summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/regress/lib/libssl/tlsext/tlsexttest.c150
1 files changed, 42 insertions, 108 deletions
diff --git a/src/regress/lib/libssl/tlsext/tlsexttest.c b/src/regress/lib/libssl/tlsext/tlsexttest.c
index 6c544cf6ae..3888cb7ded 100644
--- a/src/regress/lib/libssl/tlsext/tlsexttest.c
+++ b/src/regress/lib/libssl/tlsext/tlsexttest.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: tlsexttest.c,v 1.84 2024/03/25 04:06:41 jsing Exp $ */ 1/* $OpenBSD: tlsexttest.c,v 1.85 2024/03/25 10:19:14 jsing Exp $ */
2/* 2/*
3 * Copyright (c) 2017 Joel Sing <jsing@openbsd.org> 3 * Copyright (c) 2017 Joel Sing <jsing@openbsd.org>
4 * Copyright (c) 2017 Doug Hogan <doug@openbsd.org> 4 * Copyright (c) 2017 Doug Hogan <doug@openbsd.org>
@@ -27,17 +27,10 @@
27#include "bytestring.h" 27#include "bytestring.h"
28#include "ssl_tlsext.h" 28#include "ssl_tlsext.h"
29 29
30struct tlsext_data {
31 CBS alpn;
32};
33
34struct tls_extension_funcs { 30struct tls_extension_funcs {
35 int (*needs)(SSL *s, uint16_t msg_type); 31 int (*needs)(SSL *s, uint16_t msg_type);
36 int (*build)(SSL *s, uint16_t msg_type, CBB *cbb); 32 int (*build)(SSL *s, uint16_t msg_type, CBB *cbb);
37 int (*parse)(SSL *s, struct tlsext_data *td, uint16_t msg_type, 33 int (*process)(SSL *s, uint16_t msg_type, CBS *cbs, int *alert);
38 CBS *cbs, int *alert);
39 int (*process)(SSL *s, struct tlsext_data *td, uint16_t msg_type,
40 int *alert);
41}; 34};
42 35
43uint16_t tls_extension_type(const struct tls_extension *); 36uint16_t tls_extension_type(const struct tls_extension *);
@@ -65,25 +58,6 @@ tls_extension_funcs(int type, const struct tls_extension_funcs **client_funcs,
65 return 1; 58 return 1;
66} 59}
67 60
68static int
69tls_extension_parse(const struct tls_extension_funcs *tlsext_funcs, SSL *ssl,
70 uint16_t msg_type, CBS *cbs, int *alert)
71{
72 struct tlsext_data td;
73
74 memset(&td, 0, sizeof(td));
75
76 if (!tlsext_funcs->parse(ssl, &td, msg_type, cbs, alert))
77 return 0;
78
79 if (tlsext_funcs->process != NULL) {
80 if (!tlsext_funcs->process(ssl, &td, msg_type, alert))
81 return 0;
82 }
83
84 return 1;
85}
86
87static void 61static void
88hexdump(const unsigned char *buf, size_t len) 62hexdump(const unsigned char *buf, size_t len)
89{ 63{
@@ -264,8 +238,7 @@ test_tlsext_alpn_client(void)
264 238
265 CBS_init(&cbs, tlsext_alpn_single_proto, 239 CBS_init(&cbs, tlsext_alpn_single_proto,
266 sizeof(tlsext_alpn_single_proto)); 240 sizeof(tlsext_alpn_single_proto));
267 if (!tls_extension_parse(server_funcs, ssl, SSL_TLSEXT_MSG_CH, 241 if (!server_funcs->process(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
268 &cbs, &alert)) {
269 FAIL("failed to parse ALPN\n"); 242 FAIL("failed to parse ALPN\n");
270 goto err; 243 goto err;
271 } 244 }
@@ -332,8 +305,7 @@ test_tlsext_alpn_client(void)
332 305
333 CBS_init(&cbs, tlsext_alpn_multiple_protos, 306 CBS_init(&cbs, tlsext_alpn_multiple_protos,
334 sizeof(tlsext_alpn_multiple_protos)); 307 sizeof(tlsext_alpn_multiple_protos));
