]>
Commit | Line | Data |
---|---|---|
453dfd8d | 1 | /* |
019e47ce | 2 | * Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved. |
453dfd8d | 3 | * |
440e5d80 RS |
4 | * Licensed under the OpenSSL license (the "License"). You may not use |
5 | * this file except in compliance with the License. You can obtain a copy | |
6 | * in the file LICENSE in the source distribution or at | |
453dfd8d | 7 | * https://www.openssl.org/source/license.html |
453dfd8d EK |
8 | */ |
9 | ||
10 | /* | |
11 | * Ideally, CONF should offer standard parsing methods and cover them | |
12 | * in tests. But since we have no CONF tests, we use a custom test for now. | |
13 | */ | |
14 | ||
15 | #include <stdio.h> | |
ce2cdac2 | 16 | #include <string.h> |
453dfd8d EK |
17 | |
18 | #include "e_os.h" | |
19 | #include "ssl_test_ctx.h" | |
20 | #include "testutil.h" | |
21 | #include <openssl/e_os2.h> | |
22 | #include <openssl/err.h> | |
23 | #include <openssl/conf.h> | |
24 | #include <openssl/ssl.h> | |
25 | ||
26 | static CONF *conf = NULL; | |
27 | ||
28 | typedef struct ssl_test_ctx_test_fixture { | |
29 | const char *test_case_name; | |
30 | const char *test_section; | |
31 | /* Expected parsed configuration. */ | |
32 | SSL_TEST_CTX *expected_ctx; | |
33 | } SSL_TEST_CTX_TEST_FIXTURE; | |
34 | ||
9f48bbac | 35 | |
1f9d203d RS |
36 | static int clientconf_eq(SSL_TEST_CLIENT_CONF *conf1, |
37 | SSL_TEST_CLIENT_CONF *conf2) | |
9f48bbac | 38 | { |
1f9d203d RS |
39 | if (!TEST_int_eq(conf1->verify_callback, conf2->verify_callback) |
40 | || !TEST_int_eq(conf1->servername, conf2->servername) | |
41 | || !TEST_str_eq(conf1->npn_protocols, conf2->npn_protocols) | |
42 | || !TEST_str_eq(conf1->alpn_protocols, conf2->alpn_protocols) | |
43 | || !TEST_int_eq(conf1->ct_validation, conf2->ct_validation)) | |
9f48bbac | 44 | return 0; |
9f48bbac EK |
45 | return 1; |
46 | } | |
47 | ||
1f9d203d RS |
48 | static int serverconf_eq(SSL_TEST_SERVER_CONF *serv, |
49 | SSL_TEST_SERVER_CONF *serv2) | |
9f48bbac | 50 | { |
1f9d203d RS |
51 | if (!TEST_int_eq(serv->servername_callback, serv2->servername_callback) |
52 | || !TEST_str_eq(serv->npn_protocols, serv2->npn_protocols) | |
53 | || !TEST_str_eq(serv->alpn_protocols, serv2->alpn_protocols) | |
54 | || !TEST_int_eq(serv->broken_session_ticket, | |
55 | serv2->broken_session_ticket) | |
56 | || !TEST_int_eq(serv->cert_status, serv2->cert_status)) | |
9f48bbac | 57 | return 0; |
9f48bbac EK |
58 | return 1; |
59 | } | |
60 | ||
1f9d203d RS |
61 | static int extraconf_eq(SSL_TEST_EXTRA_CONF *extra, |
62 | SSL_TEST_EXTRA_CONF *extra2) | |
9f48bbac | 63 | { |
1f9d203d RS |
64 | if (!TEST_true(clientconf_eq(&extra->client, &extra2->client)) |
65 | || !TEST_true(serverconf_eq(&extra->server, &extra2->server)) | |
66 | || !TEST_true(serverconf_eq(&extra->server2, &extra2->server2))) | |
67 | return 0; | |
68 | return 1; | |
9f48bbac EK |
69 | } |
70 | ||
1f9d203d | 71 | static int testctx_eq(SSL_TEST_CTX *ctx, SSL_TEST_CTX *ctx2) |
453dfd8d | 72 | { |
1f9d203d RS |
73 | if (!TEST_int_eq(ctx->method, ctx2->method) |
74 | || !TEST_int_eq(ctx->handshake_mode, ctx2->handshake_mode) | |
75 | || !TEST_int_eq(ctx->app_data_size, ctx2->app_data_size) | |
76 | || !TEST_int_eq(ctx->max_fragment_size, ctx2->max_fragment_size) | |
77 | || !extraconf_eq(&ctx->extra, &ctx2->extra) | |
78 | || !extraconf_eq(&ctx->resume_extra, &ctx2->resume_extra) | |
