summaryrefslogtreecommitdiff
path: root/src/regress/lib/libssl/dtls
diff options
context:
space:
mode:
authorcvs2svn <admin@example.com>2022-10-20 07:33:15 +0000
committercvs2svn <admin@example.com>2022-10-20 07:33:15 +0000
commit963a7b06e7d578322df5c53439ac3f52eae54095 (patch)
tree47b3068b3442e2e9768ae23e8bcf303231adf015 /src/regress/lib/libssl/dtls
parent6ef02c2707dc554983552781e5b767ae8103de15 (diff)
downloadopenbsd-tb_20221020.tar.gz
openbsd-tb_20221020.tar.bz2
openbsd-tb_20221020.zip
This commit was manufactured by cvs2git to create tag 'tb_20221020'.tb_20221020
Diffstat (limited to 'src/regress/lib/libssl/dtls')
-rw-r--r--src/regress/lib/libssl/dtls/Makefile20
-rw-r--r--src/regress/lib/libssl/dtls/dtlstest.c1071
2 files changed, 0 insertions, 1091 deletions
diff --git a/src/regress/lib/libssl/dtls/Makefile b/src/regress/lib/libssl/dtls/Makefile
deleted file mode 100644
index 438cd5c7ff..0000000000
--- a/src/regress/lib/libssl/dtls/Makefile
+++ /dev/null
@@ -1,20 +0,0 @@
1# $OpenBSD: Makefile,v 1.3 2022/01/07 09:07:00 tb Exp $
2
3PROG= dtlstest
4LDADD= ${SSL_INT} -lcrypto
5DPADD= ${LIBSSL} ${LIBCRYPTO}
6WARNINGS= Yes
7CFLAGS+= -DLIBRESSL_INTERNAL -Werror
8CFLAGS+= -I${.CURDIR}/../../../../lib/libcrypto/bio
9CFLAGS+= -I${.CURDIR}/../../../../lib/libssl
10
11REGRESS_TARGETS= \
12 regress-dtlstest
13
14regress-dtlstest: ${PROG}
15 ./dtlstest \
16 ${.CURDIR}/../../libssl/certs/server.pem \
17 ${.CURDIR}/../../libssl/certs/server.pem \
18 ${.CURDIR}/../../libssl/certs/ca.pem
19
20.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/dtls/dtlstest.c b/src/regress/lib/libssl/dtls/dtlstest.c
deleted file mode 100644
index 3819039f82..0000000000
--- a/src/regress/lib/libssl/dtls/dtlstest.c
+++ /dev/null
@@ -1,1071 +0,0 @@
1/* $OpenBSD: dtlstest.c,v 1.16 2022/10/02 16:38:23 jsing Exp $ */
2/*
3 * Copyright (c) 2020, 2021 Joel Sing <jsing@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <netinet/in.h>
19#include <sys/socket.h>
20
21#include <err.h>
22#include <limits.h>
23#include <poll.h>
24#include <unistd.h>
25
26#include <openssl/bio.h>
27#include <openssl/err.h>
28#include <openssl/ssl.h>
29
30#include "bio_local.h"
31#include "ssl_locl.h"
32
33const char *server_ca_file;
34const char *server_cert_file;
35const char *server_key_file;
36
37char dtls_cookie[32];
38
39int debug = 0;
40
41void tls12_record_layer_set_initial_epoch(struct tls12_record_layer *rl,
42 uint16_t epoch);
43
44static void
45hexdump(const unsigned char *buf, size_t len)
46{
47 size_t i;
48
49 for (i = 1; i <= len; i++)
50 fprintf(stderr, " 0x%02hhx,%s", buf[i - 1], i % 8 ? "" : "\n");
51
52 if (len % 8)
53 fprintf(stderr, "\n");
54}
55
56#define BIO_C_DELAY_COUNT 1000
57#define BIO_C_DELAY_FLUSH 1001
58#define BIO_C_DELAY_PACKET 1002
59#define BIO_C_DROP_PACKET 1003
60#define BIO_C_DROP_RANDOM 1004
61
62struct bio_packet_monkey_ctx {
63 unsigned int delay_count;
64 unsigned int delay_mask;
65 unsigned int drop_rand;
66 unsigned int drop_mask;
67 uint8_t *delayed_msg;
68 size_t delayed_msg_len;
69};
70
71static int
72bio_packet_monkey_new(BIO *bio)
73{
74 struct bio_packet_monkey_ctx *ctx;
75
76 if ((ctx = calloc(1, sizeof(*ctx))) == NULL)
77 return 0;
78
79 bio->flags = 0;
80 bio->init = 1;
81 bio->num = 0;
82 bio->ptr = ctx;
83
84 return 1;
85}
86
87static int
88bio_packet_monkey_free(BIO *bio)
89{
90 struct bio_packet_monkey_ctx *ctx;
91
92 if (bio == NULL)
93 return 1;
94
95 ctx = bio->ptr;
96 free(ctx->delayed_msg);
97 free(ctx);
98
99 return 1;
100}
101
102static int
103bio_packet_monkey_delay_flush(BIO *bio)
104{
105 struct bio_packet_monkey_ctx *ctx = bio->ptr;
106
107 if (ctx->delayed_msg == NULL)
