1 /*
2 * Copyright 2022-2026 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 #include <stdio.h>
11 #include <string.h>
12
13 #include <openssl/opensslconf.h>
14 #include <openssl/quic.h>
15 #include <openssl/rand.h>
16
17 #include "helpers/ssltestlib.h"
18 #include "helpers/quictestlib.h"
19 #include "testutil.h"
20 #include "testutil/output.h"
21 #include "../ssl/ssl_local.h"
22 #include "../ssl/quic/quic_channel_local.h"
23 #include "internal/quic_error.h"
24
25 static OSSL_LIB_CTX *libctx = NULL;
26 static OSSL_PROVIDER *defctxnull = NULL;
27 static char *certsdir = NULL;
28 static char *cert = NULL;
29 static char *ccert = NULL;
30 static char *cauthca = NULL;
31 static char *privkey = NULL;
32 static char *cprivkey = NULL;
33 static char *datadir = NULL;
34
35 static int is_fips = 0;
36
37 /* The ssltrace test assumes some options are switched on/off */
38 #if !defined(OPENSSL_NO_SSL_TRACE) \
39 && defined(OPENSSL_NO_BROTLI) && defined(OPENSSL_NO_ZSTD) \
40 && !defined(OPENSSL_NO_ECX) && !defined(OPENSSL_NO_DH) \
41 && !defined(OPENSSL_NO_ML_DSA) && !defined(OPENSSL_NO_ML_KEM)
42 #define DO_SSL_TRACE_TEST
43 #endif
44
45 /*
46 * Test that we read what we've written.
47 * Test 0: Non-blocking
48 * Test 1: Blocking
49 * Test 2: Blocking, introduce socket error, test error handling.
50 */
test_quic_write_read(int idx)51 static int test_quic_write_read(int idx)
52 {
53 SSL_CTX *cctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method());
54 SSL_CTX *sctx = NULL;
55 SSL *clientquic = NULL;
56 QUIC_TSERVER *qtserv = NULL;
57 int j, k, ret = 0;
58 unsigned char buf[20], scratch[64];
59 static char *msg = "A test message";
60 size_t msglen = strlen(msg);
61 size_t numbytes = 0;
62 int ssock = 0, csock = 0;
63 uint64_t sid = UINT64_MAX;
64 SSL_SESSION *sess = NULL;
65
66 if (idx >= 1 && !qtest_supports_blocking())
67 return TEST_skip("Blocking tests not supported in this build");
68
69 for (k = 0; k < 2; k++) {
70 if (!TEST_ptr(cctx)
71 || !TEST_true(qtest_create_quic_objects(libctx, cctx, sctx,
72 cert, privkey,
73 idx >= 1
74 ? QTEST_FLAG_BLOCK
75 : 0,
76 &qtserv, &clientquic,
77 NULL, NULL))
78 || !TEST_true(SSL_set_tlsext_host_name(clientquic, "localhost")))
79 goto end;
80
81 if (sess != NULL && !TEST_true(SSL_set_session(clientquic, sess)))
82 goto end;
83
84 if (!TEST_true(qtest_create_quic_connection(qtserv, clientquic)))
85 goto end;
86
87 if (idx >= 1) {
88 if (!TEST_true(BIO_get_fd(ossl_quic_tserver_get0_rbio(qtserv),
89 &ssock)))
90 goto end;
91 if (!TEST_int_gt(csock = SSL_get_rfd(clientquic), 0))
92 goto end;
93 }
94
95 sid = 0; /* client-initiated bidirectional stream */
96
97 for (j = 0; j < 2; j++) {
98 /* Check that sending and receiving app data is ok */
99 if (!TEST_true(SSL_write_ex(clientquic, msg, msglen, &numbytes))
100 || !TEST_size_t_eq(numbytes, msglen))
101 goto end;
102 if (idx >= 1) {
103 do {
104 if (!TEST_true(wait_until_sock_readable(ssock)))
105 goto end;
106
107 ossl_quic_tserver_tick(qtserv);
108
109 if (!TEST_true(ossl_quic_tserver_read(qtserv, sid, buf,
110 sizeof(buf),
111 &numbytes)))
112 goto end;
113 } while (numbytes == 0);
114
115 if (!TEST_mem_eq(buf, numbytes, msg, msglen))
116 goto end;
117 }
118
119 if (idx >= 2 && j > 0)
120 /* Introduce permanent socket error */
121 BIO_closesocket(csock);
122
123 ossl_quic_tserver_tick(qtserv);
124 if (!TEST_true(ossl_quic_tserver_write(qtserv, sid,
125 (unsigned char *)msg,
126 msglen, &numbytes)))
127 goto end;
128 ossl_quic_tserver_tick(qtserv);
129 SSL_handle_events(clientquic);
130
131 if (idx >= 2 && j > 0) {
132 if (!TEST_false(SSL_read_ex(clientquic, buf, 1, &numbytes))
133 || !TEST_int_eq(SSL_get_error(clientquic, 0),
134 SSL_ERROR_SYSCALL)
135 || !TEST_false(SSL_write_ex(clientquic, msg, msglen,
136 &numbytes))
137 || !TEST_int_eq(SSL_get_error(clientquic, 0),
138 SSL_ERROR_SYSCALL))
139 goto end;
140 break;
141 }
142
143 /*
144 * In blocking mode the SSL_read_ex call will block until the socket
145 * is readable and has our data. In non-blocking mode we're doing
146 * everything in memory, so it should be immediately available
147 */
148 if (!TEST_true(SSL_read_ex(clientquic, buf, 1, &numbytes))
149 || !TEST_size_t_eq(numbytes, 1)
150 || !TEST_true(SSL_has_pending(clientquic))
151 || !TEST_int_eq(SSL_pending(clientquic), msglen - 1)
152 || !TEST_true(SSL_read_ex(clientquic, buf + 1,
153 sizeof(buf) - 1, &numbytes))
154 || !TEST_mem_eq(buf, numbytes + 1, msg, msglen))
155 goto end;
156 }
157
158 /* Test that exporters work. */
159 if (!TEST_true(SSL_export_keying_material(clientquic, scratch,
160 sizeof(scratch), "test", 4, (unsigned char *)"ctx", 3,
161 1)))
162 goto end;
163
164 if (sess == NULL) {
165 /* We didn't supply a session so we're not expecting resumption */
166 if (!TEST_false(SSL_session_reused(clientquic)))
167 goto end;
168 /* We should have a session ticket by now */
169 sess = SSL_get1_session(clientquic);
170 if (!TEST_ptr(sess))
171 goto end;
172 } else {
173 /* We supplied a session so we should have resumed */
174 if (!TEST_true(SSL_session_reused(clientquic)))
175 goto end;
176 }
177
178 if (!TEST_true(qtest_shutdown(qtserv, clientquic)))
179 goto end;
180
181 if (sctx == NULL) {
182 sctx = ossl_quic_tserver_get0_ssl_ctx(qtserv);
183 if (!TEST_true(SSL_CTX_up_ref(sctx))) {
184 sctx = NULL;
185 goto end;
186 }
187 }
188 ossl_quic_tserver_free(qtserv);
189 qtserv = NULL;
190 SSL_free(clientquic);
191 clientquic = NULL;
192
193 if (idx >= 2)
194 break;
195 }
196
197 ret = 1;
198
199 end:
200 SSL_SESSION_free(sess);
201 ossl_quic_tserver_free(qtserv);
202 SSL_free(clientquic);
203 SSL_CTX_free(cctx);
204 SSL_CTX_free(sctx);
205
206 return ret;
207 }
208
209 /*
210 * Test that sending FIN with no data to a client blocking in SSL_read_ex() will
211 * wake up the client.
212 */
test_fin_only_blocking(void)213 static int test_fin_only_blocking(void)
214 {
215 SSL_CTX *cctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method());
216 SSL_CTX *sctx = NULL;
217 SSL *clientquic = NULL;
218 QUIC_TSERVER *qtserv = NULL;
219 const char *msg = "Hello World";
220 uint64_t sid;
221 size_t numbytes;
222 unsigned char buf[32];
223 int ret = 0;
224 OSSL_TIME timer, timediff;
225
226 if (!qtest_supports_blocking())
227 return TEST_skip("Blocking tests not supported in this build");
228
229 if (!TEST_ptr(cctx)
230 || !TEST_true(qtest_create_quic_objects(libctx, cctx, sctx,
231 cert, privkey,
232 QTEST_FLAG_BLOCK,
233 &qtserv, &clientquic,
234 NULL, NULL))
235 || !TEST_true(SSL_set_tlsext_host_name(clientquic, "localhost")))
236 goto end;
237
238 if (!TEST_true(qtest_create_quic_connection(qtserv, clientquic)))
239 goto end;
240
241 if (!TEST_true(ossl_quic_tserver_stream_new(qtserv, 0, &sid))
242 || !TEST_true(ossl_quic_tserver_write(qtserv, sid,
243 (unsigned char *)msg,
244 strlen(msg), &numbytes))
245 || !TEST_size_t_eq(strlen(msg), numbytes))
246 goto end;
247
248 ossl_quic_tserver_tick(qtserv);
249
250 if (!TEST_true(SSL_read_ex(clientquic, buf, sizeof(buf), &numbytes))
251 || !TEST_mem_eq(msg, strlen(msg), buf, numbytes))
252
253 goto end;
254
255 if (!TEST_true(ossl_quic_tserver_conclude(qtserv, sid)))
256 goto end;
257
258 timer = ossl_time_now();
259 if (!TEST_false(SSL_read_ex(clientquic, buf, sizeof(buf), &numbytes)))
260 goto end;
261 timediff = ossl_time_subtract(ossl_time_now(), timer);
262
263 if (!TEST_int_eq(SSL_get_error(clientquic, 0), SSL_ERROR_ZERO_RETURN)
264 /*
265 * We expect the SSL_read_ex to not have blocked so this should
266 * be very fast. 40ms should be plenty.
267 */
268 || !TEST_uint64_t_le(ossl_time2ms(timediff), 40))
269 goto end;
270
271 if (!TEST_true(qtest_shutdown(qtserv, clientquic)))
272 goto end;
273
274 ret = 1;
275
276 end:
277 ossl_quic_tserver_free(qtserv);
278 SSL_free(clientquic);
279 SSL_CTX_free(cctx);
280 SSL_CTX_free(sctx);
281
282 return ret;
283 }
284
285 /* Test that a vanilla QUIC SSL object has the expected ciphersuites available */
test_ciphersuites(void)286 static int test_ciphersuites(void)
287 {
288 SSL_CTX *ctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method());
289 SSL *ssl = NULL;
290 int testresult = 0;
291 const STACK_OF(SSL_CIPHER) *ciphers = NULL;
292 const SSL_CIPHER *cipher;
293 /* We expect this exact list of ciphersuites by default */
294 int cipherids[] = {
295 TLS1_3_CK_AES_256_GCM_SHA384,
296 #if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
297 TLS1_3_CK_CHACHA20_POLY1305_SHA256,
298 #endif
299 TLS1_3_CK_AES_128_GCM_SHA256
300 };
301 size_t i, j;
302
303 if (!TEST_ptr(ctx))
304 return 0;
305
306 /*
307 * Attempting to set TLSv1.2 ciphersuites should succeed, even though they
308 * aren't used in QUIC.
309 */
310 if (!TEST_true(SSL_CTX_set_cipher_list(ctx, "DEFAULT")))
311 goto err;
312
313 ssl = SSL_new(ctx);
314 if (!TEST_ptr(ssl))
315 goto err;
316
317 if (!TEST_true(SSL_set_cipher_list(ssl, "DEFAULT")))
318 goto err;
319
320 ciphers = SSL_get_ciphers(ssl);
321
322 for (i = 0, j = 0; i < OSSL_NELEM(cipherids); i++) {
323 if (cipherids[i] == TLS1_3_CK_CHACHA20_POLY1305_SHA256 && is_fips)
324 continue;
325 cipher = sk_SSL_CIPHER_value(ciphers, j++);
326 if (!TEST_ptr(cipher))
327 goto err;
328 if (!TEST_uint_eq(SSL_CIPHER_get_id(cipher), cipherids[i]))
329 goto err;
330 }
331
332 /* We should have checked all the ciphers in the stack */
333 if (!TEST_int_eq(sk_SSL_CIPHER_num(ciphers), j))
334 goto err;
335
336 testresult = 1;
337 err:
338 SSL_free(ssl);
339 SSL_CTX_free(ctx);
340
341 return testresult;
342 }
343
test_cipher_find(void)344 static int test_cipher_find(void)
345 {
346 SSL_CTX *cctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method());
347 SSL *clientquic = NULL;
348 struct {
349 const unsigned char *cipherbytes;
350 int ok;
351 } testciphers[] = {
352 { TLS13_AES_128_GCM_SHA256_BYTES, 1 },
353 { TLS13_AES_256_GCM_SHA384_BYTES, 1 },
354 { TLS13_CHACHA20_POLY1305_SHA256_BYTES, 1 },
355 { TLS13_AES_128_CCM_SHA256_BYTES, 0 },
356 { TLS13_AES_128_CCM_8_SHA256_BYTES, 0 },
357 #if !defined(OPENSSL_NO_INTEGRITY_ONLY_CIPHERS)
358 { TLS13_SHA256_SHA256_BYTES, 0 },
359 { TLS13_SHA384_SHA384_BYTES, 0 }
360 #endif
361 };
362 size_t i;
363 int testresult = 0;
364
365 if (!TEST_ptr(cctx))
366 goto err;
367
368 clientquic = SSL_new(cctx);
369 if (!TEST_ptr(clientquic))
370 goto err;
371
372 for (i = 0; i < OSSL_NELEM(testciphers); i++)
373 if (testciphers[i].ok) {
374 if (!TEST_ptr(SSL_CIPHER_find(clientquic,
375 testciphers[i].cipherbytes)))
376 goto err;
377 } else {
378 if (!TEST_ptr_null(SSL_CIPHER_find(clientquic,
379 testciphers[i].cipherbytes)))
380 goto err;
381 }
382
383 testresult = 1;
384 err:
385 SSL_free(clientquic);
386 SSL_CTX_free(cctx);
387
388 return testresult;
389 }
390
391 /*
392 * Test that SSL_version, SSL_get_version, SSL_is_quic, SSL_is_tls and
393 * SSL_is_dtls return the expected results for a QUIC connection. Compare with
394 * test_version() in sslapitest.c which does the same thing for TLS/DTLS
395 * connections.
396 */
test_version(void)397 static int test_version(void)
398 {
399 SSL_CTX *cctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method());
400 SSL *clientquic = NULL;
401 QUIC_TSERVER *qtserv = NULL;
402 int testresult = 0;
403
404 if (!TEST_ptr(cctx)
405 || !TEST_true(qtest_create_quic_objects(libctx, cctx, NULL, cert,
406 privkey, 0, &qtserv,
407 &clientquic, NULL, NULL))
408 || !TEST_true(qtest_create_quic_connection(qtserv, clientquic)))
409 goto err;
410
411 if (!TEST_int_eq(SSL_version(clientquic), OSSL_QUIC1_VERSION)
412 || !TEST_str_eq(SSL_get_version(clientquic), "QUICv1"))
413 goto err;
414
415 if (!TEST_true(SSL_is_quic(clientquic))
416 || !TEST_false(SSL_is_tls(clientquic))
417 || !TEST_false(SSL_is_dtls(clientquic)))
418 goto err;
419
420 testresult = 1;
421 err:
422 ossl_quic_tserver_free(qtserv);
423 SSL_free(clientquic);
424 SSL_CTX_free(cctx);
425
426 return testresult;
427 }
428
429 #if defined(DO_SSL_TRACE_TEST)
430 /*
431 * Tests that the SSL_trace() msg_callback works as expected with a QUIC
432 * connection. This also provides testing of the msg_callback at the same time.
