]>
Commit | Line | Data |
---|---|---|
453dfd8d | 1 | /* |
b0edda11 | 2 | * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. |
453dfd8d | 3 | * |
440e5d80 RS |
4 | * Licensed under the OpenSSL license (the "License"). You may not use |
5 | * this file except in compliance with the License. You can obtain a copy | |
6 | * in the file LICENSE in the source distribution or at | |
453dfd8d | 7 | * https://www.openssl.org/source/license.html |
453dfd8d EK |
8 | */ |
9 | ||
10 | /* | |
11 | * Ideally, CONF should offer standard parsing methods and cover them | |
12 | * in tests. But since we have no CONF tests, we use a custom test for now. | |
13 | */ | |
14 | ||
15 | #include <stdio.h> | |
ce2cdac2 | 16 | #include <string.h> |
453dfd8d | 17 | |
176db6dc | 18 | #include "internal/nelem.h" |
453dfd8d EK |
19 | #include "ssl_test_ctx.h" |
20 | #include "testutil.h" | |
21 | #include <openssl/e_os2.h> | |
22 | #include <openssl/err.h> | |
23 | #include <openssl/conf.h> | |
24 | #include <openssl/ssl.h> | |
25 | ||
26 | static CONF *conf = NULL; | |
27 | ||
28 | typedef struct ssl_test_ctx_test_fixture { | |
29 | const char *test_case_name; | |
30 | const char *test_section; | |
31 | /* Expected parsed configuration. */ | |
32 | SSL_TEST_CTX *expected_ctx; | |
33 | } SSL_TEST_CTX_TEST_FIXTURE; | |
34 | ||
9f48bbac | 35 | |
1f9d203d RS |
36 | static int clientconf_eq(SSL_TEST_CLIENT_CONF *conf1, |
37 | SSL_TEST_CLIENT_CONF *conf2) | |
9f48bbac | 38 | { |
1f9d203d RS |
39 | if (!TEST_int_eq(conf1->verify_callback, conf2->verify_callback) |
40 | || !TEST_int_eq(conf1->servername, conf2->servername) | |
41 | || !TEST_str_eq(conf1->npn_protocols, conf2->npn_protocols) | |
42 | || !TEST_str_eq(conf1->alpn_protocols, conf2->alpn_protocols) | |
cf72c757 F |
43 | || !TEST_int_eq(conf1->ct_validation, conf2->ct_validation) |
44 | || !TEST_int_eq(conf1->max_fragment_len_mode, | |
45 | conf2->max_fragment_len_mode)) | |
9f48bbac | 46 | return 0; |
9f48bbac EK |
47 | return 1; |
48 | } | |
49 | ||
1f9d203d RS |
50 | static int serverconf_eq(SSL_TEST_SERVER_CONF *serv, |
51 | SSL_TEST_SERVER_CONF *serv2) | |
9f48bbac | 52 | { |
1f9d203d RS |
53 | if (!TEST_int_eq(serv->servername_callback, serv2->servername_callback) |
54 | || !TEST_str_eq(serv->npn_protocols, serv2->npn_protocols) | |
55 | || !TEST_str_eq(serv->alpn_protocols, serv2->alpn_protocols) | |
56 | || !TEST_int_eq(serv->broken_session_ticket, | |
57 | serv2->broken_session_ticket) | |
df0fed9a TS |
58 | || !TEST_str_eq(serv->session_ticket_app_data, |
59 | serv2->session_ticket_app_data) | |
1f9d203d | 60 | || !TEST_int_eq(serv->cert_status, serv2->cert_status)) |
9f48bbac | 61 | return 0; |
9f48bbac EK |
62 | return 1; |
63 | } | |
64 | ||
1f9d203d RS |
65 | static int extraconf_eq(SSL_TEST_EXTRA_CONF *extra, |
66 | SSL_TEST_EXTRA_CONF *extra2) | |
9f48bbac | 67 | { |
1f9d203d RS |