108 return 1;
109
110 if (debug)
111 fprintf(stderr, "DEBUG: flushing delayed packet...\n");
112 if (debug > 1)
113 hexdump(ctx->delayed_msg, ctx->delayed_msg_len);
114
115 BIO_write(bio->next_bio, ctx->delayed_msg, ctx->delayed_msg_len);
116
117 free(ctx->delayed_msg);
118 ctx->delayed_msg = NULL;
119
120 return BIO_ctrl(bio->next_bio, BIO_CTRL_FLUSH, 0, NULL);
121}
122
123static long
124bio_packet_monkey_ctrl(BIO *bio, int cmd, long num, void *ptr)
125{
126 struct bio_packet_monkey_ctx *ctx;
127
128 ctx = bio->ptr;
129
130 switch (cmd) {
131 case BIO_C_DELAY_COUNT:
132 if (num < 1 || num > 31)
133 return 0;
134 ctx->delay_count = num;
135 return 1;
136
137 case BIO_C_DELAY_FLUSH:
138 return bio_packet_monkey_delay_flush(bio);
139
140 case BIO_C_DELAY_PACKET:
141 if (num < 1 || num > 31)
142 return 0;
143 ctx->delay_mask |= 1 << ((unsigned int)num - 1);
144 return 1;
145
146 case BIO_C_DROP_PACKET:
147 if (num < 1 || num > 31)
148 return 0;
149 ctx->drop_mask |= 1 << ((unsigned int)num - 1);
150 return 1;
151
152 case BIO_C_DROP_RANDOM:
153 if (num < 0 || (size_t)num > UINT_MAX)
154 return 0;
155 ctx->drop_rand = (unsigned int)num;
156 return 1;
157 }
158
159 if (bio->next_bio == NULL)
160 return 0;
161
162 return BIO_ctrl(bio->next_bio, cmd, num, ptr);
163}
164
165static int
166bio_packet_monkey_read(BIO *bio, char *out, int out_len)
167{
168 struct bio_packet_monkey_ctx *ctx = bio->ptr;
169 int ret;
170
171 if (ctx == NULL || bio->next_bio == NULL)
172 return 0;
173
174 ret = BIO_read(bio->next_bio, out, out_len);
175
176 if (ret > 0) {
177 if (debug)
178 fprintf(stderr, "DEBUG: read packet...\n");
179 if (debug > 1)
180 hexdump(out, ret);
181 }
182
183 BIO_clear_retry_flags(bio);
184 if (ret <= 0 && BIO_should_retry(bio->next_bio))
185 BIO_set_retry_read(bio);
186
187 return ret;
188}
189
190static int
191bio_packet_monkey_write(BIO *bio, const char *in, int in_len)
192{
193 struct bio_packet_monkey_ctx *ctx = bio->ptr;
194 const char *label = "writing";
195 int delay = 0, drop = 0;
196 int ret;
197
198 if (ctx == NULL || bio->next_bio == NULL)
199 return 0;
200
201 if (ctx->delayed_msg != NULL && ctx->delay_count > 0)
202 ctx->delay_count--;
203
204 if (ctx->delayed_msg != NULL && ctx->delay_count == 0) {
205 if (debug)
206 fprintf(stderr, "DEBUG: writing delayed packet...\n");
207 if (debug > 1)
208 hexdump(ctx->delayed_msg, ctx->delayed_msg_len);
209
210 ret = BIO_write(bio->next_bio, ctx->delayed_msg,
211 ctx->delayed_msg_len);
212
213 BIO_clear_retry_flags(bio);
214 if (ret <= 0 && BIO_should_retry(bio->next_bio)) {
215 BIO_set_retry_write(bio);
216 return (ret);
217 }
218
219 free(ctx->delayed_msg);
220 ctx->delayed_msg = NULL;
221 }
222
223 if (ctx->delay_mask > 0) {
224 delay = ctx->delay_mask & 1;
225 ctx->delay_mask >>= 1;
226 }
227 if (ctx->drop_rand > 0) {
228 drop = arc4random_uniform(ctx->drop_rand) == 0;
229 } else if (ctx->drop_mask > 0) {
230 drop = ctx->drop_mask & 1;
231 ctx->drop_mask >>= 1;
232 }
233
234 if (delay)
235 label = "delaying";
236 if (drop)
237 label = "dropping";
238 if (debug)
239 fprintf(stderr, "DEBUG: %s packet...\n", label);
240 if (debug > 1)
241 hexdump(in, in_len);
242
243 if (drop)
244 return in_len;
245
246 if (delay) {
247 if (ctx->delayed_msg != NULL)
248 return 0;
249 if ((ctx->delayed_msg = calloc(1, in_len)) == NULL)
250 return 0;
251 memcpy(ctx->delayed_msg, in, in_len);
252 ctx->delayed_msg_len = in_len;
253 return in_len;
254 }
255
256 ret = BIO_write(bio->next_bio, in, in_len);
257
258 BIO_clear_retry_flags(bio);
259 if (ret <= 0 && BIO_should_retry(bio->next_bio))
260 BIO_set_retry_write(bio);
261
262 return ret;
263}
264
265static int
