]>
Commit | Line | Data |
---|---|---|
453dfd8d | 1 | /* |
019e47ce | 2 | * Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved. |
453dfd8d | 3 | * |
440e5d80 RS |
4 | * Licensed under the OpenSSL license (the "License"). You may not use |
5 | * this file except in compliance with the License. You can obtain a copy | |
6 | * in the file LICENSE in the source distribution or at | |
453dfd8d | 7 | * https://www.openssl.org/source/license.html |
453dfd8d EK |
8 | */ |
9 | ||
10 | /* | |
11 | * Ideally, CONF should offer standard parsing methods and cover them | |
12 | * in tests. But since we have no CONF tests, we use a custom test for now. | |
13 | */ | |
14 | ||
15 | #include <stdio.h> | |
ce2cdac2 | 16 | #include <string.h> |
453dfd8d | 17 | |
176db6dc | 18 | #include "internal/nelem.h" |
453dfd8d EK |
19 | #include "ssl_test_ctx.h" |
20 | #include "testutil.h" | |
21 | #include <openssl/e_os2.h> | |
22 | #include <openssl/err.h> | |
23 | #include <openssl/conf.h> | |
24 | #include <openssl/ssl.h> | |
25 | ||
26 | static CONF *conf = NULL; | |
27 | ||
28 | typedef struct ssl_test_ctx_test_fixture { | |
29 | const char *test_case_name; | |
30 | const char *test_section; | |
31 | /* Expected parsed configuration. */ | |
32 | SSL_TEST_CTX *expected_ctx; | |
33 | } SSL_TEST_CTX_TEST_FIXTURE; | |
34 | ||
9f48bbac | 35 | |
1f9d203d RS |
36 | static int clientconf_eq(SSL_TEST_CLIENT_CONF *conf1, |
37 | SSL_TEST_CLIENT_CONF *conf2) | |
9f48bbac | 38 | { |
1f9d203d RS |
39 | if (!TEST_int_eq(conf1->verify_callback, conf2->verify_callback) |
40 | || !TEST_int_eq(conf1->servername, conf2->servername) | |
41 | || !TEST_str_eq(conf1->npn_protocols, conf2->npn_protocols) | |
42 | || !TEST_str_eq(conf1->alpn_protocols, conf2->alpn_protocols) | |
cf72c757 F |
43 | || !TEST_int_eq(conf1->ct_validation, conf2->ct_validation) |
44 | || !TEST_int_eq(conf1->max_fragment_len_mode, | |
45 | conf2->max_fragment_len_mode)) | |
9f48bbac | 46 | return 0; |
9f48bbac EK |
47 | return 1; |
48 | } | |
49 | ||
1f9d203d RS |
50 | static int serverconf_eq(SSL_TEST_SERVER_CONF *serv, |
51 | SSL_TEST_SERVER_CONF *serv2) | |
9f48bbac | 52 | { |
1f9d203d RS |
53 | if (!TEST_int_eq(serv->servername_callback, serv2->servername_callback) |
54 | || !TEST_str_eq(serv->npn_protocols, serv2->npn_protocols) | |
55 | || !TEST_str_eq(serv->alpn_protocols, serv2->alpn_protocols) | |
56 | || !TEST_int_eq(serv->broken_session_ticket, | |
57 | serv2->broken_session_ticket) | |
58 | || !TEST_int_eq(serv->cert_status, serv2->cert_status)) | |
9f48bbac | 59 | return 0; |
9f48bbac EK |
60 | return 1; |
61 | } | |
62 | ||
1f9d203d RS |
63 | static int extraconf_eq(SSL_TEST_EXTRA_CONF *extra, |
64 | SSL_TEST_EXTRA_CONF *extra2) | |
9f48bbac | 65 | { |
1f9d203d RS |
66 | if (!TEST_true(clientconf_eq(&extra->client, &extra2->client)) |
