
1461 SSL *clientquic = NULL, *stream[2] = { NULL, NULL };
1462 QUIC_TSERVER *qtserv = NULL;
1463 int testresult = 0;
1464 uint64_t sid = 0;
1465 char *msg = "Hello world!";
1466 size_t msglen = strlen(msg), written, readbytes, i, j;
1467 unsigned char buf[80];
1468 int flags = QTEST_FLAG_NOISE | QTEST_FLAG_FAKE_TIME;
1469 QTEST_FAULT *fault = NULL;
1470
1471 if (idx == 1)
1472 flags |= QTEST_FLAG_PACKET_SPLIT;
1473
1474 if (!TEST_ptr(cctx)
1475 || !TEST_true(qtest_create_quic_objects(libctx, cctx, NULL, cert,
1476 privkey, flags,
1477 &qtserv,
1478 &clientquic, &fault, NULL)))
1479 goto err;
1480
1481 if (!TEST_true(qtest_create_quic_connection(qtserv, clientquic)))
1482 goto err;
1483
1484 if (!TEST_true(SSL_set_incoming_stream_policy(clientquic,
1485 SSL_INCOMING_STREAM_POLICY_ACCEPT,
1486 0))
1487 || !TEST_true(SSL_set_default_stream_mode(clientquic,
1488 SSL_DEFAULT_STREAM_MODE_NONE)))
1489 goto err;
1490
1491 for (j = 0; j < 2; j++) {
1492 if (!TEST_true(ossl_quic_tserver_stream_new(qtserv, 0, &sid)))
1493 goto err;
1494 ossl_quic_tserver_tick(qtserv);
1495 qtest_add_time(1);
1496
1497 /*
1498 * Send data from the server to the client. Some datagrams may get
1499 * lost, modified, dropped or re-ordered. We repeat 20 times to ensure
1500 * we are sending enough datagrams for problems to be noticed.
1501 */
1502 for (i = 0; i < 20; i++) {
1503 if (!TEST_true(ossl_quic_tserver_write(qtserv, sid,
1504 (unsigned char *)msg, msglen,
1505 &written))
1506 || !TEST_size_t_eq(msglen, written))
1507 goto err;
1508 ossl_quic_tserver_tick(qtserv);
1509 qtest_add_time(1);
1510
1511 /*
1512 * Since the underlying BIO is now noisy we may get failures that
1513 * need to be retried - so we use unreliable_client_read() to
1514 * handle that
1515 */
1516 if (!TEST_true(unreliable_client_read(clientquic, &stream[j], buf,
1517 sizeof(buf), &readbytes,
1518 qtserv))
1519 || !TEST_mem_eq(msg, msglen, buf, readbytes))
1520 goto err;
1521 }
1522
1523 /* Send data from the client to the server */
1524 for (i = 0; i < 20; i++) {
1525 if (!TEST_true(SSL_write_ex(stream[j], (unsigned char *)msg,
1526 msglen, &written))
1527 || !TEST_size_t_eq(msglen, written))
1528 goto err;
1529
1530 ossl_quic_tserver_tick(qtserv);
1531 qtest_add_time(1);
1532
1533 /*
1534 * Since the underlying BIO is now noisy we may get failures that
1535 * need to be retried - so we use unreliable_server_read() to
1536 * handle that
1537 */
1538 if (!TEST_true(unreliable_server_read(qtserv, sid, buf, sizeof(buf),
1539 &readbytes, clientquic))
1540 || !TEST_mem_eq(msg, msglen, buf, readbytes))
1541 goto err;
1542 }
1543 }
1544
1545 testresult = 1;
1546 err:
1547 ossl_quic_tserver_free(qtserv);
1548 SSL_free(stream[0]);
1549 SSL_free(stream[1]);
1550 SSL_free(clientquic);