335 if (!tls_extension_parse(server_funcs, ssl, SSL_TLSEXT_MSG_CH, 308 if (!server_funcs->process(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
336 &cbs, &alert)) {
337 FAIL("failed to parse ALPN\n"); 309 FAIL("failed to parse ALPN\n");
338 goto err; 310 goto err;
339 } 311 }
@@ -470,8 +442,7 @@ test_tlsext_alpn_server(void)
470 sizeof(tlsext_alpn_single_proto)); 442 sizeof(tlsext_alpn_single_proto));
471 443
472 /* Shouldn't be able to parse without requesting */ 444 /* Shouldn't be able to parse without requesting */
473 if (tls_extension_parse(client_funcs, ssl, SSL_TLSEXT_MSG_SH, 445 if (client_funcs->process(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) {
474 &cbs, &alert)) {
475 FAIL("Should only parse server if we requested it\n"); 446 FAIL("Should only parse server if we requested it\n");
476 goto err; 447 goto err;
477 } 448 }
@@ -482,8 +453,7 @@ test_tlsext_alpn_server(void)
482 FAIL("should be able to set ALPN to http/1.1\n"); 453 FAIL("should be able to set ALPN to http/1.1\n");
483 goto err; 454 goto err;
484 } 455 }
485 if (!tls_extension_parse(client_funcs, ssl, SSL_TLSEXT_MSG_SH, 456 if (!client_funcs->process(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) {
486 &cbs, &alert)) {
487 FAIL("Should be able to parse server when we request it\n"); 457 FAIL("Should be able to parse server when we request it\n");
488 goto err; 458 goto err;
489 } 459 }
@@ -696,8 +666,7 @@ test_tlsext_supportedgroups_client(void)
696 666
697 CBS_init(&cbs, tlsext_supportedgroups_client_secp384r1, 667 CBS_init(&cbs, tlsext_supportedgroups_client_secp384r1,
698 sizeof(tlsext_supportedgroups_client_secp384r1)); 668 sizeof(tlsext_supportedgroups_client_secp384r1));
699 if (!tls_extension_parse(server_funcs, ssl, SSL_TLSEXT_MSG_CH, 669 if (!server_funcs->process(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
700 &cbs, &alert)) {
701 FAIL("failed to parse client Ellipticcurves\n"); 670 FAIL("failed to parse client Ellipticcurves\n");
702 goto err; 671 goto err;
703 } 672 }
@@ -803,8 +772,7 @@ test_tlsext_supportedgroups_client(void)
803 772
804 CBS_init(&cbs, tlsext_supportedgroups_client_nistp192and224, 773 CBS_init(&cbs, tlsext_supportedgroups_client_nistp192and224,
805 sizeof(tlsext_supportedgroups_client_nistp192and224)); 774 sizeof(tlsext_supportedgroups_client_nistp192and224));
806 if (!tls_extension_parse(server_funcs, ssl, SSL_TLSEXT_MSG_CH, 775 if (!server_funcs->process(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
807 &cbs, &alert)) {
808 FAIL("failed to parse client Ellipticcurves\n"); 776 FAIL("failed to parse client Ellipticcurves\n");
809 goto err; 777 goto err;
810 } 778 }
@@ -1023,8 +991,7 @@ test_tlsext_ecpf_client(void)
1023 991
1024 CBS_init(&cbs, tlsext_ecpf_hello_uncompressed, 992 CBS_init(&cbs, tlsext_ecpf_hello_uncompressed,
1025 sizeof(tlsext_ecpf_hello_uncompressed)); 993 sizeof(tlsext_ecpf_hello_uncompressed));
1026 if (!tls_extension_parse(server_funcs, ssl, SSL_TLSEXT_MSG_CH, 994 if (!server_funcs->process(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