67 | || !TEST_true(serverconf_eq(&extra->server, &extra2->server)) | |
68 | || !TEST_true(serverconf_eq(&extra->server2, &extra2->server2))) | |
69 | return 0; | |
70 | return 1; | |
9f48bbac EK |
71 | } |
72 | ||
1f9d203d | 73 | static int testctx_eq(SSL_TEST_CTX *ctx, SSL_TEST_CTX *ctx2) |
453dfd8d | 74 | { |
1f9d203d RS |
75 | if (!TEST_int_eq(ctx->method, ctx2->method) |
76 | || !TEST_int_eq(ctx->handshake_mode, ctx2->handshake_mode) | |
77 | || !TEST_int_eq(ctx->app_data_size, ctx2->app_data_size) | |
78 | || !TEST_int_eq(ctx->max_fragment_size, ctx2->max_fragment_size) | |
79 | || !extraconf_eq(&ctx->extra, &ctx2->extra) | |
80 | || !extraconf_eq(&ctx->resume_extra, &ctx2->resume_extra) | |
81 | || !TEST_int_eq(ctx->expected_result, ctx2->expected_result) | |
82 | || !TEST_int_eq(ctx->expected_client_alert, | |
83 | ctx2->expected_client_alert) | |
84 | || !TEST_int_eq(ctx->expected_server_alert, | |
85 | ctx2->expected_server_alert) | |
86 | || !TEST_int_eq(ctx->expected_protocol, ctx2->expected_protocol) | |
87 | || !TEST_int_eq(ctx->expected_servername, ctx2->expected_servername) | |
88 | || !TEST_int_eq(ctx->session_ticket_expected, | |
89 | ctx2->session_ticket_expected) | |
90 | || !TEST_int_eq(ctx->compression_expected, | |
91 | ctx2->compression_expected) | |
92 | || !TEST_str_eq(ctx->expected_npn_protocol, | |
93 | ctx2->expected_npn_protocol) | |
94 | || !TEST_str_eq(ctx->expected_alpn_protocol, | |
95 | ctx2->expected_alpn_protocol) | |
e1c7871d TS |
96 | || !TEST_str_eq(ctx->expected_cipher, |
97 | ctx2->expected_cipher) | |
1f9d203d | 98 | || !TEST_int_eq(ctx->resumption_expected, |
a84e5c9a TS |
99 | ctx2->resumption_expected) |
100 | || !TEST_int_eq(ctx->session_id_expected, | |
101 | ctx2->session_id_expected)) | |
590ed3d7 | 102 | return 0; |
453dfd8d EK |
103 | return 1; |
104 | } | |
105 | ||
2326bba0 | 106 | static SSL_TEST_CTX_TEST_FIXTURE *set_up(const char *const test_case_name) |
453dfd8d | 107 | { |
2326bba0 P |
108 | SSL_TEST_CTX_TEST_FIXTURE *fixture; |
109 | ||
110 | if (!TEST_ptr(fixture = OPENSSL_zalloc(sizeof(*fixture)))) | |
111 | return NULL; | |
112 | fixture->test_case_name = test_case_name; | |
113 | if (!TEST_ptr(fixture->expected_ctx = SSL_TEST_CTX_new())) { | |
114 | OPENSSL_free(fixture); | |
115 | return NULL; | |
116 | } | |
453dfd8d EK |
117 | return fixture; |
118 | } | |
119 | ||
2326bba0 | 120 | static int execute_test(SSL_TEST_CTX_TEST_FIXTURE *fixture) |
453dfd8d | 121 | { |
ababe86b | 122 | int success = 0; |
1f9d203d | 123 | SSL_TEST_CTX *ctx; |
453dfd8d | 124 | |
2326bba0 P |
125 | if (!TEST_ptr(ctx = SSL_TEST_CTX_create(conf, fixture->test_section)) |
126 | || !testctx_eq(ctx, fixture->expected_ctx)) | |
453dfd8d EK |
127 | goto err; |
128 | ||
ababe86b | 129 | success = 1; |
453dfd8d EK |
130 | err: |
