diff options
| author | jsing <> | 2022-07-17 14:57:05 +0000 |
|---|---|---|
| committer | jsing <> | 2022-07-17 14:57:05 +0000 |
| commit | 051cc88e1fc78696049654a4cba5a6e33648121a (patch) | |
| tree | 3d954a7642736981c5ab7a629a1fb913ae3672fd /src | |
| parent | 15b9abcea7a0ac08fca80923324c0f1a5aee21f9 (diff) | |
| download | openbsd-051cc88e1fc78696049654a4cba5a6e33648121a.tar.gz openbsd-051cc88e1fc78696049654a4cba5a6e33648121a.tar.bz2 openbsd-051cc88e1fc78696049654a4cba5a6e33648121a.zip | |
Revise regress for QUIC transport parameters TLS extension.
Diffstat (limited to 'src')
| -rw-r--r-- | src/regress/lib/libssl/tlsext/tlsexttest.c | 47 |
1 files changed, 32 insertions, 15 deletions
diff --git a/src/regress/lib/libssl/tlsext/tlsexttest.c b/src/regress/lib/libssl/tlsext/tlsexttest.c index 5362061783..1a707a8404 100644 --- a/src/regress/lib/libssl/tlsext/tlsexttest.c +++ b/src/regress/lib/libssl/tlsext/tlsexttest.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: tlsexttest.c,v 1.65 2022/07/02 16:01:56 tb Exp $ */ | 1 | /* $OpenBSD: tlsexttest.c,v 1.66 2022/07/17 14:57:05 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2017 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2017 Joel Sing <jsing@openbsd.org> |
| 4 | * Copyright (c) 2017 Doug Hogan <doug@openbsd.org> | 4 | * Copyright (c) 2017 Doug Hogan <doug@openbsd.org> |
| @@ -1904,15 +1904,14 @@ test_tlsext_sni_server(void) | |||
| 1904 | 1904 | ||
| 1905 | 1905 | ||
| 1906 | /* | 1906 | /* |
| 1907 | * QUIC transport parameters extenstion - RFC 90210 :) | 1907 | * QUIC transport parameters extension - RFC 90210 :) |
| 1908 | */ | 1908 | */ |
| 1909 | 1909 | ||
| 1910 | #define TEST_QUIC_TRANSPORT_DATA "0123456789abcdef" | 1910 | #define TEST_QUIC_TRANSPORT_DATA "0123456789abcdef" |
| 1911 | 1911 | ||
| 1912 | static unsigned char tlsext_quic_transport_data[] = { | 1912 | static unsigned char tlsext_quic_transport_data[] = { |
| 1913 | 0x00, 0x10, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, | 1913 | 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, |
| 1914 | 0x36, 0x37, 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, | 1914 | 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, |
| 1915 | 0x65, 0x66, | ||
| 1916 | }; | 1915 | }; |
| 1917 | 1916 | ||
| 1918 | static int | 1917 | static int |
| @@ -1959,12 +1958,20 @@ test_tlsext_quic_transport_parameters_client(void) | |||
| 1959 | ssl->s3->hs.our_max_tls_version = TLS1_3_VERSION; | 1958 | ssl->s3->hs.our_max_tls_version = TLS1_3_VERSION; |
| 1960 | ssl->s3->hs.negotiated_tls_version = TLS1_3_VERSION; | 1959 | ssl->s3->hs.negotiated_tls_version = TLS1_3_VERSION; |
| 1961 | 1960 | ||
| 1962 | if (!tlsext_quic_transport_parameters_client_needs(ssl, | 1961 | if (tlsext_quic_transport_parameters_client_needs(ssl, |
| 1963 | SSL_TLSEXT_MSG_CH)) { | 1962 | SSL_TLSEXT_MSG_CH)) { |
| 1964 | FAIL("client should not need QUIC\n"); | 1963 | FAIL("client should not need QUIC\n"); |
| 1965 | goto err; | 1964 | goto err; |
| 1966 | } | 1965 | } |
| 1967 | 1966 | ||
| 1967 | ssl->quic_method = ssl->method; /* XXX */ | ||
| 1968 | |||
| 1969 | if (!tlsext_quic_transport_parameters_client_needs(ssl, | ||
| 1970 | SSL_TLSEXT_MSG_CH)) { | ||
| 1971 | FAIL("client should need QUIC\n"); | ||
| 1972 | goto err; | ||
| 1973 | } | ||
| 1974 | |||
| 1968 | if (!tlsext_quic_transport_parameters_client_build(ssl, | 1975 | if (!tlsext_quic_transport_parameters_client_build(ssl, |
| 1969 | SSL_TLSEXT_MSG_CH, &cbb)) { | 1976 | SSL_TLSEXT_MSG_CH, &cbb)) { |
| 1970 | FAIL("client failed to build QUIC\n"); | 1977 | FAIL("client failed to build QUIC\n"); |