79 | || !TEST_int_eq(ctx->expected_result, ctx2->expected_result) | |
80 | || !TEST_int_eq(ctx->expected_client_alert, | |
81 | ctx2->expected_client_alert) | |
82 | || !TEST_int_eq(ctx->expected_server_alert, | |
83 | ctx2->expected_server_alert) | |
84 | || !TEST_int_eq(ctx->expected_protocol, ctx2->expected_protocol) | |
85 | || !TEST_int_eq(ctx->expected_servername, ctx2->expected_servername) | |
86 | || !TEST_int_eq(ctx->session_ticket_expected, | |
87 | ctx2->session_ticket_expected) | |
88 | || !TEST_int_eq(ctx->compression_expected, | |
89 | ctx2->compression_expected) | |
90 | || !TEST_str_eq(ctx->expected_npn_protocol, | |
91 | ctx2->expected_npn_protocol) | |
92 | || !TEST_str_eq(ctx->expected_alpn_protocol, | |
93 | ctx2->expected_alpn_protocol) | |
94 | || !TEST_int_eq(ctx->resumption_expected, | |
95 | ctx2->resumption_expected)) | |
590ed3d7 | 96 | return 0; |
453dfd8d EK |
97 | return 1; |
98 | } | |
99 | ||
100 | static SSL_TEST_CTX_TEST_FIXTURE set_up(const char *const test_case_name) | |
101 | { | |
102 | SSL_TEST_CTX_TEST_FIXTURE fixture; | |
1f9d203d | 103 | |
019e47ce | 104 | memset(&fixture, 0, sizeof(fixture)); |
453dfd8d | 105 | fixture.test_case_name = test_case_name; |
1f9d203d | 106 | TEST_ptr(fixture.expected_ctx = SSL_TEST_CTX_new()); |
453dfd8d EK |
107 | return fixture; |
108 | } | |
109 | ||
110 | static int execute_test(SSL_TEST_CTX_TEST_FIXTURE fixture) | |
111 | { | |
ababe86b | 112 | int success = 0; |
1f9d203d | 113 | SSL_TEST_CTX *ctx; |
453dfd8d | 114 | |
1f9d203d RS |
115 | if (!TEST_ptr(ctx = SSL_TEST_CTX_create(conf, fixture.test_section)) |
116 | || !testctx_eq(ctx, fixture.expected_ctx)) | |
453dfd8d EK |
117 | goto err; |
118 | ||
ababe86b | 119 | success = 1; |
453dfd8d EK |
120 | err: |
121 | SSL_TEST_CTX_free(ctx); | |
ababe86b | 122 | return success; |
453dfd8d EK |
123 | } |
124 | ||
453dfd8d EK |
125 | static void tear_down(SSL_TEST_CTX_TEST_FIXTURE fixture) |
126 | { | |
127 | SSL_TEST_CTX_free(fixture.expected_ctx); | |
453dfd8d EK |
128 | } |
129 | ||
1f9d203d | 130 | #define SETUP_SSL_TEST_CTX_TEST_FIXTURE() \ |
453dfd8d | 131 | SETUP_TEST_FIXTURE(SSL_TEST_CTX_TEST_FIXTURE, set_up) |
1f9d203d | 132 | #define EXECUTE_SSL_TEST_CTX_TEST() \ |
453dfd8d | 133 | EXECUTE_TEST(execute_test, tear_down) |
453dfd8d EK |
134 | |
135 | static int test_empty_configuration() | |
136 | { | |
137 | SETUP_SSL_TEST_CTX_TEST_FIXTURE(); | |
138 | fixture.test_section = "ssltest_default"; | |
139 | fixture.expected_ctx->expected_result = SSL_TEST_SUCCESS; | |
140 | EXECUTE_SSL_TEST_CTX_TEST(); | |
141 | } | |
142 | ||
143 | static int test_good_configuration() | |
144 | { | |
145 | SETUP_SSL_TEST_CTX_TEST_FIXTURE(); | |
146 | fixture.test_section = "ssltest_good"; | |
9f48bbac EK |
147 | fixture.expected_ctx->method = SSL_TEST_METHOD_DTLS; |
148 | fixture.expected_ctx->handshake_mode = SSL_TEST_HANDSHAKE_RESUME; | |
e0421bd8 | 149 | fixture.expected_ctx->app_data_size = 1024; |
6dc99745 | 150 | fixture.expected_ctx->max_fragment_size = 2048; |
9f48bbac | 151 | |
453dfd8d | 152 | fixture.expected_ctx->expected_result = SSL_TEST_SERVER_FAIL; |
9f48bbac EK |
153 | fixture.expected_ctx->expected_client_alert = SSL_AD_UNKNOWN_CA; |
154 | fixture.expected_ctx->expected_server_alert = 0; /* No alert. */ | |
155 | fixture.expected_ctx->expected_protocol = TLS1_1_VERSION; | |
