A local copy of OpenSSL from GitHub
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

1058 lines
31 KiB

  1. /*
  2. * Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License 2.0 (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. #include <string.h>
  10. #include "internal/nelem.h"
  11. #include "ssltestlib.h"
  12. #include "../testutil.h"
  13. #include "e_os.h" /* for ossl_sleep() etc. */
  14. #ifdef OPENSSL_SYS_UNIX
  15. # include <unistd.h>
  16. # ifndef OPENSSL_NO_KTLS
  17. # include <netinet/in.h>
  18. # include <netinet/in.h>
  19. # include <arpa/inet.h>
  20. # include <sys/socket.h>
  21. # include <unistd.h>
  22. # include <fcntl.h>
  23. # endif
  24. #endif
  25. static int tls_dump_new(BIO *bi);
  26. static int tls_dump_free(BIO *a);
  27. static int tls_dump_read(BIO *b, char *out, int outl);
  28. static int tls_dump_write(BIO *b, const char *in, int inl);
  29. static long tls_dump_ctrl(BIO *b, int cmd, long num, void *ptr);
  30. static int tls_dump_gets(BIO *bp, char *buf, int size);
  31. static int tls_dump_puts(BIO *bp, const char *str);
  32. /* Choose a sufficiently large type likely to be unused for this custom BIO */
  33. #define BIO_TYPE_TLS_DUMP_FILTER (0x80 | BIO_TYPE_FILTER)
  34. #define BIO_TYPE_MEMPACKET_TEST 0x81
  35. #define BIO_TYPE_ALWAYS_RETRY 0x82
  36. static BIO_METHOD *method_tls_dump = NULL;
  37. static BIO_METHOD *meth_mem = NULL;
  38. static BIO_METHOD *meth_always_retry = NULL;
  39. /* Note: Not thread safe! */
  40. const BIO_METHOD *bio_f_tls_dump_filter(void)
  41. {
  42. if (method_tls_dump == NULL) {
  43. method_tls_dump = BIO_meth_new(BIO_TYPE_TLS_DUMP_FILTER,
  44. "TLS dump filter");
  45. if ( method_tls_dump == NULL
  46. || !BIO_meth_set_write(method_tls_dump, tls_dump_write)
  47. || !BIO_meth_set_read(method_tls_dump, tls_dump_read)
  48. || !BIO_meth_set_puts(method_tls_dump, tls_dump_puts)
  49. || !BIO_meth_set_gets(method_tls_dump, tls_dump_gets)
  50. || !BIO_meth_set_ctrl(method_tls_dump, tls_dump_ctrl)
  51. || !BIO_meth_set_create(method_tls_dump, tls_dump_new)
  52. || !BIO_meth_set_destroy(method_tls_dump, tls_dump_free))
  53. return NULL;
  54. }
  55. return method_tls_dump;
  56. }
  57. void bio_f_tls_dump_filter_free(void)
  58. {
  59. BIO_meth_free(method_tls_dump);
  60. }
  61. static int tls_dump_new(BIO *bio)
  62. {
  63. BIO_set_init(bio, 1);
  64. return 1;
  65. }
  66. static int tls_dump_free(BIO *bio)
  67. {
  68. BIO_set_init(bio, 0);
  69. return 1;
  70. }
  71. static void copy_flags(BIO *bio)
  72. {
  73. int flags;
  74. BIO *next = BIO_next(bio);
  75. flags = BIO_test_flags(next, BIO_FLAGS_SHOULD_RETRY | BIO_FLAGS_RWS);
  76. BIO_clear_flags(bio, BIO_FLAGS_SHOULD_RETRY | BIO_FLAGS_RWS);
  77. BIO_set_flags(bio, flags);
  78. }
  79. #define RECORD_CONTENT_TYPE 0
  80. #define RECORD_VERSION_HI 1
  81. #define RECORD_VERSION_LO 2
  82. #define RECORD_EPOCH_HI 3
  83. #define RECORD_EPOCH_LO 4
  84. #define RECORD_SEQUENCE_START 5
  85. #define RECORD_SEQUENCE_END 10
  86. #define RECORD_LEN_HI 11
  87. #define RECORD_LEN_LO 12
  88. #define MSG_TYPE 0
  89. #define MSG_LEN_HI 1
  90. #define MSG_LEN_MID 2
  91. #define MSG_LEN_LO 3
  92. #define MSG_SEQ_HI 4
  93. #define MSG_SEQ_LO 5
  94. #define MSG_FRAG_OFF_HI 6
  95. #define MSG_FRAG_OFF_MID 7
  96. #define MSG_FRAG_OFF_LO 8
  97. #define MSG_FRAG_LEN_HI 9
  98. #define MSG_FRAG_LEN_MID 10
  99. #define MSG_FRAG_LEN_LO 11
  100. static void dump_data(const char *data, int len)
  101. {
  102. int rem, i, content, reclen, msglen, fragoff, fraglen, epoch;
  103. unsigned char *rec;
  104. printf("---- START OF PACKET ----\n");
  105. rem = len;
  106. rec = (unsigned char *)data;
  107. while (rem > 0) {
  108. if (rem != len)
  109. printf("*\n");
  110. printf("*---- START OF RECORD ----\n");
  111. if (rem < DTLS1_RT_HEADER_LENGTH) {