68 | if (!TEST_true(clientconf_eq(&extra->client, &extra2->client)) |
69 | || !TEST_true(serverconf_eq(&extra->server, &extra2->server)) | |
70 | || !TEST_true(serverconf_eq(&extra->server2, &extra2->server2))) | |
71 | return 0; | |
72 | return 1; | |
9f48bbac EK |
73 | } |
74 | ||
1f9d203d | 75 | static int testctx_eq(SSL_TEST_CTX *ctx, SSL_TEST_CTX *ctx2) |
453dfd8d | 76 | { |
1f9d203d RS |
77 | if (!TEST_int_eq(ctx->method, ctx2->method) |
78 | || !TEST_int_eq(ctx->handshake_mode, ctx2->handshake_mode) | |
79 | || !TEST_int_eq(ctx->app_data_size, ctx2->app_data_size) | |
80 | || !TEST_int_eq(ctx->max_fragment_size, ctx2->max_fragment_size) | |
81 | || !extraconf_eq(&ctx->extra, &ctx2->extra) | |
82 | || !extraconf_eq(&ctx->resume_extra, &ctx2->resume_extra) | |
83 | || !TEST_int_eq(ctx->expected_result, ctx2->expected_result) | |
84 | || !TEST_int_eq(ctx->expected_client_alert, | |
85 | ctx2->expected_client_alert) | |
86 | || !TEST_int_eq(ctx->expected_server_alert, | |
87 | ctx2->expected_server_alert) | |
88 | || !TEST_int_eq(ctx->expected_protocol, ctx2->expected_protocol) | |
89 | || !TEST_int_eq(ctx->expected_servername, ctx2->expected_servername) | |
90 | || !TEST_int_eq(ctx->session_ticket_expected, | |
91 | ctx2->session_ticket_expected) | |
92 | || !TEST_int_eq(ctx->compression_expected, | |
93 | ctx2->compression_expected) | |
94 | || !TEST_str_eq(ctx->expected_npn_protocol, | |
95 | ctx2->expected_npn_protocol) | |
96 | || !TEST_str_eq(ctx->expected_alpn_protocol, | |
97 | ctx2->expected_alpn_protocol) | |
e1c7871d TS |
98 | || !TEST_str_eq(ctx->expected_cipher, |
99 | ctx2->expected_cipher) | |
df0fed9a TS |
100 | || !TEST_str_eq(ctx->expected_session_ticket_app_data, |
101 | ctx2->expected_session_ticket_app_data) | |
1f9d203d | 102 | || !TEST_int_eq(ctx->resumption_expected, |
a84e5c9a TS |
103 | ctx2->resumption_expected) |
104 | || !TEST_int_eq(ctx->session_id_expected, | |
105 | ctx2->session_id_expected)) | |
590ed3d7 | 106 | return 0; |
453dfd8d EK |
107 | return 1; |
108 | } | |
109 | ||
2326bba0 | 110 | static SSL_TEST_CTX_TEST_FIXTURE *set_up(const char *const test_case_name) |
453dfd8d | 111 | { |
2326bba0 P |
112 | SSL_TEST_CTX_TEST_FIXTURE *fixture; |
113 | ||
114 | if (!TEST_ptr(fixture = OPENSSL_zalloc(sizeof(*fixture)))) | |
115 | return NULL; | |
116 | fixture->test_case_name = test_case_name; | |
117 | if (!TEST_ptr(fixture->expected_ctx = SSL_TEST_CTX_new())) { | |
118 | OPENSSL_free(fixture); | |
119 | return NULL; | |
120 | } | |
453dfd8d EK |
121 | return fixture; |
122 | } | |
123 | ||
2326bba0 | 124 | static int execute_test(SSL_TEST_CTX_TEST_FIXTURE *fixture) |
453dfd8d | 125 | { |
ababe86b | 126 | int success = 0; |
1f9d203d | 127 | SSL_TEST_CTX *ctx; |
453dfd8d | 128 | |
2326bba0 P |
129 | if (!TEST_ptr(ctx = SSL_TEST_CTX_create(conf, fixture->test_section)) |
130 | || !testctx_eq(ctx, fixture->expected_ctx)) | |