1551 SSL_CTX_free(cctx);
1552 qtest_fault_free(fault);
1553
1554 return testresult;
1555 }
1556
1557 enum {
1558 TPARAM_OP_DUP,
1559 TPARAM_OP_DROP,
1560 TPARAM_OP_INJECT,
1561 TPARAM_OP_INJECT_TWICE,
1562 TPARAM_OP_INJECT_RAW,
1563 TPARAM_OP_DROP_INJECT,
1564 TPARAM_OP_MUTATE
1565 };
1566
1567 #define TPARAM_CHECK_DUP(name, reason) \
1568 { QUIC_TPARAM_##name, TPARAM_OP_DUP, (reason) },
1569 #define TPARAM_CHECK_DROP(name, reason) \
1570 { QUIC_TPARAM_##name, TPARAM_OP_DROP, (reason) },
1571 #define TPARAM_CHECK_INJECT(name, buf, buf_len, reason) \
1572 { QUIC_TPARAM_##name, TPARAM_OP_INJECT, (reason), \
1573 (buf), (buf_len) },
1574 #define TPARAM_CHECK_INJECT_A(name, buf, reason) \
1575 TPARAM_CHECK_INJECT(name, buf, sizeof(buf), reason)
1576 #define TPARAM_CHECK_DROP_INJECT(name, buf, buf_len, reason) \
1577 { QUIC_TPARAM_##name, TPARAM_OP_DROP_INJECT, (reason), \
1578 (buf), (buf_len) },
1579 #define TPARAM_CHECK_DROP_INJECT_A(name, buf, reason) \
1580 TPARAM_CHECK_DROP_INJECT(name, buf, sizeof(buf), reason)
1581 #define TPARAM_CHECK_INJECT_TWICE(name, buf, buf_len, reason) \
1582 { QUIC_TPARAM_##name, TPARAM_OP_INJECT_TWICE, (reason), \
1583 (buf), (buf_len) },
1584 #define TPARAM_CHECK_INJECT_TWICE_A(name, buf, reason) \
1585 TPARAM_CHECK_INJECT_TWICE(name, buf, sizeof(buf), reason)
1586 #define TPARAM_CHECK_INJECT_RAW(buf, buf_len, reason) \
1587 { 0, TPARAM_OP_INJECT_RAW, (reason), \
1588 (buf), (buf_len) },
1589 #define TPARAM_CHECK_INJECT_RAW_A(buf, reason) \
1590 TPARAM_CHECK_INJECT_RAW(buf, sizeof(buf), reason)
1591 #define TPARAM_CHECK_MUTATE(name, reason) \
1592 { QUIC_TPARAM_##name, TPARAM_OP_MUTATE, (reason) },
1593 #define TPARAM_CHECK_INT(name, reason) \
1594 TPARAM_CHECK_DROP_INJECT(name, NULL, 0, reason) \
1595 TPARAM_CHECK_DROP_INJECT_A(name, bogus_int, reason) \
1596 TPARAM_CHECK_DROP_INJECT_A(name, int_with_trailer, reason)
1597
1598 struct tparam_test {
1599 uint64_t id;
1600 int op;
1601 const char *expect_fail; /* substring to expect in reason */
1602 const void *buf;
1603 size_t buf_len;
1604 };
1605
1606 static const unsigned char retry_scid_1[8] = { 0 };
1607
1608 static const unsigned char disable_active_migration_1[] = {
1609 0x00
1610 };
1611
1612 static const unsigned char malformed_stateless_reset_token_1[] = {
1613 0x02, 0xff
1614 };
1615
1616 static const unsigned char malformed_stateless_reset_token_2[] = {
1617 0x01
1618 };
1619
1620 static const unsigned char malformed_stateless_reset_token_3[15] = { 0 };
1621
1622 static const unsigned char malformed_stateless_reset_token_4[17] = { 0 };
1623
1624 static const unsigned char malformed_preferred_addr_1[] = {
1625 0x0d, 0xff
1626 };
1627
1628 static const unsigned char malformed_preferred_addr_2[42] = {
1629 0x0d, 0x28, /* too short */