  112. printf("*---- RECORD TRUNCATED ----\n");
  113. break;
  114. }
  115. content = rec[RECORD_CONTENT_TYPE];
  116. printf("** Record Content-type: %d\n", content);
  117. printf("** Record Version: %02x%02x\n",
  118. rec[RECORD_VERSION_HI], rec[RECORD_VERSION_LO]);
  119. epoch = (rec[RECORD_EPOCH_HI] << 8) | rec[RECORD_EPOCH_LO];
  120. printf("** Record Epoch: %d\n", epoch);
  121. printf("** Record Sequence: ");
  122. for (i = RECORD_SEQUENCE_START; i <= RECORD_SEQUENCE_END; i++)
  123. printf("%02x", rec[i]);
  124. reclen = (rec[RECORD_LEN_HI] << 8) | rec[RECORD_LEN_LO];
  125. printf("\n** Record Length: %d\n", reclen);
  126. /* Now look at message */
  127. rec += DTLS1_RT_HEADER_LENGTH;
  128. rem -= DTLS1_RT_HEADER_LENGTH;
  129. if (content == SSL3_RT_HANDSHAKE) {
  130. printf("**---- START OF HANDSHAKE MESSAGE FRAGMENT ----\n");
  131. if (epoch > 0) {
  132. printf("**---- HANDSHAKE MESSAGE FRAGMENT ENCRYPTED ----\n");
  133. } else if (rem < DTLS1_HM_HEADER_LENGTH
  134. || reclen < DTLS1_HM_HEADER_LENGTH) {
  135. printf("**---- HANDSHAKE MESSAGE FRAGMENT TRUNCATED ----\n");
  136. } else {
  137. printf("*** Message Type: %d\n", rec[MSG_TYPE]);
  138. msglen = (rec[MSG_LEN_HI] << 16) | (rec[MSG_LEN_MID] << 8)
  139. | rec[MSG_LEN_LO];
  140. printf("*** Message Length: %d\n", msglen);
  141. printf("*** Message sequence: %d\n",
  142. (rec[MSG_SEQ_HI] << 8) | rec[MSG_SEQ_LO]);
  143. fragoff = (rec[MSG_FRAG_OFF_HI] << 16)
  144. | (rec[MSG_FRAG_OFF_MID] << 8)
  145. | rec[MSG_FRAG_OFF_LO];
  146. printf("*** Message Fragment offset: %d\n", fragoff);
  147. fraglen = (rec[MSG_FRAG_LEN_HI] << 16)
  148. | (rec[MSG_FRAG_LEN_MID] << 8)
  149. | rec[MSG_FRAG_LEN_LO];
  150. printf("*** Message Fragment len: %d\n", fraglen);
  151. if (fragoff + fraglen > msglen)
  152. printf("***---- HANDSHAKE MESSAGE FRAGMENT INVALID ----\n");
  153. else if (reclen < fraglen)
  154. printf("**---- HANDSHAKE MESSAGE FRAGMENT TRUNCATED ----\n");
  155. else
  156. printf("**---- END OF HANDSHAKE MESSAGE FRAGMENT ----\n");
  157. }
  158. }
  159. if (rem < reclen) {
  160. printf("*---- RECORD TRUNCATED ----\n");
  161. rem = 0;
  162. } else {
  163. rec += reclen;
  164. rem -= reclen;
  165. printf("*---- END OF RECORD ----\n");
  166. }
  167. }
  168. printf("---- END OF PACKET ----\n\n");
  169. fflush(stdout);
  170. }
  171. static int tls_dump_read(BIO *bio, char *out, int outl)
  172. {
  173. int ret;
  174. BIO *next = BIO_next(bio);
  175. ret = BIO_read(next, out, outl);
  176. copy_flags(bio);
  177. if (ret > 0) {
  178. dump_data(out, ret);
  179. }
  180. return ret;
  181. }
  182. static int tls_dump_write(BIO *bio, const char *in, int inl)
  183. {
  184. int ret;
  185. BIO *next = BIO_next(bio);
  186. ret = BIO_write(next, in, inl);
  187. copy_flags(bio);
  188. return ret;
  189. }
  190. static long tls_dump_ctrl(BIO *bio, int cmd, long num, void *ptr)
  191. {
  192. long ret;
  193. BIO *next = BIO_next(bio);
  194. if (next == NULL)
  195. return 0;
  196. switch (cmd) {
  197. case BIO_CTRL_DUP:
  198. ret = 0L;
  199. break;
  200. default:
  201. ret = BIO_ctrl(next, cmd, num, ptr);
  202. break;
  203. }
  204. return ret;
  205. }
  206. static int tls_dump_gets(BIO *bio, char *buf, int size)
  207. {
  208. /* We don't support this - not needed anyway */
  209. return -1;
  210. }
  211. static int tls_dump_puts(BIO *bio, const char *str)
  212. {
  213. return tls_dump_write(bio, str, strlen(str));
  214. }
  215. struct mempacket_st {
  216. unsigned char *data;
  217. int len;
  218. unsigned int num;
  219. unsigned int type;
  220. };
  221. static void mempacket_free(MEMPACKET *pkt)
  222. {
  223. if (pkt->data != NULL)
  224. OPENSSL_free(pkt->data);
  225. OPENSSL_free(pkt);
  226. }
  227. typedef struct mempacket_test_ctx_st {
  228. STACK_OF(MEMPACKET) *pkts;