433 */
test_ssl_trace(void)434 static int test_ssl_trace(void)
435 {
436 SSL_CTX *cctx = NULL;
437 SSL *clientquic = NULL;
438 QUIC_TSERVER *qtserv = NULL;
439 int testresult = 0;
440 BIO *bio = NULL;
441 char *reffile = NULL;
442
443 if (!TEST_ptr(cctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method()))
444 || !TEST_ptr(bio = BIO_new(BIO_s_mem()))
445 || !TEST_true(SSL_CTX_set_ciphersuites(cctx, "TLS_AES_128_GCM_SHA256"))
446 || !TEST_true(qtest_create_quic_objects(libctx, cctx, NULL, cert,
447 privkey,
448 QTEST_FLAG_FAKE_TIME,
449 &qtserv,
450 &clientquic, NULL, NULL)))
451 goto err;
452
453 SSL_set_msg_callback(clientquic, SSL_trace);
454 SSL_set_msg_callback_arg(clientquic, bio);
455
456 if (!TEST_true(qtest_create_quic_connection(qtserv, clientquic)))
457 goto err;
458
459 /* Skip the comparison of the trace when the fips provider is used. */
460 if (is_fips) {
461 /* Check whether there was something written. */
462 if (!TEST_int_gt(BIO_pending(bio), 0))
463 goto err;
464 } else {
465
466 #ifdef OPENSSL_NO_ZLIB
467 reffile = test_mk_file_path(datadir, "ssltraceref.txt");
468 #else
469 reffile = test_mk_file_path(datadir, "ssltraceref-zlib.txt");
470 #endif
471 if (!TEST_true(compare_with_reference_file(bio, reffile)))
472 goto err;
473 }
474
475 testresult = 1;
476 err:
477 ossl_quic_tserver_free(qtserv);
478 SSL_free(clientquic);
479 SSL_CTX_free(cctx);
480 BIO_free(bio);
481 OPENSSL_free(reffile);
482
483 return testresult;
484 }
485 #endif
486
487 #ifndef OPENSSL_NO_SSL_TRACE
488 enum {
489 INITIAL = 0,
490 GATHER_TOKEN = 1,
491 CHECK_TOKEN = 2,
492 SUCCESS = 3,
493 FAILED = 4
494 };
495
find_new_token_data(BIO * membio)496 static int find_new_token_data(BIO *membio)
497 {
498 char buf[1024];
499 int state = INITIAL;
500 char *tmpstring;
501 char *tokenval = NULL;
502 /*
503 * This is a state machine, in which we traverse the ssl trace
504 * looking for a sequence of items
505 * The states are:
506 * +---Current State---|----------Action-------------|---Next State---+
507 * | INITIAL | "Received Frame: New token" | GATHER_TOKEN |
508 * | | !"Received Frame: New token"| INITIAL |
509 * |-------------------|-----------------------------|----------------|
510 * | GATHER_TOKEN | "Token: <TOKENVAL>" | CHECK_TOKEN |
511 * | | !"Token: <TOKENVAL>" | FAILED |
512 * |-------------------|-----------------------------|----------------|
513 * | CHECK_TOKEN | "Token: <TOKENVAL>" | SUCCESS |
514 * | | EOF | FAILED |
515 * +-------------------|-----------------------------|----------------|
516 */
517
518 while (state != SUCCESS
519 && state != FAILED
520 && BIO_gets(membio, buf, sizeof(buf)) > 0) {
521 switch (state) {
522 case INITIAL:
523 if (strstr(buf, "Received Frame: New token"))
524 state = GATHER_TOKEN;
525 break;
526 case GATHER_TOKEN:
527 TEST_info("Found New Token Marker\n");
528 tmpstring = strstr(buf, "Token: ");
529 if (tmpstring == NULL) {
530 TEST_info("Next line did not contain a new token\n");
531 state = FAILED;
532 } else {
533 if (!TEST_ptr(tokenval = OPENSSL_strdup(tmpstring)))
534 return 0;
535 state = CHECK_TOKEN;
536 TEST_info("Recorded Token %s\n", tokenval);
537 }
538 break;
539 case CHECK_TOKEN:
540 tmpstring = strstr(buf, "Token: ");
541 if (tmpstring != NULL
542 && !strcmp(tmpstring, tokenval)) {
543 state = SUCCESS;
544 TEST_info("Matched next connection token %s\n", tmpstring);
545 }
546 default:
547 break;
548 }
549 }
550
551 OPENSSL_free(tokenval);
552 return (state == SUCCESS);
553 }
554
test_new_token(void)555 static int test_new_token(void)
556 {
557 SSL_CTX *cctx = NULL;
558 SSL *clientquic = NULL;
559 SSL *clientquic2 = NULL;
560 QUIC_TSERVER *qtserv = NULL;
561 QUIC_TSERVER *qtserv2 = NULL;
562 int testresult = 0;
563 BIO *bio = NULL;
564 char msg[] = "The Quic Brown Fox";
565 size_t written;
566
567 if (!TEST_ptr(cctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method()))
568 || !TEST_ptr(bio = BIO_new(BIO_s_mem()))
569 || !TEST_true(qtest_create_quic_objects(libctx, cctx, NULL, cert,
570 privkey,
571 QTEST_FLAG_FAKE_TIME,
572 &qtserv,
573 &clientquic, NULL, NULL)))
574
575 goto err;
576
577 SSL_set_msg_callback(clientquic, SSL_trace);
578 SSL_set_msg_callback_arg(clientquic, bio);
579
580 if (!TEST_true(qtest_create_quic_connection(qtserv, clientquic)))
581 goto err;
582
583 /* Send data from the client */
584 if (!SSL_write_ex(clientquic, msg, sizeof(msg), &written))
585 goto err;
586
587 if (written != sizeof(msg))
588 goto err;
589
590 /* Receive data at the server */
591 ossl_quic_tserver_tick(qtserv);
592
593 if (!TEST_true(qtest_create_quic_objects(libctx, cctx, NULL, cert,
594 privkey,
595 QTEST_FLAG_FAKE_TIME,
596 &qtserv2,
597 &clientquic2, NULL, NULL)))
598 goto err;
599
600 SSL_set_msg_callback(clientquic2, SSL_trace);
601 SSL_set_msg_callback_arg(clientquic2, bio);
602
603 /* once we have our new token, create the subsequent connection */
604 if (!TEST_true(qtest_create_quic_connection(qtserv2, clientquic2)))
605 goto err;
606
607 /* Skip the comparison of the trace when the fips provider is used. */
608 if (!TEST_true(find_new_token_data(bio)))
609 goto err;
610
611 testresult = 1;
612 err:
613 ossl_quic_tserver_free(qtserv);
614 ossl_quic_tserver_free(qtserv2);
615 SSL_free(clientquic);
616 SSL_free(clientquic2);
617 SSL_CTX_free(cctx);
618 BIO_free(bio);
619
620 return testresult;
621 }
622 #endif
623
ensure_valid_ciphers(const STACK_OF (SSL_CIPHER)* ciphers)624 static int ensure_valid_ciphers(const STACK_OF(SSL_CIPHER) *ciphers)
625 {
626 size_t i;
627
628 /* Ensure ciphersuite list is suitably subsetted. */
629 for (i = 0; i < (size_t)sk_SSL_CIPHER_num(ciphers); ++i) {
630 const SSL_CIPHER *cipher = sk_SSL_CIPHER_value(ciphers, i);
631 switch (SSL_CIPHER_get_id(cipher)) {
632 case TLS1_3_CK_AES_128_GCM_SHA256:
633 case TLS1_3_CK_AES_256_GCM_SHA384:
634 case TLS1_3_CK_CHACHA20_POLY1305_SHA256:
635 break;
636 default:
637 TEST_error("forbidden cipher: %s", SSL_CIPHER_get_name(cipher));
638 return 0;
639 }
640 }
641
642 return 1;
643 }
644
645 /*
646 * Test that handshake-layer APIs which shouldn't work don't work with QUIC.
647 */
test_quic_forbidden_apis_ctx(void)648 static int test_quic_forbidden_apis_ctx(void)
649 {
650 int testresult = 0;
651 SSL_CTX *ctx = NULL;
652
653 if (!TEST_ptr(ctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method())))
654 goto err;
655
656 #ifndef OPENSSL_NO_SRTP
657 /* This function returns 0 on success and 1 on error, and should fail. */
658 if (!TEST_true(SSL_CTX_set_tlsext_use_srtp(ctx, "SRTP_AEAD_AES_128_GCM")))
659 goto err;
660 #endif
661
662 /*
663 * List of ciphersuites we do and don't allow in QUIC.
664 */
665 #define QUIC_CIPHERSUITES \
666 "TLS_AES_128_GCM_SHA256:" \
667 "TLS_AES_256_GCM_SHA384:" \
668 "TLS_CHACHA20_POLY1305_SHA256"
669
670 #define NON_QUIC_CIPHERSUITES \
671 "TLS_AES_128_CCM_SHA256:" \
672 "TLS_AES_256_CCM_SHA384:" \
673 "TLS_AES_128_CCM_8_SHA256:" \
674 "TLS_SHA256_SHA256:" \
675 "TLS_SHA384_SHA384"
676
677 /* Set TLSv1.3 ciphersuite list for the SSL_CTX. */
678 if (!TEST_true(SSL_CTX_set_ciphersuites(ctx,
679 QUIC_CIPHERSUITES ":" NON_QUIC_CIPHERSUITES)))
680 goto err;
681
682 /*
683 * Forbidden ciphersuites should show up in SSL_CTX accessors, they are only
684 * filtered in SSL_get1_supported_ciphers, so we don't check for
685 * non-inclusion here.
686 */
687
688 testresult = 1;
689 err:
690 SSL_CTX_free(ctx);
691 return testresult;
692 }
693
test_quic_forbidden_apis(void)694 static int test_quic_forbidden_apis(void)
695 {
696 int testresult = 0;
697 SSL_CTX *ctx = NULL;
698 SSL *ssl = NULL;
699 STACK_OF(SSL_CIPHER) *ciphers = NULL;
700
701 if (!TEST_ptr(ctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method())))
702 goto err;
703
704 if (!TEST_ptr(ssl = SSL_new(ctx)))
705 goto err;
706
707 #ifndef OPENSSL_NO_SRTP
708 /* This function returns 0 on success and 1 on error, and should fail. */
709 if (!TEST_true(SSL_set_tlsext_use_srtp(ssl, "SRTP_AEAD_AES_128_GCM")))
710 goto err;
711 #endif
712
713 /* Set TLSv1.3 ciphersuite list for the SSL_CTX. */
714 if (!TEST_true(SSL_set_ciphersuites(ssl,
715 QUIC_CIPHERSUITES ":" NON_QUIC_CIPHERSUITES)))
716 goto err;
717
718 /* Non-QUIC ciphersuites must not appear in supported ciphers list. */
719 if (!TEST_ptr(ciphers = SSL_get1_supported_ciphers(ssl))
720 || !TEST_true(ensure_valid_ciphers(ciphers)))
721 goto err;
722
723 testresult = 1;
724 err:
725 sk_SSL_CIPHER_free(ciphers);
726 SSL_free(ssl);
727 SSL_CTX_free(ctx);
728 return testresult;
729 }
730
test_quic_forbidden_options(void)731 static int test_quic_forbidden_options(void)
732 {
733 int testresult = 0;
734 SSL_CTX *ctx = NULL;
735 SSL *ssl = NULL;
736 char buf[16];
737 size_t len;
738
739 if (!TEST_ptr(ctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method())))
740 goto err;
741
742 /* QUIC options restrictions do not affect SSL_CTX */
743 SSL_CTX_set_options(ctx, UINT64_MAX);
744
745 if (!TEST_uint64_t_eq(SSL_CTX_get_options(ctx), UINT64_MAX))
746 goto err;
747
748 /* Set options on CTX which should not be inherited (tested below). */
749 SSL_CTX_set_read_ahead(ctx, 1);
750 SSL_CTX_set_max_early_data(ctx, 1);
751 SSL_CTX_set_recv_max_early_data(ctx, 1);
752 SSL_CTX_set_quiet_shutdown(ctx, 1);
753
754 if (!TEST_ptr(ssl = SSL_new(ctx)))
755 goto err;
756
757 /* Only permitted options get transferred to SSL object */
758 if (!TEST_uint64_t_eq(SSL_get_options(ssl), OSSL_QUIC_PERMITTED_OPTIONS))
759 goto err;
760
761 /* Try again using SSL_set_options */
762 SSL_set_options(ssl, UINT64_MAX);
763
764 if (!TEST_uint64_t_eq(SSL_get_options(ssl), OSSL_QUIC_PERMITTED_OPTIONS))
765 goto err;
766
767 /* Clear everything */
768 SSL_clear_options(ssl, UINT64_MAX);
769
770 if (!TEST_uint64_t_eq(SSL_get_options(ssl), 0))
771 goto err;
772
773 /* Readahead */
774 if (!TEST_false(SSL_get_read_ahead(ssl)))
775 goto err;
776
777 SSL_set_read_ahead(ssl, 1);
778 if (!TEST_false(SSL_get_read_ahead(ssl)))
779 goto err;
780
781 /* Block padding */
782 if (!TEST_true(SSL_set_block_padding(ssl, 0))
783 || !TEST_true(SSL_set_block_padding(ssl, 1))
784 || !TEST_false(SSL_set_block_padding(ssl, 2)))
785 goto err;
786
787 /* Max fragment length */
788 if (!TEST_true(SSL_set_tlsext_max_fragment_length(ssl, TLSEXT_max_fragment_length_DISABLED))
789 || !TEST_false(SSL_set_tlsext_max_fragment_length(ssl, TLSEXT_max_fragment_length_512)))
790 goto err;
791
792 /* Max early data */
793 if (!TEST_false(SSL_set_recv_max_early_data(ssl, 1))
794 || !TEST_false(SSL_set_max_early_data(ssl, 1)))
795 goto err;
796
797 /* Read/Write */
798 if (!TEST_false(SSL_read_early_data(ssl, buf, sizeof(buf), &len))
799 || !TEST_false(SSL_write_early_data(ssl, buf, sizeof(buf), &len)))
800 goto err;
801
802 /* Buffer Management */
803 if (!TEST_true(SSL_alloc_buffers(ssl))
804 || !TEST_false(SSL_free_buffers(ssl)))
805 goto err;
806
807 /* Pipelining */
808 if (!TEST_false(SSL_set_max_send_fragment(ssl, 2))
809 || !TEST_false(SSL_set_split_send_fragment(ssl, 2))
810 || !TEST_false(SSL_set_max_pipelines(ssl, 2)))
811 goto err;
812
813 /* HRR */
814 if (!TEST_false(SSL_stateless(ssl)))
815 goto err;
816
817 /* Quiet Shutdown */
818 if (!TEST_false(SSL_get_quiet_shutdown(ssl)))
819 goto err;
820
821 /* No duplication */
822 if (!TEST_ptr_null(SSL_dup(ssl)))
823 goto err;
824
825 /* No clear */
826 if (!TEST_false(SSL_clear(ssl)))
827 goto err;
828
829 testresult = 1;
830 err:
831 SSL_free(ssl);
832 SSL_CTX_free(ctx);
833 return testresult;
834 }
835
test_quic_set_fd(int idx)836 static int test_quic_set_fd(int idx)
837 {
838 int testresult = 0;
839 SSL_CTX *ctx = NULL;
840 SSL *ssl = NULL;
841 int fd = -1, resfd = -1;
842 BIO *bio = NULL;
843
844 if (!TEST_ptr(ctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method())))
845 goto err;
846
847 if (!TEST_ptr(ssl = SSL_new(ctx)))
848 goto err;
849
850 if (!TEST_int_ge(fd = BIO_socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP, 0), 0))
851 goto err;
852
853 if (idx == 0) {
854 if (!TEST_true(SSL_set_fd(ssl, fd)))
855 goto err;
856 if (!TEST_ptr(bio = SSL_get_rbio(ssl)))
857 goto err;
858 if (!TEST_ptr_eq(bio, SSL_get_wbio(ssl)))
859 goto err;
860 } else if (idx == 1) {
861 if (!TEST_true(SSL_set_rfd(ssl, fd)))
862 goto err;
863 if (!TEST_ptr(bio = SSL_get_rbio(ssl)))
864 goto err;
865 if (!TEST_ptr_null(SSL_get_wbio(ssl)))
866 goto err;
867 } else {
868 if (!TEST_true(SSL_set_wfd(ssl, fd)))
869 goto err;
870 if (!TEST_ptr(bio = SSL_get_wbio(ssl)))
871 goto err;
872 if (!TEST_ptr_null(SSL_get_rbio(ssl)))
873 goto err;
874 }
875
876 if (!TEST_int_eq(BIO_method_type(bio), BIO_TYPE_DGRAM))
877 goto err;
878
879 if (!TEST_true(BIO_get_fd(bio, &resfd))
880 || !TEST_int_eq(resfd, fd))
881 goto err;
882
883 testresult = 1;
884 err:
885 SSL_free(ssl);
886 SSL_CTX_free(ctx);
887 if (fd >= 0)
888 BIO_closesocket(fd);
889 return testresult;
890 }
891
892 #define MAXLOOPS 1000
893
test_bio_ssl(void)894 static int test_bio_ssl(void)
895 {
896 /*
897 * We just use OSSL_QUIC_client_method() rather than
898 * OSSL_QUIC_client_thread_method(). We will never leave the connection idle
899 * so we will always be implicitly handling time events anyway via other
900 * IO calls.
