1 /* 2 * Copyright 2022-2025 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the Apache License 2.0 (the "License"). You may not use 5 * this file except in compliance with the License. You can obtain a copy 6 * in the file LICENSE in the source distribution or at 7 * https://www.openssl.org/source/license.html 8 */ 9 #include <openssl/ssl.h> 10 #include <openssl/quic.h> 11 #include <openssl/bio.h> 12 #include "internal/common.h" 13 #include "internal/sockets.h" 14 #include "internal/quic_tserver.h" 15 #include "internal/quic_thread_assist.h" 16 #include "internal/quic_ssl.h" 17 #include "internal/time.h" 18 #include "testutil.h" 19 20 static const char msg1[] = "The quick brown fox jumped over the lazy dogs."; 21 static char msg2[1024], msg3[1024]; 22 static OSSL_TIME fake_time; 23 static CRYPTO_RWLOCK *fake_time_lock; 24 25 static const char *certfile, *keyfile; 26 27 static int is_want(SSL *s, int ret) 28 { 29 int ec = SSL_get_error(s, ret); 30 31 return ec == SSL_ERROR_WANT_READ || ec == SSL_ERROR_WANT_WRITE; 32 } 33 34 static unsigned char scratch_buf[2048]; 35 36 static OSSL_TIME fake_now(void *arg) 37 { 38 OSSL_TIME t; 39 40 if (!CRYPTO_THREAD_read_lock(fake_time_lock)) 41 return ossl_time_zero(); 42 43 t = fake_time; 44 45 CRYPTO_THREAD_unlock(fake_time_lock); 46 return t; 47 } 48 49 static OSSL_TIME real_now(void *arg) 50 { 51 return ossl_time_now(); 52 } 53 54 static int do_test(int use_thread_assist, int use_fake_time, int use_inject) 55 { 56 int testresult = 0, ret; 57 int s_fd = -1, c_fd = -1; 58 BIO *s_net_bio = NULL, *s_net_bio_own = NULL; 59 BIO *c_net_bio = NULL, *c_net_bio_own = NULL; 60 BIO *c_pair_own = NULL, *s_pair_own = NULL; 61 QUIC_TSERVER_ARGS tserver_args = {0}; 62 QUIC_TSERVER *tserver = NULL; 63 BIO_ADDR *s_addr_ = NULL; 64 struct in_addr ina = {0}; 65 union BIO_sock_info_u s_info = {0}; 66 SSL_CTX *c_ctx = NULL; 67 SSL *c_ssl = NULL; 68 int c_connected = 0, c_write_done = 0, c_begin_read = 0, s_read_done = 0; 69 int c_wait_eos = 0, c_done_eos = 0; 70 int c_start_idle_test = 0, c_done_idle_test = 0; 71 size_t l = 0, s_total_read = 0, s_total_written = 0, c_total_read = 0; 72 size_t idle_units_done = 0; 73 int s_begin_write = 0; 74 OSSL_TIME start_time; 75 unsigned char alpn[] = { 8, 'o', 's', 's', 'l', 't', 'e', 's', 't' }; 76 size_t limit_ms = 10000; 77 78 #if defined(OPENSSL_NO_QUIC_THREAD_ASSIST) 79 if (use_thread_assist) { 80 TEST_skip("thread assisted mode not enabled"); 81 return 1; 82 } 83 #endif 84 85 ina.s_addr = htonl(0x7f000001UL); 86 87 /* Setup test server. */ 88 s_fd = BIO_socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP, 0); 89 if (!TEST_int_ge(s_fd, 0)) 90 goto err; 91 92 if (!TEST_true(BIO_socket_nbio(s_fd, 1))) 93 goto err; 94 95 if (!TEST_ptr(s_addr_ = BIO_ADDR_new())) 96 goto err; 97 98 if (!TEST_true(BIO_ADDR_rawmake(s_addr_, AF_INET, &ina, sizeof(ina), 0))) 99 goto err; 100 101 if (!TEST_true(BIO_bind(s_fd, s_addr_, 0))) 102 goto err; 103 104 s_info.addr = s_addr_; 105 if (!TEST_true(BIO_sock_info(s_fd, BIO_SOCK_INFO_ADDRESS, &s_info))) 106 goto err; 107 108 if (!TEST_int_gt(BIO_ADDR_rawport(s_addr_), 0)) 109 goto err; 110 111 if (!TEST_ptr(s_net_bio = s_net_bio_own = BIO_new_dgram(s_fd, 0))) 112 goto err; 113 114 if (!BIO_up_ref(s_net_bio)) 115 goto err; 116 117 fake_time = ossl_ms2time(1000); 118 119 tserver_args.net_rbio = s_net_bio; 120 tserver_args.net_wbio = s_net_bio; 121 tserver_args.alpn = NULL; 122 tserver_args.ctx = NULL; 123 if (use_fake_time) 124 tserver_args.now_cb = fake_now; 125 126 if (!TEST_ptr(tserver = ossl_quic_tserver_new(&tserver_args, certfile, 127 keyfile))) { 128 BIO_free(s_net_bio); 129 goto err; 130 } 131 132 s_net_bio_own = NULL; 133 134 if (use_inject) { 135 /* 136 * In inject mode we create a dgram pair to feed to the QUIC client on 137 * the read side. We don't feed anything to this, it is just a 138 * placeholder to give the client something which never returns any 139 * datagrams. 140 */ 141 if (!TEST_true(BIO_new_bio_dgram_pair(&c_pair_own, 5000, 142 &s_pair_own, 5000))) 143 goto err; 144 } 145 146 /* Setup test client. */ 147 c_fd = BIO_socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP, 0); 148 if (!TEST_int_ge(c_fd, 0)) 149 goto err; 150 151 if (!TEST_true(BIO_socket_nbio(c_fd, 1))) 152 goto err; 153 154 if (!TEST_ptr(c_net_bio = c_net_bio_own = BIO_new_dgram(c_fd, 0))) 155 goto err; 156 157 if (!BIO_dgram_set_peer(c_net_bio, s_addr_)) 158 goto err; 159 160 if (!TEST_ptr(c_ctx = SSL_CTX_new(use_thread_assist 161 ? OSSL_QUIC_client_thread_method() 162 : OSSL_QUIC_client_method()))) 163 goto err; 164 165 if (!TEST_ptr(c_ssl = SSL_new(c_ctx))) 166 goto err; 167 168 if (use_fake_time) 169 if (!TEST_true(ossl_quic_set_override_now_cb(c_ssl, fake_now, NULL))) 170 goto err; 171 172 /* 0 is a success for SSL_set_alpn_protos() */ 173 if (!TEST_false(SSL_set_alpn_protos(c_ssl, alpn, sizeof(alpn)))) 174 goto err; 175 176 /* Takes ownership of our reference to the BIO. */ 177 if (use_inject) { 178 SSL_set0_rbio(c_ssl, c_pair_own); 179 c_pair_own = NULL; 180 } else { 181 SSL_set0_rbio(c_ssl, c_net_bio); 182 183 /* Get another reference to be transferred in the SSL_set0_wbio call. */ 184 if (!TEST_true(BIO_up_ref(c_net_bio))) { 185 c_net_bio_own = NULL; /* SSL_free will free the first reference. */ 186 goto err; 187 } 188 } 189 190 SSL_set0_wbio(c_ssl, c_net_bio); 191 c_net_bio_own = NULL; 192 193 if (!TEST_true(SSL_set_blocking_mode(c_ssl, 0))) 194 goto err; 195 196 /* 197 * We use real time for the timeout not fake time. Otherwise with fake time 198 * we could hit a hang if we never increment the fake time 199 */ 200 start_time = real_now(NULL); 201 202 for (;;) { 203 if (ossl_time_compare(ossl_time_subtract(real_now(NULL), start_time), 204 ossl_ms2time(limit_ms)) >= 0) { 205 TEST_error("timeout while attempting QUIC server test"); 206 goto err; 207 } 208 209 if (!c_start_idle_test) { 210 ret = SSL_connect(c_ssl); 211 if (!TEST_true(ret == 1 || is_want(c_ssl, ret))) 212 goto err; 213 214 if (ret == 1) { 215 c_connected = 1; 216 } else { 217 /* 218 * keep timer ticking to keep handshake running. 