  229. unsigned int epoch;
  230. unsigned int currrec;
  231. unsigned int currpkt;
  232. unsigned int lastpkt;
  233. unsigned int injected;
  234. unsigned int noinject;
  235. unsigned int dropepoch;
  236. int droprec;
  237. int duprec;
  238. } MEMPACKET_TEST_CTX;
  239. static int mempacket_test_new(BIO *bi);
  240. static int mempacket_test_free(BIO *a);
  241. static int mempacket_test_read(BIO *b, char *out, int outl);
  242. static int mempacket_test_write(BIO *b, const char *in, int inl);
  243. static long mempacket_test_ctrl(BIO *b, int cmd, long num, void *ptr);
  244. static int mempacket_test_gets(BIO *bp, char *buf, int size);
  245. static int mempacket_test_puts(BIO *bp, const char *str);
  246. const BIO_METHOD *bio_s_mempacket_test(void)
  247. {
  248. if (meth_mem == NULL) {
  249. if (!TEST_ptr(meth_mem = BIO_meth_new(BIO_TYPE_MEMPACKET_TEST,
  250. "Mem Packet Test"))
  251. || !TEST_true(BIO_meth_set_write(meth_mem, mempacket_test_write))
  252. || !TEST_true(BIO_meth_set_read(meth_mem, mempacket_test_read))
  253. || !TEST_true(BIO_meth_set_puts(meth_mem, mempacket_test_puts))
  254. || !TEST_true(BIO_meth_set_gets(meth_mem, mempacket_test_gets))
  255. || !TEST_true(BIO_meth_set_ctrl(meth_mem, mempacket_test_ctrl))
  256. || !TEST_true(BIO_meth_set_create(meth_mem, mempacket_test_new))
  257. || !TEST_true(BIO_meth_set_destroy(meth_mem, mempacket_test_free)))
  258. return NULL;
  259. }
  260. return meth_mem;
  261. }
  262. void bio_s_mempacket_test_free(void)
  263. {
  264. BIO_meth_free(meth_mem);
  265. }
  266. static int mempacket_test_new(BIO *bio)
  267. {
  268. MEMPACKET_TEST_CTX *ctx;
  269. if (!TEST_ptr(ctx = OPENSSL_zalloc(sizeof(*ctx))))
  270. return 0;
  271. if (!TEST_ptr(ctx->pkts = sk_MEMPACKET_new_null())) {
  272. OPENSSL_free(ctx);
  273. return 0;
  274. }
  275. ctx->dropepoch = 0;
  276. ctx->droprec = -1;
  277. BIO_set_init(bio, 1);
  278. BIO_set_data(bio, ctx);
  279. return 1;
  280. }
  281. static int mempacket_test_free(BIO *bio)
  282. {
  283. MEMPACKET_TEST_CTX *ctx = BIO_get_data(bio);
  284. sk_MEMPACKET_pop_free(ctx->pkts, mempacket_free);
  285. OPENSSL_free(ctx);
  286. BIO_set_data(bio, NULL);
  287. BIO_set_init(bio, 0);
  288. return 1;
  289. }
  290. /* Record Header values */
  291. #define EPOCH_HI 3
  292. #define EPOCH_LO 4
  293. #define RECORD_SEQUENCE 10
  294. #define RECORD_LEN_HI 11
  295. #define RECORD_LEN_LO 12
  296. #define STANDARD_PACKET 0
  297. static int mempacket_test_read(BIO *bio, char *out, int outl)
  298. {
  299. MEMPACKET_TEST_CTX *ctx = BIO_get_data(bio);
  300. MEMPACKET *thispkt;
  301. unsigned char *rec;
  302. int rem;
  303. unsigned int seq, offset, len, epoch;
  304. BIO_clear_retry_flags(bio);
  305. thispkt = sk_MEMPACKET_value(ctx->pkts, 0);
  306. if (thispkt == NULL || thispkt->num != ctx->currpkt) {
  307. /* Probably run out of data */
  308. BIO_set_retry_read(bio);
  309. return -1;
  310. }
  311. (void)sk_MEMPACKET_shift(ctx->pkts);
  312. ctx->currpkt++;
  313. if (outl > thispkt->len)
  314. outl = thispkt->len;
  315. if (thispkt->type != INJECT_PACKET_IGNORE_REC_SEQ
  316. && (ctx->injected || ctx->droprec >= 0)) {
  317. /*
  318. * Overwrite the record sequence number. We strictly number them in
  319. * the order received. Since we are actually a reliable transport
  320. * we know that there won't be any re-ordering. We overwrite to deal
  321. * with any packets that have been injected
  322. */
  323. for (rem = thispkt->len, rec = thispkt->data; rem > 0; rem -= len) {
  324. if (rem < DTLS1_RT_HEADER_LENGTH)
  325. return -1;
  326. epoch = (rec[EPOCH_HI] << 8) | rec[EPOCH_LO];
  327. if (epoch != ctx->epoch) {
  328. ctx->epoch = epoch;
  329. ctx->currrec = 0;
  330. }
  331. seq = ctx->currrec;
  332. offset = 0;
  333. do {
  334. rec[RECORD_SEQUENCE - offset] = seq & 0xFF;
