1 files changed, 0 insertions, 650 deletions
diff --git a/src/regress/lib/libssl/renegotiation/renegotiation_test.c b/src/regress/lib/libssl/renegotiation/renegotiation_test.c
deleted file mode 100644
index 1c9f35237f..0000000000
--- a/src/regress/lib/libssl/renegotiation/renegotiation_test.c
+++ /dev/null
@@ -1,650 +0,0 @@
-/* $OpenBSD: renegotiation_test.c,v 1.3 2025/03/12 14:07:35 jsing Exp $ */
-/*
- * Copyright (c) 2020,2025 Joel Sing <jsing@openbsd.org>
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
- * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
- * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
- * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- */
-#include <err.h>
-#include <openssl/bio.h>
-#include <openssl/err.h>
-#include <openssl/ssl.h>
-const char *server_ca_file;
-const char *server_cert_file;
-const char *server_key_file;
-int debug = 0;
-int tls_client_alert;
-int tls_server_alert;
-static void
-hexdump(const unsigned char *buf, size_t len)
-{
-        size_t i;
-        for (i = 1; i <= len; i++)
-                fprintf(stderr, " 0x%02hhx,%s", buf[i - 1], i % 8 ? "" : "\n");
-        if (len % 8)
-                fprintf(stderr, "\n");
-}
-static SSL *
-tls_client(BIO *rbio, BIO *wbio)
-{
-        SSL_CTX *ssl_ctx = NULL;
-        SSL *ssl = NULL;
-        if ((ssl_ctx = SSL_CTX_new(TLS_method())) == NULL)
-                errx(1, "client context");
-        if ((ssl = SSL_new(ssl_ctx)) == NULL)
-                errx(1, "client ssl");
-        BIO_up_ref(rbio);
-        BIO_up_ref(wbio);
-        SSL_set_bio(ssl, rbio, wbio);
-        SSL_CTX_free(ssl_ctx);
-        return ssl;
-}
-static SSL *
-tls_server(BIO *rbio, BIO *wbio)
-{
-        SSL_CTX *ssl_ctx = NULL;
-        SSL *ssl = NULL;
-        if ((ssl_ctx = SSL_CTX_new(TLS_method())) == NULL)
-                errx(1, "server context");
-        SSL_CTX_set_dh_auto(ssl_ctx, 2);
-        if (SSL_CTX_use_certificate_file(ssl_ctx, server_cert_file,
-            SSL_FILETYPE_PEM) != 1) {
-                fprintf(stderr, "FAIL: Failed to load server certificate");
-                goto failure;
-        }
-        if (SSL_CTX_use_PrivateKey_file(ssl_ctx, server_key_file,
-            SSL_FILETYPE_PEM) != 1) {
-                fprintf(stderr, "FAIL: Failed to load server private key");
-                goto failure;
-        }
-        if ((ssl = SSL_new(ssl_ctx)) == NULL)
-                errx(1, "server ssl");
-        BIO_up_ref(rbio);
-        BIO_up_ref(wbio);
-        SSL_set_bio(ssl, rbio, wbio);
- failure:
-        SSL_CTX_free(ssl_ctx);
-        return ssl;
-}
-static int
-ssl_error(SSL *ssl, const char *name, const char *desc, int ssl_ret)
-{
-        int ssl_err;
-        ssl_err = SSL_get_error(ssl, ssl_ret);
-        if (ssl_err == SSL_ERROR_WANT_READ) {
-                return 1;
-        } else if (ssl_err == SSL_ERROR_WANT_WRITE) {
-                return 1;
-        } else if (ssl_err == SSL_ERROR_SYSCALL && errno == 0) {
-                /* Yup, this is apparently a thing... */
-        } else {
-                if (tls_client_alert >> 8 == SSL3_AL_FATAL ||
-                    tls_server_alert >> 8 == SSL3_AL_FATAL) {
-                        ERR_clear_error();
-                        return 0;
-                }
-                if (tls_client_alert >> 8 == SSL3_AL_WARNING ||
-                    tls_server_alert >> 8 == SSL3_AL_WARNING) {
-                        ERR_clear_error();
-                        return 1;
-                }
-                fprintf(stderr, "FAIL: %s %s failed - ssl err = %d, errno = %d\n",
-                    name, desc, ssl_err, errno);
-                ERR_print_errors_fp(stderr);
-                return 0;
-        }
-        return 1;
-}
-static int
-do_connect(SSL *ssl, const char *name, int *done)
-{
-        int ssl_ret;
-        if ((ssl_ret = SSL_connect(ssl)) == 1) {
-                fprintf(stderr, "INFO: %s connect done\n", name);
-                *done = 1;
-                return 1;
-        }
-        return ssl_error(ssl, name, "connect", ssl_ret);
-}
-static int
-do_accept(SSL *ssl, const char *name, int *done)
-{
-        int ssl_ret;