901 */
902 SSL_CTX *cctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method());
903 SSL *clientquic = NULL, *stream = NULL;
904 QUIC_TSERVER *qtserv = NULL;
905 int testresult = 0;
906 BIO *cbio = NULL, *strbio = NULL, *thisbio;
907 const char *msg = "Hello world";
908 int abortctr = 0, err, clienterr = 0, servererr = 0, retc = 0, rets = 0;
909 size_t written, readbytes, msglen;
910 int sid = 0, i;
911 unsigned char buf[80];
912
913 if (!TEST_ptr(cctx))
914 goto err;
915
916 cbio = BIO_new_ssl(cctx, 1);
917 if (!TEST_ptr(cbio))
918 goto err;
919
920 /*
921 * We must configure the ALPN/peer address etc so we get the SSL object in
922 * order to pass it to qtest_create_quic_objects for configuration.
923 */
924 if (!TEST_int_eq(BIO_get_ssl(cbio, &clientquic), 1))
925 goto err;
926
927 if (!TEST_true(qtest_create_quic_objects(libctx, NULL, NULL, cert, privkey,
928 QTEST_FLAG_FAKE_TIME, &qtserv,
929 &clientquic, NULL, NULL)))
930 goto err;
931
932 msglen = strlen(msg);
933
934 do {
935 err = BIO_FLAGS_WRITE;
936 while (!clienterr && !retc && err == BIO_FLAGS_WRITE) {
937 retc = BIO_write_ex(cbio, msg, msglen, &written);
938 if (!retc) {
939 if (BIO_should_retry(cbio))
940 err = BIO_retry_type(cbio);
941 else
942 err = 0;
943 }
944 }
945
946 if (!clienterr && retc <= 0 && err != BIO_FLAGS_READ) {
947 TEST_info("BIO_write_ex() failed %d, %d", retc, err);
948 TEST_openssl_errors();
949 clienterr = 1;
950 }
951
952 if (!servererr && rets <= 0) {
953 ossl_quic_tserver_tick(qtserv);
954 qtest_add_time(100);
955 servererr = ossl_quic_tserver_is_term_any(qtserv);
956 if (!servererr)
957 rets = ossl_quic_tserver_is_handshake_confirmed(qtserv);
958 }
959
960 if (clienterr && servererr)
961 goto err;
962
963 if (++abortctr == MAXLOOPS) {
964 TEST_info("No progress made");
965 goto err;
966 }
967 } while ((!retc && !clienterr) || (rets <= 0 && !servererr));
968
969 /*
970 * 2 loops: The first using the default stream, and the second using a new
971 * client initiated bidi stream.
972 */
973 for (i = 0, thisbio = cbio; i < 2; i++) {
974 if (!TEST_true(ossl_quic_tserver_read(qtserv, sid, buf, sizeof(buf),
975 &readbytes))
976 || !TEST_mem_eq(msg, msglen, buf, readbytes))
977 goto err;
978
979 if (!TEST_true(ossl_quic_tserver_write(qtserv, sid, (unsigned char *)msg,
980 msglen, &written)))
981 goto err;
982 ossl_quic_tserver_tick(qtserv);
983
984 if (!TEST_true(BIO_read_ex(thisbio, buf, sizeof(buf), &readbytes))
985 || !TEST_mem_eq(msg, msglen, buf, readbytes))
986 goto err;
987
988 if (i == 1)
989 break;
990
991 if (!TEST_true(SSL_set_mode(clientquic, 0)))
992 goto err;
993
994 /*
995 * Now create a new stream and repeat. The bottom two bits of the stream
996 * id represents whether the stream is bidi and whether it is client
997 * initiated or not. For client initiated bidi they are both 0. So the
998 * first client initiated bidi stream is 0 and the next one is 4.
999 */
1000 sid = 4;
1001 stream = SSL_new_stream(clientquic, 0);
1002 if (!TEST_ptr(stream))
1003 goto err;
1004
1005 if (!TEST_true(SSL_set_mode(stream, 0)))
1006 goto err;
1007
1008 thisbio = strbio = BIO_new(BIO_f_ssl());
1009 if (!TEST_ptr(strbio))
1010 goto err;
1011
1012 if (!TEST_int_eq(BIO_set_ssl(thisbio, stream, BIO_CLOSE), 1))
1013 goto err;
1014 stream = NULL;
1015
1016 if (!TEST_true(BIO_write_ex(thisbio, msg, msglen, &written)))
1017 goto err;
1018
1019 ossl_quic_tserver_tick(qtserv);
1020 }
1021
1022 testresult = 1;
1023 err:
1024 BIO_free_all(cbio);
1025 BIO_free_all(strbio);
1026 SSL_free(stream);
1027 ossl_quic_tserver_free(qtserv);
1028 SSL_CTX_free(cctx);
1029
1030 return testresult;
1031 }
1032
1033 #define BACK_PRESSURE_NUM_LOOPS 10000
1034 /*
1035 * Test that sending data from the client to the server faster than the server
1036 * can process it eventually results in back pressure on the client.
1037 */
test_back_pressure(void)1038 static int test_back_pressure(void)
1039 {
1040 SSL_CTX *cctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method());
1041 SSL *clientquic = NULL;
1042 QUIC_TSERVER *qtserv = NULL;
1043 int testresult = 0;
1044 unsigned char *msg = NULL;
1045 const size_t msglen = 1024;
1046 unsigned char buf[64];
1047 size_t readbytes, written;
1048 int i;
1049
1050 if (!TEST_ptr(cctx)
1051 || !TEST_true(qtest_create_quic_objects(libctx, cctx, NULL, cert,
1052 privkey, 0, &qtserv,
1053 &clientquic, NULL, NULL))
1054 || !TEST_true(qtest_create_quic_connection(qtserv, clientquic)))
1055 goto err;
1056
1057 msg = OPENSSL_malloc(msglen);
1058 if (!TEST_ptr(msg))
1059 goto err;
1060 if (!TEST_int_eq(RAND_bytes_ex(libctx, msg, msglen, 0), 1))
1061 goto err;
1062
1063 /*
1064 * Limit to 10000 loops. If we've not seen any back pressure after that
1065 * we're going to run out of memory, so abort.
1066 */
1067 for (i = 0; i < BACK_PRESSURE_NUM_LOOPS; i++) {
1068 /* Send data from the client */
1069 if (!SSL_write_ex(clientquic, msg, msglen, &written)) {
1070 /* Check if we are seeing back pressure */
1071 if (SSL_get_error(clientquic, 0) == SSL_ERROR_WANT_WRITE)
1072 break;
1073 TEST_error("Unexpected client failure");
1074 goto err;
1075 }
1076
1077 /* Receive data at the server */
1078 ossl_quic_tserver_tick(qtserv);
1079 if (!TEST_true(ossl_quic_tserver_read(qtserv, 0, buf, sizeof(buf),
1080 &readbytes)))
1081 goto err;
1082 }
1083
1084 if (i == BACK_PRESSURE_NUM_LOOPS) {
1085 TEST_error("No back pressure seen");
1086 goto err;
1087 }
1088
1089 testresult = 1;
1090 err:
1091 SSL_free(clientquic);
1092 ossl_quic_tserver_free(qtserv);
1093 SSL_CTX_free(cctx);
1094 OPENSSL_free(msg);
1095
1096 return testresult;
1097 }
1098
1099 static int dgram_ctr = 0;
1100
dgram_cb(int write_p,int version,int content_type,const void * buf,size_t msglen,SSL * ssl,void * arg)1101 static void dgram_cb(int write_p, int version, int content_type,
1102 const void *buf, size_t msglen, SSL *ssl, void *arg)
1103 {
1104 if (!write_p)
1105 return;
1106
1107 if (content_type != SSL3_RT_QUIC_DATAGRAM)
1108 return;
1109
1110 dgram_ctr++;
1111 }
1112
1113 /* Test that we send multiple datagrams in one go when appropriate */
test_multiple_dgrams(void)1114 static int test_multiple_dgrams(void)
1115 {
1116 SSL_CTX *cctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method());
1117 SSL *clientquic = NULL;
1118 QUIC_TSERVER *qtserv = NULL;
1119 int testresult = 0;
1120 unsigned char *buf;
1121 const size_t buflen = 1400;
1122 size_t written;
1123
1124 buf = OPENSSL_zalloc(buflen);
1125
1126 if (!TEST_ptr(cctx)
1127 || !TEST_ptr(buf)
1128 || !TEST_true(qtest_create_quic_objects(libctx, cctx, NULL, cert,
1129 privkey, 0, &qtserv,
1130 &clientquic, NULL, NULL))
1131 || !TEST_true(qtest_create_quic_connection(qtserv, clientquic)))
1132 goto err;
1133
1134 dgram_ctr = 0;
1135 SSL_set_msg_callback(clientquic, dgram_cb);
1136 if (!TEST_true(SSL_write_ex(clientquic, buf, buflen, &written))
1137 || !TEST_size_t_eq(written, buflen)
1138 /* We wrote enough data for 2 datagrams */
1139 || !TEST_int_eq(dgram_ctr, 2))
1140 goto err;
1141
1142 testresult = 1;
1143 err:
1144 OPENSSL_free(buf);
1145 SSL_free(clientquic);
1146 ossl_quic_tserver_free(qtserv);
1147 SSL_CTX_free(cctx);
1148
1149 return testresult;
1150 }
1151
non_io_retry_cert_verify_cb(X509_STORE_CTX * ctx,void * arg)1152 static int non_io_retry_cert_verify_cb(X509_STORE_CTX *ctx, void *arg)
1153 {
1154 int idx = SSL_get_ex_data_X509_STORE_CTX_idx();
1155 SSL *ssl;
1156 const int *allow = (int *)arg;
1157
1158 /* this should not happen but check anyway */
1159 if (idx < 0
1160 || (ssl = X509_STORE_CTX_get_ex_data(ctx, idx)) == NULL)
1161 return 0;
1162
1163 /* If this is our first attempt then retry */
1164 if (*allow == 0)
1165 return SSL_set_retry_verify(ssl);
1166
1167 /* Otherwise do nothing - verification succeeds. Continue as normal */
1168 return 1;
1169 }
1170
1171 /* Test that we can handle a non-io related retry error
1172 * Test 0: Non-blocking
1173 * Test 1: Blocking
1174 */
test_non_io_retry(int idx)1175 static int test_non_io_retry(int idx)
1176 {
1177 SSL_CTX *cctx;
1178 SSL *clientquic = NULL;
1179 QUIC_TSERVER *qtserv = NULL;
1180 int testresult = 0;
1181 int flags = 0, allow = 0;
1182
1183 if (idx >= 1 && !qtest_supports_blocking())
1184 return TEST_skip("Blocking tests not supported in this build");
1185
1186 cctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method());
1187 if (!TEST_ptr(cctx))
1188 goto err;
1189
1190 SSL_CTX_set_cert_verify_callback(cctx, non_io_retry_cert_verify_cb, &allow);
1191
1192 flags = (idx >= 1) ? QTEST_FLAG_BLOCK : 0;
1193 if (!TEST_true(qtest_create_quic_objects(libctx, cctx, NULL, cert, privkey,
1194 flags, &qtserv, &clientquic, NULL,
1195 NULL))
1196 || !TEST_true(qtest_create_quic_connection_ex(qtserv, clientquic,
1197 SSL_ERROR_WANT_RETRY_VERIFY))
1198 || !TEST_int_eq(SSL_want(clientquic), SSL_RETRY_VERIFY))
1199 goto err;
1200
1201 allow = 1;
1202 if (!TEST_true(qtest_create_quic_connection(qtserv, clientquic)))
1203 goto err;
1204
1205 testresult = 1;
1206 err:
1207 SSL_free(clientquic);
1208 ossl_quic_tserver_free(qtserv);
1209 SSL_CTX_free(cctx);
1210
1211 return testresult;
1212 }
1213
1214 static int use_session_cb_cnt = 0;
1215 static int find_session_cb_cnt = 0;
1216 static const char *pskid = "Identity";
1217 static SSL_SESSION *serverpsk = NULL, *clientpsk = NULL;
1218
use_session_cb(SSL * ssl,const EVP_MD * md,const unsigned char ** id,size_t * idlen,SSL_SESSION ** sess)1219 static int use_session_cb(SSL *ssl, const EVP_MD *md, const unsigned char **id,
1220 size_t *idlen, SSL_SESSION **sess)
1221 {
1222 use_session_cb_cnt++;
1223
1224 if (clientpsk == NULL || !SSL_SESSION_up_ref(clientpsk))
1225 return 0;
1226
1227 *sess = clientpsk;
1228 *id = (const unsigned char *)pskid;
1229 *idlen = strlen(pskid);
1230
1231 return 1;
1232 }
1233
find_session_cb(SSL * ssl,const unsigned char * identity,size_t identity_len,SSL_SESSION ** sess)1234 static int find_session_cb(SSL *ssl, const unsigned char *identity,
1235 size_t identity_len, SSL_SESSION **sess)
1236 {
1237 find_session_cb_cnt++;
1238
1239 if (serverpsk == NULL || !SSL_SESSION_up_ref(serverpsk))
1240 return 0;
1241
1242 /* Identity should match that set by the client */
1243 if (strlen(pskid) != identity_len
1244 || strncmp(pskid, (const char *)identity, identity_len) != 0) {
1245 SSL_SESSION_free(serverpsk);
1246 return 0;
1247 }
1248
1249 *sess = serverpsk;
1250
1251 return 1;
1252 }
1253
test_quic_psk(void)1254 static int test_quic_psk(void)
1255 {
1256 SSL_CTX *cctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method());
1257 SSL *clientquic = NULL;
1258 QUIC_TSERVER *qtserv = NULL;
1259 int testresult = 0;
1260
1261 if (!TEST_ptr(cctx)
1262 /* No cert or private key for the server, i.e. PSK only */
1263 || !TEST_true(qtest_create_quic_objects(libctx, cctx, NULL, NULL,
1264 NULL, 0, &qtserv,
1265 &clientquic, NULL, NULL)))
1266 goto end;
1267
1268 SSL_set_psk_use_session_callback(clientquic, use_session_cb);
1269 ossl_quic_tserver_set_psk_find_session_cb(qtserv, find_session_cb);
1270 use_session_cb_cnt = 0;
1271 find_session_cb_cnt = 0;
1272
1273 clientpsk = serverpsk = create_a_psk(clientquic, SHA384_DIGEST_LENGTH);
1274 /* We already had one ref. Add another one */
1275 if (!TEST_ptr(clientpsk) || !TEST_true(SSL_SESSION_up_ref(clientpsk)))
1276 goto end;
1277
1278 if (!TEST_true(qtest_create_quic_connection(qtserv, clientquic))