  335. seq >>= 8;
  336. offset++;
  337. } while (seq > 0);
  338. len = ((rec[RECORD_LEN_HI] << 8) | rec[RECORD_LEN_LO])
  339. + DTLS1_RT_HEADER_LENGTH;
  340. if (rem < (int)len)
  341. return -1;
  342. if (ctx->droprec == (int)ctx->currrec && ctx->dropepoch == epoch) {
  343. if (rem > (int)len)
  344. memmove(rec, rec + len, rem - len);
  345. outl -= len;
  346. ctx->droprec = -1;
  347. if (outl == 0)
  348. BIO_set_retry_read(bio);
  349. } else {
  350. rec += len;
  351. }
  352. ctx->currrec++;
  353. }
  354. }
  355. memcpy(out, thispkt->data, outl);
  356. mempacket_free(thispkt);
  357. return outl;
  358. }
  359. int mempacket_test_inject(BIO *bio, const char *in, int inl, int pktnum,
  360. int type)
  361. {
  362. MEMPACKET_TEST_CTX *ctx = BIO_get_data(bio);
  363. MEMPACKET *thispkt = NULL, *looppkt, *nextpkt, *allpkts[3];
  364. int i, duprec;
  365. const unsigned char *inu = (const unsigned char *)in;
  366. size_t len = ((inu[RECORD_LEN_HI] << 8) | inu[RECORD_LEN_LO])
  367. + DTLS1_RT_HEADER_LENGTH;
  368. if (ctx == NULL)
  369. return -1;
  370. if ((size_t)inl < len)
  371. return -1;
  372. if ((size_t)inl == len)
  373. duprec = 0;
  374. else
  375. duprec = ctx->duprec > 0;
  376. /* We don't support arbitrary injection when duplicating records */
  377. if (duprec && pktnum != -1)
  378. return -1;
  379. /* We only allow injection before we've started writing any data */
  380. if (pktnum >= 0) {
  381. if (ctx->noinject)
  382. return -1;
  383. ctx->injected = 1;
  384. } else {
  385. ctx->noinject = 1;
  386. }
  387. for (i = 0; i < (duprec ? 3 : 1); i++) {
  388. if (!TEST_ptr(allpkts[i] = OPENSSL_malloc(sizeof(*thispkt))))
  389. goto err;
  390. thispkt = allpkts[i];
  391. if (!TEST_ptr(thispkt->data = OPENSSL_malloc(inl)))
  392. goto err;
  393. /*
  394. * If we are duplicating the packet, we duplicate it three times. The
  395. * first two times we drop the first record if there are more than one.
  396. * In this way we know that libssl will not be able to make progress
  397. * until it receives the last packet, and hence will be forced to
  398. * buffer these records.
  399. */
  400. if (duprec && i != 2) {
  401. memcpy(thispkt->data, in + len, inl - len);
  402. thispkt->len = inl - len;
  403. } else {
  404. memcpy(thispkt->data, in, inl);
  405. thispkt->len = inl;
  406. }
  407. thispkt->num = (pktnum >= 0) ? (unsigned int)pktnum : ctx->lastpkt + i;
  408. thispkt->type = type;
  409. }
  410. for(i = 0; (looppkt = sk_MEMPACKET_value(ctx->pkts, i)) != NULL; i++) {
  411. /* Check if we found the right place to insert this packet */
  412. if (looppkt->num > thispkt->num) {
  413. if (sk_MEMPACKET_insert(ctx->pkts, thispkt, i) == 0)
  414. goto err;
  415. /* If we're doing up front injection then we're done */
  416. if (pktnum >= 0)
  417. return inl;
  418. /*
  419. * We need to do some accounting on lastpkt. We increment it first,
  420. * but it might now equal the value of injected packets, so we need
  421. * to skip over those
  422. */
  423. ctx->lastpkt++;
  424. do {
  425. i++;
  426. nextpkt = sk_MEMPACKET_value(ctx->pkts, i);
  427. if (nextpkt != NULL && nextpkt->num == ctx->lastpkt)
  428. ctx->lastpkt++;
  429. else
  430. return inl;
  431. } while(1);
  432. } else if (looppkt->num == thispkt->num) {
  433. if (!ctx->noinject) {
  434. /* We injected two packets with the same packet number! */
  435. goto err;
  436. }
  437. ctx->lastpkt++;
  438. thispkt->num++;
  439. }
  440. }
  441. /*
  442. * We didn't find any packets with a packet number equal to or greater than
  443. * this one, so we just add it onto the end
  444. */
  445. for (i = 0; i < (duprec ? 3 : 1); i++) {
  446. thispkt = allpkts[i];
  447. if (!sk_MEMPACKET_push(ctx->pkts, thispkt))
  448. goto err;
  449. if (pktnum < 0)
  450. ctx->lastpkt++;
  451. }