-        if ((ssl_ret = SSL_accept(ssl)) == 1) {
-                fprintf(stderr, "INFO: %s accept done\n", name);
-                *done = 1;
-                return 1;
-        }
-        return ssl_error(ssl, name, "accept", ssl_ret);
-}
-static int
-do_read(SSL *ssl, const char *name, int *done)
-{
-        uint8_t buf[512];
-        int ssl_ret;
-        if ((ssl_ret = SSL_read(ssl, buf, sizeof(buf))) > 0) {
-                fprintf(stderr, "INFO: %s read done\n", name);
-                if (debug > 1)
-                        hexdump(buf, ssl_ret);
-                *done = 1;
-                return 1;
-        }
-        return ssl_error(ssl, name, "read", ssl_ret);
-}
-static int
-do_write(SSL *ssl, const char *name, int *done)
-{
-        const uint8_t buf[] = "Hello, World!\n";
-        int ssl_ret;
-        if ((ssl_ret = SSL_write(ssl, buf, sizeof(buf))) > 0) {
-                fprintf(stderr, "INFO: %s write done\n", name);
-                *done = 1;
-                return 1;
-        }
-        return ssl_error(ssl, name, "write", ssl_ret);
-}
-static int
-do_shutdown(SSL *ssl, const char *name, int *done)
-{
-        int ssl_ret;
-        ssl_ret = SSL_shutdown(ssl);
-        if (ssl_ret == 1) {
-                fprintf(stderr, "INFO: %s shutdown done\n", name);
-                *done = 1;
-                return 1;
-        }
-        return ssl_error(ssl, name, "shutdown", ssl_ret);
-}
-typedef int (*ssl_func)(SSL *ssl, const char *name, int *done);
-static int
-do_client_server_loop(SSL *client, ssl_func client_func, SSL *server,
-    ssl_func server_func)
-{
-        int client_done = 0, server_done = 0;
-        int i = 0;
-        do {
-                if (!client_done) {
-                        if (debug)
-                                fprintf(stderr, "DEBUG: client loop\n");
-                        if (!client_func(client, "client", &client_done))
-                                return 0;
-                }
-                if (!server_done) {
-                        if (debug)
-                                fprintf(stderr, "DEBUG: server loop\n");
-                        if (!server_func(server, "server", &server_done))
-                                return 0;
-                }
-        } while (i++ < 100 && (!client_done || !server_done));
-        if (!client_done || !server_done)
-                fprintf(stderr, "FAIL: gave up\n");
-        return client_done && server_done;
-}
-struct tls_reneg_test {
-        const unsigned char *desc;
-        int ssl_max_proto_version;
-        long ssl_client_options;
-        long ssl_server_options;
-        int renegotiate_client;
-        int renegotiate_server;
-        int client_ignored;
-        int want_client_alert;
-        int want_server_alert;
-        int want_failure;
-};
-static const struct tls_reneg_test tls_reneg_tests[] = {
-        {
-                .desc = "TLSv1.2 - Renegotiation permitted, no renegotiation",
-                .ssl_max_proto_version = TLS1_2_VERSION,
-        },
-        {
-                .desc = "TLSv1.2 - Renegotiation permitted, server initiated "
-                    "renegotiation",
-                .ssl_max_proto_version = TLS1_2_VERSION,
-                .renegotiate_server = 1,
-        },
-        {
-                .desc = "TLSv1.2 - Renegotiation permitted, client initiated "
-                    "renegotiation",
-                .ssl_max_proto_version = TLS1_2_VERSION,
-                .renegotiate_client = 1,
-        },
-        {
-                .desc = "TLSv1.2 - Renegotiation permitted, server and client "
-                    "initiated renegotiation",
-                .ssl_max_proto_version = TLS1_2_VERSION,
-                .renegotiate_client = 1,
-                .renegotiate_server = 1,
-        },
-        {
-                .desc = "TLSv1.2 - Client renegotiation not permitted, server "
-                    "initiated renegotiation",
-                .ssl_max_proto_version = TLS1_2_VERSION,
-                .ssl_server_options = SSL_OP_NO_CLIENT_RENEGOTIATION,
-                .renegotiate_server = 1,
-                .want_client_alert = SSL3_AL_FATAL << 8 | SSL_AD_NO_RENEGOTIATION,