1279 || !TEST_int_eq(1, find_session_cb_cnt)
1280 || !TEST_int_eq(1, use_session_cb_cnt)
1281 /* Check that we actually used the PSK */
1282 || !TEST_true(SSL_session_reused(clientquic)))
1283 goto end;
1284
1285 testresult = 1;
1286
1287 end:
1288 SSL_free(clientquic);
1289 ossl_quic_tserver_free(qtserv);
1290 SSL_CTX_free(cctx);
1291 SSL_SESSION_free(clientpsk);
1292 SSL_SESSION_free(serverpsk);
1293 clientpsk = serverpsk = NULL;
1294
1295 return testresult;
1296 }
1297
test_client_auth(int idx)1298 static int test_client_auth(int idx)
1299 {
1300 SSL_CTX *cctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method());
1301 SSL_CTX *sctx = SSL_CTX_new_ex(libctx, NULL, TLS_method());
1302 SSL *clientquic = NULL;
1303 QUIC_TSERVER *qtserv = NULL;
1304 int testresult = 0;
1305 unsigned char buf[20];
1306 static char *msg = "A test message";
1307 size_t msglen = strlen(msg);
1308 size_t numbytes = 0;
1309
1310 if (!TEST_ptr(cctx) || !TEST_ptr(sctx))
1311 goto err;
1312
1313 SSL_CTX_set_verify(sctx, SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT | SSL_VERIFY_CLIENT_ONCE, NULL);
1314
1315 if (!TEST_true(SSL_CTX_load_verify_file(sctx, cauthca)))
1316 goto err;
1317
1318 if (idx > 0
1319 && (!TEST_true(SSL_CTX_use_certificate_chain_file(cctx, ccert))
1320 || !TEST_true(SSL_CTX_use_PrivateKey_file(cctx, cprivkey,
1321 SSL_FILETYPE_PEM))))
1322 goto err;
1323
1324 if (!TEST_true(qtest_create_quic_objects(libctx, cctx, sctx, cert,
1325 privkey, 0, &qtserv,
1326 &clientquic, NULL, NULL)))
1327 goto err;
1328
1329 if (idx > 1) {
1330 if (!TEST_true(ssl_ctx_add_large_cert_chain(libctx, cctx, ccert))
1331 || !TEST_true(ssl_ctx_add_large_cert_chain(libctx, sctx, cert)))
1332 goto err;
1333 }
1334
1335 if (idx == 0) {
1336 if (!TEST_false(qtest_create_quic_connection(qtserv, clientquic)))
1337 goto err;
1338
1339 /* negative test passed */
1340 testresult = 1;
1341 goto err;
1342 }
1343
1344 if (!TEST_true(qtest_create_quic_connection(qtserv, clientquic)))
1345 goto err;
1346
1347 /* Check that sending and receiving app data is ok */
1348 if (!TEST_true(SSL_write_ex(clientquic, msg, msglen, &numbytes))
1349 || !TEST_size_t_eq(numbytes, msglen))
1350 goto err;
1351
1352 ossl_quic_tserver_tick(qtserv);
1353 if (!TEST_true(ossl_quic_tserver_write(qtserv, 0,
1354 (unsigned char *)msg,
1355 msglen, &numbytes)))
1356 goto err;
1357
1358 ossl_quic_tserver_tick(qtserv);
1359 SSL_handle_events(clientquic);
1360
1361 if (!TEST_true(SSL_read_ex(clientquic, buf, sizeof(buf), &numbytes))
1362 || !TEST_size_t_eq(numbytes, msglen)
1363 || !TEST_mem_eq(buf, numbytes, msg, msglen))
1364 goto err;
1365
1366 if (!TEST_true(qtest_shutdown(qtserv, clientquic)))
1367 goto err;
1368
1369 testresult = 1;
1370
1371 err:
1372 SSL_free(clientquic);
1373 ossl_quic_tserver_free(qtserv);
1374 SSL_CTX_free(sctx);
1375 SSL_CTX_free(cctx);
1376
1377 return testresult;
1378 }
1379
1380 /*
1381 * Test that we correctly handle ALPN supplied by the application
1382 * Test 0: ALPN is provided
1383 * Test 1: No ALPN is provided
1384 */
test_alpn(int idx)1385 static int test_alpn(int idx)
1386 {
1387 SSL_CTX *cctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method());
1388 SSL *clientquic = NULL;
1389 QUIC_TSERVER *qtserv = NULL;
1390 int testresult = 0;
1391 int ret;
1392
1393 /*
1394 * Ensure we only configure ciphersuites that are available with both the
1395 * default and fips providers to get the same output in both cases
1396 */
1397 if (!TEST_true(SSL_CTX_set_ciphersuites(cctx, "TLS_AES_128_GCM_SHA256")))
1398 goto err;
1399
1400 if (!TEST_ptr(cctx)
1401 || !TEST_true(qtest_create_quic_objects(libctx, cctx, NULL, cert,
1402 privkey,
1403 QTEST_FLAG_FAKE_TIME,
1404 &qtserv,
1405 &clientquic, NULL, NULL)))
1406 goto err;
1407
1408 if (idx == 0) {
1409 /*
1410 * Clear the ALPN we set in qtest_create_quic_objects. We use TEST_false
1411 * because SSL_set_alpn_protos returns 0 for success.
1412 */
1413 if (!TEST_false(SSL_set_alpn_protos(clientquic, NULL, 0)))
1414 goto err;
1415 }
1416
1417 ret = SSL_connect(clientquic);
1418 if (!TEST_int_le(ret, 0))
1419 goto err;
1420 if (idx == 0) {
1421 /* We expect an immediate error due to lack of ALPN */
1422 if (!TEST_int_eq(SSL_get_error(clientquic, ret), SSL_ERROR_SSL))
1423 goto err;
1424 } else {
1425 /* ALPN was provided so we expect the connection to succeed */
1426 if (!TEST_int_eq(SSL_get_error(clientquic, ret), SSL_ERROR_WANT_READ)
1427 || !TEST_true(qtest_create_quic_connection(qtserv, clientquic)))
1428 goto err;
1429 }
1430
1431 testresult = 1;
1432 err:
1433 ossl_quic_tserver_free(qtserv);
1434 SSL_free(clientquic);
1435 SSL_CTX_free(cctx);
1436
1437 return testresult;
1438 }
1439
1440 /*
1441 * Test SSL_get_shutdown() behavior.
1442 */
test_get_shutdown(void)1443 static int test_get_shutdown(void)
1444 {
1445 SSL_CTX *cctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method());
1446 SSL *clientquic = NULL;
1447 QUIC_TSERVER *qtserv = NULL;
1448 int testresult = 0;
1449
1450 if (!TEST_ptr(cctx)
1451 || !TEST_true(qtest_create_quic_objects(libctx, cctx, NULL, cert,
1452 privkey,
1453 QTEST_FLAG_FAKE_TIME,
1454 &qtserv, &clientquic,
1455 NULL, NULL))
1456 || !TEST_true(qtest_create_quic_connection(qtserv, clientquic)))
1457 goto err;
1458
1459 if (!TEST_int_eq(SSL_get_shutdown(clientquic), 0))
1460 goto err;
1461
1462 if (!TEST_int_eq(SSL_shutdown(clientquic), 0))
1463 goto err;
1464
1465 if (!TEST_int_eq(SSL_get_shutdown(clientquic), SSL_SENT_SHUTDOWN))
1466 goto err;
1467
1468 do {
1469 ossl_quic_tserver_tick(qtserv);
1470 qtest_add_time(100);
1471 } while (SSL_shutdown(clientquic) == 0);
1472
1473 if (!TEST_int_eq(SSL_get_shutdown(clientquic),
1474 SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN))
1475 goto err;
1476
1477 testresult = 1;
1478 err:
1479 ossl_quic_tserver_free(qtserv);
1480 SSL_free(clientquic);
1481 SSL_CTX_free(cctx);
1482
1483 return testresult;
1484 }
1485
1486 #define MAX_LOOPS 2000
1487
1488 /*
1489 * Keep retrying SSL_read_ex until it succeeds or we give up. Accept a stream
1490 * if we don't already have one
1491 */
unreliable_client_read(SSL * clientquic,SSL ** stream,void * buf,size_t buflen,size_t * readbytes,QUIC_TSERVER * qtserv)1492 static int unreliable_client_read(SSL *clientquic, SSL **stream, void *buf,
1493 size_t buflen, size_t *readbytes,
1494 QUIC_TSERVER *qtserv)
1495 {
1496 int abortctr;
1497
1498 /* We just do this in a loop with a sleep for simplicity */
1499 for (abortctr = 0; abortctr < MAX_LOOPS; abortctr++) {
1500 if (*stream == NULL) {
1501 SSL_handle_events(clientquic);
1502 *stream = SSL_accept_stream(clientquic, 0);
1503 }
1504
1505 if (*stream != NULL) {
1506 if (SSL_read_ex(*stream, buf, buflen, readbytes))
1507 return 1;
1508 if (!TEST_int_eq(SSL_get_error(*stream, 0), SSL_ERROR_WANT_READ))
1509 return 0;
1510 }
1511 ossl_quic_tserver_tick(qtserv);
1512 qtest_add_time(1);
1513 qtest_wait_for_timeout(clientquic, qtserv);
1514 }
1515
1516 TEST_error("No progress made");
1517 return 0;
1518 }
1519
1520 /* Keep retrying ossl_quic_tserver_read until it succeeds or we give up */
unreliable_server_read(QUIC_TSERVER * qtserv,uint64_t sid,void * buf,size_t buflen,size_t * readbytes,SSL * clientquic)1521 static int unreliable_server_read(QUIC_TSERVER *qtserv, uint64_t sid,
1522 void *buf, size_t buflen, size_t *readbytes,
1523 SSL *clientquic)
1524 {
1525 int abortctr;
1526
1527 /* We just do this in a loop with a sleep for simplicity */
1528 for (abortctr = 0; abortctr < MAX_LOOPS; abortctr++) {
1529 if (ossl_quic_tserver_read(qtserv, sid, buf, buflen, readbytes)
1530 && *readbytes > 1)
1531 return 1;
1532 ossl_quic_tserver_tick(qtserv);
1533 SSL_handle_events(clientquic);
1534 qtest_add_time(1);
1535 qtest_wait_for_timeout(clientquic, qtserv);
1536 }
1537
1538 TEST_error("No progress made");
1539 return 0;
1540 }
1541
1542 /*
1543 * Create a connection and send data using an unreliable transport. We introduce
1544 * random noise to drop, delay and duplicate datagrams.
1545 * Test 0: Introduce random noise to datagrams
1546 * Test 1: As with test 0 but also split datagrams containing multiple packets
1547 * into individual datagrams so that individual packets can be affected
1548 * by noise - not just a whole datagram.
1549 */
test_noisy_dgram(int idx)1550 static int test_noisy_dgram(int idx)
1551 {
1552 SSL_CTX *cctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method());
1553 SSL *clientquic = NULL, *stream[2] = { NULL, NULL };
1554 QUIC_TSERVER *qtserv = NULL;
1555 int testresult = 0;
1556 uint64_t sid = 0;
1557 char *msg = "Hello world!";
1558 size_t msglen = strlen(msg), written, readbytes, i, j;
1559 unsigned char buf[80];
1560 int flags = QTEST_FLAG_NOISE | QTEST_FLAG_FAKE_TIME;
1561 QTEST_FAULT *fault = NULL;
1562
1563 if (idx == 1)
1564 flags |= QTEST_FLAG_PACKET_SPLIT;
1565
1566 if (!TEST_ptr(cctx)
1567 || !TEST_true(qtest_create_quic_objects(libctx, cctx, NULL, cert,
1568 privkey, flags,
1569 &qtserv,
1570 &clientquic, &fault, NULL)))
1571 goto err;
1572
1573 if (!TEST_true(qtest_create_quic_connection(qtserv, clientquic)))
1574 goto err;
1575
1576 if (!TEST_true(SSL_set_incoming_stream_policy(clientquic,
1577 SSL_INCOMING_STREAM_POLICY_ACCEPT,
1578 0))
1579 || !TEST_true(SSL_set_default_stream_mode(clientquic,
1580 SSL_DEFAULT_STREAM_MODE_NONE)))
1581 goto err;
1582
1583 for (j = 0; j < 2; j++) {
1584 if (!TEST_true(ossl_quic_tserver_stream_new(qtserv, 0, &sid)))
1585 goto err;
1586 ossl_quic_tserver_tick(qtserv);
1587 qtest_add_time(1);
1588
1589 /*
1590 * Send data from the server to the client. Some datagrams may get
1591 * lost, modified, dropped or re-ordered. We repeat 20 times to ensure
1592 * we are sending enough datagrams for problems to be noticed.
1593 */
1594 for (i = 0; i < 20; i++) {
1595 if (!TEST_true(ossl_quic_tserver_write(qtserv, sid,
1596 (unsigned char *)msg, msglen,
1597 &written))
1598 || !TEST_size_t_eq(msglen, written))
1599 goto err;
1600 ossl_quic_tserver_tick(qtserv);
1601 qtest_add_time(1);
1602
1603 /*
1604 * Since the underlying BIO is now noisy we may get failures that
1605 * need to be retried - so we use unreliable_client_read() to
1606 * handle that
1607 */
1608 if (!TEST_true(unreliable_client_read(clientquic, &stream[j], buf,
1609 sizeof(buf), &readbytes,
1610 qtserv))
1611 || !TEST_mem_eq(msg, msglen, buf, readbytes))
1612 goto err;
1613 }
1614
1615 /* Send data from the client to the server */
1616 for (i = 0; i < 20; i++) {
1617 if (!TEST_true(SSL_write_ex(stream[j], (unsigned char *)msg,
1618 msglen, &written))
1619 || !TEST_size_t_eq(msglen, written))
1620 goto err;
1621
1622 ossl_quic_tserver_tick(qtserv);
1623 qtest_add_time(1);
1624
1625 /*
1626 * Since the underlying BIO is now noisy we may get failures that
1627 * need to be retried - so we use unreliable_server_read() to
1628 * handle that
1629 */
1630 if (!TEST_true(unreliable_server_read(qtserv, sid, buf, sizeof(buf),
1631 &readbytes, clientquic))
1632 || !TEST_mem_eq(msg, msglen, buf, readbytes))
1633 goto err;
1634 }
1635 }
1636
1637 testresult = 1;
1638 err:
1639 ossl_quic_tserver_free(qtserv);
1640 SSL_free(stream[0]);
1641 SSL_free(stream[1]);
1642 SSL_free(clientquic);
1643 SSL_CTX_free(cctx);
1644 qtest_fault_free(fault);
1645
1646 return testresult;
1647 }
1648
1649 /*
1650 * Create a connection and send some big data using a transport with limited bandwidth.