266bio_packet_monkey_puts(BIO *bio, const char *str)
267{
268 return bio_packet_monkey_write(bio, str, strlen(str));
269}
270
271static const BIO_METHOD bio_packet_monkey = {
272 .type = BIO_TYPE_BUFFER,
273 .name = "packet monkey",
274 .bread = bio_packet_monkey_read,
275 .bwrite = bio_packet_monkey_write,
276 .bputs = bio_packet_monkey_puts,
277 .ctrl = bio_packet_monkey_ctrl,
278 .create = bio_packet_monkey_new,
279 .destroy = bio_packet_monkey_free
280};
281
282static const BIO_METHOD *
283BIO_f_packet_monkey(void)
284{
285 return &bio_packet_monkey;
286}
287
288static BIO *
289BIO_new_packet_monkey(void)
290{
291 return BIO_new(BIO_f_packet_monkey());
292}
293
294static int
295BIO_packet_monkey_delay(BIO *bio, int num, int count)
296{
297 if (!BIO_ctrl(bio, BIO_C_DELAY_COUNT, count, NULL))
298 return 0;
299
300 return BIO_ctrl(bio, BIO_C_DELAY_PACKET, num, NULL);
301}
302
303static int
304BIO_packet_monkey_delay_flush(BIO *bio)
305{
306 return BIO_ctrl(bio, BIO_C_DELAY_FLUSH, 0, NULL);
307}
308
309static int
310BIO_packet_monkey_drop(BIO *bio, int num)
311{
312 return BIO_ctrl(bio, BIO_C_DROP_PACKET, num, NULL);
313}
314
315#if 0
316static int
317BIO_packet_monkey_drop_random(BIO *bio, int num)
318{
319 return BIO_ctrl(bio, BIO_C_DROP_RANDOM, num, NULL);
320}
321#endif
322
323static int
324datagram_pair(int *client_sock, int *server_sock,
325 struct sockaddr_in *server_sin)
326{
327 struct sockaddr_in sin;
328 socklen_t sock_len;
329 int cs = -1, ss = -1;
330
331 memset(&sin, 0, sizeof(sin));
332 sin.sin_family = AF_INET;
333 sin.sin_port = 0;
334 sin.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
335
336 if ((ss = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP)) == -1)
337 err(1, "server socket");
338 if (bind(ss, (struct sockaddr *)&sin, sizeof(sin)) == -1)
339 err(1, "server bind");
340 sock_len = sizeof(sin);
341 if (getsockname(ss, (struct sockaddr *)&sin, &sock_len) == -1)
342 err(1, "server getsockname");
343
344 if ((cs = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP)) == -1)
345 err(1, "client socket");
346 if (connect(cs, (struct sockaddr *)&sin, sizeof(sin)) == -1)
347 err(1, "client connect");
348
349 *client_sock = cs;
350 *server_sock = ss;
351 memcpy(server_sin, &sin, sizeof(sin));
352
353 return 1;
354}
355
356static int
357poll_timeout(SSL *client, SSL *server)
358{
359 int client_timeout = 0, server_timeout = 0;
360 struct timeval timeout;
361
362 if (DTLSv1_get_timeout(client, &timeout))
363 client_timeout = timeout.tv_sec * 1000 + timeout.tv_usec / 1000;
364
365 if (DTLSv1_get_timeout(server, &timeout))
366 server_timeout = timeout.tv_sec * 1000 + timeout.tv_usec / 1000;
367
368 if (client_timeout <= 0)
369 return server_timeout;
370 if (client_timeout > 0 && server_timeout <= 0)
371 return client_timeout;
372 if (client_timeout < server_timeout)
373 return client_timeout;
374
375 return server_timeout;
376}
377
378static int
379dtls_cookie_generate(SSL *ssl, unsigned char *cookie,
380 unsigned int *cookie_len)
381{
382 arc4random_buf(dtls_cookie, sizeof(dtls_cookie));
383 memcpy(cookie, dtls_cookie, sizeof(dtls_cookie));
384 *cookie_len = sizeof(dtls_cookie);
385
386 return 1;
387}
388
389static int
390dtls_cookie_verify(SSL *ssl, const unsigned char *cookie,
391 unsigned int cookie_len)
392{
393 return cookie_len == sizeof(dtls_cookie) &&
394 memcmp(cookie, dtls_cookie, sizeof(dtls_cookie)) == 0;
395}
396
397static void
398dtls_info_callback(const SSL *ssl, int type, int val)
399{
400 /*
401 * Squeals ahead... remove the bbio from the info callback, so we can
402 * drop specific messages. Ideally this would be an option for the SSL.