1630 };
1631
1632 static const unsigned char malformed_preferred_addr_3[64] = {
1633 0x0d, 0x3e, /* too long */
1634 };
1635
1636 static const unsigned char malformed_preferred_addr_4[] = {
1637 /* TPARAM too short for CID length indicated */
1638 0x0d, 0x29, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1639 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1640 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1641 0x00, 0x00, 0x01, 0x55,
1642 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1643 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1644 };
1645
1646 static const unsigned char malformed_unknown_1[] = {
1647 0xff
1648 };
1649
1650 static const unsigned char malformed_unknown_2[] = {
1651 0x55, 0x55,
1652 };
1653
1654 static const unsigned char malformed_unknown_3[] = {
1655 0x55, 0x55, 0x01,
1656 };
1657
1658 static const unsigned char ack_delay_exp[] = {
1659 0x03
1660 };
1661
1662 static const unsigned char stateless_reset_token[16] = { 0x42 };
1663
1664 static const unsigned char preferred_addr[] = {
1665 0x44, 0x44, 0x44, 0x44,
1666 0x55, 0x55,
1667 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66,
1668 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66,
1669 0x77, 0x77,
1670 0x02, 0xAA, 0xBB,
1671 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99,
1672 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99,
1673 };
1674
1675 static const unsigned char long_cid[21] = { 0x42 };
1676
1677 static const unsigned char excess_ack_delay_exp[] = {
1678 0x15,
1679 };
1680
1681 static const unsigned char excess_max_ack_delay[] = {
1682 0xC0, 0x00, 0x00, 0x00, 0x00, 0x00, 0x40, 0x00,
1683 };
1684
1685 static const unsigned char excess_initial_max_streams[] = {
1686 0xD0, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
1687 };
1688
1689 static const unsigned char undersize_udp_payload_size[] = {
1690 0xC0, 0x00, 0x00, 0x00, 0x00, 0x00, 0x04, 0xaf,
1691 };
1692
1693 static const unsigned char undersize_active_conn_id_limit[] = {
1694 0xC0, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
1695 };
1696
1697 static const unsigned char bogus_int[9] = { 0 };
1698
1699 static const unsigned char int_with_trailer[2] = { 0x01 };
1700
1701 #define QUIC_TPARAM_UNKNOWN_1 0xf1f1
1702
1703 static const struct tparam_test tparam_tests[] = {
1704 TPARAM_CHECK_DUP(ORIG_DCID,
1705 "ORIG_DCID appears multiple times")
1706 TPARAM_CHECK_DUP(INITIAL_SCID,
1707 "INITIAL_SCID appears multiple times")
1708 TPARAM_CHECK_DUP(INITIAL_MAX_DATA,
1709 "INITIAL_MAX_DATA appears multiple times")
1710 TPARAM_CHECK_DUP(INITIAL_MAX_STREAM_DATA_BIDI_LOCAL,
1711 "INITIAL_MAX_STREAM_DATA_BIDI_LOCAL appears multiple times")
1712 TPARAM_CHECK_DUP(INITIAL_MAX_STREAM_DATA_BIDI_REMOTE,