131 | SSL_TEST_CTX_free(ctx); | |
ababe86b | 132 | return success; |
453dfd8d EK |
133 | } |
134 | ||
2326bba0 | 135 | static void tear_down(SSL_TEST_CTX_TEST_FIXTURE *fixture) |
453dfd8d | 136 | { |
2326bba0 P |
137 | SSL_TEST_CTX_free(fixture->expected_ctx); |
138 | OPENSSL_free(fixture); | |
453dfd8d EK |
139 | } |
140 | ||
1f9d203d | 141 | #define SETUP_SSL_TEST_CTX_TEST_FIXTURE() \ |
99801878 | 142 | SETUP_TEST_FIXTURE(SSL_TEST_CTX_TEST_FIXTURE, set_up); |
1f9d203d | 143 | #define EXECUTE_SSL_TEST_CTX_TEST() \ |
453dfd8d | 144 | EXECUTE_TEST(execute_test, tear_down) |
453dfd8d | 145 | |
31a80694 | 146 | static int test_empty_configuration(void) |
453dfd8d EK |
147 | { |
148 | SETUP_SSL_TEST_CTX_TEST_FIXTURE(); | |
99801878 P |
149 | if (fixture == NULL) |
150 | return 0; | |
2326bba0 P |
151 | fixture->test_section = "ssltest_default"; |
152 | fixture->expected_ctx->expected_result = SSL_TEST_SUCCESS; | |
453dfd8d | 153 | EXECUTE_SSL_TEST_CTX_TEST(); |
99801878 | 154 | return result; |
453dfd8d EK |
155 | } |
156 | ||
31a80694 | 157 | static int test_good_configuration(void) |
453dfd8d EK |
158 | { |
159 | SETUP_SSL_TEST_CTX_TEST_FIXTURE(); | |
99801878 P |
160 | if (fixture == NULL) |
161 | return 0; | |
2326bba0 P |
162 | fixture->test_section = "ssltest_good"; |
163 | fixture->expected_ctx->method = SSL_TEST_METHOD_DTLS; | |
164 | fixture->expected_ctx->handshake_mode = SSL_TEST_HANDSHAKE_RESUME; | |
165 | fixture->expected_ctx->app_data_size = 1024; | |
166 | fixture->expected_ctx->max_fragment_size = 2048; | |
167 | ||
168 | fixture->expected_ctx->expected_result = SSL_TEST_SERVER_FAIL; | |
169 | fixture->expected_ctx->expected_client_alert = SSL_AD_UNKNOWN_CA; | |
170 | fixture->expected_ctx->expected_server_alert = 0; /* No alert. */ | |
171 | fixture->expected_ctx->expected_protocol = TLS1_1_VERSION; | |
172 | fixture->expected_ctx->expected_servername = SSL_TEST_SERVERNAME_SERVER2; | |
173 | fixture->expected_ctx->session_ticket_expected = SSL_TEST_SESSION_TICKET_YES; | |
174 | fixture->expected_ctx->compression_expected = SSL_TEST_COMPRESSION_NO; | |
a84e5c9a | 175 | fixture->expected_ctx->session_id_expected = SSL_TEST_SESSION_ID_IGNORE; |
2326bba0 P |
176 | fixture->expected_ctx->resumption_expected = 1; |
177 | ||
178 | fixture->expected_ctx->extra.client.verify_callback = | |
9f48bbac | 179 | SSL_TEST_VERIFY_REJECT_ALL; |
2326bba0 P |
180 | fixture->expected_ctx->extra.client.servername = SSL_TEST_SERVERNAME_SERVER2; |
181 | fixture->expected_ctx->extra.client.npn_protocols = | |
9f48bbac | 182 | OPENSSL_strdup("foo,bar"); |
2326bba0 | 183 | if (!TEST_ptr(fixture->expected_ctx->extra.client.npn_protocols)) |
019e47ce | 184 | goto err; |
cf72c757 | 185 | fixture->expected_ctx->extra.client.max_fragment_len_mode = 0; |
9f48bbac | 186 | |