403 */
404 if (ssl->wbio == ssl->bbio)
405 ((SSL *)ssl)->wbio = BIO_pop(ssl->wbio);
406}
407
408static SSL *
409dtls_client(int sock, struct sockaddr_in *server_sin, long mtu)
410{
411 SSL_CTX *ssl_ctx = NULL;
412 SSL *ssl = NULL;
413 BIO *bio = NULL;
414
415 if ((bio = BIO_new_dgram(sock, BIO_NOCLOSE)) == NULL)
416 errx(1, "client bio");
417 if (!BIO_socket_nbio(sock, 1))
418 errx(1, "client nbio");
419 if (!BIO_ctrl_set_connected(bio, 1, server_sin))
420 errx(1, "client set connected");
421
422 if ((ssl_ctx = SSL_CTX_new(DTLS_method())) == NULL)
423 errx(1, "client context");
424
425 if ((ssl = SSL_new(ssl_ctx)) == NULL)
426 errx(1, "client ssl");
427
428 SSL_set_bio(ssl, bio, bio);
429 bio = NULL;
430
431 if (mtu > 0) {
432 SSL_set_options(ssl, SSL_OP_NO_QUERY_MTU);
433 SSL_set_mtu(ssl, mtu);
434 }
435
436 SSL_CTX_free(ssl_ctx);
437 BIO_free(bio);
438
439 return ssl;
440}
441
442static SSL *
443dtls_server(int sock, long options, long mtu)
444{
445 SSL_CTX *ssl_ctx = NULL;
446 SSL *ssl = NULL;
447 BIO *bio = NULL;
448
449 if ((bio = BIO_new_dgram(sock, BIO_NOCLOSE)) == NULL)
450 errx(1, "server bio");
451 if (!BIO_socket_nbio(sock, 1))
452 errx(1, "server nbio");
453
454 if ((ssl_ctx = SSL_CTX_new(DTLS_method())) == NULL)
455 errx(1, "server context");
456
457 SSL_CTX_set_cookie_generate_cb(ssl_ctx, dtls_cookie_generate);
458 SSL_CTX_set_cookie_verify_cb(ssl_ctx, dtls_cookie_verify);
459 SSL_CTX_set_dh_auto(ssl_ctx, 2);
460 SSL_CTX_set_options(ssl_ctx, options);
461
462 if (SSL_CTX_use_certificate_chain_file(ssl_ctx, server_cert_file) != 1) {
463 fprintf(stderr, "FAIL: Failed to load server certificate");
464 goto failure;
465 }
466 if (SSL_CTX_use_PrivateKey_file(ssl_ctx, server_key_file,
467 SSL_FILETYPE_PEM) != 1) {
468 fprintf(stderr, "FAIL: Failed to load server private key");
469 goto failure;
470 }
471
472 if ((ssl = SSL_new(ssl_ctx)) == NULL)
473 errx(1, "server ssl");
474
475 if (SSL_use_certificate_chain_file(ssl, server_cert_file) != 1) {
476 fprintf(stderr, "FAIL: Failed to load server certificate");
477 goto failure;
478 }
479 SSL_set_bio(ssl, bio, bio);
480 bio = NULL;
481
482 if (mtu > 0) {
483 SSL_set_options(ssl, SSL_OP_NO_QUERY_MTU);
484 SSL_set_mtu(ssl, mtu);
485 }
486
487 failure:
488 SSL_CTX_free(ssl_ctx);
489 BIO_free(bio);
490
491 return ssl;
492}
493
494static int
495ssl_error(SSL *ssl, const char *name, const char *desc, int ssl_ret,
496 short *events)
497{
498 int ssl_err;
499
500 ssl_err = SSL_get_error(ssl, ssl_ret);
501
502 if (ssl_err == SSL_ERROR_WANT_READ) {
503 *events = POLLIN;
504 } else if (ssl_err == SSL_ERROR_WANT_WRITE) {
505 *events = POLLOUT;
506 } else if (ssl_err == SSL_ERROR_SYSCALL && errno == 0) {
507 /* Yup, this is apparently a thing... */
508 } else {
509 fprintf(stderr, "FAIL: %s %s failed - ssl err = %d, errno = %d\n",
510 name, desc, ssl_err, errno);
511 ERR_print_errors_fp(stderr);
512 return 0;
513 }
514
515 return 1;
516}
517
518static int
519do_connect(SSL *ssl, const char *name, int *done, short *events)
520{
521 int ssl_ret;
522
523 if ((ssl_ret = SSL_connect(ssl)) != 1)
524 return ssl_error(ssl, name, "connect", ssl_ret, events);
525
526 fprintf(stderr, "INFO: %s connect done\n", name);
527 *done = 1;
528
529 return 1;
530}
531
532static int
533do_connect_read(SSL *ssl, const char *name, int *done, short *events)
534{
535 uint8_t buf[2048];
536 int ssl_ret;
537 int i;
538
539 if ((ssl_ret = SSL_connect(ssl)) != 1)
540 return ssl_error(ssl, name, "connect", ssl_ret, events);
541
542 fprintf(stderr, "INFO: %s connect done\n", name);
543 *done = 1;
544
545 for (i = 0; i < 3; i++) {