1713 "INITIAL_MAX_STREAM_DATA_BIDI_REMOTE appears multiple times")
1714 TPARAM_CHECK_DUP(INITIAL_MAX_STREAM_DATA_UNI,
1715 "INITIAL_MAX_STREAM_DATA_UNI appears multiple times")
1716 TPARAM_CHECK_DUP(INITIAL_MAX_STREAMS_BIDI,
1717 "INITIAL_MAX_STREAMS_BIDI appears multiple times")
1718 TPARAM_CHECK_DUP(INITIAL_MAX_STREAMS_UNI,
1719 "INITIAL_MAX_STREAMS_UNI appears multiple times")
1720 TPARAM_CHECK_DUP(MAX_IDLE_TIMEOUT,
1721 "MAX_IDLE_TIMEOUT appears multiple times")
1722 TPARAM_CHECK_DUP(MAX_UDP_PAYLOAD_SIZE,
1723 "MAX_UDP_PAYLOAD_SIZE appears multiple times")
1724 TPARAM_CHECK_DUP(ACTIVE_CONN_ID_LIMIT,
1725 "ACTIVE_CONN_ID_LIMIT appears multiple times")
1726 TPARAM_CHECK_DUP(DISABLE_ACTIVE_MIGRATION,
1727 "DISABLE_ACTIVE_MIGRATION appears multiple times")
1728
1729 TPARAM_CHECK_DROP(INITIAL_SCID,
1730 "INITIAL_SCID was not sent but is required")
1731 TPARAM_CHECK_DROP(ORIG_DCID,
1732 "ORIG_DCID was not sent but is required")
1733
1734 TPARAM_CHECK_INJECT_A(RETRY_SCID, retry_scid_1,
1735 "RETRY_SCID sent when not performing a retry")
1736 TPARAM_CHECK_DROP_INJECT_A(DISABLE_ACTIVE_MIGRATION, disable_active_migration_1,
1737 "DISABLE_ACTIVE_MIGRATION is malformed")
1738 TPARAM_CHECK_INJECT(UNKNOWN_1, NULL, 0,
1739 NULL)
1740 TPARAM_CHECK_INJECT_RAW_A(malformed_stateless_reset_token_1,
1741 "STATELESS_RESET_TOKEN is malformed")
1742 TPARAM_CHECK_INJECT_A(STATELESS_RESET_TOKEN,
1743 malformed_stateless_reset_token_2,
1744 "STATELESS_RESET_TOKEN is malformed")
1745 TPARAM_CHECK_INJECT_A(STATELESS_RESET_TOKEN,
1746 malformed_stateless_reset_token_3,
1747 "STATELESS_RESET_TOKEN is malformed")
1748 TPARAM_CHECK_INJECT_A(STATELESS_RESET_TOKEN,
1749 malformed_stateless_reset_token_4,
1750 "STATELESS_RESET_TOKEN is malformed")
1751 TPARAM_CHECK_INJECT(STATELESS_RESET_TOKEN,
1752 NULL, 0,
1753 "STATELESS_RESET_TOKEN is malformed")
1754 TPARAM_CHECK_INJECT_RAW_A(malformed_preferred_addr_1,
1755 "PREFERRED_ADDR is malformed")
1756 TPARAM_CHECK_INJECT_RAW_A(malformed_preferred_addr_2,
1757 "PREFERRED_ADDR is malformed")
1758 TPARAM_CHECK_INJECT_RAW_A(malformed_preferred_addr_3,
1759 "PREFERRED_ADDR is malformed")
1760 TPARAM_CHECK_INJECT_RAW_A(malformed_preferred_addr_4,
1761 "PREFERRED_ADDR is malformed")
1762 TPARAM_CHECK_INJECT_RAW_A(malformed_unknown_1,
1763 "bad transport parameter")
1764 TPARAM_CHECK_INJECT_RAW_A(malformed_unknown_2,
1765 "bad transport parameter")
1766 TPARAM_CHECK_INJECT_RAW_A(malformed_unknown_3,
1767 "bad transport parameter")
1768
1769 TPARAM_CHECK_INJECT_A(ACK_DELAY_EXP, excess_ack_delay_exp,
1770 "ACK_DELAY_EXP is malformed")
1771 TPARAM_CHECK_INJECT_A(MAX_ACK_DELAY, excess_max_ack_delay,
1772 "MAX_ACK_DELAY is malformed")
1773 TPARAM_CHECK_DROP_INJECT_A(INITIAL_MAX_STREAMS_BIDI, excess_initial_max_streams,