1651 */
1652
1653 #define TEST_TRANSFER_DATA_SIZE (2 * 1024 * 1024) /* 2 MBytes */
1654 #define TEST_SINGLE_WRITE_SIZE (16 * 1024) /* 16 kBytes */
1655 #define TEST_BW_LIMIT 1000 /* 1000 Bytes/ms */
test_bw_limit(void)1656 static int test_bw_limit(void)
1657 {
1658 SSL_CTX *cctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method());
1659 SSL *clientquic = NULL;
1660 QUIC_TSERVER *qtserv = NULL;
1661 int testresult = 0;
1662 unsigned char *msg = NULL, *recvbuf = NULL;
1663 size_t sendlen = TEST_TRANSFER_DATA_SIZE;
1664 size_t recvlen = TEST_TRANSFER_DATA_SIZE;
1665 size_t written, readbytes;
1666 int flags = QTEST_FLAG_NOISE | QTEST_FLAG_FAKE_TIME;
1667 QTEST_FAULT *fault = NULL;
1668 uint64_t real_bw;
1669
1670 if (!TEST_ptr(cctx)
1671 || !TEST_true(qtest_create_quic_objects(libctx, cctx, NULL, cert,
1672 privkey, flags,
1673 &qtserv,
1674 &clientquic, &fault, NULL)))
1675 goto err;
1676
1677 if (!TEST_ptr(msg = OPENSSL_zalloc(TEST_SINGLE_WRITE_SIZE))
1678 || !TEST_ptr(recvbuf = OPENSSL_zalloc(TEST_SINGLE_WRITE_SIZE)))
1679 goto err;
1680
1681 /* Set BW to 1000 Bytes/ms -> 1MByte/s both ways */
1682 if (!TEST_true(qtest_fault_set_bw_limit(fault, 1000, 1000, 0)))
1683 goto err;
1684
1685 if (!TEST_true(qtest_create_quic_connection(qtserv, clientquic)))
1686 goto err;
1687
1688 qtest_start_stopwatch();
1689
1690 while (recvlen > 0) {
1691 qtest_add_time(1);
1692
1693 if (sendlen > 0) {
1694 if (!SSL_write_ex(clientquic, msg,
1695 sendlen > TEST_SINGLE_WRITE_SIZE ? TEST_SINGLE_WRITE_SIZE
1696 : sendlen,
1697 &written)) {
1698 TEST_info("Retrying to send: %llu", (unsigned long long)sendlen);
1699 if (!TEST_int_eq(SSL_get_error(clientquic, 0), SSL_ERROR_WANT_WRITE))
1700 goto err;
1701 } else {
1702 sendlen -= written;
1703 TEST_info("Remaining to send: %llu", (unsigned long long)sendlen);
1704 }
1705 } else {
1706 SSL_handle_events(clientquic);
1707 }
1708
1709 if (ossl_quic_tserver_read(qtserv, 0, recvbuf,
1710 recvlen > TEST_SINGLE_WRITE_SIZE ? TEST_SINGLE_WRITE_SIZE
1711 : recvlen,
1712 &readbytes)
1713 && readbytes > 1) {
1714 recvlen -= readbytes;
1715 TEST_info("Remaining to recv: %llu", (unsigned long long)recvlen);
1716 } else {
1717 TEST_info("No progress on recv: %llu", (unsigned long long)recvlen);
1718 }
1719 ossl_quic_tserver_tick(qtserv);
1720 }
1721 real_bw = TEST_TRANSFER_DATA_SIZE / qtest_get_stopwatch_time();
1722
1723 TEST_info("BW limit: %d Bytes/ms Real bandwidth reached: %llu Bytes/ms",
1724 TEST_BW_LIMIT, (unsigned long long)real_bw);
1725
1726 if (!TEST_uint64_t_lt(real_bw, TEST_BW_LIMIT))
1727 goto err;
1728
1729 testresult = 1;
1730 err:
1731 OPENSSL_free(msg);
1732 OPENSSL_free(recvbuf);
1733 ossl_quic_tserver_free(qtserv);
1734 SSL_free(clientquic);
1735 SSL_CTX_free(cctx);
1736 qtest_fault_free(fault);
1737
1738 return testresult;
1739 }
1740
1741 enum {
1742 TPARAM_OP_DUP,
1743 TPARAM_OP_DROP,
1744 TPARAM_OP_INJECT,
1745 TPARAM_OP_INJECT_TWICE,
1746 TPARAM_OP_INJECT_RAW,
1747 TPARAM_OP_DROP_INJECT,
1748 TPARAM_OP_MUTATE
1749 };
1750
1751 #define TPARAM_CHECK_DUP(name, reason) \
1752 { QUIC_TPARAM_##name, TPARAM_OP_DUP, (reason) },
1753 #define TPARAM_CHECK_DROP(name, reason) \
1754 { QUIC_TPARAM_##name, TPARAM_OP_DROP, (reason) },
1755 #define TPARAM_CHECK_INJECT(name, buf, buf_len, reason) \
1756 { QUIC_TPARAM_##name, TPARAM_OP_INJECT, (reason), \
1757 (buf), (buf_len) },
1758 #define TPARAM_CHECK_INJECT_A(name, buf, reason) \
1759 TPARAM_CHECK_INJECT(name, buf, sizeof(buf), reason)
1760 #define TPARAM_CHECK_DROP_INJECT(name, buf, buf_len, reason) \
1761 { QUIC_TPARAM_##name, TPARAM_OP_DROP_INJECT, (reason), \
1762 (buf), (buf_len) },
1763 #define TPARAM_CHECK_DROP_INJECT_A(name, buf, reason) \
1764 TPARAM_CHECK_DROP_INJECT(name, buf, sizeof(buf), reason)
1765 #define TPARAM_CHECK_INJECT_TWICE(name, buf, buf_len, reason) \
1766 { QUIC_TPARAM_##name, TPARAM_OP_INJECT_TWICE, (reason), \
1767 (buf), (buf_len) },
1768 #define TPARAM_CHECK_INJECT_TWICE_A(name, buf, reason) \
1769 TPARAM_CHECK_INJECT_TWICE(name, buf, sizeof(buf), reason)
1770 #define TPARAM_CHECK_INJECT_RAW(buf, buf_len, reason) \
1771 { 0, TPARAM_OP_INJECT_RAW, (reason), \
1772 (buf), (buf_len) },
1773 #define TPARAM_CHECK_INJECT_RAW_A(buf, reason) \
1774 TPARAM_CHECK_INJECT_RAW(buf, sizeof(buf), reason)
1775 #define TPARAM_CHECK_MUTATE(name, reason) \
1776 { QUIC_TPARAM_##name, TPARAM_OP_MUTATE, (reason) },
1777 #define TPARAM_CHECK_INT(name, reason) \
1778 TPARAM_CHECK_DROP_INJECT(name, NULL, 0, reason) \
1779 TPARAM_CHECK_DROP_INJECT_A(name, bogus_int, reason) \
1780 TPARAM_CHECK_DROP_INJECT_A(name, int_with_trailer, reason)
1781
1782 struct tparam_test {
1783 uint64_t id;
1784 int op;
1785 const char *expect_fail; /* substring to expect in reason */
1786 const void *buf;
1787 size_t buf_len;
1788 };
1789
1790 static const unsigned char disable_active_migration_1[] = {
1791 0x00
1792 };
1793
1794 static const unsigned char malformed_stateless_reset_token_1[] = {
1795 0x02, 0xff
1796 };
1797
1798 static const unsigned char malformed_stateless_reset_token_2[] = {
1799 0x01
1800 };
1801
1802 static const unsigned char malformed_stateless_reset_token_3[15] = { 0 };
1803
1804 static const unsigned char malformed_stateless_reset_token_4[17] = { 0 };
1805
1806 static const unsigned char malformed_preferred_addr_1[] = {
1807 0x0d, 0xff
1808 };
1809
1810 static const unsigned char malformed_preferred_addr_2[42] = {
1811 0x0d,
1812 0x28, /* too short */
1813 };
1814
1815 static const unsigned char malformed_preferred_addr_3[64] = {
1816 0x0d,
1817 0x3e, /* too long */
1818 };
1819
1820 static const unsigned char malformed_preferred_addr_4[] = {
1821 /* TPARAM too short for CID length indicated */
1822 0x0d,
1823 0x29,
1824 0x00,
1825 0x00,
1826 0x00,
1827 0x00,
1828 0x00,
1829 0x00,
1830 0x00,
1831 0x00,
1832 0x00,
1833 0x00,
1834 0x00,
1835 0x00,
1836 0x00,
1837 0x00,
1838 0x00,
1839 0x00,
1840 0x00,
1841 0x00,
1842 0x00,
1843 0x00,
1844 0x00,
1845 0x00,
1846 0x00,
1847 0x00,
1848 0x01,
1849 0x55,
1850 0x00,
1851 0x00,
1852 0x00,
1853 0x00,
1854 0x00,
1855 0x00,
1856 0x00,
1857 0x00,
1858 0x00,
1859 0x00,
1860 0x00,
1861 0x00,
1862 0x00,
1863 0x00,
1864 0x00,
1865 0x00,
1866 };
1867
1868 static const unsigned char malformed_unknown_1[] = {
1869 0xff
1870 };
1871
1872 static const unsigned char malformed_unknown_2[] = {
1873 0x55,
1874 0x55,
1875 };
1876
1877 static const unsigned char malformed_unknown_3[] = {
1878 0x55,
1879 0x55,
1880 0x01,
1881 };
1882
1883 static const unsigned char ack_delay_exp[] = {
1884 0x03
1885 };
1886
1887 static const unsigned char stateless_reset_token[16] = { 0x42 };
1888
1889 static const unsigned char preferred_addr[] = {
1890 0x44,
1891 0x44,
1892 0x44,
1893 0x44,
1894 0x55,
1895 0x55,
1896 0x66,
1897 0x66,
1898 0x66,
1899 0x66,
1900 0x66,
1901 0x66,
1902 0x66,
1903 0x66,
1904 0x66,
1905 0x66,
1906 0x66,
1907 0x66,
1908 0x66,
1909 0x66,
1910 0x66,
1911 0x66,
1912 0x77,
1913 0x77,
1914 0x02,
1915 0xAA,
1916 0xBB,
1917 0x99,
1918 0x99,
1919 0x99,
1920 0x99,
1921 0x99,
1922 0x99,
1923 0x99,
1924 0x99,
1925 0x99,
1926 0x99,
1927 0x99,
1928 0x99,
1929 0x99,
1930 0x99,
1931 0x99,
1932 0x99,
1933 };
1934
1935 static const unsigned char long_cid[21] = { 0x42 };
1936
1937 static const unsigned char excess_ack_delay_exp[] = {
1938 0x15,
1939 };
1940
1941 static const unsigned char excess_max_ack_delay[] = {
1942 0xC0,
1943 0x00,
1944 0x00,
1945 0x00,
1946 0x00,
1947 0x00,
1948 0x40,
1949 0x00,
1950 };
1951
1952 static const unsigned char excess_initial_max_streams[] = {
1953 0xD0,
1954 0x00,
1955 0x00,
1956 0x00,
1957 0x00,
1958 0x00,
1959 0x00,
1960 0x01,
1961 };
1962
1963 static const unsigned char undersize_udp_payload_size[] = {
1964 0xC0,
1965 0x00,
1966 0x00,
1967 0x00,
1968 0x00,
1969 0x00,
1970 0x04,
1971 0xaf,
1972 };
1973
1974 static const unsigned char undersize_active_conn_id_limit[] = {
1975 0xC0,
1976 0x00,
1977 0x00,
1978 0x00,
1979 0x00,
1980 0x00,
1981 0x00,
1982 0x01,
1983 };
1984
1985 static const unsigned char bogus_int[9] = { 0 };
1986
1987 static const unsigned char int_with_trailer[2] = { 0x01 };
1988
1989 #define QUIC_TPARAM_UNKNOWN_1 0xf1f1
1990
1991 static const struct tparam_test tparam_tests[] = {
1992 TPARAM_CHECK_DUP(ORIG_DCID,
1993 "ORIG_DCID appears multiple times")
1994 TPARAM_CHECK_DUP(INITIAL_SCID,
1995 "INITIAL_SCID appears multiple times")
1996 TPARAM_CHECK_DUP(INITIAL_MAX_DATA,
1997 "INITIAL_MAX_DATA appears multiple times")
1998 TPARAM_CHECK_DUP(INITIAL_MAX_STREAM_DATA_BIDI_LOCAL,
1999 "INITIAL_MAX_STREAM_DATA_BIDI_LOCAL appears multiple times")
2000 TPARAM_CHECK_DUP(INITIAL_MAX_STREAM_DATA_BIDI_REMOTE,
2001 "INITIAL_MAX_STREAM_DATA_BIDI_REMOTE appears multiple times")
2002 TPARAM_CHECK_DUP(INITIAL_MAX_STREAM_DATA_UNI,
2003 "INITIAL_MAX_STREAM_DATA_UNI appears multiple times")
2004 TPARAM_CHECK_DUP(INITIAL_MAX_STREAMS_BIDI,
2005 "INITIAL_MAX_STREAMS_BIDI appears multiple times")
2006 TPARAM_CHECK_DUP(INITIAL_MAX_STREAMS_UNI,
2007 "INITIAL_MAX_STREAMS_UNI appears multiple times")
2008 TPARAM_CHECK_DUP(MAX_IDLE_TIMEOUT,
2009 "MAX_IDLE_TIMEOUT appears multiple times")
2010 TPARAM_CHECK_DUP(MAX_UDP_PAYLOAD_SIZE,
2011 "MAX_UDP_PAYLOAD_SIZE appears multiple times")
2012 TPARAM_CHECK_DUP(ACTIVE_CONN_ID_LIMIT,
2013 "ACTIVE_CONN_ID_LIMIT appears multiple times")
2014 TPARAM_CHECK_DUP(DISABLE_ACTIVE_MIGRATION,
2015 "DISABLE_ACTIVE_MIGRATION appears multiple times")
2016
2017 TPARAM_CHECK_DROP(INITIAL_SCID,
2018 "INITIAL_SCID was not sent but is required")
2019 TPARAM_CHECK_DROP(ORIG_DCID,
2020 "ORIG_DCID was not sent but is required")
2021
2022 TPARAM_CHECK_DROP_INJECT_A(DISABLE_ACTIVE_MIGRATION, disable_active_migration_1,
2023 "DISABLE_ACTIVE_MIGRATION is malformed")
2024 TPARAM_CHECK_INJECT(UNKNOWN_1, NULL, 0,
2025 NULL)
2026 TPARAM_CHECK_INJECT_RAW_A(malformed_stateless_reset_token_1,
2027 "STATELESS_RESET_TOKEN is malformed")
2028 TPARAM_CHECK_INJECT_A(STATELESS_RESET_TOKEN,
2029 malformed_stateless_reset_token_2,
2030 "STATELESS_RESET_TOKEN is malformed")
2031 TPARAM_CHECK_INJECT_A(STATELESS_RESET_TOKEN,
2032 malformed_stateless_reset_token_3,
2033 "STATELESS_RESET_TOKEN is malformed")
2034 TPARAM_CHECK_INJECT_A(STATELESS_RESET_TOKEN,
2035 malformed_stateless_reset_token_4,
2036 "STATELESS_RESET_TOKEN is malformed")
2037 TPARAM_CHECK_INJECT(STATELESS_RESET_TOKEN,
2038 NULL, 0,
2039 "STATELESS_RESET_TOKEN is malformed")
2040 TPARAM_CHECK_INJECT_RAW_A(malformed_preferred_addr_1,
2041 "PREFERRED_ADDR is malformed")
2042 TPARAM_CHECK_INJECT_RAW_A(malformed_preferred_addr_2,
2043 "PREFERRED_ADDR is malformed")
2044 TPARAM_CHECK_INJECT_RAW_A(malformed_preferred_addr_3,
2045 "PREFERRED_ADDR is malformed")
2046 TPARAM_CHECK_INJECT_RAW_A(malformed_preferred_addr_4,
2047 "PREFERRED_ADDR is malformed")
2048 TPARAM_CHECK_INJECT_RAW_A(malformed_unknown_1,
2049 "bad transport parameter")
2050 TPARAM_CHECK_INJECT_RAW_A(malformed_unknown_2,
2051 "bad transport parameter")
2052 TPARAM_CHECK_INJECT_RAW_A(malformed_unknown_3,
2053 "bad transport parameter")
2054
2055 TPARAM_CHECK_INJECT_A(ACK_DELAY_EXP, excess_ack_delay_exp,
2056 "ACK_DELAY_EXP is malformed")
2057 TPARAM_CHECK_INJECT_A(MAX_ACK_DELAY, excess_max_ack_delay,
2058 "MAX_ACK_DELAY is malformed")
2059 TPARAM_CHECK_DROP_INJECT_A(INITIAL_MAX_STREAMS_BIDI, excess_initial_max_streams,
2060 "INITIAL_MAX_STREAMS_BIDI is malformed")
2061 TPARAM_CHECK_DROP_INJECT_A(INITIAL_MAX_STREAMS_UNI, excess_initial_max_streams,
2062 "INITIAL_MAX_STREAMS_UNI is malformed")
2063
2064 TPARAM_CHECK_DROP_INJECT_A(MAX_UDP_PAYLOAD_SIZE, undersize_udp_payload_size,
2065 "MAX_UDP_PAYLOAD_SIZE is malformed")
2066 TPARAM_CHECK_DROP_INJECT_A(ACTIVE_CONN_ID_LIMIT, undersize_active_conn_id_limit,
2067 "ACTIVE_CONN_ID_LIMIT is malformed")
2068
2069 TPARAM_CHECK_INJECT_TWICE_A(ACK_DELAY_EXP, ack_delay_exp,
2070 "ACK_DELAY_EXP appears multiple times")
2071 TPARAM_CHECK_INJECT_TWICE_A(MAX_ACK_DELAY, ack_delay_exp,
2072 "MAX_ACK_DELAY appears multiple times")
2073 TPARAM_CHECK_INJECT_TWICE_A(STATELESS_RESET_TOKEN, stateless_reset_token,
2074 "STATELESS_RESET_TOKEN appears multiple times")
2075 TPARAM_CHECK_INJECT_TWICE_A(PREFERRED_ADDR, preferred_addr,
2076 "PREFERRED_ADDR appears multiple times")
2077
2078 TPARAM_CHECK_MUTATE(ORIG_DCID,
2079 "ORIG_DCID does not match expected value")
2080 TPARAM_CHECK_MUTATE(INITIAL_SCID,
2081 "INITIAL_SCID does not match expected value")
2082
2083 TPARAM_CHECK_DROP_INJECT_A(ORIG_DCID, long_cid,
2084 "ORIG_DCID is malformed")
2085 TPARAM_CHECK_DROP_INJECT_A(INITIAL_SCID, long_cid,
2086 "INITIAL_SCID is malformed")
2087
2088 TPARAM_CHECK_INT(INITIAL_MAX_DATA,
2089 "INITIAL_MAX_DATA is malformed")
2090 TPARAM_CHECK_INT(INITIAL_MAX_STREAM_DATA_BIDI_LOCAL,
2091 "INITIAL_MAX_STREAM_DATA_BIDI_LOCAL is malformed")
2092 TPARAM_CHECK_INT(INITIAL_MAX_STREAM_DATA_BIDI_REMOTE,
2093 "INITIAL_MAX_STREAM_DATA_BIDI_REMOTE is malformed")
2094 TPARAM_CHECK_INT(INITIAL_MAX_STREAM_DATA_UNI,
2095 "INITIAL_MAX_STREAM_DATA_UNI is malformed")
2096 TPARAM_CHECK_INT(ACK_DELAY_EXP,
2097 "ACK_DELAY_EXP is malformed")
2098 TPARAM_CHECK_INT(MAX_ACK_DELAY,
2099 "MAX_ACK_DELAY is malformed")
2100 TPARAM_CHECK_INT(INITIAL_MAX_STREAMS_BIDI,
2101 "INITIAL_MAX_STREAMS_BIDI is malformed")
2102 TPARAM_CHECK_INT(INITIAL_MAX_STREAMS_UNI,
2103 "INITIAL_MAX_STREAMS_UNI is malformed")
2104 TPARAM_CHECK_INT(MAX_IDLE_TIMEOUT,
2105 "MAX_IDLE_TIMEOUT is malformed")
2106 TPARAM_CHECK_INT(MAX_UDP_PAYLOAD_SIZE,
2107 "MAX_UDP_PAYLOAD_SIZE is malformed")
2108 TPARAM_CHECK_INT(ACTIVE_CONN_ID_LIMIT,
2109 "ACTIVE_CONN_ID_LIMIT is malformed")
2110 };
2111
2112 struct tparam_ctx {
2113 const struct tparam_test *t;
2114 };
2115
tparam_handle(struct tparam_ctx * ctx,uint64_t id,unsigned char * data,size_t data_len,WPACKET * wpkt)2116 static int tparam_handle(struct tparam_ctx *ctx,
2117 uint64_t id, unsigned char *data,
2118 size_t data_len,
2119 WPACKET *wpkt)
2120 {
2121 const struct tparam_test *t = ctx->t;
2122
2123 switch (t->op) {
2124 case TPARAM_OP_DUP:
2125 if (!TEST_ptr(ossl_quic_wire_encode_transport_param_bytes(wpkt, id,
2126 data, data_len)))
2127 return 0;
2128
2129 /*
2130 * If this is the matching ID, write it again, duplicating the TPARAM.