1027 &cbs, &alert)) {
1028 FAIL("failed to parse client ECPointFormats\n"); 995 FAIL("failed to parse client ECPointFormats\n");
1029 goto err; 996 goto err;
1030 } 997 }
@@ -1119,8 +1086,7 @@ test_tlsext_ecpf_client(void)
1119 1086
1120 CBS_init(&cbs, tlsext_ecpf_hello_prefer_order, 1087 CBS_init(&cbs, tlsext_ecpf_hello_prefer_order,
1121 sizeof(tlsext_ecpf_hello_prefer_order)); 1088 sizeof(tlsext_ecpf_hello_prefer_order));
1122 if (!tls_extension_parse(server_funcs, ssl, SSL_TLSEXT_MSG_CH, 1089 if (!server_funcs->process(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
1123 &cbs, &alert)) {
1124 FAIL("failed to parse client ECPointFormats\n"); 1090 FAIL("failed to parse client ECPointFormats\n");
1125 goto err; 1091 goto err;
1126 } 1092 }
@@ -1248,8 +1214,7 @@ test_tlsext_ecpf_server(void)
1248 1214
1249 CBS_init(&cbs, tlsext_ecpf_hello_prime, 1215 CBS_init(&cbs, tlsext_ecpf_hello_prime,
1250 sizeof(tlsext_ecpf_hello_prime)); 1216 sizeof(tlsext_ecpf_hello_prime));
1251 if (tls_extension_parse(client_funcs, ssl, SSL_TLSEXT_MSG_SH, 1217 if (client_funcs->process(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) {
1252 &cbs, &alert)) {
1253 FAIL("must include uncompressed in server ECPointFormats\n"); 1218 FAIL("must include uncompressed in server ECPointFormats\n");
1254 goto err; 1219 goto err;
1255 } 1220 }
@@ -1339,8 +1304,7 @@ test_tlsext_ecpf_server(void)
1339 1304
1340 CBS_init(&cbs, tlsext_ecpf_hello_prefer_order, 1305 CBS_init(&cbs, tlsext_ecpf_hello_prefer_order,
1341 sizeof(tlsext_ecpf_hello_prefer_order)); 1306 sizeof(tlsext_ecpf_hello_prefer_order));
1342 if (!tls_extension_parse(client_funcs, ssl, SSL_TLSEXT_MSG_SH, 1307 if (!client_funcs->process(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) {
1343 &cbs, &alert)) {
1344 FAIL("failed to parse server ECPointFormats\n"); 1308 FAIL("failed to parse server ECPointFormats\n");
1345 goto err; 1309 goto err;
1346 } 1310 }
@@ -1475,8 +1439,7 @@ test_tlsext_ri_client(void)
1475 } 1439 }
1476 1440
1477 CBS_init(&cbs, tlsext_ri_client, sizeof(tlsext_ri_client)); 1441 CBS_init(&cbs, tlsext_ri_client, sizeof(tlsext_ri_client));
1478 if (!tls_extension_parse(server_funcs, ssl, SSL_TLSEXT_MSG_CH, 1442 if (!server_funcs->process(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
1479 &cbs, &alert)) {
1480 FAIL("failed to parse client RI\n"); 1443 FAIL("failed to parse client RI\n");
1481 goto err; 1444 goto err;
1482 } 1445 }
@@ -1500,8 +1463,7 @@ test_tlsext_ri_client(void)
1500 ssl->s3->renegotiate_seen = 0; 1463 ssl->s3->renegotiate_seen = 0;
1501 1464
1502 CBS_init(&cbs, tlsext_ri_client, sizeof(tlsext_ri_client)); 1465 CBS_init(&cbs, tlsext_ri_client, sizeof(tlsext_ri_client));
1503 if (tls_extension_parse(server_funcs, ssl, SSL_TLSEXT_MSG_CH, 1466 if (server_funcs->process(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
1504 &cbs, &alert)) {
1505 FAIL("parsed invalid client RI\n"); 1467 FAIL("parsed invalid client RI\n");