1774 "INITIAL_MAX_STREAMS_BIDI is malformed")
1775 TPARAM_CHECK_DROP_INJECT_A(INITIAL_MAX_STREAMS_UNI, excess_initial_max_streams,
1776 "INITIAL_MAX_STREAMS_UNI is malformed")
1777
1778 TPARAM_CHECK_DROP_INJECT_A(MAX_UDP_PAYLOAD_SIZE, undersize_udp_payload_size,
1779 "MAX_UDP_PAYLOAD_SIZE is malformed")
1780 TPARAM_CHECK_DROP_INJECT_A(ACTIVE_CONN_ID_LIMIT, undersize_active_conn_id_limit,
1781 "ACTIVE_CONN_ID_LIMIT is malformed")
1782
1783 TPARAM_CHECK_INJECT_TWICE_A(ACK_DELAY_EXP, ack_delay_exp,
1784 "ACK_DELAY_EXP appears multiple times")
1785 TPARAM_CHECK_INJECT_TWICE_A(MAX_ACK_DELAY, ack_delay_exp,
1786 "MAX_ACK_DELAY appears multiple times")
1787 TPARAM_CHECK_INJECT_TWICE_A(STATELESS_RESET_TOKEN, stateless_reset_token,
1788 "STATELESS_RESET_TOKEN appears multiple times")
1789 TPARAM_CHECK_INJECT_TWICE_A(PREFERRED_ADDR, preferred_addr,
1790 "PREFERRED_ADDR appears multiple times")
1791
1792 TPARAM_CHECK_MUTATE(ORIG_DCID,
1793 "ORIG_DCID does not match expected value")
1794 TPARAM_CHECK_MUTATE(INITIAL_SCID,
1795 "INITIAL_SCID does not match expected value")
1796
1797 TPARAM_CHECK_DROP_INJECT_A(ORIG_DCID, long_cid,
1798 "ORIG_DCID is malformed")
1799 TPARAM_CHECK_DROP_INJECT_A(INITIAL_SCID, long_cid,
1800 "INITIAL_SCID is malformed")
1801
1802 TPARAM_CHECK_INT(INITIAL_MAX_DATA,
1803 "INITIAL_MAX_DATA is malformed")
1804 TPARAM_CHECK_INT(INITIAL_MAX_STREAM_DATA_BIDI_LOCAL,
1805 "INITIAL_MAX_STREAM_DATA_BIDI_LOCAL is malformed")
1806 TPARAM_CHECK_INT(INITIAL_MAX_STREAM_DATA_BIDI_REMOTE,
1807 "INITIAL_MAX_STREAM_DATA_BIDI_REMOTE is malformed")
1808 TPARAM_CHECK_INT(INITIAL_MAX_STREAM_DATA_UNI,
1809 "INITIAL_MAX_STREAM_DATA_UNI is malformed")
1810 TPARAM_CHECK_INT(ACK_DELAY_EXP,
1811 "ACK_DELAY_EXP is malformed")
1812 TPARAM_CHECK_INT(MAX_ACK_DELAY,
1813 "MAX_ACK_DELAY is malformed")
1814 TPARAM_CHECK_INT(INITIAL_MAX_STREAMS_BIDI,
1815 "INITIAL_MAX_STREAMS_BIDI is malformed")
1816 TPARAM_CHECK_INT(INITIAL_MAX_STREAMS_UNI,
1817 "INITIAL_MAX_STREAMS_UNI is malformed")
1818 TPARAM_CHECK_INT(MAX_IDLE_TIMEOUT,
1819 "MAX_IDLE_TIMEOUT is malformed")
1820 TPARAM_CHECK_INT(MAX_UDP_PAYLOAD_SIZE,
1821 "MAX_UDP_PAYLOAD_SIZE is malformed")
1822 TPARAM_CHECK_INT(ACTIVE_CONN_ID_LIMIT,
1823 "ACTIVE_CONN_ID_LIMIT is malformed")
1824 };
1825
1826 struct tparam_ctx {
1827 const struct tparam_test *t;
1828 };
1829
1830 static int tparam_handle(struct tparam_ctx *ctx,
1831 uint64_t id, unsigned char *data,
1832 size_t data_len,
1833 WPACKET *wpkt)
1834 {
1835 const struct tparam_test *t = ctx->t;
1836
1837 switch (t->op) {
1838 case TPARAM_OP_DUP:
1839 if (!TEST_ptr(ossl_quic_wire_encode_transport_param_bytes(wpkt, id,
1840 data, data_len)))
1841 return 0;
1842
1843 /*
1844 * If this is the matching ID, write it again, duplicating the TPARAM.