546 fprintf(stderr, "INFO: %s reading after connect\n", name);
547 if ((ssl_ret = SSL_read(ssl, buf, sizeof(buf))) != 3) {
548 fprintf(stderr, "ERROR: %s read failed\n", name);
549 return 0;
550 }
551 }
552
553 return 1;
554}
555
556static int
557do_connect_shutdown(SSL *ssl, const char *name, int *done, short *events)
558{
559 uint8_t buf[2048];
560 int ssl_ret;
561
562 if ((ssl_ret = SSL_connect(ssl)) != 1)
563 return ssl_error(ssl, name, "connect", ssl_ret, events);
564
565 fprintf(stderr, "INFO: %s connect done\n", name);
566 *done = 1;
567
568 ssl_ret = SSL_read(ssl, buf, sizeof(buf));
569 if (SSL_get_error(ssl, ssl_ret) != SSL_ERROR_ZERO_RETURN) {
570 fprintf(stderr, "FAIL: %s did not receive close-notify\n", name);
571 return 0;
572 }
573
574 fprintf(stderr, "INFO: %s received close-notify\n", name);
575
576 return 1;
577}
578
579static int
580do_accept(SSL *ssl, const char *name, int *done, short *events)
581{
582 int ssl_ret;
583
584 if ((ssl_ret = SSL_accept(ssl)) != 1)
585 return ssl_error(ssl, name, "accept", ssl_ret, events);
586
587 fprintf(stderr, "INFO: %s accept done\n", name);
588 *done = 1;
589
590 return 1;
591}
592
593static int
594do_accept_write(SSL *ssl, const char *name, int *done, short *events)
595{
596 int ssl_ret;
597 BIO *bio;
598 int i;
599
600 if ((ssl_ret = SSL_accept(ssl)) != 1)
601 return ssl_error(ssl, name, "accept", ssl_ret, events);
602
603 fprintf(stderr, "INFO: %s accept done\n", name);
604
605 for (i = 0; i < 3; i++) {
606 fprintf(stderr, "INFO: %s writing after accept\n", name);
607 if ((ssl_ret = SSL_write(ssl, "abc", 3)) != 3) {
608 fprintf(stderr, "ERROR: %s write failed\n", name);
609 return 0;
610 }
611 }
612
613 if ((bio = SSL_get_wbio(ssl)) == NULL)
614 errx(1, "SSL has NULL bio");
615
616 /* Flush any delayed packets. */
617 BIO_packet_monkey_delay_flush(bio);
618
619 *done = 1;
620 return 1;
621}
622
623static int
624do_accept_shutdown(SSL *ssl, const char *name, int *done, short *events)
625{
626 int ssl_ret;
627 BIO *bio;
628
629 if ((ssl_ret = SSL_accept(ssl)) != 1)
630 return ssl_error(ssl, name, "accept", ssl_ret, events);
631
632 fprintf(stderr, "INFO: %s accept done\n", name);
633
634 SSL_shutdown(ssl);
635
636 if ((bio = SSL_get_wbio(ssl)) == NULL)
637 errx(1, "SSL has NULL bio");
638
639 /* Flush any delayed packets. */
640 BIO_packet_monkey_delay_flush(bio);
641
642 *done = 1;
643 return 1;
644}
645
646static int
647do_read(SSL *ssl, const char *name, int *done, short *events)
648{
649 uint8_t buf[512];
650 int ssl_ret;
651
652 if ((ssl_ret = SSL_read(ssl, buf, sizeof(buf))) > 0) {
653 fprintf(stderr, "INFO: %s read done\n", name);
654 if (debug > 1)
655 hexdump(buf, ssl_ret);
656 *done = 1;
657 return 1;
658 }
659
660 return ssl_error(ssl, name, "read", ssl_ret, events);
661}
662
663static int
664do_write(SSL *ssl, const char *name, int *done, short *events)
665{
666 const uint8_t buf[] = "Hello, World!\n";
667 int ssl_ret;
668
669 if ((ssl_ret = SSL_write(ssl, buf, sizeof(buf))) > 0) {
670 fprintf(stderr, "INFO: %s write done\n", name);
671 *done = 1;
672 return 1;
673 }
674
675 return ssl_error(ssl, name, "write", ssl_ret, events);
676}
677
678static int
679do_shutdown(SSL *ssl, const char *name, int *done, short *events)
680{
681 int ssl_ret;
682
683 ssl_ret = SSL_shutdown(ssl);
684 if (ssl_ret == 1) {
685 fprintf(stderr, "INFO: %s shutdown done\n", name);
686 *done = 1;
687 return 1;
688 }
689 return ssl_error(ssl, name, "shutdown", ssl_ret, events);
690}
691
692typedef int (ssl_func)(SSL *ssl, const char *name, int *done, short *events);
693
694static int