453dfd8d EK |
131 | goto err; |
132 | ||
ababe86b | 133 | success = 1; |
453dfd8d EK |
134 | err: |
135 | SSL_TEST_CTX_free(ctx); | |
ababe86b | 136 | return success; |
453dfd8d EK |
137 | } |
138 | ||
2326bba0 | 139 | static void tear_down(SSL_TEST_CTX_TEST_FIXTURE *fixture) |
453dfd8d | 140 | { |
2326bba0 P |
141 | SSL_TEST_CTX_free(fixture->expected_ctx); |
142 | OPENSSL_free(fixture); | |
453dfd8d EK |
143 | } |
144 | ||
1f9d203d | 145 | #define SETUP_SSL_TEST_CTX_TEST_FIXTURE() \ |
99801878 | 146 | SETUP_TEST_FIXTURE(SSL_TEST_CTX_TEST_FIXTURE, set_up); |
1f9d203d | 147 | #define EXECUTE_SSL_TEST_CTX_TEST() \ |
453dfd8d | 148 | EXECUTE_TEST(execute_test, tear_down) |
453dfd8d | 149 | |
31a80694 | 150 | static int test_empty_configuration(void) |
453dfd8d EK |
151 | { |
152 | SETUP_SSL_TEST_CTX_TEST_FIXTURE(); | |
99801878 P |
153 | if (fixture == NULL) |
154 | return 0; | |
2326bba0 P |
155 | fixture->test_section = "ssltest_default"; |
156 | fixture->expected_ctx->expected_result = SSL_TEST_SUCCESS; | |
453dfd8d | 157 | EXECUTE_SSL_TEST_CTX_TEST(); |
99801878 | 158 | return result; |
453dfd8d EK |
159 | } |
160 | ||
31a80694 | 161 | static int test_good_configuration(void) |
453dfd8d EK |
162 | { |
163 | SETUP_SSL_TEST_CTX_TEST_FIXTURE(); | |
99801878 P |
164 | if (fixture == NULL) |
165 | return 0; | |
2326bba0 P |
166 | fixture->test_section = "ssltest_good"; |
167 | fixture->expected_ctx->method = SSL_TEST_METHOD_DTLS; | |
168 | fixture->expected_ctx->handshake_mode = SSL_TEST_HANDSHAKE_RESUME; | |
169 | fixture->expected_ctx->app_data_size = 1024; | |
170 | fixture->expected_ctx->max_fragment_size = 2048; | |
171 | ||
172 | fixture->expected_ctx->expected_result = SSL_TEST_SERVER_FAIL; | |
173 | fixture->expected_ctx->expected_client_alert = SSL_AD_UNKNOWN_CA; | |
174 | fixture->expected_ctx->expected_server_alert = 0; /* No alert. */ | |
175 | fixture->expected_ctx->expected_protocol = TLS1_1_VERSION; | |
176 | fixture->expected_ctx->expected_servername = SSL_TEST_SERVERNAME_SERVER2; | |
177 | fixture->expected_ctx->session_ticket_expected = SSL_TEST_SESSION_TICKET_YES; | |
178 | fixture->expected_ctx->compression_expected = SSL_TEST_COMPRESSION_NO; | |
a84e5c9a | 179 | fixture->expected_ctx->session_id_expected = SSL_TEST_SESSION_ID_IGNORE; |
2326bba0 P |
180 | fixture->expected_ctx->resumption_expected = 1; |
181 | ||
182 | fixture->expected_ctx->extra.client.verify_callback = | |
9f48bbac | 183 | SSL_TEST_VERIFY_REJECT_ALL; |
2326bba0 P |
184 | fixture->expected_ctx->extra.client.servername = SSL_TEST_SERVERNAME_SERVER2; |
185 | fixture->expected_ctx->extra.client.npn_protocols = | |
9f48bbac | 186 | OPENSSL_strdup("foo,bar"); |
2326bba0 | 187 | if (!TEST_ptr(fixture->expected_ctx->extra.client.npn_protocols)) |
019e47ce | 188 | goto err; |
cf72c757 | 189 | fixture->expected_ctx->extra.client.max_fragment_len_mode = 0; |