219 * The timer is important for calculation of ping deadline. 220 * If things stall for whatever reason we at least send 221 * ACK eliciting ping to let peer know we are here ready 222 * to hear back. 223 */ 224 if (!TEST_true(CRYPTO_THREAD_write_lock(fake_time_lock))) 225 goto err; 226 fake_time = ossl_time_add(fake_time, ossl_ms2time(100)); 227 CRYPTO_THREAD_unlock(fake_time_lock); 228 } 229 } 230 231 if (c_connected && !c_write_done) { 232 if (!TEST_int_eq(SSL_write(c_ssl, msg1, sizeof(msg1) - 1), 233 (int)sizeof(msg1) - 1)) 234 goto err; 235 236 if (!TEST_true(SSL_stream_conclude(c_ssl, 0))) 237 goto err; 238 239 c_write_done = 1; 240 } 241 242 if (c_connected && c_write_done && !s_read_done) { 243 if (!ossl_quic_tserver_read(tserver, 0, 244 (unsigned char *)msg2 + s_total_read, 245 sizeof(msg2) - s_total_read, &l)) { 246 if (!TEST_true(ossl_quic_tserver_has_read_ended(tserver, 0))) 247 goto err; 248 249 if (!TEST_mem_eq(msg1, sizeof(msg1) - 1, msg2, s_total_read)) 250 goto err; 251 252 s_begin_write = 1; 253 s_read_done = 1; 254 } else { 255 s_total_read += l; 256 if (!TEST_size_t_le(s_total_read, sizeof(msg1) - 1)) 257 goto err; 258 } 259 } 260 261 if (s_begin_write && s_total_written < sizeof(msg1) - 1) { 262 if (!TEST_true(ossl_quic_tserver_write(tserver, 0, 263 (unsigned char *)msg2 + s_total_written, 264 sizeof(msg1) - 1 - s_total_written, &l))) 265 goto err; 266 267 s_total_written += l; 268 269 if (s_total_written == sizeof(msg1) - 1) { 270 ossl_quic_tserver_conclude(tserver, 0); 271 c_begin_read = 1; 272 } 273 } 274 275 if (c_begin_read && c_total_read < sizeof(msg1) - 1) { 276 ret = SSL_read_ex(c_ssl, msg3 + c_total_read, 277 sizeof(msg1) - 1 - c_total_read, &l); 278 if (!TEST_true(ret == 1 || is_want(c_ssl, ret))) 279 goto err; 280 281 c_total_read += l; 282 283 if (c_total_read == sizeof(msg1) - 1) { 284 if (!TEST_mem_eq(msg1, sizeof(msg1) - 1, 285 msg3, c_total_read)) 286 goto err; 287 288 c_wait_eos = 1; 289 } 290 } 291 292 if (c_wait_eos && !c_done_eos) { 293 unsigned char c; 294 295 ret = SSL_read_ex(c_ssl, &c, sizeof(c), &l); 296 if (!TEST_false(ret)) 297 goto err; 298 299 /* 300 * Allow the implementation to take as long as it wants to finally 301 * notice EOS. Account for varied timings in OS networking stacks. 302 */ 303 if (SSL_get_error(c_ssl, ret) != SSL_ERROR_WANT_READ) { 304 if (!TEST_int_eq(SSL_get_error(c_ssl, ret), 305 SSL_ERROR_ZERO_RETURN)) 306 goto err; 307 308 c_done_eos = 1; 309 if (use_thread_assist && use_fake_time) { 310 if (!TEST_true(ossl_quic_tserver_is_connected(tserver))) 311 goto err; 312 c_start_idle_test = 1; 313 limit_ms = 120000; /* extend time limit */ 314 } else { 315 /* DONE */ 316 break; 317 } 318 } 319 } 320 321 if (c_start_idle_test && !c_done_idle_test) { 322 /* This is more than our default idle timeout of 30s. */ 323 if (idle_units_done < 600) { 324 struct timeval tv; 325 int isinf; 326 327 if (!TEST_true(CRYPTO_THREAD_write_lock(fake_time_lock))) 