1506 goto err; 1468 goto err;
1507 } 1469 }
@@ -1597,8 +1559,7 @@ test_tlsext_ri_server(void)
1597 } 1559 }
1598 1560
1599 CBS_init(&cbs, tlsext_ri_server, sizeof(tlsext_ri_server)); 1561 CBS_init(&cbs, tlsext_ri_server, sizeof(tlsext_ri_server));
1600 if (!tls_extension_parse(client_funcs, ssl, SSL_TLSEXT_MSG_SH, 1562 if (!client_funcs->process(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) {
1601 &cbs, &alert)) {
1602 FAIL("failed to parse server RI\n"); 1563 FAIL("failed to parse server RI\n");
1603 goto err; 1564 goto err;
1604 } 1565 }
@@ -1624,8 +1585,7 @@ test_tlsext_ri_server(void)
1624 ssl->s3->renegotiate_seen = 0; 1585 ssl->s3->renegotiate_seen = 0;
1625 1586
1626 CBS_init(&cbs, tlsext_ri_server, sizeof(tlsext_ri_server)); 1587 CBS_init(&cbs, tlsext_ri_server, sizeof(tlsext_ri_server));
1627 if (tls_extension_parse(client_funcs, ssl, SSL_TLSEXT_MSG_SH, 1588 if (client_funcs->process(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) {
1628 &cbs, &alert)) {
1629 FAIL("parsed invalid server RI\n"); 1589 FAIL("parsed invalid server RI\n");
1630 goto err; 1590 goto err;
1631 } 1591 }
@@ -1722,8 +1682,7 @@ test_tlsext_sigalgs_client(void)
1722 } 1682 }
1723 1683
1724 CBS_init(&cbs, tlsext_sigalgs_client, sizeof(tlsext_sigalgs_client)); 1684 CBS_init(&cbs, tlsext_sigalgs_client, sizeof(tlsext_sigalgs_client));
1725 if (!tls_extension_parse(server_funcs, ssl, SSL_TLSEXT_MSG_CH, 1685 if (!server_funcs->process(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
1726 &cbs, &alert)) {
1727 FAIL("failed to parse client SNI\n"); 1686 FAIL("failed to parse client SNI\n");
1728 goto done; 1687 goto done;
1729 } 1688 }
@@ -1786,8 +1745,7 @@ test_tlsext_sigalgs_server(void)
1786 errx(1, "failed to finish CBB"); 1745 errx(1, "failed to finish CBB");
1787 1746
1788 CBS_init(&cbs, tlsext_sigalgs_client, sizeof(tlsext_sigalgs_client)); 1747 CBS_init(&cbs, tlsext_sigalgs_client, sizeof(tlsext_sigalgs_client));
1789 if (!tls_extension_parse(client_funcs, ssl, SSL_TLSEXT_MSG_SH, 1748 if (!client_funcs->process(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) {
1790 &cbs, &alert)) {
1791 FAIL("server should not parse sigalgs\n"); 1749 FAIL("server should not parse sigalgs\n");
1792 goto done; 1750 goto done;
1793 } 1751 }
@@ -1912,8 +1870,7 @@ test_tlsext_sni_client(void)
1912 ssl->hit = 0; 1870 ssl->hit = 0;
1913 1871
1914 CBS_init(&cbs, tlsext_sni_client, sizeof(tlsext_sni_client)); 1872 CBS_init(&cbs, tlsext_sni_client, sizeof(tlsext_sni_client));
1915 if (!tls_extension_parse(server_funcs, ssl, SSL_TLSEXT_MSG_CH, 1873 if (!server_funcs->process(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
1916 &cbs, &alert)) {
1917 FAIL("failed to parse client SNI\n"); 1874 FAIL("failed to parse client SNI\n");
1918 goto err; 1875 goto err;
1919 } 1876 }
@@ -1945,8 +1902,7 @@ test_tlsext_sni_client(void)
1945 } 1902 }
1946 1903
1947 CBS_init(&cbs, tlsext_sni_client, sizeof(tlsext_sni_client)); 1904 CBS_init(&cbs, tlsext_sni_client, sizeof(tlsext_sni_client));