-        },
-        {
-                .desc = "TLSv1.2 - Client renegotiation not permitted, client "
-                    "initiated renegotiation",
-                .ssl_max_proto_version = TLS1_2_VERSION,
-                .ssl_server_options = SSL_OP_NO_CLIENT_RENEGOTIATION,
-                .renegotiate_client = 1,
-                .want_client_alert = SSL3_AL_FATAL << 8 | SSL_AD_NO_RENEGOTIATION,
-        },
-        {
-                .desc = "TLSv1.2 - Client renegotiation not permitted, client "
-                    "initiated renegotiation",
-                .ssl_max_proto_version = TLS1_2_VERSION,
-                .ssl_server_options = SSL_OP_NO_RENEGOTIATION,
-                .renegotiate_client = 1,
-                .want_client_alert = SSL3_AL_FATAL << 8 | SSL_AD_NO_RENEGOTIATION,
-        },
-        {
-                .desc = "TLSv1.2 - Server renegotiation not permitted, server "
-                    "initiated renegotiation",
-                .ssl_max_proto_version = TLS1_2_VERSION,
-                .ssl_client_options = SSL_OP_NO_RENEGOTIATION,
-                .renegotiate_server = 1,
-                .client_ignored = 1,
-                .want_server_alert = SSL3_AL_WARNING << 8 | SSL_AD_NO_RENEGOTIATION,
-        },
-        {
-                .desc = "TLSv1.2 - Client renegotiation permitted, client "
-                    "initiated renegotiation",
-                .ssl_max_proto_version = TLS1_2_VERSION,
-                .ssl_server_options = SSL_OP_NO_RENEGOTIATION |
-                    SSL_OP_ALLOW_CLIENT_RENEGOTIATION,
-                .renegotiate_client = 1,
-        },
-        {
-                .desc = "TLSv1.2 - Client renegotiation permitted, server "
-                    "initiated renegotiation",
-                .ssl_max_proto_version = TLS1_2_VERSION,
-                .ssl_server_options = SSL_OP_ALLOW_CLIENT_RENEGOTIATION,
-                .renegotiate_server = 1,
-        },
-        {
-                .desc = "TLSv1.2 - Client renegotiation permitted, client "
-                    "initiated renegotiation",
-                .ssl_max_proto_version = TLS1_2_VERSION,
-                .ssl_server_options = SSL_OP_ALLOW_CLIENT_RENEGOTIATION,
-                .renegotiate_client = 1,
-        },
-        {
-                .desc = "TLSv1.2 - Client renegotiation disabled, client "
-                    "initiated renegotiation",
-                .ssl_max_proto_version = TLS1_2_VERSION,
-                .ssl_client_options = SSL_OP_NO_RENEGOTIATION,
-                .renegotiate_client = 1,
-                .want_failure = 1,
-        },
-        {
-                .desc = "TLSv1.2 - Server renegotiation disabled, server "
-                    "initiated renegotiation",
-                .ssl_max_proto_version = TLS1_2_VERSION,
-                .ssl_server_options = SSL_OP_NO_RENEGOTIATION,
-                .renegotiate_server = 1,
-                .want_failure = 1,
-        },
-        {
-                .desc = "TLSv1.3 - No renegotiation supported, no renegotiation",
-                .ssl_max_proto_version = TLS1_3_VERSION,
-        },
-        {
-                .desc = "TLSv1.3 - No renegotiation supported, server "
-                    "initiated renegotiation",
-                .ssl_max_proto_version = TLS1_3_VERSION,
-                .renegotiate_server = 1,
-                .want_failure = 1,
-        },
-        {
-                .desc = "TLSv1.3 - No renegotiation supported, client "
-                    "initiated renegotiation",
-                .ssl_max_proto_version = TLS1_3_VERSION,
-                .renegotiate_client = 1,
-                .want_failure = 1,
-        },
-};
-#define N_TLS_RENEG_TESTS (sizeof(tls_reneg_tests) / sizeof(*tls_reneg_tests))
-static void
-tls_client_info_callback(const SSL *ssl, int where, int value)
-{
-        if (where == SSL_CB_READ_ALERT) {
-                fprintf(stderr, "INFO: client read %s alert - %s\n",
-                    SSL_alert_type_string_long(value),
-                    SSL_alert_desc_string_long(value));
-                tls_client_alert = value;
-        }