1845 */
1846 if (id == t->id
1847 && !TEST_ptr(ossl_quic_wire_encode_transport_param_bytes(wpkt, id,
1848 data, data_len)))
1849 return 0;
1850
1851 return 1;
1852
1853 case TPARAM_OP_DROP:
1854 case TPARAM_OP_DROP_INJECT:
1855 /* Pass through unless ID matches. */
1856 if (id != t->id
1857 && !TEST_ptr(ossl_quic_wire_encode_transport_param_bytes(wpkt, id,
1858 data, data_len)))
1859 return 0;
1860
1861 return 1;
1862
1863 case TPARAM_OP_INJECT:
1864 case TPARAM_OP_INJECT_TWICE:
1865 case TPARAM_OP_INJECT_RAW:
1866 /* Always pass through. */
1867 if (!TEST_ptr(ossl_quic_wire_encode_transport_param_bytes(wpkt, id,
1868 data, data_len)))
1869 return 0;
1870
1871 return 1;
1872
1873 case TPARAM_OP_MUTATE:
1874 if (id == t->id) {
1875 if (!TEST_size_t_gt(data_len, 0))
1876 return 0;
1877
1878 data[0] ^= 1;
1879 }
1880
1881 if (!TEST_ptr(ossl_quic_wire_encode_transport_param_bytes(wpkt, id,
1882 data, data_len)))
1883 return 0;
1884
1885 if (id == t->id)
1886 data[0] ^= 1;
1887
1888 return 1;
1889
1890 default:
1891 return 0;
1892 }
1893 }
1894
1895 static int tparam_on_enc_ext(QTEST_FAULT *qtf, QTEST_ENCRYPTED_EXTENSIONS *ee,
1896 size_t ee_len, void *arg)
1897 {
1898 int rc = 0;
1899 struct tparam_ctx *ctx = arg;
1900 PACKET pkt = {0};
1901 WPACKET wpkt;
1902 int have_wpkt = 0;
1903 BUF_MEM *old_bufm = NULL, *new_bufm = NULL;
1904 unsigned char *tp_p;
1905 size_t tp_len, written, old_len, eb_len;
1906 uint64_t id;
1907
1908 if (!TEST_ptr(old_bufm = BUF_MEM_new()))
1909 goto err;
1910
1911 /*
1912 * Delete transport parameters TLS extension and capture the contents of the
1913 * extension which was removed.
1914 */
1915 if (!TEST_true(qtest_fault_delete_extension(qtf, TLSEXT_TYPE_quic_transport_parameters,
1916 ee->extensions, &ee->extensionslen,
1917 old_bufm)))
1918 goto err;
1919
1920 if (!TEST_true(PACKET_buf_init(&pkt, (unsigned char *)old_bufm->data, old_bufm->length))
1921 || !TEST_ptr(new_bufm = BUF_MEM_new())
1922 || !TEST_true(WPACKET_init(&wpkt, new_bufm)))
1923 goto err;
1924
1925 have_wpkt = 1;
1926
1927 /*
1928 * Open transport parameters TLS extension:
1929 *
1930 * u16 Extension ID (quic_transport_parameters)
1931 * u16 Extension Data Length
1932 * ... Extension Data
1933 *
1934 */
1935 if (!TEST_true(WPACKET_put_bytes_u16(&wpkt,
1936 TLSEXT_TYPE_quic_transport_parameters))
1937 || !TEST_true(WPACKET_start_sub_packet_u16(&wpkt)))
1938 goto err;
1939
1940 for (; PACKET_remaining(&pkt) > 0; ) {
1941 tp_p = (unsigned char *)ossl_quic_wire_decode_transport_param_bytes(&pkt,
1942 &id,
1943 &tp_len);
1944 if (!TEST_ptr(tp_p)) {
1945 TEST_mem_eq(PACKET_data(&pkt), PACKET_remaining(&pkt), NULL, 0);
1946 goto err;
1947 }
1948
1949 if (!TEST_true(tparam_handle(ctx, id, tp_p, tp_len, &wpkt)))
1950 goto err;
1951 }
1952
1953 if (ctx->t->op == TPARAM_OP_INJECT || ctx->t->op == TPARAM_OP_DROP_INJECT
1954 || ctx->t->op == TPARAM_OP_INJECT_TWICE) {
1955 if (!TEST_ptr(ossl_quic_wire_encode_transport_param_bytes(&wpkt, ctx->t->id,
1956 ctx->t->buf,
1957 ctx->t->buf_len)))
1958 goto err;
1959
1960 if (ctx->t->op == TPARAM_OP_INJECT_TWICE
1961 && !TEST_ptr(ossl_quic_wire_encode_transport_param_bytes(&wpkt, ctx->t->id,
1962 ctx->t->buf,
1963 ctx->t->buf_len)))
1964 goto err;
1965 } else if (ctx->t->op == TPARAM_OP_INJECT_RAW) {
1966 if (!TEST_true(WPACKET_memcpy(&wpkt, ctx->t->buf, ctx->t->buf_len)))
1967 goto err;
1968 }
1969
1970 if (!TEST_true(WPACKET_close(&wpkt))) /* end extension data, set length */
1971 goto err;
1972
1973 if (!TEST_true(WPACKET_get_total_written(&wpkt, &written)))
1974 goto err;
1975
1976 WPACKET_finish(&wpkt);
1977 have_wpkt = 0;
1978
1979 /*
1980 * Append the constructed extension blob to the extension block.