1948 if (tls_extension_parse(server_funcs, ssl, SSL_TLSEXT_MSG_CH, 1905 if (server_funcs->process(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
1949 &cbs, &alert)) {
1950 FAIL("parsed client with mismatched SNI\n"); 1906 FAIL("parsed client with mismatched SNI\n");
1951 goto err; 1907 goto err;
1952 } 1908 }
@@ -2039,8 +1995,7 @@ test_tlsext_sni_server(void)
2039 ssl->session->tlsext_hostname = NULL; 1995 ssl->session->tlsext_hostname = NULL;
2040 1996
2041 CBS_init(&cbs, tlsext_sni_server, tlsext_sni_server_len); 1997 CBS_init(&cbs, tlsext_sni_server, tlsext_sni_server_len);
2042 if (!tls_extension_parse(client_funcs, ssl, SSL_TLSEXT_MSG_SH, 1998 if (!client_funcs->process(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) {
2043 &cbs, &alert)) {
2044 FAIL("failed to parse server SNI\n"); 1999 FAIL("failed to parse server SNI\n");
2045 goto err; 2000 goto err;
2046 } 2001 }
@@ -2174,8 +2129,7 @@ test_tlsext_quic_transport_parameters_client(void)
2174 2129
2175 CBS_init(&cbs, tlsext_quic_transport_data, 2130 CBS_init(&cbs, tlsext_quic_transport_data,
2176 sizeof(tlsext_quic_transport_data)); 2131 sizeof(tlsext_quic_transport_data));
2177 if (!tls_extension_parse(server_funcs, ssl, SSL_TLSEXT_MSG_SH, 2132 if (!server_funcs->process(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) {
2178 &cbs, &alert)) {
2179 FAIL("server_parse of QUIC from server failed\n"); 2133 FAIL("server_parse of QUIC from server failed\n");
2180 goto err; 2134 goto err;
2181 } 2135 }
@@ -2298,16 +2252,14 @@ test_tlsext_quic_transport_parameters_server(void)
2298 2252
2299 ssl->quic_method = NULL; 2253 ssl->quic_method = NULL;
2300 2254
2301 if (tls_extension_parse(client_funcs, ssl, SSL_TLSEXT_MSG_EE, 2255 if (client_funcs->process(ssl, SSL_TLSEXT_MSG_EE, &cbs, &alert)) {
2302 &cbs, &alert)) {
2303 FAIL("QUIC parse should have failed!\n"); 2256 FAIL("QUIC parse should have failed!\n");
2304 goto err; 2257 goto err;
2305 } 2258 }
2306 2259
2307 ssl->quic_method = &quic_method; 2260 ssl->quic_method = &quic_method;
2308 2261
2309 if (!tls_extension_parse(client_funcs, ssl, SSL_TLSEXT_MSG_SH, 2262 if (!client_funcs->process(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) {
2310 &cbs, &alert)) {
2311 FAIL("client_parse of QUIC from server failed\n"); 2263 FAIL("client_parse of QUIC from server failed\n");
2312 goto err; 2264 goto err;
2313 } 2265 }
@@ -2412,8 +2364,7 @@ test_tlsext_ocsp_client(void)
2412 } 2364 }
2413 CBS_init(&cbs, tls_ocsp_client_default, 2365 CBS_init(&cbs, tls_ocsp_client_default,
2414 sizeof(tls_ocsp_client_default)); 2366 sizeof(tls_ocsp_client_default));
2415 if (!tls_extension_parse(server_funcs, ssl, SSL_TLSEXT_MSG_CH, 2367 if (!server_funcs->process(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
2416 &cbs, &alert)) {
2417 FAIL("failed to parse TLSEXT_TYPE_status_request client\n"); 2368 FAIL("failed to parse TLSEXT_TYPE_status_request client\n");
2418 goto err; 2369 goto err;
2419 } 2370 }
@@ -2938,8 +2889,7 @@ test_tlsext_srtp_client(void)
2938 } 2889 }
2939 2890