2326bba0 | 187 | fixture->expected_ctx->extra.server.servername_callback = |
9f48bbac | 188 | SSL_TEST_SERVERNAME_IGNORE_MISMATCH; |
2326bba0 | 189 | fixture->expected_ctx->extra.server.broken_session_ticket = 1; |
9f48bbac | 190 | |
2326bba0 | 191 | fixture->expected_ctx->resume_extra.server2.alpn_protocols = |
9f48bbac | 192 | OPENSSL_strdup("baz"); |
2326bba0 | 193 | if (!TEST_ptr(fixture->expected_ctx->resume_extra.server2.alpn_protocols)) |
019e47ce | 194 | goto err; |
9f48bbac | 195 | |
2326bba0 | 196 | fixture->expected_ctx->resume_extra.client.ct_validation = |
da085d27 EK |
197 | SSL_TEST_CT_VALIDATION_STRICT; |
198 | ||
453dfd8d | 199 | EXECUTE_SSL_TEST_CTX_TEST(); |
99801878 | 200 | return result; |
019e47ce P |
201 | |
202 | err: | |
203 | tear_down(fixture); | |
204 | return 0; | |
453dfd8d EK |
205 | } |
206 | ||
207 | static const char *bad_configurations[] = { | |
208 | "ssltest_unknown_option", | |
6bd3379a | 209 | "ssltest_wrong_section", |
453dfd8d EK |
210 | "ssltest_unknown_expected_result", |
211 | "ssltest_unknown_alert", | |
212 | "ssltest_unknown_protocol", | |
a263f320 | 213 | "ssltest_unknown_verify_callback", |
5c753de6 | 214 | "ssltest_unknown_servername", |
d2b23cd2 | 215 | "ssltest_unknown_servername_callback", |
5c753de6 | 216 | "ssltest_unknown_session_ticket_expected", |
439db0c9 | 217 | "ssltest_unknown_compression_expected", |
a84e5c9a | 218 | "ssltest_unknown_session_id_expected", |
74726750 | 219 | "ssltest_unknown_method", |
590ed3d7 EK |
220 | "ssltest_unknown_handshake_mode", |
221 | "ssltest_unknown_resumption_expected", | |
da085d27 | 222 | "ssltest_unknown_ct_validation", |
cf72c757 | 223 | "ssltest_invalid_max_fragment_len", |
453dfd8d EK |
224 | }; |
225 | ||
226 | static int test_bad_configuration(int idx) | |
227 | { | |
1f9d203d | 228 | SSL_TEST_CTX *ctx; |
bd91e3c8 | 229 | |
1f9d203d RS |
230 | if (!TEST_ptr_null(ctx = SSL_TEST_CTX_create(conf, |
231 | bad_configurations[idx]))) { | |
d836d71b EK |
232 | SSL_TEST_CTX_free(ctx); |
233 | return 0; | |
234 | } | |
235 | ||
236 | return 1; | |
453dfd8d EK |
237 | } |
238 | ||
ad887416 | 239 | int setup_tests(void) |
453dfd8d | 240 | { |
ad887416 P |
241 | if (!TEST_ptr(conf = NCONF_new(NULL))) |
242 | return 0; | |
243 | /* argument should point to test/ssl_test_ctx_test.conf */ | |
244 | if (!TEST_int_gt(NCONF_load(conf, test_get_argument(0), NULL), 0)) { | |
245 | TEST_note("Missing file argument"); | |
246 | return 0; | |
1f9d203d | 247 | } |
453dfd8d EK |
248 | |
249 | ADD_TEST(test_empty_configuration); | |
250 | ADD_TEST(test_good_configuration); | |
251 | ADD_ALL_TESTS(test_bad_configuration, OSSL_NELEM(bad_configurations)); | |
ad887416 P |
252 | return 1; |
253 | } | |
453dfd8d | 254 | |
ad887416 P |
255 | void cleanup_tests(void) |
256 | { | |
453dfd8d | 257 | NCONF_free(conf); |
453dfd8d | 258 | } |