-}
-static void
-tls_server_info_callback(const SSL *ssl, int where, int value)
-{
-        if (where == SSL_CB_READ_ALERT) {
-                fprintf(stderr, "INFO: server read %s alert - %s\n",
-                    SSL_alert_type_string_long(value),
-                    SSL_alert_desc_string_long(value));
-                tls_server_alert = value;
-        }
-}
-static int
-tls_check_reneg(SSL *client, SSL *server, int client_pending,
-    int server_pending, long client_num_reneg, long server_num_reneg)
-{
-        if (debug) {
-                fprintf(stderr, "DEBUG: client - pending = %d, num reneg = %ld\n",
-                    SSL_renegotiate_pending(client), SSL_num_renegotiations(client));
-                fprintf(stderr, "DEBUG: server - pending = %d, num reneg = %ld\n",
-                    SSL_renegotiate_pending(server), SSL_num_renegotiations(server));
-        }
-        if (SSL_renegotiate_pending(client) != client_pending) {
-                fprintf(stderr, "FAIL: client SSL_renegotiate_pending() = %d, want %d\n",
-                    SSL_renegotiate_pending(client), client_pending);
-                return 0;
-        }
-        if (SSL_renegotiate_pending(server) != server_pending) {
-                fprintf(stderr, "FAIL: server SSL_renegotiate_pending() = %d, want %d\n",
-                    SSL_renegotiate_pending(server), server_pending);
-                return 0;
-        }
-        if (SSL_num_renegotiations(client) != client_num_reneg) {
-                fprintf(stderr, "FAIL: client SSL_num_renegotiations() = %ld, want %ld\n",
-                    SSL_num_renegotiations(client), client_num_reneg);
-                return 0;
-        }
-        if (SSL_num_renegotiations(server) != server_num_reneg) {
-                fprintf(stderr, "FAIL: server SSL_num_renegotiations() = %ld, want %ld\n",
-                    SSL_num_renegotiations(server), server_num_reneg);
-                return 0;
-        }
-        return 1;
-}
-static int
-tls_reneg_test(const struct tls_reneg_test *trt)
-{
-        BIO *client_wbio = NULL, *server_wbio = NULL;
-        SSL *client = NULL, *server = NULL;
-        int failed = 1;
-        fprintf(stderr, "\n== Testing %s... ==\n", trt->desc);
-        if ((client_wbio = BIO_new(BIO_s_mem())) == NULL)
-                goto failure;
-        if (BIO_set_mem_eof_return(client_wbio, -1) <= 0)
-                goto failure;
-        if ((server_wbio = BIO_new(BIO_s_mem())) == NULL)
-                goto failure;
-        if (BIO_set_mem_eof_return(server_wbio, -1) <= 0)
-                goto failure;
-        if ((client = tls_client(server_wbio, client_wbio)) == NULL)
-                goto failure;
-        SSL_set_options(client, trt->ssl_client_options);
-        SSL_set_info_callback(client, tls_client_info_callback);
-        if ((server = tls_server(client_wbio, server_wbio)) == NULL)
-                goto failure;
-        SSL_set_options(server, trt->ssl_server_options);
-        SSL_set_info_callback(server, tls_server_info_callback);
-        if (!SSL_set_max_proto_version(server, trt->ssl_max_proto_version))
-                goto failure;
-        tls_client_alert = 0;
-        tls_server_alert = 0;
-        if (!do_client_server_loop(client, do_connect, server, do_accept)) {
-                fprintf(stderr, "FAIL: client and server handshake failed\n");
-                goto failure;
-        }
-        if (!do_client_server_loop(client, do_write, server, do_read)) {
-                fprintf(stderr, "FAIL: client write and server read failed\n");
-                goto failure;
-        }
-        if (!do_client_server_loop(client, do_read, server, do_write)) {
-                fprintf(stderr, "FAIL: client read and server write failed\n");
-                goto failure;
-        }
-        if (!tls_check_reneg(client, server, 0, 0, 0, 0))
-                goto failure;
-        if (trt->renegotiate_server) {
-                /*
-                 * Trigger renegotiation from the server - this results in the
-                 * server sending a HelloRequest, then waiting for the client to
-                 * respond with a ClientHello.