  452. return inl;
  453. err:
  454. for (i = 0; i < (ctx->duprec > 0 ? 3 : 1); i++)
  455. mempacket_free(allpkts[i]);
  456. return -1;
  457. }
  458. static int mempacket_test_write(BIO *bio, const char *in, int inl)
  459. {
  460. return mempacket_test_inject(bio, in, inl, -1, STANDARD_PACKET);
  461. }
  462. static long mempacket_test_ctrl(BIO *bio, int cmd, long num, void *ptr)
  463. {
  464. long ret = 1;
  465. MEMPACKET_TEST_CTX *ctx = BIO_get_data(bio);
  466. MEMPACKET *thispkt;
  467. switch (cmd) {
  468. case BIO_CTRL_EOF:
  469. ret = (long)(sk_MEMPACKET_num(ctx->pkts) == 0);
  470. break;
  471. case BIO_CTRL_GET_CLOSE:
  472. ret = BIO_get_shutdown(bio);
  473. break;
  474. case BIO_CTRL_SET_CLOSE:
  475. BIO_set_shutdown(bio, (int)num);
  476. break;
  477. case BIO_CTRL_WPENDING:
  478. ret = 0L;
  479. break;
  480. case BIO_CTRL_PENDING:
  481. thispkt = sk_MEMPACKET_value(ctx->pkts, 0);
  482. if (thispkt == NULL)
  483. ret = 0;
  484. else
  485. ret = thispkt->len;
  486. break;
  487. case BIO_CTRL_FLUSH:
  488. ret = 1;
  489. break;
  490. case MEMPACKET_CTRL_SET_DROP_EPOCH:
  491. ctx->dropepoch = (unsigned int)num;
  492. break;
  493. case MEMPACKET_CTRL_SET_DROP_REC:
  494. ctx->droprec = (int)num;
  495. break;
  496. case MEMPACKET_CTRL_GET_DROP_REC:
  497. ret = ctx->droprec;
  498. break;
  499. case MEMPACKET_CTRL_SET_DUPLICATE_REC:
  500. ctx->duprec = (int)num;
  501. break;
  502. case BIO_CTRL_RESET:
  503. case BIO_CTRL_DUP:
  504. case BIO_CTRL_PUSH:
  505. case BIO_CTRL_POP:
  506. default:
  507. ret = 0;
  508. break;
  509. }
  510. return ret;
  511. }
  512. static int mempacket_test_gets(BIO *bio, char *buf, int size)
  513. {
  514. /* We don't support this - not needed anyway */
  515. return -1;
  516. }
  517. static int mempacket_test_puts(BIO *bio, const char *str)
  518. {
  519. return mempacket_test_write(bio, str, strlen(str));
  520. }
  521. static int always_retry_new(BIO *bi);
  522. static int always_retry_free(BIO *a);
  523. static int always_retry_read(BIO *b, char *out, int outl);
  524. static int always_retry_write(BIO *b, const char *in, int inl);
  525. static long always_retry_ctrl(BIO *b, int cmd, long num, void *ptr);
  526. static int always_retry_gets(BIO *bp, char *buf, int size);
  527. static int always_retry_puts(BIO *bp, const char *str);
  528. const BIO_METHOD *bio_s_always_retry(void)
  529. {
  530. if (meth_always_retry == NULL) {
  531. if (!TEST_ptr(meth_always_retry = BIO_meth_new(BIO_TYPE_ALWAYS_RETRY,
  532. "Always Retry"))
  533. || !TEST_true(BIO_meth_set_write(meth_always_retry,
  534. always_retry_write))
  535. || !TEST_true(BIO_meth_set_read(meth_always_retry,
  536. always_retry_read))
  537. || !TEST_true(BIO_meth_set_puts(meth_always_retry,
  538. always_retry_puts))
  539. || !TEST_true(BIO_meth_set_gets(meth_always_retry,
  540. always_retry_gets))
  541. || !TEST_true(BIO_meth_set_ctrl(meth_always_retry,
  542. always_retry_ctrl))
  543. || !TEST_true(BIO_meth_set_create(meth_always_retry,
  544. always_retry_new))
  545. || !TEST_true(BIO_meth_set_destroy(meth_always_retry,
  546. always_retry_free)))
  547. return NULL;
  548. }
  549. return meth_always_retry;
  550. }
  551. void bio_s_always_retry_free(void)
  552. {
  553. BIO_meth_free(meth_always_retry);
  554. }
  555. static int always_retry_new(BIO *bio)
  556. {
  557. BIO_set_init(bio, 1);
  558. return 1;
  559. }
  560. static int always_retry_free(BIO *bio)
  561. {
  562. BIO_set_data(bio, NULL);
  563. BIO_set_init(bio, 0);
  564. return 1;
  565. }
  566. static int always_retry_read(BIO *bio, char *out, int outl)
  567. {
  568. BIO_set_retry_read(bio);
  569. return -1;
  570. }
  571. static int always_retry_write(BIO *bio, const char *in, int inl)
  572. {
  573. BIO_set_retry_write(bio);
  574. return -1;
  575. }