1981 */
1982 old_len = ee->extensionslen;
1983
1984 if (!qtest_fault_resize_message(qtf, ee->extensionslen + written))
1985 goto err;
1986
1987 memcpy(ee->extensions + old_len, new_bufm->data, written);
1988
1989 /* Fixup the extension block header (u16 length of entire block). */
1990 eb_len = (((uint16_t)ee->extensions[0]) << 8) + (uint16_t)ee->extensions[1];
1991 eb_len += written;
1992 ee->extensions[0] = (unsigned char)((eb_len >> 8) & 0xFF);
1993 ee->extensions[1] = (unsigned char)( eb_len & 0xFF);
1994
1995 rc = 1;
1996 err:
1997 if (have_wpkt)
1998 WPACKET_cleanup(&wpkt);
1999 BUF_MEM_free(old_bufm);
2000 BUF_MEM_free(new_bufm);
2001 return rc;
2002 }
2003
2004 static int test_tparam(int idx)
2005 {
2006 int testresult = 0;
2007 SSL_CTX *c_ctx = NULL;
2008 SSL *c_ssl = NULL;
2009 QUIC_TSERVER *s = NULL;
2010 QTEST_FAULT *qtf = NULL;
2011 struct tparam_ctx ctx = {0};
2012
2013 ctx.t = &tparam_tests[idx];
2014
2015 if (!TEST_ptr(c_ctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method())))
2016 goto err;
2017
2018 if (!TEST_true(qtest_create_quic_objects(libctx, c_ctx, NULL, cert,
2019 privkey, 0, &s,
2020 &c_ssl, &qtf, NULL)))
2021 goto err;
2022
2023 if (!TEST_true(qtest_fault_set_hand_enc_ext_listener(qtf, tparam_on_enc_ext,
2024 &ctx)))
2025 goto err;
2026
2027 if (!TEST_true(qtest_create_quic_connection_ex(s, c_ssl,
2028 ctx.t->expect_fail != NULL)))
2029 goto err;
2030
2031 if (ctx.t->expect_fail != NULL) {
2032 SSL_CONN_CLOSE_INFO info = {0};
2033
2034 if (!TEST_true(SSL_get_conn_close_info(c_ssl, &info, sizeof(info))))
2035 goto err;
2036
2037 if (!TEST_true((info.flags & SSL_CONN_CLOSE_FLAG_TRANSPORT) != 0)
2038 || !TEST_uint64_t_eq(info.error_code, QUIC_ERR_TRANSPORT_PARAMETER_ERROR)
2039 || !TEST_ptr(strstr(info.reason, ctx.t->expect_fail))) {
2040 TEST_error("expected connection closure information mismatch"
2041 " during TPARAM test: flags=%llu ec=%llu reason='%s'",
2042 (unsigned long long)info.flags,
2043 (unsigned long long)info.error_code,
2044 info.reason);
2045 goto err;
2046 }
2047 }
2048
2049 testresult = 1;
2050 err:
2051 if (!testresult) {
2052 if (ctx.t->expect_fail != NULL)
2053 TEST_info("failed during test for id=%llu, op=%d, bl=%zu, "
2054 "expected failure='%s'", (unsigned long long)ctx.t->id,
2055 ctx.t->op, ctx.t->buf_len, ctx.t->expect_fail);
2056 else
2057 TEST_info("failed during test for id=%llu, op=%d, bl=%zu",
2058 (unsigned long long)ctx.t->id, ctx.t->op, ctx.t->buf_len);
2059 }
2060
2061 ossl_quic_tserver_free(s);
2062 SSL_free(c_ssl);
2063 SSL_CTX_free(c_ctx);
2064 qtest_fault_free(qtf);
2065 return testresult;
2066 }
2067 /***********************************************************************************/
2068
2069 OPT_TEST_DECLARE_USAGE("provider config certsdir datadir\n")
2070
2071 int setup_tests(void)
2072 {
2073 char *modulename;
2074 char *configfile;
2075
2076 libctx = OSSL_LIB_CTX_new();
2077 if (!TEST_ptr(libctx))
2078 return 0;