2131 */
2132 if (id == t->id
2133 && !TEST_ptr(ossl_quic_wire_encode_transport_param_bytes(wpkt, id,
2134 data, data_len)))
2135 return 0;
2136
2137 return 1;
2138
2139 case TPARAM_OP_DROP:
2140 case TPARAM_OP_DROP_INJECT:
2141 /* Pass through unless ID matches. */
2142 if (id != t->id
2143 && !TEST_ptr(ossl_quic_wire_encode_transport_param_bytes(wpkt, id,
2144 data, data_len)))
2145 return 0;
2146
2147 return 1;
2148
2149 case TPARAM_OP_INJECT:
2150 case TPARAM_OP_INJECT_TWICE:
2151 case TPARAM_OP_INJECT_RAW:
2152 /* Always pass through. */
2153 if (!TEST_ptr(ossl_quic_wire_encode_transport_param_bytes(wpkt, id,
2154 data, data_len)))
2155 return 0;
2156
2157 return 1;
2158
2159 case TPARAM_OP_MUTATE:
2160 if (id == t->id) {
2161 if (!TEST_size_t_gt(data_len, 0))
2162 return 0;
2163
2164 data[0] ^= 1;
2165 }
2166
2167 if (!TEST_ptr(ossl_quic_wire_encode_transport_param_bytes(wpkt, id,
2168 data, data_len)))
2169 return 0;
2170
2171 if (id == t->id)
2172 data[0] ^= 1;
2173
2174 return 1;
2175
2176 default:
2177 return 0;
2178 }
2179 }
2180
tparam_on_enc_ext(QTEST_FAULT * qtf,QTEST_ENCRYPTED_EXTENSIONS * ee,size_t ee_len,void * arg)2181 static int tparam_on_enc_ext(QTEST_FAULT *qtf, QTEST_ENCRYPTED_EXTENSIONS *ee,
2182 size_t ee_len, void *arg)
2183 {
2184 int rc = 0;
2185 struct tparam_ctx *ctx = arg;
2186 PACKET pkt = { 0 };
2187 WPACKET wpkt;
2188 int have_wpkt = 0;
2189 BUF_MEM *old_bufm = NULL, *new_bufm = NULL;
2190 unsigned char *tp_p;
2191 size_t tp_len, written, old_len, eb_len;
2192 uint64_t id;
2193
2194 if (!TEST_ptr(old_bufm = BUF_MEM_new()))
2195 goto err;
2196
2197 /*
2198 * Delete transport parameters TLS extension and capture the contents of the
2199 * extension which was removed.
2200 */
2201 if (!TEST_true(qtest_fault_delete_extension(qtf, TLSEXT_TYPE_quic_transport_parameters,
2202 ee->extensions, &ee->extensionslen,
2203 old_bufm)))
2204 goto err;
2205
2206 if (!TEST_true(PACKET_buf_init(&pkt, (unsigned char *)old_bufm->data, old_bufm->length))
2207 || !TEST_ptr(new_bufm = BUF_MEM_new())
2208 || !TEST_true(WPACKET_init(&wpkt, new_bufm)))
2209 goto err;
2210
2211 have_wpkt = 1;
2212
2213 /*
2214 * Open transport parameters TLS extension:
2215 *
2216 * u16 Extension ID (quic_transport_parameters)
2217 * u16 Extension Data Length
2218 * ... Extension Data
2219 *
2220 */
2221 if (!TEST_true(WPACKET_put_bytes_u16(&wpkt,
2222 TLSEXT_TYPE_quic_transport_parameters))
2223 || !TEST_true(WPACKET_start_sub_packet_u16(&wpkt)))
2224 goto err;
2225
2226 for (; PACKET_remaining(&pkt) > 0;) {
2227 tp_p = (unsigned char *)ossl_quic_wire_decode_transport_param_bytes(&pkt,
2228 &id,
2229 &tp_len);
2230 if (!TEST_ptr(tp_p)) {
2231 TEST_mem_eq(PACKET_data(&pkt), PACKET_remaining(&pkt), NULL, 0);
2232 goto err;
2233 }
2234
2235 if (!TEST_true(tparam_handle(ctx, id, tp_p, tp_len, &wpkt)))
2236 goto err;
2237 }
2238
2239 if (ctx->t->op == TPARAM_OP_INJECT || ctx->t->op == TPARAM_OP_DROP_INJECT
2240 || ctx->t->op == TPARAM_OP_INJECT_TWICE) {
2241 if (!TEST_ptr(ossl_quic_wire_encode_transport_param_bytes(&wpkt, ctx->t->id,
2242 ctx->t->buf,
2243 ctx->t->buf_len)))
2244 goto err;
2245
2246 if (ctx->t->op == TPARAM_OP_INJECT_TWICE
2247 && !TEST_ptr(ossl_quic_wire_encode_transport_param_bytes(&wpkt, ctx->t->id,
2248 ctx->t->buf,
2249 ctx->t->buf_len)))
2250 goto err;
2251 } else if (ctx->t->op == TPARAM_OP_INJECT_RAW) {
2252 if (!TEST_true(WPACKET_memcpy(&wpkt, ctx->t->buf, ctx->t->buf_len)))
2253 goto err;
2254 }
2255
2256 if (!TEST_true(WPACKET_close(&wpkt))) /* end extension data, set length */
2257 goto err;
2258
2259 if (!TEST_true(WPACKET_get_total_written(&wpkt, &written)))
2260 goto err;
2261
2262 WPACKET_finish(&wpkt);
2263 have_wpkt = 0;
2264
2265 /*
2266 * Append the constructed extension blob to the extension block.
2267 */
2268 old_len = ee->extensionslen;
2269
2270 if (!qtest_fault_resize_message(qtf, ee->extensionslen + written))
2271 goto err;
2272
2273 memcpy(ee->extensions + old_len, new_bufm->data, written);
2274
2275 /* Fixup the extension block header (u16 length of entire block). */
2276 eb_len = (((uint16_t)ee->extensions[0]) << 8) + (uint16_t)ee->extensions[1];
2277 eb_len += written;
2278 ee->extensions[0] = (unsigned char)((eb_len >> 8) & 0xFF);
2279 ee->extensions[1] = (unsigned char)(eb_len & 0xFF);
2280
2281 rc = 1;
2282 err:
2283 if (have_wpkt)
2284 WPACKET_cleanup(&wpkt);
2285 BUF_MEM_free(old_bufm);
2286 BUF_MEM_free(new_bufm);
2287 return rc;
2288 }
2289
test_tparam(int idx)2290 static int test_tparam(int idx)
2291 {
2292 int testresult = 0;
2293 SSL_CTX *c_ctx = NULL;
2294 SSL *c_ssl = NULL;
2295 QUIC_TSERVER *s = NULL;
2296 QTEST_FAULT *qtf = NULL;
2297 struct tparam_ctx ctx = { 0 };
2298
2299 ctx.t = &tparam_tests[idx];
2300
2301 if (!TEST_ptr(c_ctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method())))
2302 goto err;
2303
2304 if (!TEST_true(qtest_create_quic_objects(libctx, c_ctx, NULL, cert,
2305 privkey, 0, &s,
2306 &c_ssl, &qtf, NULL)))
2307 goto err;
2308
2309 if (!TEST_true(qtest_fault_set_hand_enc_ext_listener(qtf, tparam_on_enc_ext,
2310 &ctx)))
2311 goto err;
2312
2313 if (!TEST_true(qtest_create_quic_connection_ex(s, c_ssl,
2314 ctx.t->expect_fail != NULL)))
2315 goto err;
2316
2317 if (ctx.t->expect_fail != NULL) {
2318 SSL_CONN_CLOSE_INFO info = { 0 };
2319
2320 if (!TEST_true(SSL_get_conn_close_info(c_ssl, &info, sizeof(info))))
2321 goto err;
2322
2323 if (!TEST_true((info.flags & SSL_CONN_CLOSE_FLAG_TRANSPORT) != 0)
2324 || !TEST_uint64_t_eq(info.error_code, OSSL_QUIC_ERR_TRANSPORT_PARAMETER_ERROR)
2325 || !TEST_ptr(strstr(info.reason, ctx.t->expect_fail))) {
2326 TEST_error("expected connection closure information mismatch"
2327 " during TPARAM test: flags=%llu ec=%llu reason='%s'",
2328 (unsigned long long)info.flags,
2329 (unsigned long long)info.error_code,
2330 info.reason);
2331 goto err;
2332 }
2333 }
2334
2335 testresult = 1;
2336 err:
2337 if (!testresult) {
2338 if (ctx.t->expect_fail != NULL)
2339 TEST_info("failed during test for id=%llu, op=%d, bl=%zu, "
2340 "expected failure='%s'",
2341 (unsigned long long)ctx.t->id,
2342 ctx.t->op, ctx.t->buf_len, ctx.t->expect_fail);
2343 else
2344 TEST_info("failed during test for id=%llu, op=%d, bl=%zu",
2345 (unsigned long long)ctx.t->id, ctx.t->op, ctx.t->buf_len);
2346 }
2347
2348 ossl_quic_tserver_free(s);
2349 SSL_free(c_ssl);
2350 SSL_CTX_free(c_ctx);
2351 qtest_fault_free(qtf);
2352 return testresult;
2353 }
2354
2355 static int new_called = 0;
2356 static SSL *cbssl = NULL;
2357
new_session_cb(SSL * ssl,SSL_SESSION * sess)2358 static int new_session_cb(SSL *ssl, SSL_SESSION *sess)
2359 {
2360 new_called++;
2361 /*
2362 * Remember the SSL ref we were called with. No need to up-ref this. It
2363 * should remain valid for the duration of the test.
2364 */
2365 cbssl = ssl;
2366 /*
2367 * sess has been up-refed for us, but we don't actually need it so free it
2368 * immediately.