695do_client_server_loop(SSL *client, ssl_func *client_func, SSL *server,
696 ssl_func *server_func, struct pollfd pfd[2])
697{
698 int client_done = 0, server_done = 0;
699 int i = 0;
700
701 pfd[0].revents = POLLIN;
702 pfd[1].revents = POLLIN;
703
704 do {
705 if (!client_done) {
706 if (debug)
707 fprintf(stderr, "DEBUG: client loop\n");
708 if (DTLSv1_handle_timeout(client) > 0)
709 fprintf(stderr, "INFO: client timeout\n");
710 if (!client_func(client, "client", &client_done,
711 &pfd[0].events))
712 return 0;
713 if (client_done)
714 pfd[0].events = 0;
715 }
716 if (!server_done) {
717 if (debug)
718 fprintf(stderr, "DEBUG: server loop\n");
719 if (DTLSv1_handle_timeout(server) > 0)
720 fprintf(stderr, "INFO: server timeout\n");
721 if (!server_func(server, "server", &server_done,
722 &pfd[1].events))
723 return 0;
724 if (server_done)
725 pfd[1].events = 0;
726 }
727 if (poll(pfd, 2, poll_timeout(client, server)) == -1)
728 err(1, "poll");
729
730 } while (i++ < 100 && (!client_done || !server_done));
731
732 if (!client_done || !server_done)
733 fprintf(stderr, "FAIL: gave up\n");
734
735 return client_done && server_done;
736}
737
738#define MAX_PACKET_DELAYS 32
739#define MAX_PACKET_DROPS 32
740
741struct dtls_delay {
742 uint8_t packet;
743 uint8_t count;
744};
745
746struct dtls_test {
747 const unsigned char *desc;
748 long mtu;
749 long ssl_options;
750 int client_bbio_off;
751 int server_bbio_off;
752 uint16_t initial_epoch;
753 int write_after_accept;
754 int shutdown_after_accept;
755 struct dtls_delay client_delays[MAX_PACKET_DELAYS];
756 struct dtls_delay server_delays[MAX_PACKET_DELAYS];
757 uint8_t client_drops[MAX_PACKET_DROPS];
758 uint8_t server_drops[MAX_PACKET_DROPS];
759};
760
761static const struct dtls_test dtls_tests[] = {
762 {
763 .desc = "DTLS without cookies",
764 .ssl_options = 0,
765 },
766 {
767 .desc = "DTLS without cookies (initial epoch 0xfffe)",
768 .ssl_options = 0,
769 .initial_epoch = 0xfffe,
770 },
771 {
772 .desc = "DTLS without cookies (initial epoch 0xffff)",
773 .ssl_options = 0,
774 .initial_epoch = 0xffff,
775 },
776 {
777 .desc = "DTLS with cookies",
778 .ssl_options = SSL_OP_COOKIE_EXCHANGE,
779 },
780 {
781 .desc = "DTLS with low MTU",
782 .mtu = 256,
783 .ssl_options = 0,
784 },
785 {
786 .desc = "DTLS with low MTU and cookies",
787 .mtu = 256,
788 .ssl_options = SSL_OP_COOKIE_EXCHANGE,
789 },
790 {
791 .desc = "DTLS with dropped server response",
792 .ssl_options = 0,
793 .server_drops = { 1 },
794 },
795 {
796 .desc = "DTLS with two dropped server responses",
797 .ssl_options = 0,
798 .server_drops = { 1, 2 },
799 },
800 {
801 .desc = "DTLS with dropped ServerHello",
802 .ssl_options = SSL_OP_NO_TICKET,
803 .server_bbio_off = 1,
804 .server_drops = { 1 },
805 },
806 {
807 .desc = "DTLS with dropped server Certificate",
808 .ssl_options = SSL_OP_NO_TICKET,
809 .server_bbio_off = 1,
810 .server_drops = { 2 },
811 },
812 {
813 .desc = "DTLS with dropped ServerKeyExchange",
814 .ssl_options = SSL_OP_NO_TICKET,
815 .server_bbio_off = 1,
816 .server_drops = { 3 },
817 },
818 {
819 .desc = "DTLS with dropped ServerHelloDone",
820 .ssl_options = SSL_OP_NO_TICKET,
821 .server_bbio_off = 1,
822 .server_drops = { 4 },
823 },
824#if 0
825 /*
826 * These two result in the server accept completing and the
827 * client looping on a timeout. Presumably the server should not
828 * complete until the client Finished is received... this due to
829 * a flaw in the DTLSv1.0 specification, which is addressed in
830 * DTLSv1.2 (see references to "last flight" in RFC 6347 section
831 * 4.2.4). Our DTLS server code still needs to support this.