9f48bbac | 190 | |
2326bba0 | 191 | fixture->expected_ctx->extra.server.servername_callback = |
9f48bbac | 192 | SSL_TEST_SERVERNAME_IGNORE_MISMATCH; |
2326bba0 | 193 | fixture->expected_ctx->extra.server.broken_session_ticket = 1; |
9f48bbac | 194 | |
2326bba0 | 195 | fixture->expected_ctx->resume_extra.server2.alpn_protocols = |
9f48bbac | 196 | OPENSSL_strdup("baz"); |
2326bba0 | 197 | if (!TEST_ptr(fixture->expected_ctx->resume_extra.server2.alpn_protocols)) |
019e47ce | 198 | goto err; |
9f48bbac | 199 | |
2326bba0 | 200 | fixture->expected_ctx->resume_extra.client.ct_validation = |
da085d27 EK |
201 | SSL_TEST_CT_VALIDATION_STRICT; |
202 | ||
453dfd8d | 203 | EXECUTE_SSL_TEST_CTX_TEST(); |
99801878 | 204 | return result; |
019e47ce P |
205 | |
206 | err: | |
207 | tear_down(fixture); | |
208 | return 0; | |
453dfd8d EK |
209 | } |
210 | ||
211 | static const char *bad_configurations[] = { | |
212 | "ssltest_unknown_option", | |
6bd3379a | 213 | "ssltest_wrong_section", |
453dfd8d EK |
214 | "ssltest_unknown_expected_result", |
215 | "ssltest_unknown_alert", | |
216 | "ssltest_unknown_protocol", | |
a263f320 | 217 | "ssltest_unknown_verify_callback", |
5c753de6 | 218 | "ssltest_unknown_servername", |
d2b23cd2 | 219 | "ssltest_unknown_servername_callback", |
5c753de6 | 220 | "ssltest_unknown_session_ticket_expected", |
439db0c9 | 221 | "ssltest_unknown_compression_expected", |
a84e5c9a | 222 | "ssltest_unknown_session_id_expected", |
74726750 | 223 | "ssltest_unknown_method", |
590ed3d7 EK |
224 | "ssltest_unknown_handshake_mode", |
225 | "ssltest_unknown_resumption_expected", | |
da085d27 | 226 | "ssltest_unknown_ct_validation", |
cf72c757 | 227 | "ssltest_invalid_max_fragment_len", |
453dfd8d EK |
228 | }; |
229 | ||
230 | static int test_bad_configuration(int idx) | |
231 | { | |
1f9d203d | 232 | SSL_TEST_CTX *ctx; |
bd91e3c8 | 233 | |
1f9d203d RS |
234 | if (!TEST_ptr_null(ctx = SSL_TEST_CTX_create(conf, |
235 | bad_configurations[idx]))) { | |
d836d71b EK |
236 | SSL_TEST_CTX_free(ctx); |
237 | return 0; | |
238 | } | |
239 | ||
240 | return 1; | |
453dfd8d EK |
241 | } |
242 | ||
ad887416 | 243 | int setup_tests(void) |
453dfd8d | 244 | { |
ad887416 P |
245 | if (!TEST_ptr(conf = NCONF_new(NULL))) |
246 | return 0; | |
247 | /* argument should point to test/ssl_test_ctx_test.conf */ | |
248 | if (!TEST_int_gt(NCONF_load(conf, test_get_argument(0), NULL), 0)) { | |
249 | TEST_note("Missing file argument"); | |
250 | return 0; | |
1f9d203d | 251 | } |
453dfd8d EK |
252 | |
253 | ADD_TEST(test_empty_configuration); | |
254 | ADD_TEST(test_good_configuration); | |
255 | ADD_ALL_TESTS(test_bad_configuration, OSSL_NELEM(bad_configurations)); | |
ad887416 P |
256 | return 1; |
257 | } | |
453dfd8d | 258 | |
ad887416 P |
259 | void cleanup_tests(void) |
260 | { | |
453dfd8d | 261 | NCONF_free(conf); |
453dfd8d | 262 | } |