From: Matt Caswell Date: Tue, 18 Mar 2025 11:36:01 +0000 (+0000) Subject: Add a test for calling SSL_get_app_data() from QUIC TLS callbacks X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=2ebae654d5baf1c3781d1228ce0fd9d28e02d08b;p=thirdparty%2Fopenssl.git Add a test for calling SSL_get_app_data() from QUIC TLS callbacks Check that we get the expected app data when using the QUIC TLS callbacks. Reviewed-by: Neil Horman Reviewed-by: Tim Hudson Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/27091) --- diff --git a/test/sslapitest.c b/test/sslapitest.c index 391a76b8de6..90fe59c5bf4 100644 --- a/test/sslapitest.c +++ b/test/sslapitest.c @@ -12590,6 +12590,22 @@ struct quic_tls_test_data { int err; }; +static int clientquicdata = 0xff, serverquicdata = 0xfe; + +static int check_app_data(SSL *s) +{ + int *data, *comparedata; + + /* Check app data works */ + data = (int *)SSL_get_app_data(s); + comparedata = SSL_is_server(s) ? &serverquicdata : &clientquicdata; + + if (comparedata != data) + return 0; + + return 1; +} + static int crypto_send_cb(SSL *s, const unsigned char *buf, size_t buf_len, size_t *consumed, void *arg) { @@ -12598,6 +12614,11 @@ static int crypto_send_cb(SSL *s, const unsigned char *buf, size_t buf_len, size_t max_len = sizeof(peer->rcd_data[data->wenc_level]) - peer->rcd_data_len[data->wenc_level]; + if (!check_app_data(s)) { + data->err = 1; + return 0; + } + if (buf_len > max_len) buf_len = max_len; @@ -12618,6 +12639,11 @@ static int crypto_recv_rcd_cb(SSL *s, const unsigned char **buf, { struct quic_tls_test_data *data = (struct quic_tls_test_data *)arg; + if (!check_app_data(s)) { + data->err = 1; + return 0; + } + *bytes_read = data->rcd_data_len[data->renc_level]; *buf = data->rcd_data[data->renc_level]; return 1; @@ -12627,6 +12653,11 @@ static int crypto_release_rcd_cb(SSL *s, size_t bytes_read, void *arg) { struct quic_tls_test_data *data = (struct quic_tls_test_data *)arg; + if (!check_app_data(s)) { + data->err = 1; + return 0; + } + if (!TEST_size_t_eq(bytes_read, data->rcd_data_len[data->renc_level]) || !TEST_size_t_gt(bytes_read, 0)) { data->err = 1; @@ -12643,6 +12674,9 @@ static int yield_secret_cb(SSL *s, uint32_t prot_level, int direction, { struct quic_tls_test_data *data = (struct quic_tls_test_data *)arg; + if (!check_app_data(s)) + goto err; + if (prot_level < OSSL_RECORD_PROTECTION_LEVEL_EARLY || prot_level > OSSL_RECORD_PROTECTION_LEVEL_APPLICATION) goto err; @@ -12680,6 +12714,11 @@ static int got_transport_params_cb(SSL *s, const unsigned char *params, { struct quic_tls_test_data *data = (struct quic_tls_test_data *)arg; + if (!check_app_data(s)) { + data->err = 1; + return 0; + } + if (!TEST_size_t_le(params_len, sizeof(data->params))) { data->err = 1; return 0; @@ -12695,6 +12734,11 @@ static int alert_cb(SSL *s, unsigned char alert_code, void *arg) { struct quic_tls_test_data *data = (struct quic_tls_test_data *)arg; + if (!check_app_data(s)) { + data->err = 1; + return 0; + } + data->alert = 1; return 1; } @@ -12743,6 +12787,10 @@ static int test_quic_tls(void) NULL))) goto end; + if (!TEST_true(SSL_set_app_data(clientssl, &clientquicdata)) + || !TEST_true(SSL_set_app_data(serverssl, &serverquicdata))) + goto end; + if (!TEST_true(SSL_set_quic_tls_cbs(clientssl, qtdis, &cdata)) || !TEST_true(SSL_set_quic_tls_cbs(serverssl, qtdis, &sdata)) || !TEST_true(SSL_set_quic_tls_transport_params(clientssl, cparams, @@ -12861,7 +12909,11 @@ static int test_quic_tls_early_data(void) if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl, NULL, NULL)) || !TEST_true(SSL_set_session(clientssl, sess))) - return 0; + goto end; + + if (!TEST_true(SSL_set_app_data(clientssl, &clientquicdata)) + || !TEST_true(SSL_set_app_data(serverssl, &serverquicdata))) + goto end; if (!TEST_true(SSL_set_quic_tls_cbs(clientssl, qtdis, &cdata)) || !TEST_true(SSL_set_quic_tls_cbs(serverssl, qtdis, &sdata))