832 */
833 {
834 .desc = "DTLS with dropped server CCS",
835 .ssl_options = 0,
836 .server_bbio_off = 1,
837 .server_drops = { 5 },
838 },
839 {
840 .desc = "DTLS with dropped server Finished",
841 .ssl_options = 0,
842 .server_bbio_off = 1,
843 .server_drops = { 6 },
844 },
845#endif
846 {
847 .desc = "DTLS with dropped ClientKeyExchange",
848 .ssl_options = 0,
849 .client_bbio_off = 1,
850 .client_drops = { 2 },
851 },
852 {
853 .desc = "DTLS with dropped client CCS",
854 .ssl_options = 0,
855 .client_bbio_off = 1,
856 .client_drops = { 3 },
857 },
858 {
859 .desc = "DTLS with dropped client Finished",
860 .ssl_options = 0,
861 .client_bbio_off = 1,
862 .client_drops = { 4 },
863 },
864 {
865 /* Send CCS after client Finished. */
866 .desc = "DTLS with delayed client CCS",
867 .ssl_options = 0,
868 .client_bbio_off = 1,
869 .client_delays = { { 3, 2 } },
870 },
871 {
872 /*
873 * Send CCS after server Finished - note app data will be
874 * dropped if we send the CCS after app data.
875 */
876 .desc = "DTLS with delayed server CCS",
877 .ssl_options = SSL_OP_NO_TICKET,
878 .server_bbio_off = 1,
879 .server_delays = { { 5, 2 } },
880 .write_after_accept = 1,
881 },
882 {
883 .desc = "DTLS with delayed server CCS (initial epoch 0xfffe)",
884 .ssl_options = SSL_OP_NO_TICKET,
885 .server_bbio_off = 1,
886 .initial_epoch = 0xfffe,
887 .server_delays = { { 5, 2 } },
888 .write_after_accept = 1,
889 },
890 {
891 .desc = "DTLS with delayed server CCS (initial epoch 0xffff)",
892 .ssl_options = SSL_OP_NO_TICKET,
893 .server_bbio_off = 1,
894 .initial_epoch = 0xffff,
895 .server_delays = { { 5, 2 } },
896 .write_after_accept = 1,
897 },
898 {
899 /* Send Finished after app data - this is currently buffered. */
900 .desc = "DTLS with delayed server Finished",
901 .ssl_options = SSL_OP_NO_TICKET,
902 .server_bbio_off = 1,
903 .server_delays = { { 6, 3 } },
904 .write_after_accept = 1,
905 },
906 {
907 /* Send CCS after server finished and close-notify. */
908 .desc = "DTLS with delayed server CCS (close-notify)",
909 .ssl_options = SSL_OP_NO_TICKET,
910 .server_bbio_off = 1,
911 .server_delays = { { 5, 3 } },
912 .shutdown_after_accept = 1,
913 },
914};
915
916#define N_DTLS_TESTS (sizeof(dtls_tests) / sizeof(*dtls_tests))
917
918static void
919dtlstest_packet_monkey(SSL *ssl, const struct dtls_delay delays[],
920 const uint8_t drops[])
921{
922 BIO *bio_monkey;
923 BIO *bio;
924 int i;
925
926 if ((bio_monkey = BIO_new_packet_monkey()) == NULL)
927 errx(1, "packet monkey");
928
929 for (i = 0; i < MAX_PACKET_DELAYS; i++) {
930 if (delays[i].packet == 0)
931 break;
932 if (!BIO_packet_monkey_delay(bio_monkey, delays[i].packet,
933 delays[i].count))
934 errx(1, "delay failure");
935 }
936
937 for (i = 0; i < MAX_PACKET_DROPS; i++) {
938 if (drops[i] == 0)
939 break;
940 if (!BIO_packet_monkey_drop(bio_monkey, drops[i]))
941 errx(1, "drop failure");
942 }
943
944 if ((bio = SSL_get_wbio(ssl)) == NULL)
945 errx(1, "SSL has NULL bio");
946
947 BIO_up_ref(bio);
948 bio = BIO_push(bio_monkey, bio);
949
950 SSL_set_bio(ssl, bio, bio);
951}
952
953static int
954dtlstest(const struct dtls_test *dt)
955{
956 SSL *client = NULL, *server = NULL;