  576. static long always_retry_ctrl(BIO *bio, int cmd, long num, void *ptr)
  577. {
  578. long ret = 1;
  579. switch (cmd) {
  580. case BIO_CTRL_FLUSH:
  581. BIO_set_retry_write(bio);
  582. /* fall through */
  583. case BIO_CTRL_EOF:
  584. case BIO_CTRL_RESET:
  585. case BIO_CTRL_DUP:
  586. case BIO_CTRL_PUSH:
  587. case BIO_CTRL_POP:
  588. default:
  589. ret = 0;
  590. break;
  591. }
  592. return ret;
  593. }
  594. static int always_retry_gets(BIO *bio, char *buf, int size)
  595. {
  596. BIO_set_retry_read(bio);
  597. return -1;
  598. }
  599. static int always_retry_puts(BIO *bio, const char *str)
  600. {
  601. BIO_set_retry_write(bio);
  602. return -1;
  603. }
  604. int create_ssl_ctx_pair(OSSL_LIB_CTX *libctx, const SSL_METHOD *sm,
  605. const SSL_METHOD *cm, int min_proto_version,
  606. int max_proto_version, SSL_CTX **sctx, SSL_CTX **cctx,
  607. char *certfile, char *privkeyfile)
  608. {
  609. SSL_CTX *serverctx = NULL;
  610. SSL_CTX *clientctx = NULL;
  611. if (sctx != NULL) {
  612. if (*sctx != NULL)
  613. serverctx = *sctx;
  614. else if (!TEST_ptr(serverctx = SSL_CTX_new_ex(libctx, NULL, sm))
  615. || !TEST_true(SSL_CTX_set_options(serverctx,
  616. SSL_OP_ALLOW_CLIENT_RENEGOTIATION)))
  617. goto err;
  618. }
  619. if (cctx != NULL) {
  620. if (*cctx != NULL)
  621. clientctx = *cctx;
  622. else if (!TEST_ptr(clientctx = SSL_CTX_new_ex(libctx, NULL, cm)))
  623. goto err;
  624. }
  625. #if !defined(OPENSSL_NO_TLS1_3) \
  626. && defined(OPENSSL_NO_EC) \
  627. && defined(OPENSSL_NO_DH)
  628. /*
  629. * There are no usable built-in TLSv1.3 groups if ec and dh are both
  630. * disabled
  631. */
  632. if (max_proto_version == 0
  633. && (sm == TLS_server_method() || cm == TLS_client_method()))
  634. max_proto_version = TLS1_2_VERSION;
  635. #endif
  636. if (serverctx != NULL
  637. && ((min_proto_version > 0
  638. && !TEST_true(SSL_CTX_set_min_proto_version(serverctx,
  639. min_proto_version)))
  640. || (max_proto_version > 0
  641. && !TEST_true(SSL_CTX_set_max_proto_version(serverctx,
  642. max_proto_version)))))
  643. goto err;
  644. if (clientctx != NULL
  645. && ((min_proto_version > 0
  646. && !TEST_true(SSL_CTX_set_min_proto_version(clientctx,
  647. min_proto_version)))
  648. || (max_proto_version > 0
  649. && !TEST_true(SSL_CTX_set_max_proto_version(clientctx,
  650. max_proto_version)))))
  651. goto err;
  652. if (serverctx != NULL && certfile != NULL && privkeyfile != NULL) {
  653. if (!TEST_int_eq(SSL_CTX_use_certificate_file(serverctx, certfile,
  654. SSL_FILETYPE_PEM), 1)
  655. || !TEST_int_eq(SSL_CTX_use_PrivateKey_file(serverctx,
  656. privkeyfile,
  657. SSL_FILETYPE_PEM), 1)
  658. || !TEST_int_eq(SSL_CTX_check_private_key(serverctx), 1))
  659. goto err;
  660. }
  661. if (sctx != NULL)
  662. *sctx = serverctx;
  663. if (cctx != NULL)
  664. *cctx = clientctx;
  665. return 1;
  666. err:
  667. if (sctx != NULL && *sctx == NULL)
  668. SSL_CTX_free(serverctx);
  669. if (cctx != NULL && *cctx == NULL)
  670. SSL_CTX_free(clientctx);
  671. return 0;
  672. }
  673. #define MAXLOOPS 1000000
  674. #if !defined(OPENSSL_NO_KTLS) && !defined(OPENSSL_NO_SOCK)
  675. static int set_nb(int fd)
  676. {
  677. int flags;
  678. flags = fcntl(fd,F_GETFL,0);
  679. if (flags == -1)
  680. return flags;
  681. flags = fcntl(fd, F_SETFL, flags | O_NONBLOCK);
  682. return flags;
  683. }
  684. int create_test_sockets(int *cfd, int *sfd)
  685. {
  686. struct sockaddr_in sin;
  687. const char *host = "127.0.0.1";
  688. int cfd_connected = 0, ret = 0;
  689. socklen_t slen = sizeof(sin);
  690. int afd = -1;
  691. *cfd = -1;
  692. *sfd = -1;
  693. memset ((char *) &sin, 0, sizeof(sin));
  694. sin.sin_family = AF_INET;
  695. sin.sin_addr.s_addr = inet_addr(host);
  696. afd = socket(AF_INET, SOCK_STREAM, 0);
  697. if (afd < 0)
  698. return 0;