2079
2080 defctxnull = OSSL_PROVIDER_load(NULL, "null");
2081
2082 /*
2083 * Verify that the default and fips providers in the default libctx are not
2084 * available
2085 */
2086 if (!TEST_false(OSSL_PROVIDER_available(NULL, "default"))
2087 || !TEST_false(OSSL_PROVIDER_available(NULL, "fips")))
2088 goto err;
2089
2090 if (!test_skip_common_options()) {
2091 TEST_error("Error parsing test options\n");
2092 goto err;
2093 }
2094
2095 if (!TEST_ptr(modulename = test_get_argument(0))
2096 || !TEST_ptr(configfile = test_get_argument(1))
2097 || !TEST_ptr(certsdir = test_get_argument(2))
2098 || !TEST_ptr(datadir = test_get_argument(3)))
2099 goto err;
2100
2101 if (!TEST_true(OSSL_LIB_CTX_load_config(libctx, configfile)))
2102 goto err;
2103
2104 /* Check we have the expected provider available */
2105 if (!TEST_true(OSSL_PROVIDER_available(libctx, modulename)))
2106 goto err;
2107
2108 /* Check the default provider is not available */
2109 if (strcmp(modulename, "default") != 0
2110 && !TEST_false(OSSL_PROVIDER_available(libctx, "default")))
2111 goto err;
2112
2113 if (strcmp(modulename, "fips") == 0)
2114 is_fips = 1;
2115
2116 cert = test_mk_file_path(certsdir, "servercert.pem");
2117 if (cert == NULL)
2118 goto err;
2119
2120 ccert = test_mk_file_path(certsdir, "ee-client-chain.pem");
2121 if (ccert == NULL)
2122 goto err;
2123
2124 cauthca = test_mk_file_path(certsdir, "root-cert.pem");
2125 if (cauthca == NULL)
2126 goto err;
2127
2128 privkey = test_mk_file_path(certsdir, "serverkey.pem");
2129 if (privkey == NULL)
2130 goto err;
2131
2132 cprivkey = test_mk_file_path(certsdir, "ee-key.pem");
2133 if (privkey == NULL)
2134 goto err;
2135
2136 ADD_ALL_TESTS(test_quic_write_read, 3);
2137 ADD_TEST(test_fin_only_blocking);
2138 ADD_TEST(test_ciphersuites);
2139 ADD_TEST(test_cipher_find);
2140 ADD_TEST(test_version);
2141 #if defined(DO_SSL_TRACE_TEST)
2142 ADD_TEST(test_ssl_trace);
2143 #endif
2144 ADD_TEST(test_quic_forbidden_apis_ctx);
2145 ADD_TEST(test_quic_forbidden_apis);
2146 ADD_TEST(test_quic_forbidden_options);
2147 ADD_ALL_TESTS(test_quic_set_fd, 3);
2148 ADD_TEST(test_bio_ssl);
2149 ADD_TEST(test_back_pressure);
2150 ADD_TEST(test_multiple_dgrams);
2151 ADD_ALL_TESTS(test_non_io_retry, 2);
2152 ADD_TEST(test_quic_psk);
2153 ADD_ALL_TESTS(test_client_auth, 3);
2154 ADD_ALL_TESTS(test_alpn, 2);
2155 ADD_ALL_TESTS(test_noisy_dgram, 2);
2156 ADD_TEST(test_get_shutdown);
2157 ADD_ALL_TESTS(test_tparam, OSSL_NELEM(tparam_tests));
2158
2159 return 1;
2160 err:
2161 cleanup_tests();
2162 return 0;
2163 }
2164
2165 void cleanup_tests(void)
2166 {
2167 bio_f_noisy_dgram_filter_free();
2168 bio_f_pkt_split_dgram_filter_free();
2169 OPENSSL_free(cert);
2170 OPENSSL_free(privkey);
2171 OPENSSL_free(ccert);
2172 OPENSSL_free(cauthca);
2173 OPENSSL_free(cprivkey);
2174 OSSL_PROVIDER_unload(defctxnull);
2175 OSSL_LIB_CTX_free(libctx);
2176 }
A mirror of the official openssl repository