-                 */
-                if (!SSL_renegotiate(server)) {
-                        if (!trt->want_failure) {
-                                fprintf(stderr, "FAIL: server renegotiation failed\n");
-                                goto failure;
-                        }
-                        goto done;
-                }
-                if (trt->want_failure) {
-                        fprintf(stderr, "FAIL: server renegotiation should have failed\n");
-                        goto failure;
-                }
-                if (!tls_check_reneg(client, server, 0, 1, 0, 0))
-                        goto failure;
-                if (!do_client_server_loop(client, do_read, server, do_write)) {
-                        fprintf(stderr, "FAIL: client read and server write failed\n");
-                        goto failure;
-                }
-                if (!tls_check_reneg(client, server, (trt->client_ignored == 0), 1,
-                    (trt->client_ignored == 0), 1))
-                        goto failure;
-                if (!do_client_server_loop(client, do_write, server, do_read)) {
-                        if (!trt->want_client_alert && !trt->want_server_alert) {
-                                fprintf(stderr, "FAIL: client write and server read failed\n");
-                                goto failure;
-                        }
-                        if (tls_client_alert != trt->want_client_alert) {
-                                fprintf(stderr, "FAIL: client alert = %x, want %x\n",
-                                    tls_client_alert, trt->want_client_alert);
-                                goto failure;
-                        }
-                        if (tls_server_alert != trt->want_server_alert) {
-                                fprintf(stderr, "FAIL: server alert = %x, want %x\n",
-                                    tls_server_alert, trt->want_server_alert);
-                                goto failure;
-                        }
-                        goto done;
-                }
-                if (tls_client_alert != trt->want_client_alert) {
-                        fprintf(stderr, "FAIL: client alert = %x, want %x\n",
-                            tls_client_alert, trt->want_client_alert);
-                        goto failure;
-                }
-                if (tls_server_alert != trt->want_server_alert) {
-                        fprintf(stderr, "FAIL: server alert = %x, want %x\n",
-                            tls_server_alert, trt->want_server_alert);
-                        goto failure;
-                }
-                if (!tls_check_reneg(client, server, 0, (trt->client_ignored != 0),
-                    (trt->client_ignored == 0), 1))
-                        goto failure;
-        }
-        SSL_clear_num_renegotiations(client);
-        SSL_clear_num_renegotiations(server);
-        tls_client_alert = 0;
-        tls_server_alert = 0;
-        if (trt->renegotiate_client) {
-                /*
-                 * Trigger renegotiation from the client - this results in the
-                 * client sending a ClientHello.
