]> git.ipfire.org Git - thirdparty/openssl.git/blob - test/recordlentest.c
projects / thirdparty / openssl.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Fix compiler warnings
[thirdparty/openssl.git] / test / recordlentest.c
1 /*
2 * Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the OpenSSL license (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 #include <string.h>
11
12 #include "ssltestlib.h"
13 #include "testutil.h"
14
15 static char *cert = NULL;
16 static char *privkey = NULL;
17
18 #define TEST_PLAINTEXT_OVERFLOW_OK 0
19 #define TEST_PLAINTEXT_OVERFLOW_NOT_OK 1
20 #define TEST_ENCRYPTED_OVERFLOW_TLS1_3_OK 2
21 #define TEST_ENCRYPTED_OVERFLOW_TLS1_3_NOT_OK 3
22 #define TEST_ENCRYPTED_OVERFLOW_TLS1_2_OK 4
23 #define TEST_ENCRYPTED_OVERFLOW_TLS1_2_NOT_OK 5
24
25 #define TOTAL_RECORD_OVERFLOW_TESTS 6
26
27 static int write_record(BIO *b, size_t len, int rectype, int recversion)
28 {
29 unsigned char header[SSL3_RT_HEADER_LENGTH];
30 size_t written;
31 unsigned char buf[256];
32
33 memset(buf, 0, sizeof(buf));
34
35 header[0] = rectype;
36 header[1] = (recversion >> 8) & 0xff;
37 header[2] = recversion & 0xff;
38 header[3] = (len >> 8) & 0xff;
39 header[4] = len & 0xff;
40
41 if (!BIO_write_ex(b, header, SSL3_RT_HEADER_LENGTH, &written)
42 || written != SSL3_RT_HEADER_LENGTH)
43 return 0;
44
45 while (len > 0) {
46 size_t outlen;
47
48 if (len > sizeof(buf))
49 outlen = sizeof(buf);
50 else
51 outlen = len;
52
53 if (!BIO_write_ex(b, buf, outlen, &written)
54 || written != outlen)
55 return 0;
56
57 len -= outlen;
58 }
59
60 return 1;
61 }
62
63 static int fail_due_to_record_overflow(int enc)
64 {
65 long err = ERR_peek_error();
66 int reason;
67
68 if (enc)
69 reason = SSL_R_ENCRYPTED_LENGTH_TOO_LONG;
70 else
71 reason = SSL_R_DATA_LENGTH_TOO_LONG;
72
73 if (ERR_GET_LIB(err) == ERR_LIB_SSL
74 && ERR_GET_REASON(err) == reason)
75 return 1;
76
77 return 0;
78 }
79
80 static int test_record_overflow(int idx)
81 {
82 SSL_CTX *cctx = NULL, *sctx = NULL;
83 SSL *clientssl = NULL, *serverssl = NULL;
84 int testresult = 0;
85 size_t len = 0;
86 size_t written;
87 int overf_expected;
88 unsigned char buf;
89 BIO *serverbio;
90 int recversion;
91
92 #ifdef OPENSSL_NO_TLS1_2
93 if (idx == TEST_ENCRYPTED_OVERFLOW_TLS1_2_OK
94 || idx == TEST_ENCRYPTED_OVERFLOW_TLS1_2_NOT_OK)
95 return 1;
96 #endif
97 #ifdef OPENSSL_NO_TLS1_3
98 if (idx == TEST_ENCRYPTED_OVERFLOW_TLS1_3_OK
99 || idx == TEST_ENCRYPTED_OVERFLOW_TLS1_3_NOT_OK)
100 return 1;
101 #endif
102
103 ERR_clear_error();
104
105 if (!TEST_true(create_ssl_ctx_pair(TLS_server_method(), TLS_client_method(),
106 &sctx, &cctx, cert, privkey)))
107 goto end;
108
109 if (idx == TEST_ENCRYPTED_OVERFLOW_TLS1_2_OK
110 || idx == TEST_ENCRYPTED_OVERFLOW_TLS1_2_NOT_OK) {
111 len = SSL3_RT_MAX_ENCRYPTED_LENGTH;
112 #ifndef OPENSSL_NO_COMP
113 len -= SSL3_RT_MAX_COMPRESSED_OVERHEAD;
114 #endif
115 SSL_CTX_set_max_proto_version(sctx, TLS1_2_VERSION);
116 } else if (idx == TEST_ENCRYPTED_OVERFLOW_TLS1_3_OK
117 || idx == TEST_ENCRYPTED_OVERFLOW_TLS1_3_NOT_OK) {
118 len = SSL3_RT_MAX_TLS13_ENCRYPTED_LENGTH;
119 }
120
121 if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl,
122 NULL, NULL)))
123 goto end;
124
125 serverbio = SSL_get_rbio(serverssl);
126
127 if (idx == TEST_PLAINTEXT_OVERFLOW_OK
128 || idx == TEST_PLAINTEXT_OVERFLOW_NOT_OK) {
129 len = SSL3_RT_MAX_PLAIN_LENGTH;
130
131 if (idx == TEST_PLAINTEXT_OVERFLOW_NOT_OK)
132 len++;
133
134 if (!TEST_true(write_record(serverbio, len,
135 SSL3_RT_HANDSHAKE, TLS1_VERSION)))
136 goto end;
137
138 if (!TEST_int_le(SSL_accept(serverssl), 0))
139 goto end;
140
141 overf_expected = (idx == TEST_PLAINTEXT_OVERFLOW_OK) ? 0 : 1;
142 if (!TEST_int_eq(fail_due_to_record_overflow(0), overf_expected))
143 goto end;
144
145 goto success;
146 }
147
148 if (!TEST_true(create_ssl_connection(serverssl, clientssl,
149 SSL_ERROR_NONE)))
150 goto end;
151
152 if (idx == TEST_ENCRYPTED_OVERFLOW_TLS1_2_NOT_OK
153 || idx == TEST_ENCRYPTED_OVERFLOW_TLS1_3_NOT_OK) {
154 overf_expected = 1;
155 len++;
156 } else {
157 overf_expected = 0;
158 }
159
160 if (idx == TEST_ENCRYPTED_OVERFLOW_TLS1_3_OK
161 || idx == TEST_ENCRYPTED_OVERFLOW_TLS1_3_NOT_OK)
162 recversion = TLS1_VERSION;
163 else
164 recversion = TLS1_2_VERSION;
165
166 if (!TEST_true(write_record(serverbio, len, SSL3_RT_APPLICATION_DATA,
167 recversion)))
168 goto end;
169
170 if (!TEST_false(SSL_read_ex(serverssl, &buf, sizeof(buf), &written)))
171 goto end;
172
173 if (!TEST_int_eq(fail_due_to_record_overflow(1), overf_expected))
174 goto end;
175
176 success:
177 testresult = 1;
178
179 end:
180 SSL_free(serverssl);
181 SSL_free(clientssl);
182 SSL_CTX_free(sctx);
183 SSL_CTX_free(cctx);
184 return testresult;
185 }
186
187 int test_main(int argc, char *argv[])
188 {
189 int testresult = 1;
190
191 if (argc != 3) {
192 TEST_error("Invalid argument count");
193 return 1;
194 }
195 cert = argv[1];
196 privkey = argv[2];
197
198 ADD_ALL_TESTS(test_record_overflow, TOTAL_RECORD_OVERFLOW_TESTS);
199
200 testresult = run_tests(argv[0]);
201
202 bio_s_mempacket_test_free();
203
204 return testresult;
205 }
A mirror of the official openssl repository