dtlsv1listentest ct_test threadstest d2i_test \
ssl_test_ctx_test ssl_test x509aux cipherlist_test asynciotest \
bio_callback_test bio_memleak_test bio_core_test bio_dgram_test param_build_test \
- sslapitest ssl_handshake_rtt_test dtlstest dtls_ccs_reorder_test sslcorrupttest \
+ sslapitest ssl_handshake_rtt_test dtlstest sslcorrupttest \
bio_base64_test bio_enc_test pkey_meth_kdf_test evp_kdf_test uitest \
cipherbytes_test threadstest_fips threadpool_test \
asn1_encode_test asn1_decode_test asn1_string_table_test asn1_stable_parse_test \
PROGRAMS{noinst}=cert_comp_test
ENDIF
+ IF[{- !$disabled{dtls} -}]
+ PROGRAMS{noinst}=dtls_ccs_reorder_test
+ ENDIF
+
SOURCE[confdump]=confdump.c
INCLUDE[confdump]=../include ../apps/include
DEPEND[confdump]=../libcrypto
INCLUDE[dtlstest]=../include ../apps/include
DEPEND[dtlstest]=../libcrypto ../libssl libtestutil.a
- SOURCE[dtls_ccs_reorder_test]=dtls_ccs_reorder_test.c helpers/ssltestlib.c
- INCLUDE[dtls_ccs_reorder_test]=../include ../apps/include
- DEPEND[dtls_ccs_reorder_test]=../libcrypto ../libssl libtestutil.a
+ IF[{- !$disabled{dtls} -}]
+ SOURCE[dtls_ccs_reorder_test]=dtls_ccs_reorder_test.c helpers/ssltestlib.c
+ INCLUDE[dtls_ccs_reorder_test]=../include ../apps/include
+ DEPEND[dtls_ccs_reorder_test]=../libcrypto ../libssl libtestutil.a
+ ENDIF
SOURCE[sslcorrupttest]=sslcorrupttest.c helpers/ssltestlib.c
INCLUDE[sslcorrupttest]=../include ../apps/include
static char *cert = NULL;
static char *privkey = NULL;
-#ifndef OPENSSL_NO_DTLS
-
static unsigned int infinite_timer_cb(SSL *s, unsigned int timer_us)
{
(void)s;
return testresult;
}
-#endif /* OPENSSL_NO_DTLS */
+static int test_dtls_data_after_ccs(void)
+{
+ SSL_CTX *sctx = NULL, *cctx = NULL;
+ SSL *sssl = NULL, *cssl = NULL;
+ BIO *bio;
+ int testresult = 0, ret;
+ int target_pkt, target_rec;
+
+ if (!TEST_true(create_ssl_ctx_pair(NULL, DTLS_server_method(),
+ DTLS_client_method(),
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
+ &sctx, &cctx, cert, privkey)))
+ return 0;
+
+ if (!TEST_true(create_ssl_objects(sctx, cctx, &sssl, &cssl, NULL, NULL)))
+ goto end;
+
+ DTLS_set_timer_cb(sssl, infinite_timer_cb);
+ DTLS_set_timer_cb(cssl, infinite_timer_cb);
+
+ if (!TEST_int_le(SSL_connect(cssl), 0))
+ goto end;
+
+ if (!TEST_int_le(SSL_accept(sssl), 0))
+ goto end;
+
+ if (!TEST_int_le(SSL_connect(cssl), 0))
+ goto end;
+
+ bio = SSL_get_wbio(cssl);
+ if (!TEST_ptr(bio)
+ || !TEST_true(reorder_ccs(bio, SSL3_MT_CLIENT_KEY_EXCHANGE)))
+ goto end;
+
+ if (!TEST_true(mempacket_find_record(bio, SSL3_RT_HANDSHAKE,
+ SSL3_MT_CLIENT_KEY_EXCHANGE,
+ &target_pkt, &target_rec)))
+ goto end;
+ if (!TEST_true(mempacket_append_to_record(bio, target_pkt, target_rec,