-                 */
-                if (!SSL_renegotiate(client)) {
-                        if (!trt->want_failure) {
-                                fprintf(stderr, "FAIL: client renegotiation failed\n");
-                                goto failure;
-                        }
-                        goto done;
-                }
-                if (trt->want_failure) {
-                        fprintf(stderr, "FAIL: client renegotiation should have failed\n");
-                        goto failure;
-                }
-                if (!tls_check_reneg(client, server, 1, 0, 0, 0))
-                        goto failure;
-                if (!do_client_server_loop(client, do_read, server, do_write)) {
-                        fprintf(stderr, "FAIL: client read and server write failed\n");
-                        goto failure;
-                }
-                if (!tls_check_reneg(client, server, 1, 0, 1, 0))
-                        goto failure;
-                if (!do_client_server_loop(client, do_write, server, do_read)) {
-                        if (!trt->want_client_alert && !trt->want_server_alert) {
-                                fprintf(stderr, "FAIL: client write and server read failed\n");
-                                goto failure;
-                        }
-                        if (tls_client_alert != trt->want_client_alert) {
-                                fprintf(stderr, "FAIL: client alert = %x, want %x\n",
-                                    tls_client_alert, trt->want_client_alert);
-                                goto failure;
-                        }
-                        if (tls_server_alert != trt->want_server_alert) {
-                                fprintf(stderr, "FAIL: server alert = %x, want %x\n",
-                                    tls_server_alert, trt->want_server_alert);
-                                goto failure;
-                        }
-                        goto done;
-                }
-                if (tls_client_alert != trt->want_client_alert) {
-                        fprintf(stderr, "FAIL: client alert = %x, want %x\n",
-                            tls_client_alert, trt->want_client_alert);
-                        goto failure;
-                }
-                if (tls_server_alert != trt->want_server_alert) {
-                        fprintf(stderr, "FAIL: server alert = %x, want %x\n",
-                            tls_server_alert, trt->want_server_alert);
-                        goto failure;
-                }
-                if (!tls_check_reneg(client, server, 0, 0, 1, 0))
-                        goto failure;
-        }
-        if (!do_client_server_loop(client, do_shutdown, server, do_shutdown)) {
-                fprintf(stderr, "FAIL: client and server shutdown failed\n");
-                goto failure;
-        }
- done:
-        fprintf(stderr, "INFO: Done!\n");
-        failed = 0;
- failure:
-        BIO_free(client_wbio);
-        BIO_free(server_wbio);
-        SSL_free(client);
-        SSL_free(server);
-        return failed;
-}
-int
-main(int argc, char **argv)
-{
-        int failed = 0;
-        size_t i;
-        if (argc != 4) {
-                fprintf(stderr, "usage: %s keyfile certfile cafile\n",
-                    argv[0]);
-                exit(1);
-        }
-        server_key_file = argv[1];
-        server_cert_file = argv[2];
-        server_ca_file = argv[3];
-        for (i = 0; i < N_TLS_RENEG_TESTS; i++)
-                failed |= tls_reneg_test(&tls_reneg_tests[i]);
-        return failed;
-}

diff --git a/src/regress/lib/libssl/renegotiation/renegotiation_test.c b/src/regress/lib/libssl/renegotiation/renegotiation_test.c deleted file mode 100644 index 1c9f35237f..0000000000 --- a/src/regress/lib/libssl/renegotiation/renegotiation_test.c +++ /dev/null
@@ -1,650 +0,0 @@
1	/* $OpenBSD: renegotiation_test.c,v 1.3 2025/03/12 14:07:35 jsing Exp $ */
2	/*
3	* Copyright (c) 2020,2025 Joel Sing <jsing@openbsd.org>
4	*
5	* Permission to use, copy, modify, and distribute this software for any
6	* purpose with or without fee is hereby granted, provided that the above
7	* copyright notice and this permission notice appear in all copies.