328 goto err; 329 fake_time = ossl_time_add(fake_time, ossl_ms2time(100)); 330 CRYPTO_THREAD_unlock(fake_time_lock); 331 332 ++idle_units_done; 333 ossl_quic_conn_force_assist_thread_wake(c_ssl); 334 335 /* 336 * If the event timeout has expired then give the assistance 337 * thread a chance to catch up 338 */ 339 if (!TEST_true(SSL_get_event_timeout(c_ssl, &tv, &isinf))) 340 goto err; 341 if (!isinf && ossl_time_compare(ossl_time_zero(), 342 ossl_time_from_timeval(tv)) >= 0) 343 OSSL_sleep(100); /* Ensure CPU scheduling for test purposes */ 344 } else { 345 c_done_idle_test = 1; 346 } 347 } 348 349 if (c_done_idle_test) { 350 /* 351 * If we have finished the fake idling duration, the connection 352 * should still be healthy in TA mode. 353 */ 354 if (!TEST_true(ossl_quic_tserver_is_connected(tserver))) 355 goto err; 356 357 /* DONE */ 358 break; 359 } 360 361 /* 362 * This is inefficient because we spin until things work without 363 * blocking but this is just a test. 364 */ 365 if (!c_start_idle_test || c_done_idle_test) { 366 /* Inhibit manual ticking during idle test to test TA mode. */ 367 SSL_handle_events(c_ssl); 368 } 369 370 ossl_quic_tserver_tick(tserver); 371 372 if (use_inject) { 373 BIO_MSG rmsg = {0}; 374 size_t msgs_processed = 0; 375 376 for (;;) { 377 /* 378 * Manually spoonfeed received datagrams from the real BIO_dgram 379 * into QUIC via the injection interface, thereby testing the 380 * injection interface. 381 */ 382 rmsg.data = scratch_buf; 383 rmsg.data_len = sizeof(scratch_buf); 384 385 if (!BIO_recvmmsg(c_net_bio, &rmsg, sizeof(rmsg), 1, 0, &msgs_processed) 386 || msgs_processed == 0 || rmsg.data_len == 0) 387 break; 388 389 if (!TEST_true(SSL_inject_net_dgram(c_ssl, rmsg.data, rmsg.data_len, 390 NULL, NULL))) 391 goto err; 392 } 393 } 394 } 395 396 testresult = 1; 397 err: 398 SSL_free(c_ssl); 399 SSL_CTX_free(c_ctx); 400 ossl_quic_tserver_free(tserver); 401 BIO_ADDR_free(s_addr_); 402 BIO_free(s_net_bio_own); 403 BIO_free(c_net_bio_own); 404 BIO_free(c_pair_own); 405 BIO_free(s_pair_own); 406 if (s_fd >= 0) 407 BIO_closesocket(s_fd); 408 if (c_fd >= 0) 409 BIO_closesocket(c_fd); 410 return testresult; 411 } 412 413 static int test_tserver(int idx) 414 { 415 int thread_assisted, use_fake_time, use_inject; 416 417 thread_assisted = idx % 2; 418 idx /= 2; 419 420 use_inject = idx % 2; 421 idx /= 2; 422 423 use_fake_time = idx % 2; 424 425 if (use_fake_time && !thread_assisted) 426 return 1; 427 428 return do_test(thread_assisted, use_fake_time, use_inject); 429 } 430 431 OPT_TEST_DECLARE_USAGE("certfile privkeyfile\n") 432 433 int setup_tests(void) 434 { 435 if (!test_skip_common_options()) { 436 TEST_error("Error parsing test options\n"); 437 return 0; 438 } 439 440 if (!TEST_ptr(certfile = test_get_argument(0)) 441 || !TEST_ptr(keyfile = test_get_argument(1))) 442 return 0; 443 444 if ((fake_time_lock = CRYPTO_THREAD_lock_new()) == NULL) 445 return 0; 446 447 ADD_ALL_TESTS(test_tserver, 2 * 2 * 2); 448 return 1; 449 } 450