+ (unsigned char *)"test data", 9)))
+ goto end;
+
+ ret = SSL_accept(sssl);
+ if (!TEST_int_le(ret, 0))
+ goto end;
+ if (!TEST_int_eq(SSL_get_error(sssl, ret), SSL_ERROR_SSL))
+ goto end;
+ if (!TEST_int_eq(ERR_GET_REASON(ERR_get_error()), SSL_R_UNEXPECTED_MESSAGE))
+ goto end;
+
+ testresult = 1;
+end:
+ SSL_free(sssl);
+ SSL_free(cssl);
+ SSL_CTX_free(sctx);
+ SSL_CTX_free(cctx);
+ return testresult;
+}
int setup_tests(void)
{
|| !TEST_ptr(privkey = test_get_argument(1)))
return 0;
-#ifndef OPENSSL_NO_DTLS
ADD_ALL_TESTS(test_dtls_ccs_full_hs, OSSL_NELEM(full_hs_tests));
ADD_ALL_TESTS(test_dtls_ccs_before_nst, OSSL_NELEM(nst_versions));
ADD_ALL_TESTS(test_dtls_ccs_resume, OSSL_NELEM(resume_tests));
-#endif
+ ADD_TEST(test_dtls_data_after_ccs);
return 1;
}
return 1;
}
+/*
+ * Append arbitrary data to a given record. The record must be the last record
+ * in the packet
+ */
+int mempacket_append_to_record(BIO *bio, int pktidx, int recidx,
+ unsigned char *data, size_t datalen)
+{
+ MEMPACKET_TEST_CTX *ctx = BIO_get_data(bio);
+ MEMPACKET *srcpkt;
+ size_t rem, len;
+ int i;
+ unsigned char *rec, *tmp;
+
+ if (ctx == NULL)
+ return 0;
+ srcpkt = sk_MEMPACKET_value(ctx->pkts, pktidx);
+ if (srcpkt == NULL)
+ return 0;
+
+ tmp = OPENSSL_realloc(srcpkt->data, srcpkt->len + datalen);
+ if (tmp == NULL)
+ return 0;
+ srcpkt->data = tmp;
+
+ /* Parse the records in the packet looking for the target record index */
+ for (i = 0, rem = srcpkt->len, rec = srcpkt->data;
+ rem >= DTLS1_RT_HEADER_LENGTH && i < recidx;
+ i++, rem -= len, rec += len) {
+ len = ((rec[RECORD_LEN_HI] << 8) | rec[RECORD_LEN_LO])
+ + DTLS1_RT_HEADER_LENGTH;
+ if (rem < len)
+ return 0;
+ }
+
+ if (i != recidx || rem < DTLS1_RT_HEADER_LENGTH)
+ return 0;
+
+ len = (rec[RECORD_LEN_HI] << 8) | rec[RECORD_LEN_LO];
+ /* We can only append to the last record */
+ if (rem != len + DTLS1_RT_HEADER_LENGTH)
+ return 0;
+
+ /* Check we can fit the extra data in the record */
+ if (0xffff - len < datalen)
+ return 0;
+ len += datalen;
+ rec[RECORD_LEN_HI] = (len >> 8) & 0xff;
+ rec[RECORD_LEN_LO] = len & 0xff;
+ memcpy(srcpkt->data + srcpkt->len, data, datalen);
+ srcpkt->len += (int)datalen;
+ return 1;
+}
+
int mempacket_dup_last_packet(BIO *bio)
{
MEMPACKET_TEST_CTX *ctx = BIO_get_data(bio);
int mempacket_find_record(BIO *bio, int rectype, int hs_msg_type,
int *pktidx, int *recidx);
int mempacket_split_packet_at(BIO *bio, int pktidx, int recidx);
+int mempacket_append_to_record(BIO *bio, int pktidx, int recidx,
+ unsigned char *data, size_t datalen);
int mempacket_dup_last_packet(BIO *bio);
int mempacket_test_inject(BIO *bio, const char *in, int inl, int pktnum,
int type);
projects / thirdparty / openssl.git / commitdiff