8	*
9	* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10	* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11	* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12	* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13	* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14	* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15	* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16	*/
17
18	#include <err.h>
19
20	#include <openssl/bio.h>
21	#include <openssl/err.h>
22	#include <openssl/ssl.h>
23
24	const char *server_ca_file;
25	const char *server_cert_file;
26	const char *server_key_file;
27
28	int debug = 0;
29
30	int tls_client_alert;
31	int tls_server_alert;
32
33	static void
34	hexdump(const unsigned char *buf, size_t len)
35	{
36	size_t i;
37
38	for (i = 1; i <= len; i++)
39	fprintf(stderr, " 0x%02hhx,%s", buf[i - 1], i % 8 ? "" : "\n");
40
41	if (len % 8)
42	fprintf(stderr, "\n");
43	}
44
45	static SSL *
46	tls_client(BIO rbio, BIO wbio)
47	{
48	SSL_CTX *ssl_ctx = NULL;
49	SSL *ssl = NULL;
50
51	if ((ssl_ctx = SSL_CTX_new(TLS_method())) == NULL)
52	errx(1, "client context");
53
54	if ((ssl = SSL_new(ssl_ctx)) == NULL)
55	errx(1, "client ssl");
56
57	BIO_up_ref(rbio);
58	BIO_up_ref(wbio);
59
60	SSL_set_bio(ssl, rbio, wbio);
61
62	SSL_CTX_free(ssl_ctx);
63
64	return ssl;
65	}
66
67	static SSL *
68	tls_server(BIO rbio, BIO wbio)
69	{
70	SSL_CTX *ssl_ctx = NULL;
71	SSL *ssl = NULL;
72
73	if ((ssl_ctx = SSL_CTX_new(TLS_method())) == NULL)
74	errx(1, "server context");
75
76	SSL_CTX_set_dh_auto(ssl_ctx, 2);
77
78	if (SSL_CTX_use_certificate_file(ssl_ctx, server_cert_file,
79	SSL_FILETYPE_PEM) != 1) {
80	fprintf(stderr, "FAIL: Failed to load server certificate");
81	goto failure;
82	}
83	if (SSL_CTX_use_PrivateKey_file(ssl_ctx, server_key_file,
84	SSL_FILETYPE_PEM) != 1) {
85	fprintf(stderr, "FAIL: Failed to load server private key");
86	goto failure;
87	}
88
89	if ((ssl = SSL_new(ssl_ctx)) == NULL)
90	errx(1, "server ssl");
91
92	BIO_up_ref(rbio);
93	BIO_up_ref(wbio);
94
95	SSL_set_bio(ssl, rbio, wbio);
96
97	failure:
98	SSL_CTX_free(ssl_ctx);
99
100	return ssl;
101	}
102
103	static int
104	ssl_error(SSL ssl, const char name, const char *desc, int ssl_ret)
105	{
106	int ssl_err;
107
108	ssl_err = SSL_get_error(ssl, ssl_ret);
109
110	if (ssl_err == SSL_ERROR_WANT_READ) {
111	return 1;
112	} else if (ssl_err == SSL_ERROR_WANT_WRITE) {
113	return 1;
114	} else if (ssl_err == SSL_ERROR_SYSCALL && errno == 0) {
115	/* Yup, this is apparently a thing... */
116	} else {
117	if (tls_client_alert >> 8 == SSL3_AL_FATAL \|\|
118	tls_server_alert >> 8 == SSL3_AL_FATAL) {
119	ERR_clear_error();
120	return 0;
121	}
122	if (tls_client_alert >> 8 == SSL3_AL_WARNING \|\|
123	tls_server_alert >> 8 == SSL3_AL_WARNING) {
124	ERR_clear_error();
125	return 1;
126	}
127	fprintf(stderr, "FAIL: %s %s failed - ssl err = %d, errno = %d\n",
128	name, desc, ssl_err, errno);
129	ERR_print_errors_fp(stderr);
130	return 0;
131	}
132
133	return 1;
134	}
135
136	static int
137	do_connect(SSL ssl, const char name, int *done)
138	{
139	int ssl_ret;
140
141	if ((ssl_ret = SSL_connect(ssl)) == 1) {
142	fprintf(stderr, "INFO: %s connect done\n", name);
143	*done = 1;
144	return 1;
145	}
146
147	return ssl_error(ssl, name, "connect", ssl_ret);
148	}
149
150	static int
151	do_accept(SSL ssl, const char name, int *done)
152	{
153	int ssl_ret;
154