d2b23cd2 | 156 | fixture.expected_ctx->expected_servername = SSL_TEST_SERVERNAME_SERVER2; |
5c753de6 | 157 | fixture.expected_ctx->session_ticket_expected = SSL_TEST_SESSION_TICKET_YES; |
439db0c9 | 158 | fixture.expected_ctx->compression_expected = SSL_TEST_COMPRESSION_NO; |
590ed3d7 | 159 | fixture.expected_ctx->resumption_expected = 1; |
9f48bbac EK |
160 | |
161 | fixture.expected_ctx->extra.client.verify_callback = | |
162 | SSL_TEST_VERIFY_REJECT_ALL; | |
163 | fixture.expected_ctx->extra.client.servername = SSL_TEST_SERVERNAME_SERVER2; | |
164 | fixture.expected_ctx->extra.client.npn_protocols = | |
165 | OPENSSL_strdup("foo,bar"); | |
019e47ce P |
166 | if (!TEST_ptr(fixture.expected_ctx->extra.client.npn_protocols)) |
167 | goto err; | |
9f48bbac EK |
168 | |
169 | fixture.expected_ctx->extra.server.servername_callback = | |
170 | SSL_TEST_SERVERNAME_IGNORE_MISMATCH; | |
171 | fixture.expected_ctx->extra.server.broken_session_ticket = 1; | |
172 | ||
173 | fixture.expected_ctx->resume_extra.server2.alpn_protocols = | |
174 | OPENSSL_strdup("baz"); | |
019e47ce P |
175 | if (!TEST_ptr(fixture.expected_ctx->resume_extra.server2.alpn_protocols)) |
176 | goto err; | |
9f48bbac | 177 | |
da085d27 EK |
178 | fixture.expected_ctx->resume_extra.client.ct_validation = |
179 | SSL_TEST_CT_VALIDATION_STRICT; | |
180 | ||
453dfd8d | 181 | EXECUTE_SSL_TEST_CTX_TEST(); |
019e47ce P |
182 | |
183 | err: | |
184 | tear_down(fixture); | |
185 | return 0; | |
453dfd8d EK |
186 | } |
187 | ||
188 | static const char *bad_configurations[] = { | |
189 | "ssltest_unknown_option", | |
6bd3379a | 190 | "ssltest_wrong_section", |
453dfd8d EK |
191 | "ssltest_unknown_expected_result", |
192 | "ssltest_unknown_alert", | |
193 | "ssltest_unknown_protocol", | |
a263f320 | 194 | "ssltest_unknown_verify_callback", |
5c753de6 | 195 | "ssltest_unknown_servername", |
d2b23cd2 | 196 | "ssltest_unknown_servername_callback", |
5c753de6 | 197 | "ssltest_unknown_session_ticket_expected", |
439db0c9 | 198 | "ssltest_unknown_compression_expected", |
74726750 | 199 | "ssltest_unknown_method", |
590ed3d7 EK |
200 | "ssltest_unknown_handshake_mode", |
201 | "ssltest_unknown_resumption_expected", | |
da085d27 | 202 | "ssltest_unknown_ct_validation", |
453dfd8d EK |
203 | }; |
204 | ||
205 | static int test_bad_configuration(int idx) | |
206 | { | |
1f9d203d | 207 | SSL_TEST_CTX *ctx; |
bd91e3c8 | 208 | |
1f9d203d RS |
209 | if (!TEST_ptr_null(ctx = SSL_TEST_CTX_create(conf, |
210 | bad_configurations[idx]))) { | |
d836d71b EK |
211 | SSL_TEST_CTX_free(ctx); |
212 | return 0; | |
213 | } | |
214 | ||
215 | return 1; | |
453dfd8d EK |
216 | } |
217 | ||
ad887416 | 218 | int setup_tests(void) |
453dfd8d | 219 | { |
ad887416 P |
220 | if (!TEST_ptr(conf = NCONF_new(NULL))) |
221 | return 0; | |
222 | /* argument should point to test/ssl_test_ctx_test.conf */ | |
223 | if (!TEST_int_gt(NCONF_load(conf, test_get_argument(0), NULL), 0)) { | |
224 | TEST_note("Missing file argument"); | |
225 | return 0; | |
1f9d203d | 226 | } |
453dfd8d EK |
227 | |
228 | ADD_TEST(test_empty_configuration); | |
229 | ADD_TEST(test_good_configuration); | |
230 | ADD_ALL_TESTS(test_bad_configuration, OSSL_NELEM(bad_configurations)); | |
ad887416 P |
231 | return 1; |
232 | } | |
453dfd8d | 233 | |
ad887416 P |
234 | void cleanup_tests(void) |
235 | { | |
453dfd8d | 236 | NCONF_free(conf); |
453dfd8d | 237 | } |