  699. if (bind(afd, (struct sockaddr*)&sin, sizeof(sin)) < 0)
  700. goto out;
  701. if (getsockname(afd, (struct sockaddr*)&sin, &slen) < 0)
  702. goto out;
  703. if (listen(afd, 1) < 0)
  704. goto out;
  705. *cfd = socket(AF_INET, SOCK_STREAM, 0);
  706. if (*cfd < 0)
  707. goto out;
  708. if (set_nb(afd) == -1)
  709. goto out;
  710. while (*sfd == -1 || !cfd_connected ) {
  711. *sfd = accept(afd, NULL, 0);
  712. if (*sfd == -1 && errno != EAGAIN)
  713. goto out;
  714. if (!cfd_connected && connect(*cfd, (struct sockaddr*)&sin, sizeof(sin)) < 0)
  715. goto out;
  716. else
  717. cfd_connected = 1;
  718. }
  719. if (set_nb(*cfd) == -1 || set_nb(*sfd) == -1)
  720. goto out;
  721. ret = 1;
  722. goto success;
  723. out:
  724. if (*cfd != -1)
  725. close(*cfd);
  726. if (*sfd != -1)
  727. close(*sfd);
  728. success:
  729. if (afd != -1)
  730. close(afd);
  731. return ret;
  732. }
  733. int create_ssl_objects2(SSL_CTX *serverctx, SSL_CTX *clientctx, SSL **sssl,
  734. SSL **cssl, int sfd, int cfd)
  735. {
  736. SSL *serverssl = NULL, *clientssl = NULL;
  737. BIO *s_to_c_bio = NULL, *c_to_s_bio = NULL;
  738. if (*sssl != NULL)
  739. serverssl = *sssl;
  740. else if (!TEST_ptr(serverssl = SSL_new(serverctx)))
  741. goto error;
  742. if (*cssl != NULL)
  743. clientssl = *cssl;
  744. else if (!TEST_ptr(clientssl = SSL_new(clientctx)))
  745. goto error;
  746. if (!TEST_ptr(s_to_c_bio = BIO_new_socket(sfd, BIO_NOCLOSE))
  747. || !TEST_ptr(c_to_s_bio = BIO_new_socket(cfd, BIO_NOCLOSE)))
  748. goto error;
  749. SSL_set_bio(clientssl, c_to_s_bio, c_to_s_bio);
  750. SSL_set_bio(serverssl, s_to_c_bio, s_to_c_bio);
  751. *sssl = serverssl;
  752. *cssl = clientssl;
  753. return 1;
  754. error:
  755. SSL_free(serverssl);
  756. SSL_free(clientssl);
  757. BIO_free(s_to_c_bio);
  758. BIO_free(c_to_s_bio);
  759. return 0;
  760. }
  761. #endif
  762. /*
  763. * NOTE: Transfers control of the BIOs - this function will free them on error
  764. */
  765. int create_ssl_objects(SSL_CTX *serverctx, SSL_CTX *clientctx, SSL **sssl,
  766. SSL **cssl, BIO *s_to_c_fbio, BIO *c_to_s_fbio)
  767. {
  768. SSL *serverssl = NULL, *clientssl = NULL;
  769. BIO *s_to_c_bio = NULL, *c_to_s_bio = NULL;
  770. if (*sssl != NULL)
  771. serverssl = *sssl;
  772. else if (!TEST_ptr(serverssl = SSL_new(serverctx)))
  773. goto error;
  774. if (*cssl != NULL)
  775. clientssl = *cssl;
  776. else if (!TEST_ptr(clientssl = SSL_new(clientctx)))
  777. goto error;
  778. if (SSL_is_dtls(clientssl)) {
  779. if (!TEST_ptr(s_to_c_bio = BIO_new(bio_s_mempacket_test()))
  780. || !TEST_ptr(c_to_s_bio = BIO_new(bio_s_mempacket_test())))
  781. goto error;
  782. } else {
  783. if (!TEST_ptr(s_to_c_bio = BIO_new(BIO_s_mem()))
  784. || !TEST_ptr(c_to_s_bio = BIO_new(BIO_s_mem())))
  785. goto error;
  786. }
  787. if (s_to_c_fbio != NULL
  788. && !TEST_ptr(s_to_c_bio = BIO_push(s_to_c_fbio, s_to_c_bio)))
  789. goto error;
  790. if (c_to_s_fbio != NULL
  791. && !TEST_ptr(c_to_s_bio = BIO_push(c_to_s_fbio, c_to_s_bio)))
  792. goto error;
  793. /* Set Non-blocking IO behaviour */
  794. BIO_set_mem_eof_return(s_to_c_bio, -1);
  795. BIO_set_mem_eof_return(c_to_s_bio, -1);
  796. /* Up ref these as we are passing them to two SSL objects */
  797. SSL_set_bio(serverssl, c_to_s_bio, s_to_c_bio);
  798. BIO_up_ref(s_to_c_bio);
  799. BIO_up_ref(c_to_s_bio);
  800. SSL_set_bio(clientssl, s_to_c_bio, c_to_s_bio);
  801. *sssl = serverssl;
  802. *cssl = clientssl;
  803. return 1;
  804. error:
  805. SSL_free(serverssl);
  806. SSL_free(clientssl);
  807. BIO_free(s_to_c_bio);
  808. BIO_free(c_to_s_bio);
  809. BIO_free(s_to_c_fbio);
  810. BIO_free(c_to_s_fbio);
  811. return 0;
  812. }
  813. /*
  814. * Create an SSL connection, but does not read any post-handshake
  815. * NewSessionTicket messages.