2940 CBS_init(&cbs, tlsext_srtp_single, sizeof(tlsext_srtp_single)); 2891 CBS_init(&cbs, tlsext_srtp_single, sizeof(tlsext_srtp_single));
2941 if (!tls_extension_parse(server_funcs, ssl, SSL_TLSEXT_MSG_CH, 2892 if (!server_funcs->process(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
2942 &cbs, &alert)) {
2943 FAIL("failed to parse SRTP\n"); 2893 FAIL("failed to parse SRTP\n");
2944 goto err; 2894 goto err;
2945 } 2895 }
@@ -3007,8 +2957,7 @@ test_tlsext_srtp_client(void)
3007 2957
3008 CBS_init(&cbs, tlsext_srtp_multiple, 2958 CBS_init(&cbs, tlsext_srtp_multiple,
3009 sizeof(tlsext_srtp_multiple)); 2959 sizeof(tlsext_srtp_multiple));
3010 if (!tls_extension_parse(server_funcs, ssl, SSL_TLSEXT_MSG_CH, 2960 if (!server_funcs->process(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
3011 &cbs, &alert)) {
3012 FAIL("failed to parse SRTP\n"); 2961 FAIL("failed to parse SRTP\n");
3013 goto err; 2962 goto err;
3014 } 2963 }
@@ -3039,8 +2988,7 @@ test_tlsext_srtp_client(void)
3039 2988
3040 CBS_init(&cbs, tlsext_srtp_multiple_one_valid, 2989 CBS_init(&cbs, tlsext_srtp_multiple_one_valid,
3041 sizeof(tlsext_srtp_multiple_one_valid)); 2990 sizeof(tlsext_srtp_multiple_one_valid));
3042 if (!tls_extension_parse(server_funcs, ssl, SSL_TLSEXT_MSG_CH, 2991 if (!server_funcs->process(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
3043 &cbs, &alert)) {
3044 FAIL("failed to parse SRTP\n"); 2992 FAIL("failed to parse SRTP\n");
3045 goto err; 2993 goto err;
3046 } 2994 }
@@ -3069,8 +3017,7 @@ test_tlsext_srtp_client(void)
3069 3017
3070 CBS_init(&cbs, tlsext_srtp_multiple_invalid, 3018 CBS_init(&cbs, tlsext_srtp_multiple_invalid,
3071 sizeof(tlsext_srtp_multiple_invalid)); 3019 sizeof(tlsext_srtp_multiple_invalid));
3072 if (!tls_extension_parse(server_funcs, ssl, SSL_TLSEXT_MSG_CH, 3020 if (!server_funcs->process(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
3073 &cbs, &alert)) {
3074 FAIL("should be able to fall back to negotiated\n"); 3021 FAIL("should be able to fall back to negotiated\n");
3075 goto err; 3022 goto err;
3076 } 3023 }
@@ -3191,8 +3138,7 @@ test_tlsext_srtp_server(void)
3191 } 3138 }
3192 3139
3193 CBS_init(&cbs, tlsext_srtp_single, sizeof(tlsext_srtp_single)); 3140 CBS_init(&cbs, tlsext_srtp_single, sizeof(tlsext_srtp_single));
3194 if (!tls_extension_parse(client_funcs, ssl, SSL_TLSEXT_MSG_SH, 3141 if (!client_funcs->process(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) {
3195 &cbs, &alert)) {
3196 FAIL("failed to parse SRTP\n"); 3142 FAIL("failed to parse SRTP\n");
3197 goto err; 3143 goto err;
3198 } 3144 }
@@ -3215,8 +3161,7 @@ test_tlsext_srtp_server(void)
3215 3161
3216 CBS_init(&cbs, tlsext_srtp_multiple, 3162 CBS_init(&cbs, tlsext_srtp_multiple,
3217 sizeof(tlsext_srtp_multiple)); 3163 sizeof(tlsext_srtp_multiple));
3218 if (tls_extension_parse(client_funcs, ssl, SSL_TLSEXT_MSG_SH, 3164 if (client_funcs->process(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) {
3219 &cbs, &alert)) {