2369 */
2370 SSL_SESSION_free(sess);
2371 return 1;
2372 }
2373
2374 /* Test using a new_session_cb with a QUIC SSL object works as expected */
test_session_cb(void)2375 static int test_session_cb(void)
2376 {
2377 SSL_CTX *cctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method());
2378 SSL *clientquic = NULL;
2379 QUIC_TSERVER *qtserv = NULL;
2380 int testresult = 0;
2381
2382 if (!TEST_ptr(cctx))
2383 goto err;
2384
2385 new_called = 0;
2386 cbssl = NULL;
2387 SSL_CTX_sess_set_new_cb(cctx, new_session_cb);
2388 SSL_CTX_set_session_cache_mode(cctx, SSL_SESS_CACHE_CLIENT);
2389
2390 if (!TEST_true(qtest_create_quic_objects(libctx, cctx, NULL, cert,
2391 privkey,
2392 QTEST_FLAG_FAKE_TIME,
2393 &qtserv, &clientquic,
2394 NULL, NULL)))
2395 goto err;
2396
2397 if (!TEST_true(qtest_create_quic_connection(qtserv, clientquic)))
2398 goto err;
2399
2400 /* Process the pending NewSessionTickets */
2401 if (!TEST_true(SSL_handle_events(clientquic)))
2402 goto err;
2403
2404 if (!TEST_int_eq(SSL_shutdown(clientquic), 0))
2405 goto err;
2406
2407 /*
2408 * Check the callback was called twice (we expect 2 tickets), and with the
2409 * correct SSL reference
2410 */
2411 if (!TEST_int_eq(new_called, 2)
2412 || !TEST_ptr_eq(clientquic, cbssl))
2413 goto err;
2414
2415 testresult = 1;
2416 err:
2417 cbssl = NULL;
2418 ossl_quic_tserver_free(qtserv);
2419 SSL_free(clientquic);
2420 SSL_CTX_free(cctx);
2421
2422 return testresult;
2423 }
2424
test_domain_flags(void)2425 static int test_domain_flags(void)
2426 {
2427 int testresult = 0;
2428 SSL_CTX *ctx = NULL;
2429 SSL *domain = NULL, *listener = NULL, *other_conn = NULL;
2430 uint64_t domain_flags = 0;
2431
2432 if (!TEST_ptr(ctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method()))
2433 || !TEST_true(SSL_CTX_get_domain_flags(ctx, &domain_flags))
2434 || !TEST_uint64_t_ne(domain_flags, 0)
2435 || !TEST_uint64_t_ne(domain_flags & (SSL_DOMAIN_FLAG_SINGLE_THREAD | SSL_DOMAIN_FLAG_MULTI_THREAD), 0)
2436 || !TEST_uint64_t_ne(domain_flags & SSL_DOMAIN_FLAG_LEGACY_BLOCKING, 0)
2437 || !TEST_true(SSL_CTX_set_domain_flags(ctx, SSL_DOMAIN_FLAG_SINGLE_THREAD))
2438 || !TEST_true(SSL_CTX_get_domain_flags(ctx, &domain_flags))
2439 || !TEST_uint64_t_eq(domain_flags, SSL_DOMAIN_FLAG_SINGLE_THREAD)
2440 || !TEST_ptr(domain = SSL_new_domain(ctx, 0))
2441 || !TEST_true(SSL_get_domain_flags(domain, &domain_flags))
2442 || !TEST_uint64_t_eq(domain_flags, SSL_DOMAIN_FLAG_SINGLE_THREAD)
2443 || !TEST_true(other_conn = SSL_new(ctx))
2444 || !TEST_true(SSL_get_domain_flags(other_conn, &domain_flags))
2445 || !TEST_uint64_t_eq(domain_flags, SSL_DOMAIN_FLAG_SINGLE_THREAD)
2446 || !TEST_true(SSL_is_domain(domain))
2447 || !TEST_false(SSL_is_domain(other_conn))
2448 || !TEST_ptr_eq(SSL_get0_domain(domain), domain)
2449 || !TEST_ptr_null(SSL_get0_domain(other_conn))
2450 || !TEST_ptr(listener = SSL_new_listener_from(domain, 0))
2451 || !TEST_true(SSL_is_listener(listener))
2452 || !TEST_false(SSL_is_domain(listener))
2453 || !TEST_ptr_eq(SSL_get0_domain(listener), domain)
2454 || !TEST_ptr_eq(SSL_get0_listener(listener), listener))
2455 goto err;
2456
2457 testresult = 1;
2458 err:
2459 SSL_free(domain);
2460 SSL_free(listener);
2461 SSL_free(other_conn);
2462 SSL_CTX_free(ctx);
2463 return testresult;
2464 }
2465
2466 /*
2467 * Test that calling SSL_handle_events() early behaves as expected
2468 */
test_early_ticks(void)2469 static int test_early_ticks(void)
2470 {
2471 SSL_CTX *cctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method());
2472 SSL *clientquic = NULL;
2473 QUIC_TSERVER *qtserv = NULL;
2474 int testresult = 0;
2475 struct timeval tv;
2476 int inf = 0;
2477
2478 if (!TEST_ptr(cctx)
2479 || !TEST_true(qtest_create_quic_objects(libctx, cctx, NULL, cert,
2480 privkey, QTEST_FLAG_FAKE_TIME,
2481 &qtserv,
2482 &clientquic, NULL, NULL)))
2483 goto err;
2484
2485 if (!TEST_true(SSL_in_before(clientquic)))
2486 goto err;
2487
2488 if (!TEST_true(SSL_handle_events(clientquic)))
2489 goto err;
2490
2491 if (!TEST_true(SSL_get_event_timeout(clientquic, &tv, &inf))
2492 || !TEST_true(inf))
2493 goto err;
2494
2495 if (!TEST_false(SSL_has_pending(clientquic))
2496 || !TEST_int_eq(SSL_pending(clientquic), 0))
2497 goto err;
2498
2499 if (!TEST_true(SSL_in_before(clientquic)))
2500 goto err;
2501
2502 if (!TEST_true(qtest_create_quic_connection(qtserv, clientquic)))
2503 goto err;
2504
2505 if (!TEST_false(SSL_in_before(clientquic)))
2506 goto err;
2507
2508 testresult = 1;
2509 err:
2510 SSL_free(clientquic);
2511 SSL_CTX_free(cctx);
2512 ossl_quic_tserver_free(qtserv);
2513 return testresult;
2514 }
2515
select_alpn(SSL * ssl,const unsigned char ** out,unsigned char * out_len,const unsigned char * in,unsigned int in_len,void * arg)2516 static int select_alpn(SSL *ssl, const unsigned char **out,
2517 unsigned char *out_len, const unsigned char *in,
2518 unsigned int in_len, void *arg)
2519 {
2520 static unsigned char alpn[] = { 8, 'o', 's', 's', 'l', 't', 'e', 's', 't' };
2521
2522 if (SSL_select_next_proto((unsigned char **)out, out_len, alpn, sizeof(alpn),
2523 in, in_len)
2524 == OPENSSL_NPN_NEGOTIATED)
2525 return SSL_TLSEXT_ERR_OK;
2526 return SSL_TLSEXT_ERR_ALERT_FATAL;
2527 }
2528
create_client_ctx(void)2529 static SSL_CTX *create_client_ctx(void)
2530 {
2531 SSL_CTX *ssl_ctx;
2532
2533 if (!TEST_ptr(ssl_ctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method()))) {
2534 SSL_CTX_free(ssl_ctx);
2535 ssl_ctx = NULL;
2536 }
2537
2538 return ssl_ctx;
2539 }
2540
create_server_ctx(void)2541 static SSL_CTX *create_server_ctx(void)
2542 {
2543 SSL_CTX *ssl_ctx;
2544
2545 if (!TEST_ptr(ssl_ctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_server_method()))
2546 || !TEST_true(SSL_CTX_use_certificate_file(ssl_ctx, cert, SSL_FILETYPE_PEM))
2547 || !TEST_true(SSL_CTX_use_PrivateKey_file(ssl_ctx, privkey, SSL_FILETYPE_PEM))) {
2548 SSL_CTX_free(ssl_ctx);
2549 ssl_ctx = NULL;
2550 } else {
2551 SSL_CTX_set_alpn_select_cb(ssl_ctx, select_alpn, NULL);
2552 SSL_CTX_set_verify(ssl_ctx, SSL_VERIFY_NONE, NULL);
2553 }
2554
2555 return ssl_ctx;
2556 }
2557
create_addr(struct in_addr * ina,short int port)2558 static BIO_ADDR *create_addr(struct in_addr *ina, short int port)
2559 {
2560 BIO_ADDR *addr = NULL;
2561
2562 if (!TEST_ptr(addr = BIO_ADDR_new()))
2563 return NULL;
2564
2565 if (!TEST_true(BIO_ADDR_rawmake(addr, AF_INET, ina, sizeof(struct in_addr),
2566 htons(port)))) {
2567 BIO_ADDR_free(addr);
2568 return NULL;
2569 }
2570
2571 return addr;
2572 }
2573
bio_addr_bind(BIO * bio,BIO_ADDR * addr)2574 static int bio_addr_bind(BIO *bio, BIO_ADDR *addr)
2575 {
2576 int bio_caps = BIO_DGRAM_CAP_HANDLES_DST_ADDR | BIO_DGRAM_CAP_HANDLES_SRC_ADDR;
2577
2578 if (!TEST_true(BIO_dgram_set_caps(bio, bio_caps)))
2579 return 0;
2580
2581 if (!TEST_int_eq(BIO_dgram_set0_local_addr(bio, addr), 1))
2582 return 0;
2583
2584 return 1;
2585 }
2586
ql_create(SSL_CTX * ssl_ctx,BIO * bio)2587 static SSL *ql_create(SSL_CTX *ssl_ctx, BIO *bio)
2588 {
2589 SSL *qserver;
2590
2591 if (!TEST_ptr(qserver = SSL_new_listener(ssl_ctx, 0))) {
2592 BIO_free(bio);
2593 return NULL;
2594 }
2595
2596 SSL_set_bio(qserver, bio, bio);
2597
2598 if (!TEST_true(SSL_listen(qserver))) {
2599 SSL_free(qserver);
2600 return NULL;
2601 }
2602
2603 return qserver;
2604 }
2605
qc_init(SSL * qconn,BIO_ADDR * dst_addr)2606 static int qc_init(SSL *qconn, BIO_ADDR *dst_addr)
2607 {
2608 static unsigned char alpn[] = { 8, 'o', 's', 's', 'l', 't', 'e', 's', 't' };
2609
2610 if (!TEST_true(SSL_set1_initial_peer_addr(qconn, dst_addr)))
2611 return 0;
2612
2613 if (!TEST_false(SSL_set_alpn_protos(qconn, alpn, sizeof(alpn))))
2614 return 0;
2615
2616 return 1;
2617 }
2618
test_ssl_new_from_listener(void)2619 static int test_ssl_new_from_listener(void)
2620 {
2621 SSL_CTX *lctx = NULL, *sctx = NULL;
2622 SSL *qlistener = NULL, *qserver = NULL, *qconn = 0;
2623 int testresult = 0;
2624 int chk;
2625 BIO *lbio = NULL, *sbio = NULL;
2626 BIO_ADDR *addr = NULL;
2627 struct in_addr ina;
2628
2629 ina.s_addr = htonl(0x1f000001);
2630 if (!TEST_ptr(lctx = create_server_ctx())
2631 || !TEST_ptr(sctx = create_server_ctx())
2632 || !TEST_true(BIO_new_bio_dgram_pair(&lbio, 0, &sbio, 0)))
2633 goto err;
2634
2635 if (!TEST_ptr(addr = create_addr(&ina, 8040)))
2636 goto err;
2637
2638 if (!TEST_true(bio_addr_bind(lbio, addr)))
2639 goto err;
2640 addr = NULL;
2641
2642 if (!TEST_ptr(addr = create_addr(&ina, 4080)))
2643 goto err;
2644
2645 if (!TEST_true(bio_addr_bind(sbio, addr)))
2646 goto err;
2647 addr = NULL;
2648
2649 qlistener = ql_create(lctx, lbio);
2650 lbio = NULL;
2651 if (!TEST_ptr(qlistener))
2652 goto err;
2653
2654 qserver = ql_create(sctx, sbio);
2655 sbio = NULL;
2656 if (!TEST_ptr(qserver))
2657 goto err;
2658
2659 if (!TEST_ptr(qconn = SSL_new_from_listener(qlistener, 0)))
2660 goto err;
2661
2662 if (!TEST_ptr(addr = create_addr(&ina, 4080)))
2663 goto err;
2664
2665 chk = qc_init(qconn, addr);
2666 if (!TEST_true(chk))
2667 goto err;
2668
2669 while ((chk = SSL_do_handshake(qconn)) == -1) {
2670 SSL_handle_events(qserver);
2671 SSL_handle_events(qlistener);
2672 }
2673
2674 if (!TEST_int_gt(chk, 0)) {
2675 TEST_info("SSL_do_handshake() failed\n");
2676 goto err;
2677 }
2678
2679 testresult = 1;
2680 err:
2681 SSL_free(qconn);
2682 SSL_free(qlistener);
2683 SSL_free(qserver);
2684 BIO_free(lbio);
2685 BIO_free(sbio);
2686 SSL_CTX_free(sctx);
2687 SSL_CTX_free(lctx);
2688 BIO_ADDR_free(addr);
2689
2690 return testresult;
2691 }
2692
2693 /*
2694 * Verify that the SSL* received in the info callback after SSL_new_from_listener
2695 * is the outer QUIC connection object, not the inner TLS SSL.
2696 */
2697 static SSL *new_from_listener_info_cb_ssl = NULL;
2698
new_from_listener_info_cb(const SSL * ssl,int type,int val)2699 static void new_from_listener_info_cb(const SSL *ssl, int type, int val)
2700 {
2701 if (type == SSL_CB_HANDSHAKE_DONE)
2702 new_from_listener_info_cb_ssl = (SSL *)ssl;
2703 }
2704
test_ssl_new_from_listener_user_ssl(void)2705 static int test_ssl_new_from_listener_user_ssl(void)
2706 {
2707 SSL_CTX *lctx = NULL, *sctx = NULL;
2708 SSL *qlistener = NULL, *qserver = NULL, *qconn = NULL;
2709 BIO *lbio = NULL, *sbio = NULL;
2710 BIO_ADDR *addr = NULL;
2711 struct in_addr ina;
2712 int ret = 0, chk;
2713
2714 ina.s_addr = htonl(0x1f000001);
2715 new_from_listener_info_cb_ssl = NULL;
2716
2717 if (!TEST_ptr(lctx = create_server_ctx())
2718 || !TEST_ptr(sctx = create_server_ctx())
2719 || !TEST_true(BIO_new_bio_dgram_pair(&lbio, 0, &sbio, 0)))
2720 goto err;
2721
2722 /*
2723 * Register an info callback on the listener CTX. The inner TLS connection
2724 * created by ossl_quic_new_from_listener inherits this CTX, so when the TLS
2725 * handshake completes it invokes the callback with user_ssl. That must be
2726 * qconn (the outer QUIC object), not the inner TLS SSL object.