  816. * If |read| is set and we're using DTLS then we will attempt to SSL_read on
  817. * the connection once we've completed one half of it, to ensure any retransmits
  818. * get triggered.
  819. * We stop the connection attempt (and return a failure value) if either peer
  820. * has SSL_get_error() return the value in the |want| parameter. The connection
  821. * attempt could be restarted by a subsequent call to this function.
  822. */
  823. int create_bare_ssl_connection(SSL *serverssl, SSL *clientssl, int want,
  824. int read)
  825. {
  826. int retc = -1, rets = -1, err, abortctr = 0;
  827. int clienterr = 0, servererr = 0;
  828. int isdtls = SSL_is_dtls(serverssl);
  829. do {
  830. err = SSL_ERROR_WANT_WRITE;
  831. while (!clienterr && retc <= 0 && err == SSL_ERROR_WANT_WRITE) {
  832. retc = SSL_connect(clientssl);
  833. if (retc <= 0)
  834. err = SSL_get_error(clientssl, retc);
  835. }
  836. if (!clienterr && retc <= 0 && err != SSL_ERROR_WANT_READ) {
  837. TEST_info("SSL_connect() failed %d, %d", retc, err);
  838. if (want != SSL_ERROR_SSL)
  839. TEST_openssl_errors();
  840. clienterr = 1;
  841. }
  842. if (want != SSL_ERROR_NONE && err == want)
  843. return 0;
  844. err = SSL_ERROR_WANT_WRITE;
  845. while (!servererr && rets <= 0 && err == SSL_ERROR_WANT_WRITE) {
  846. rets = SSL_accept(serverssl);
  847. if (rets <= 0)
  848. err = SSL_get_error(serverssl, rets);
  849. }
  850. if (!servererr && rets <= 0
  851. && err != SSL_ERROR_WANT_READ
  852. && err != SSL_ERROR_WANT_X509_LOOKUP) {
  853. TEST_info("SSL_accept() failed %d, %d", rets, err);
  854. if (want != SSL_ERROR_SSL)
  855. TEST_openssl_errors();
  856. servererr = 1;
  857. }
  858. if (want != SSL_ERROR_NONE && err == want)
  859. return 0;
  860. if (clienterr && servererr)
  861. return 0;
  862. if (isdtls && read) {
  863. unsigned char buf[20];
  864. /* Trigger any retransmits that may be appropriate */
  865. if (rets > 0 && retc <= 0) {
  866. if (SSL_read(serverssl, buf, sizeof(buf)) > 0) {
  867. /* We don't expect this to succeed! */
  868. TEST_info("Unexpected SSL_read() success!");
  869. return 0;
  870. }
  871. }
  872. if (retc > 0 && rets <= 0) {
  873. if (SSL_read(clientssl, buf, sizeof(buf)) > 0) {
  874. /* We don't expect this to succeed! */
  875. TEST_info("Unexpected SSL_read() success!");
  876. return 0;
  877. }
  878. }
  879. }
  880. if (++abortctr == MAXLOOPS) {
  881. TEST_info("No progress made");
  882. return 0;
  883. }
  884. if (isdtls && abortctr <= 50 && (abortctr % 10) == 0) {
  885. /*
  886. * It looks like we're just spinning. Pause for a short period to
  887. * give the DTLS timer a chance to do something. We only do this for
  888. * the first few times to prevent hangs.
  889. */
  890. ossl_sleep(50);
  891. }
  892. } while (retc <=0 || rets <= 0);
  893. return 1;
  894. }
  895. /*
  896. * Create an SSL connection including any post handshake NewSessionTicket
  897. * messages.
  898. */
  899. int create_ssl_connection(SSL *serverssl, SSL *clientssl, int want)
  900. {
  901. int i;
  902. unsigned char buf;
  903. size_t readbytes;
  904. if (!create_bare_ssl_connection(serverssl, clientssl, want, 1))
  905. return 0;
  906. /*
  907. * We attempt to read some data on the client side which we expect to fail.
  908. * This will ensure we have received the NewSessionTicket in TLSv1.3 where
  909. * appropriate. We do this twice because there are 2 NewSessionTickets.
  910. */
  911. for (i = 0; i < 2; i++) {
  912. if (SSL_read_ex(clientssl, &buf, sizeof(buf), &readbytes) > 0) {
  913. if (!TEST_ulong_eq(readbytes, 0))
  914. return 0;
  915. } else if (!TEST_int_eq(SSL_get_error(clientssl, 0),
  916. SSL_ERROR_WANT_READ)) {
  917. return 0;
  918. }
  919. }
  920. return 1;
  921. }
  922. void shutdown_ssl_connection(SSL *serverssl, SSL *clientssl)
  923. {
  924. SSL_shutdown(clientssl);
  925. SSL_shutdown(serverssl);
  926. SSL_free(serverssl);
  927. SSL_free(clientssl);
  928. }