3220 FAIL("should not find multiple entries from the server\n"); 3165 FAIL("should not find multiple entries from the server\n");
3221 goto err; 3166 goto err;
3222 } 3167 }
@@ -3226,8 +3171,7 @@ test_tlsext_srtp_server(void)
3226 3171
3227 CBS_init(&cbs, tlsext_srtp_single_invalid, 3172 CBS_init(&cbs, tlsext_srtp_single_invalid,
3228 sizeof(tlsext_srtp_single_invalid)); 3173 sizeof(tlsext_srtp_single_invalid));
3229 if (tls_extension_parse(client_funcs, ssl, SSL_TLSEXT_MSG_SH, 3174 if (client_funcs->process(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) {
3230 &cbs, &alert)) {
3231 FAIL("should not be able to parse this\n"); 3175 FAIL("should not be able to parse this\n");
3232 goto err; 3176 goto err;
3233 } 3177 }
@@ -3579,8 +3523,7 @@ test_tlsext_versions_client(void)
3579 } 3523 }
3580 3524
3581 CBS_init(&cbs, data, dlen); 3525 CBS_init(&cbs, data, dlen);
3582 if (!tls_extension_parse(server_funcs, ssl, SSL_TLSEXT_MSG_CH, 3526 if (!server_funcs->process(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
3583 &cbs, &alert)) {
3584 FAIL("failed to parse client versions\n"); 3527 FAIL("failed to parse client versions\n");
3585 goto done; 3528 goto done;
3586 } 3529 }
@@ -3659,8 +3602,7 @@ test_tlsext_versions_server(void)
3659 } 3602 }
3660 3603
3661 CBS_init(&cbs, data, dlen); 3604 CBS_init(&cbs, data, dlen);
3662 if (!tls_extension_parse(client_funcs, ssl, SSL_TLSEXT_MSG_SH, 3605 if (!client_funcs->process(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) {
3663 &cbs, &alert)) {
3664 FAIL("failed to parse client versions\n"); 3606 FAIL("failed to parse client versions\n");
3665 goto done; 3607 goto done;
3666 } 3608 }
@@ -3762,8 +3704,7 @@ test_tlsext_keyshare_client(void)
3762 (ssl)->version = TLS1_3_VERSION; 3704 (ssl)->version = TLS1_3_VERSION;
3763 CBS_init(&cbs, data, dlen); 3705 CBS_init(&cbs, data, dlen);
3764 3706
3765 if (!tls_extension_parse(server_funcs, ssl, SSL_TLSEXT_MSG_CH, 3707 if (!server_funcs->process(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
3766 &cbs, &alert)) {
3767 FAIL("failed to parse client keyshare\n"); 3708 FAIL("failed to parse client keyshare\n");
3768 goto done; 3709 goto done;
3769 } 3710 }
@@ -3897,8 +3838,7 @@ test_tlsext_keyshare_server(void)
3897 3838
3898 CBS_init(&cbs, data, dlen); 3839 CBS_init(&cbs, data, dlen);
3899 3840
3900 if (!tls_extension_parse(client_funcs, ssl, SSL_TLSEXT_MSG_SH, 3841 if (!client_funcs->process(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) {
3901 &cbs, &alert)) {
3902 FAIL("failed to parse server keyshare\n"); 3842 FAIL("failed to parse server keyshare\n");
3903 goto done; 3843 goto done;
3904 } 3844 }
@@ -3998,8 +3938,7 @@ test_tlsext_cookie_client(void)
3998 CBS_init(&cbs, data, dlen); 3938 CBS_init(&cbs, data, dlen);
3999 3939
4000 /* Checks cookie against what's in the hs.tls13 */ 3940 /* Checks cookie against what's in the hs.tls13 */
4001 if (!tls_extension_parse(server_funcs, ssl, SSL_TLSEXT_MSG_CH, 3941 if (!server_funcs->process(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