2727 */
2728 SSL_CTX_set_info_callback(lctx, new_from_listener_info_cb);
2729
2730 if (!TEST_ptr(addr = create_addr(&ina, 8041))
2731 || !TEST_true(bio_addr_bind(lbio, addr)))
2732 goto err;
2733 addr = NULL;
2734
2735 if (!TEST_ptr(addr = create_addr(&ina, 4081))
2736 || !TEST_true(bio_addr_bind(sbio, addr)))
2737 goto err;
2738 addr = NULL;
2739
2740 qlistener = ql_create(lctx, lbio);
2741 lbio = NULL;
2742 qserver = ql_create(sctx, sbio);
2743 sbio = NULL;
2744 if (!TEST_ptr(qlistener) || !TEST_ptr(qserver)
2745 || !TEST_ptr(qconn = SSL_new_from_listener(qlistener, 0))
2746 || !TEST_ptr(addr = create_addr(&ina, 4081))
2747 || !TEST_true(qc_init(qconn, addr)))
2748 goto err;
2749
2750 while ((chk = SSL_do_handshake(qconn)) == -1) {
2751 SSL_handle_events(qserver);
2752 SSL_handle_events(qlistener);
2753 }
2754
2755 ret = TEST_int_gt(chk, 0)
2756 && TEST_ptr(new_from_listener_info_cb_ssl)
2757 && TEST_ptr_eq(new_from_listener_info_cb_ssl, qconn);
2758
2759 err:
2760 SSL_free(qconn);
2761 SSL_free(qlistener);
2762 SSL_free(qserver);
2763 BIO_free(lbio);
2764 BIO_free(sbio);
2765 SSL_CTX_free(sctx);
2766 SSL_CTX_free(lctx);
2767 BIO_ADDR_free(addr);
2768 return ret;
2769 }
2770
test_server_method_with_ssl_new(void)2771 static int test_server_method_with_ssl_new(void)
2772 {
2773 SSL_CTX *ctx = NULL;
2774 SSL *ssl = NULL;
2775 int ret = 0;
2776 unsigned long err;
2777
2778 /* Create a new SSL_CTX using the QUIC server method */
2779 ctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_server_method());
2780 if (!TEST_ptr(ctx))
2781 goto end;
2782
2783 /* Try to create a new SSL object - this should fail */
2784 ssl = SSL_new(ctx);
2785
2786 /* Check that SSL_new() returned NULL */
2787 if (!TEST_ptr_null(ssl))
2788 goto end;
2789
2790 /* Check for the expected error */
2791 err = ERR_peek_error();
2792 if (!TEST_true(ERR_GET_LIB(err) == ERR_LIB_SSL && ERR_GET_REASON(err) == ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED))
2793 goto end;
2794
2795 ret = 1;
2796
2797 end:
2798 SSL_free(ssl);
2799 SSL_CTX_free(ctx);
2800 return ret;
2801 }
2802
create_quic_ssl_objects(SSL_CTX * sctx,SSL_CTX * cctx,SSL ** lssl,SSL ** cssl)2803 static int create_quic_ssl_objects(SSL_CTX *sctx, SSL_CTX *cctx,
2804 SSL **lssl, SSL **cssl)
2805 {
2806 BIO_ADDR *addr = NULL;
2807 struct in_addr ina;
2808 BIO *cbio = NULL, *sbio = NULL;
2809 int ret = 0;
2810
2811 *cssl = *lssl = NULL;
2812 ina.s_addr = htonl(0x1f000001);
2813
2814 if (!TEST_true(BIO_new_bio_dgram_pair(&cbio, 0, &sbio, 0)))
2815 goto err;
2816
2817 if (!TEST_ptr(addr = create_addr(&ina, 8040)))
2818 goto err;
2819
2820 if (!TEST_true(bio_addr_bind(sbio, addr)))
2821 goto err;
2822 addr = NULL;
2823
2824 *lssl = ql_create(sctx, sbio);
2825 sbio = NULL;
2826 if (!TEST_ptr(*lssl))
2827 goto err;
2828
2829 if (!TEST_ptr(*cssl = SSL_new(cctx)))
2830 goto err;
2831
2832 if (!TEST_ptr(addr = create_addr(&ina, 8040)))
2833 goto err;
2834 if (!TEST_true(bio_addr_bind(cbio, addr)))
2835 goto err;
2836
2837 if (!TEST_true(qc_init(*cssl, addr))) {
2838 addr = NULL;
2839 goto err;
2840 }
2841 addr = NULL;
2842 SSL_set_bio(*cssl, cbio, cbio);
2843 cbio = NULL;
2844
2845 ret = 1;
2846
2847 err:
2848 if (!ret) {
2849 SSL_free(*cssl);
2850 SSL_free(*lssl);
2851 *cssl = *lssl = NULL;
2852 }
2853 BIO_free(cbio);
2854 BIO_free(sbio);
2855 BIO_ADDR_free(addr);
2856
2857 return ret;
2858 }
2859
test_ssl_accept_connection(void)2860 static int test_ssl_accept_connection(void)
2861 {
2862 SSL_CTX *cctx = NULL, *sctx = NULL;
2863 SSL *clientssl = NULL, *serverssl = NULL, *qlistener = NULL;
2864 int testresult = 0;
2865 int ret, i;
2866
2867 if (!TEST_ptr(sctx = create_server_ctx())
2868 || !TEST_ptr(cctx = create_client_ctx()))
2869 goto err;
2870
2871 if (!create_quic_ssl_objects(sctx, cctx, &qlistener, &clientssl))
2872 goto err;
2873
2874 /* Calling SSL_accept() on a listener is expected to fail */
2875 ret = SSL_accept(qlistener);
2876 if (!TEST_int_le(ret, 0)
2877 || !TEST_int_eq(SSL_get_error(qlistener, ret), SSL_ERROR_SSL))
2878 goto err;
2879
2880 /* Send ClientHello and server retry */
2881 for (i = 0; i < 2; i++) {
2882 ret = SSL_connect(clientssl);
2883 if (!TEST_int_le(ret, 0)
2884 || !TEST_int_eq(SSL_get_error(clientssl, ret), SSL_ERROR_WANT_READ))
2885 goto err;
2886 SSL_handle_events(qlistener);
2887 }
2888
2889 /* We expect a server SSL object which has not yet completed its handshake */
2890 serverssl = SSL_accept_connection(qlistener, 0);
2891 if (!TEST_ptr(serverssl) || !TEST_false(SSL_is_init_finished(serverssl)))
2892 goto err;
2893
2894 /* Call SSL_accept() and SSL_connect() until we are connected */
2895 if (!TEST_true(create_bare_ssl_connection(serverssl, clientssl,
2896 SSL_ERROR_NONE, 0, 0)))
2897 goto err;
2898
2899 testresult = 1;
2900
2901 err:
2902 SSL_free(serverssl);
2903 SSL_free(clientssl);
2904 SSL_free(qlistener);
2905 SSL_CTX_free(sctx);
2906 SSL_CTX_free(cctx);
2907
2908 return testresult;
2909 }
2910
2911 static SSL *quic_verify_ssl = NULL;
2912
quic_verify_cb(int ok,X509_STORE_CTX * ctx)2913 static int quic_verify_cb(int ok, X509_STORE_CTX *ctx)
2914 {
2915 SSL *cssl = (SSL *)X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx());
2916
2917 /* Confirm we got the SSL object we were expecting */
2918 return TEST_ptr_eq(cssl, quic_verify_ssl);
2919 }
2920
test_ssl_set_verify(void)2921 static int test_ssl_set_verify(void)
2922 {
2923 SSL_CTX *cctx = NULL, *sctx = NULL;
2924 SSL *clientssl = NULL, *serverssl = NULL, *qlistener = NULL;
2925 int testresult = 0;
2926 int ret, i;
2927
2928 if (!TEST_ptr(sctx = create_server_ctx())
2929 || !TEST_ptr(cctx = create_client_ctx()))
2930 goto err;
2931
2932 if (!create_quic_ssl_objects(sctx, cctx, &qlistener, &clientssl))
2933 goto err;
2934
2935 quic_verify_ssl = clientssl;
2936 SSL_set_verify(clientssl, SSL_VERIFY_PEER, quic_verify_cb);
2937
2938 /* Send ClientHello and server retry */
2939 for (i = 0; i < 2; i++) {
2940 ret = SSL_connect(clientssl);
2941 if (!TEST_int_le(ret, 0)
2942 || !TEST_int_eq(SSL_get_error(clientssl, ret), SSL_ERROR_WANT_READ))
2943 goto err;
2944 SSL_handle_events(qlistener);
2945 }
2946
2947 /* We expect a server SSL object which has not yet completed its handshake */
2948 serverssl = SSL_accept_connection(qlistener, 0);
2949
2950 /* Call SSL_accept() and SSL_connect() until we are connected */
2951 if (!TEST_ptr(serverssl)
2952 || !TEST_true(create_bare_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE, 0, 0)))
2953 goto err;
2954
2955 testresult = 1;
2956
2957 err:
2958 SSL_free(serverssl);
2959 SSL_free(clientssl);
2960 SSL_free(qlistener);
2961 SSL_CTX_free(sctx);
2962 SSL_CTX_free(cctx);
2963
2964 return testresult;
2965 }
2966
2967 /*
2968 * When the server has a different primary group than the client, the server
2969 * should not fail on the client hello retry.
2970 */
test_client_hello_retry(void)2971 static int test_client_hello_retry(void)
2972 {
2973 #if !defined(OPENSSL_NO_EC) && !defined(OPENSSL_NO_ECX)
2974 SSL_CTX *cctx = NULL, *sctx = NULL;
2975 SSL *clientssl = NULL, *serverssl = NULL, *qlistener = NULL;
2976 int testresult = 0, i = 0, ret = 0;
2977
2978 if (!TEST_ptr(sctx = create_server_ctx())
2979 || !TEST_ptr(cctx = create_client_ctx()))
2980 goto err;
2981 /*
2982 * set the specific groups for the test
2983 */
2984 if (!TEST_true(SSL_CTX_set1_groups_list(cctx, "secp384r1:secp256r1")))
2985 goto err;
2986 if (!TEST_true(SSL_CTX_set1_groups_list(sctx, "secp256r1")))
2987 goto err;
2988
2989 if (!create_quic_ssl_objects(sctx, cctx, &qlistener, &clientssl))
2990 goto err;
2991
2992 /* Send ClientHello and server retry */
2993 for (i = 0; i < 2; i++) {
2994 ret = SSL_connect(clientssl);
2995 if (!TEST_int_le(ret, 0)
2996 || !TEST_int_eq(SSL_get_error(clientssl, ret), SSL_ERROR_WANT_READ))
2997 goto err;
2998 SSL_handle_events(qlistener);
2999 }
3000
3001 /* We expect a server SSL object which has not yet completed its handshake */
3002 serverssl = SSL_accept_connection(qlistener, 0);
3003
3004 /* Call SSL_accept() and SSL_connect() until we are connected */
3005 if (!TEST_ptr(serverssl)
3006 || !TEST_true(create_bare_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE, 0, 0)))
3007 goto err;
3008
3009 testresult = 1;
3010
3011 err:
3012 SSL_CTX_free(cctx);
3013 SSL_CTX_free(sctx);
3014 SSL_free(clientssl);
3015 SSL_free(serverssl);
3016 SSL_free(qlistener);
3017
3018 return testresult;
3019 #else
3020 return TEST_skip("EC(X) keys are not supported in this build");
3021 #endif
3022 }
3023
test_quic_resize_txe(void)3024 static int test_quic_resize_txe(void)
3025 {
3026 SSL_CTX *cctx = NULL;
3027 SSL *clientquic = NULL;
3028 QUIC_TSERVER *qtserv = NULL;
3029 QUIC_CHANNEL *ch = NULL;
3030 unsigned char msg[] = "resize test";
3031 unsigned char buf[sizeof(msg)];
3032 size_t numbytes = 0;
3033 int ret = 0;
3034
3035 if (!TEST_ptr(cctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method())))
3036 goto end;
3037
3038 if (!TEST_true(qtest_create_quic_objects(libctx, cctx, NULL,
3039 cert, privkey, 0,
3040 &qtserv, &clientquic,
3041 NULL, NULL)))
3042 goto end;
3043
3044 if (!TEST_true(qtest_create_quic_connection(qtserv, clientquic)))
3045 goto end;
3046
3047 /*
3048 * Client writes first to open stream 0 (client-initiated bidirectional).
3049 * The server must see the stream before it can write back on it.
3050 */
3051 if (!TEST_true(SSL_write_ex(clientquic, msg, sizeof(msg), &numbytes))
3052 || !TEST_size_t_eq(numbytes, sizeof(msg)))
3053 goto end;
3054
3055 ossl_quic_tserver_tick(qtserv);
3056 if (!TEST_true(ossl_quic_tserver_read(qtserv, 0, buf, sizeof(buf),
3057 &numbytes)))
3058 goto end;
3059
3060 /*
3061 * Increase the server's QTX MDPL above the initial allocation size
3062 * (QUIC_MIN_INITIAL_DGRAM_LEN = 1200). All TXEs in the free list have
3063 * alloc_len = 1200, so the next write will trigger qtx_resize_txe.
3064 */
3065 ch = ossl_quic_tserver_get_channel(qtserv);
3066 if (!TEST_true(ossl_qtx_set_mdpl(ch->qtx,
3067 QUIC_MIN_INITIAL_DGRAM_LEN + 250)))
3068 goto end;
3069
3070 /* Trigger a server write: exercises qtx_resize_txe via qtx_reserve_txe */
3071 if (!TEST_true(ossl_quic_tserver_write(qtserv, 0,
3072 msg, sizeof(msg), &numbytes))
3073 || !TEST_size_t_eq(numbytes, sizeof(msg)))
3074 goto end;
3075
3076 ossl_quic_tserver_tick(qtserv);
3077 SSL_handle_events(clientquic);
3078
3079 if (!TEST_true(SSL_read_ex(clientquic, buf, sizeof(buf), &numbytes))
3080 || !TEST_mem_eq(buf, numbytes, msg, sizeof(msg)))
3081 goto end;
3082
3083 ret = 1;
3084 end:
3085 ossl_quic_tserver_free(qtserv);
3086 SSL_free(clientquic);
3087 SSL_CTX_free(cctx);
3088 return ret;
3089 }
3090
3091 /***********************************************************************************/
3092 OPT_TEST_DECLARE_USAGE("provider config certsdir datadir\n")
3093
setup_tests(void)3094 int setup_tests(void)
3095 {
3096 char *modulename;
3097 char *configfile;
3098
3099 libctx = OSSL_LIB_CTX_new();
3100 if (!TEST_ptr(libctx))
3101 return 0;
3102
3103 defctxnull = OSSL_PROVIDER_load(NULL, "null");
3104
3105 /*
3106 * Verify that the default and fips providers in the default libctx are not
3107 * available
3108 */
3109 if (!TEST_false(OSSL_PROVIDER_available(NULL, "default"))
3110 || !TEST_false(OSSL_PROVIDER_available(NULL, "fips")))
3111 goto err;
3112
3113 if (!test_skip_common_options()) {
3114 TEST_error("Error parsing test options\n");
3115 goto err;
3116 }
3117
3118 if (!TEST_ptr(modulename = test_get_argument(0))
3119 || !TEST_ptr(configfile = test_get_argument(1))
3120 || !TEST_ptr(certsdir = test_get_argument(2))
3121 || !TEST_ptr(datadir = test_get_argument(3)))
3122 goto err;
3123
3124 if (!TEST_true(OSSL_LIB_CTX_load_config(libctx, configfile)))
3125 goto err;
3126
3127 /* Check we have the expected provider available */
3128 if (!TEST_true(OSSL_PROVIDER_available(libctx, modulename)))
3129 goto err;
3130
3131 /* Check the default provider is not available */
3132 if (strcmp(modulename, "default") != 0
3133 && !TEST_false(OSSL_PROVIDER_available(libctx, "default")))
3134 goto err;
3135
3136 if (strcmp(modulename, "fips") == 0)
3137 is_fips = 1;
3138
3139 cert = test_mk_file_path(certsdir, "servercert.pem");
3140 if (cert == NULL)
3141 goto err;
3142
3143 ccert = test_mk_file_path(certsdir, "ee-client-chain.pem");
3144 if (ccert == NULL)
3145 goto err;
3146
3147 cauthca = test_mk_file_path(certsdir, "root-cert.pem");
3148 if (cauthca == NULL)
3149 goto err;
3150
3151 privkey = test_mk_file_path(certsdir, "serverkey.pem");
3152 if (privkey == NULL)
3153 goto err;
3154
3155 cprivkey = test_mk_file_path(certsdir, "ee-key.pem");
3156 if (privkey == NULL)
3157 goto err;
3158
3159 ADD_ALL_TESTS(test_quic_write_read, 3);
3160 ADD_TEST(test_fin_only_blocking);
3161 ADD_TEST(test_ciphersuites);
3162 ADD_TEST(test_cipher_find);
3163 ADD_TEST(test_version);
3164 #if defined(DO_SSL_TRACE_TEST)
3165 ADD_TEST(test_ssl_trace);
3166 #endif
3167 ADD_TEST(test_quic_forbidden_apis_ctx);
3168 ADD_TEST(test_quic_forbidden_apis);
3169 ADD_TEST(test_quic_forbidden_options);
3170 ADD_ALL_TESTS(test_quic_set_fd, 3);
3171 ADD_TEST(test_bio_ssl);
3172 ADD_TEST(test_back_pressure);
3173 ADD_TEST(test_multiple_dgrams);
3174 ADD_ALL_TESTS(test_non_io_retry, 2);
3175 ADD_TEST(test_quic_psk);
3176 ADD_ALL_TESTS(test_client_auth, 3);
3177 ADD_ALL_TESTS(test_alpn, 2);
3178 ADD_ALL_TESTS(test_noisy_dgram, 2);
3179 ADD_TEST(test_bw_limit);
3180 ADD_TEST(test_get_shutdown);
3181 ADD_ALL_TESTS(test_tparam, OSSL_NELEM(tparam_tests));
3182 ADD_TEST(test_session_cb);
3183 ADD_TEST(test_domain_flags);
3184 ADD_TEST(test_early_ticks);
3185 ADD_TEST(test_ssl_new_from_listener);
3186 ADD_TEST(test_ssl_new_from_listener_user_ssl);
3187 #ifndef OPENSSL_NO_SSL_TRACE
3188 ADD_TEST(test_new_token);
3189 #endif
3190 ADD_TEST(test_server_method_with_ssl_new);
3191 ADD_TEST(test_ssl_accept_connection);
3192 ADD_TEST(test_ssl_set_verify);
3193 ADD_TEST(test_client_hello_retry);
3194 ADD_TEST(test_quic_resize_txe);
3195
3196 return 1;
3197 err:
3198 cleanup_tests();
3199 return 0;
3200 }
3201
cleanup_tests(void)3202 void cleanup_tests(void)
3203 {
3204 bio_f_noisy_dgram_filter_free();
3205 bio_f_pkt_split_dgram_filter_free();
3206 OPENSSL_free(cert);
3207 OPENSSL_free(privkey);
3208 OPENSSL_free(ccert);
3209 OPENSSL_free(cauthca);
3210 OPENSSL_free(cprivkey);
3211 OSSL_PROVIDER_unload(defctxnull);
3212 OSSL_LIB_CTX_free(libctx);
3213 }
3214