957 ssl_func *connect_func, *accept_func;
958 struct sockaddr_in server_sin;
959 struct pollfd pfd[2];
960 int client_sock = -1;
961 int server_sock = -1;
962 int failed = 1;
963
964 fprintf(stderr, "\n== Testing %s... ==\n", dt->desc);
965
966 if (!datagram_pair(&client_sock, &server_sock, &server_sin))
967 goto failure;
968
969 if ((client = dtls_client(client_sock, &server_sin, dt->mtu)) == NULL)
970 goto failure;
971
972 if ((server = dtls_server(server_sock, dt->ssl_options, dt->mtu)) == NULL)
973 goto failure;
974
975 tls12_record_layer_set_initial_epoch(client->rl, dt->initial_epoch);
976 tls12_record_layer_set_initial_epoch(server->rl, dt->initial_epoch);
977
978 if (dt->client_bbio_off)
979 SSL_set_info_callback(client, dtls_info_callback);
980 if (dt->server_bbio_off)
981 SSL_set_info_callback(server, dtls_info_callback);
982
983 dtlstest_packet_monkey(client, dt->client_delays, dt->client_drops);
984 dtlstest_packet_monkey(server, dt->server_delays, dt->server_drops);
985
986 pfd[0].fd = client_sock;
987 pfd[0].events = POLLOUT;
988 pfd[1].fd = server_sock;
989 pfd[1].events = POLLIN;
990
991 accept_func = do_accept;
992 connect_func = do_connect;
993
994 if (dt->write_after_accept) {
995 accept_func = do_accept_write;
996 connect_func = do_connect_read;
997 } else if (dt->shutdown_after_accept) {
998 accept_func = do_accept_shutdown;
999 connect_func = do_connect_shutdown;
1000 }
1001
1002 if (!do_client_server_loop(client, connect_func, server, accept_func, pfd)) {
1003 fprintf(stderr, "FAIL: client and server handshake failed\n");
1004 goto failure;
1005 }
1006
1007 if (dt->write_after_accept || dt->shutdown_after_accept)
1008 goto done;
1009
1010 pfd[0].events = POLLIN;
1011 pfd[1].events = POLLOUT;
1012
1013 if (!do_client_server_loop(client, do_read, server, do_write, pfd)) {
1014 fprintf(stderr, "FAIL: client read and server write I/O failed\n");
1015 goto failure;
1016 }
1017
1018 pfd[0].events = POLLOUT;
1019 pfd[1].events = POLLIN;
1020
1021 if (!do_client_server_loop(client, do_write, server, do_read, pfd)) {
1022 fprintf(stderr, "FAIL: client write and server read I/O failed\n");
1023 goto failure;
1024 }
1025
1026 pfd[0].events = POLLOUT;
1027 pfd[1].events = POLLOUT;
1028
1029 if (!do_client_server_loop(client, do_shutdown, server, do_shutdown, pfd)) {
1030 fprintf(stderr, "FAIL: client and server shutdown failed\n");
1031 goto failure;
1032 }
1033
1034 done:
1035 fprintf(stderr, "INFO: Done!\n");
1036
1037 failed = 0;
1038
1039 failure:
1040 if (client_sock != -1)
1041 close(client_sock);
1042 if (server_sock != -1)
1043 close(server_sock);
1044
1045 SSL_free(client);
1046 SSL_free(server);
1047
1048 return failed;
1049}
1050
1051int
1052main(int argc, char **argv)
1053{
1054 int failed = 0;
1055 size_t i;
1056
1057 if (argc != 4) {
1058 fprintf(stderr, "usage: %s keyfile certfile cafile\n",
1059 argv[0]);
1060 exit(1);
1061 }
1062
1063 server_key_file = argv[1];
1064 server_cert_file = argv[2];
1065 server_ca_file = argv[3];
1066
1067 for (i = 0; i < N_DTLS_TESTS; i++)
1068 failed |= dtlstest(&dtls_tests[i]);
1069
1070 return failed;
1071}
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-12-26 22:31:00 +0000