| @@ -2060,7 +2067,8 @@ test_tlsext_quic_transport_parameters_server(void) | |||
| 2060 | if ((ssl = SSL_new(ssl_ctx)) == NULL) | 2067 | if ((ssl = SSL_new(ssl_ctx)) == NULL) |
| 2061 | errx(1, "failed to create SSL"); | 2068 | errx(1, "failed to create SSL"); |
| 2062 | 2069 | ||
| 2063 | if (tlsext_quic_transport_parameters_server_needs(ssl, SSL_TLSEXT_MSG_SH)) { | 2070 | if (tlsext_quic_transport_parameters_server_needs(ssl, |
| 2071 | SSL_TLSEXT_MSG_SH)) { | ||
| 2064 | FAIL("server should not need QUIC\n"); | 2072 | FAIL("server should not need QUIC\n"); |
| 2065 | goto err; | 2073 | goto err; |
| 2066 | } | 2074 | } |
| @@ -2071,13 +2079,22 @@ test_tlsext_quic_transport_parameters_server(void) | |||
| 2071 | goto err; | 2079 | goto err; |
| 2072 | } | 2080 | } |
| 2073 | 2081 | ||
| 2074 | if (!tlsext_quic_transport_parameters_server_needs(ssl, SSL_TLSEXT_MSG_SH)) { | 2082 | if (tlsext_quic_transport_parameters_server_needs(ssl, |
| 2083 | SSL_TLSEXT_MSG_EE)) { | ||
| 2084 | FAIL("server should not need QUIC\n"); | ||
| 2085 | goto err; | ||
| 2086 | } | ||
| 2087 | |||
| 2088 | ssl->quic_method = ssl->method; /* XXX */ | ||
| 2089 | |||
| 2090 | if (!tlsext_quic_transport_parameters_server_needs(ssl, | ||
| 2091 | SSL_TLSEXT_MSG_EE)) { | ||
| 2075 | FAIL("server should need QUIC\n"); | 2092 | FAIL("server should need QUIC\n"); |
| 2076 | goto err; | 2093 | goto err; |
| 2077 | } | 2094 | } |
| 2078 | 2095 | ||
| 2079 | if (!tlsext_quic_transport_parameters_server_build(ssl, | 2096 | if (!tlsext_quic_transport_parameters_server_build(ssl, |
| 2080 | SSL_TLSEXT_MSG_SH, &cbb)) { | 2097 | SSL_TLSEXT_MSG_EE, &cbb)) { |
| 2081 | FAIL("server failed to build QUIC\n"); | 2098 | FAIL("server failed to build QUIC\n"); |
| 2082 | goto err; | 2099 | goto err; |
| 2083 | } | 2100 | } |
| @@ -2086,9 +2103,8 @@ test_tlsext_quic_transport_parameters_server(void) | |||
| 2086 | errx(1, "failed to finish CBB"); | 2103 | errx(1, "failed to finish CBB"); |
| 2087 | 2104 | ||
| 2088 | if (dlen != sizeof(tlsext_quic_transport_data)) { | 2105 | if (dlen != sizeof(tlsext_quic_transport_data)) { |
| 2089 | FAIL("got server QUIC with length %zu, " | 2106 | FAIL("got server QUIC with length %zu, want length %zu\n", |
| 2090 | "want length %zu\n", dlen, | 2107 | dlen, sizeof(tlsext_quic_transport_data)); |
| 2091 | sizeof(tlsext_quic_transport_data)); | ||
| 2092 | goto err; | 2108 | goto err; |
| 2093 | } | 2109 | } |
| 2094 | 2110 | ||
| @@ -2105,14 +2121,15 @@ test_tlsext_quic_transport_parameters_server(void) | |||
| 2105 | CBS_init(&cbs, tlsext_quic_transport_data, | 2121 | CBS_init(&cbs, tlsext_quic_transport_data, |
| 2106 | sizeof(tlsext_quic_transport_data)); | 2122 | sizeof(tlsext_quic_transport_data)); |
| 2107 | 2123 | ||
| 2124 | ssl->quic_method = NULL; | ||
| 2125 | |||
| 2108 | if (tlsext_quic_transport_parameters_client_parse(ssl, | 2126 | if (tlsext_quic_transport_parameters_client_parse(ssl, |
| 2109 | SSL_TLSEXT_MSG_SH, &cbs, &alert)) { | 2127 | SSL_TLSEXT_MSG_EE, &cbs, &alert)) { |
| 2110 | FAIL("QUIC parse should have failed!\n"); | 2128 | FAIL("QUIC parse should have failed!\n"); |
| 2111 | goto err; | 2129 | goto err; |
| 2112 | } | 2130 | } |
| 2113 | 2131 | ||
| 2114 | ssl->s3->hs.our_max_tls_version = TLS1_3_VERSION; | 2132 | ssl->quic_method = ssl->method; /* XXX */ |
| 2115 | ssl->s3->hs.negotiated_tls_version = TLS1_3_VERSION; | ||
| 2116 | 2133 | ||
| 2117 | if (!tlsext_quic_transport_parameters_client_parse(ssl, | 2134 | if (!tlsext_quic_transport_parameters_client_parse(ssl, |
| 2118 | SSL_TLSEXT_MSG_SH, &cbs, &alert)) { | 2135 | SSL_TLSEXT_MSG_SH, &cbs, &alert)) { |