4002 &cbs, &alert)) {
4003 FAIL("failed to parse client cookie\n"); 3942 FAIL("failed to parse client cookie\n");
4004 goto done; 3943 goto done;
4005 } 3944 }
@@ -4088,8 +4027,7 @@ test_tlsext_cookie_server(void)
4088 4027
4089 CBS_init(&cbs, data, dlen); 4028 CBS_init(&cbs, data, dlen);
4090 4029
4091 if (tls_extension_parse(client_funcs, ssl, SSL_TLSEXT_MSG_SH, 4030 if (client_funcs->process(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) {
4092 &cbs, &alert)) {
4093 FAIL("client should not have parsed server cookie\n"); 4031 FAIL("client should not have parsed server cookie\n");
4094 goto done; 4032 goto done;
4095 } 4033 }
@@ -4098,8 +4036,7 @@ test_tlsext_cookie_server(void)
4098 ssl->s3->hs.tls13.cookie = NULL; 4036 ssl->s3->hs.tls13.cookie = NULL;
4099 ssl->s3->hs.tls13.cookie_len = 0; 4037 ssl->s3->hs.tls13.cookie_len = 0;
4100 4038
4101 if (!tls_extension_parse(client_funcs, ssl, SSL_TLSEXT_MSG_SH, 4039 if (!client_funcs->process(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) {
4102 &cbs, &alert)) {
4103 FAIL("failed to parse server cookie\n"); 4040 FAIL("failed to parse server cookie\n");
4104 goto done; 4041 goto done;
4105 } 4042 }
@@ -4240,8 +4177,7 @@ test_tlsext_psk_modes_client(void)
4240 4177
4241 CBS_init(&cbs, tlsext_default_psk_modes, 4178 CBS_init(&cbs, tlsext_default_psk_modes,
4242 sizeof(tlsext_default_psk_modes)); 4179 sizeof(tlsext_default_psk_modes));
4243 if (!tls_extension_parse(server_funcs, ssl, SSL_TLSEXT_MSG_CH, 4180 if (!server_funcs->process(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
4244 &cbs, &alert)) {
4245 FAIL("failed to parse psk kex modes\n"); 4181 FAIL("failed to parse psk kex modes\n");
4246 goto err; 4182 goto err;
4247 } 4183 }
@@ -4263,8 +4199,7 @@ test_tlsext_psk_modes_client(void)
4263 ssl->s3->hs.tls13.use_psk_dhe_ke = 0; 4199 ssl->s3->hs.tls13.use_psk_dhe_ke = 0;
4264 4200
4265 CBS_init(&cbs, tlsext_psk_only_mode, sizeof(tlsext_psk_only_mode)); 4201 CBS_init(&cbs, tlsext_psk_only_mode, sizeof(tlsext_psk_only_mode));
4266 if (!tls_extension_parse(server_funcs, ssl, SSL_TLSEXT_MSG_CH, 4202 if (!server_funcs->process(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
4267 &cbs, &alert)) {
4268 FAIL("failed to parse psk kex modes\n"); 4203 FAIL("failed to parse psk kex modes\n");
4269 goto err; 4204 goto err;
4270 } 4205 }
@@ -4286,8 +4221,7 @@ test_tlsext_psk_modes_client(void)
4286 ssl->s3->hs.tls13.use_psk_dhe_ke = 0; 4221 ssl->s3->hs.tls13.use_psk_dhe_ke = 0;
4287 4222
4288 CBS_init(&cbs, tlsext_psk_both_modes, sizeof(tlsext_psk_both_modes)); 4223 CBS_init(&cbs, tlsext_psk_both_modes, sizeof(tlsext_psk_both_modes));
4289 if (!tls_extension_parse(server_funcs, ssl, SSL_TLSEXT_MSG_CH, 4224 if (!server_funcs->process(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
4290 &cbs, &alert)) {
4291 FAIL("failed to parse psk kex modes\n"); 4225 FAIL("failed to parse psk kex modes\n");
4292 goto err; 4226 goto err;
4293 } 4227 }
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-25 23:24:31 +0000