155	if ((ssl_ret = SSL_accept(ssl)) == 1) {
156	fprintf(stderr, "INFO: %s accept done\n", name);
157	*done = 1;
158	return 1;
159	}
160
161	return ssl_error(ssl, name, "accept", ssl_ret);
162	}
163
164	static int
165	do_read(SSL ssl, const char name, int *done)
166	{
167	uint8_t buf[512];
168	int ssl_ret;
169
170	if ((ssl_ret = SSL_read(ssl, buf, sizeof(buf))) > 0) {
171	fprintf(stderr, "INFO: %s read done\n", name);
172	if (debug > 1)
173	hexdump(buf, ssl_ret);
174	*done = 1;
175	return 1;
176	}
177
178	return ssl_error(ssl, name, "read", ssl_ret);
179	}
180
181	static int
182	do_write(SSL ssl, const char name, int *done)
183	{
184	const uint8_t buf[] = "Hello, World!\n";
185	int ssl_ret;
186
187	if ((ssl_ret = SSL_write(ssl, buf, sizeof(buf))) > 0) {
188	fprintf(stderr, "INFO: %s write done\n", name);
189	*done = 1;
190	return 1;
191	}
192
193	return ssl_error(ssl, name, "write", ssl_ret);
194	}
195
196	static int
197	do_shutdown(SSL ssl, const char name, int *done)
198	{
199	int ssl_ret;
200
201	ssl_ret = SSL_shutdown(ssl);
202	if (ssl_ret == 1) {
203	fprintf(stderr, "INFO: %s shutdown done\n", name);
204	*done = 1;
205	return 1;
206	}
207	return ssl_error(ssl, name, "shutdown", ssl_ret);
208	}
209
210	typedef int (ssl_func)(SSL ssl, const char name, int done);
211
212	static int
213	do_client_server_loop(SSL client, ssl_func client_func, SSL server,
214	ssl_func server_func)
215	{
216	int client_done = 0, server_done = 0;
217	int i = 0;
218
219	do {
220	if (!client_done) {
221	if (debug)
222	fprintf(stderr, "DEBUG: client loop\n");
223	if (!client_func(client, "client", &client_done))
224	return 0;
225	}
226	if (!server_done) {
227	if (debug)
228	fprintf(stderr, "DEBUG: server loop\n");
229	if (!server_func(server, "server", &server_done))
230	return 0;
231	}
232	} while (i++ < 100 && (!client_done \|\| !server_done));
233
234	if (!client_done \|\| !server_done)
235	fprintf(stderr, "FAIL: gave up\n");
236
237	return client_done && server_done;
238	}
239
240	struct tls_reneg_test {
241	const unsigned char *desc;
242	int ssl_max_proto_version;
243	long ssl_client_options;
244	long ssl_server_options;
245	int renegotiate_client;
246	int renegotiate_server;
247	int client_ignored;
248	int want_client_alert;
249	int want_server_alert;
250	int want_failure;
251	};
252
253	static const struct tls_reneg_test tls_reneg_tests[] = {
254	{
255	.desc = "TLSv1.2 - Renegotiation permitted, no renegotiation",
256	.ssl_max_proto_version = TLS1_2_VERSION,
257	},
258	{
259	.desc = "TLSv1.2 - Renegotiation permitted, server initiated "
260	"renegotiation",
261	.ssl_max_proto_version = TLS1_2_VERSION,
262	.renegotiate_server = 1,
263	},
264	{
265	.desc = "TLSv1.2 - Renegotiation permitted, client initiated "
266	"renegotiation",
267	.ssl_max_proto_version = TLS1_2_VERSION,
268	.renegotiate_client = 1,
269	},
270	{
271	.desc = "TLSv1.2 - Renegotiation permitted, server and client "
272	"initiated renegotiation",
273	.ssl_max_proto_version = TLS1_2_VERSION,
274	.renegotiate_client = 1,
275	.renegotiate_server = 1,
276	},
277	{
278	.desc = "TLSv1.2 - Client renegotiation not permitted, server "
279	"initiated renegotiation",
280	.ssl_max_proto_version = TLS1_2_VERSION,
281	.ssl_server_options = SSL_OP_NO_CLIENT_RENEGOTIATION,
282	.renegotiate_server = 1,
283	.want_client_alert = SSL3_AL_FATAL << 8 \| SSL_AD_NO_RENEGOTIATION,
284	},
285	{
286	.desc = "TLSv1.2 - Client renegotiation not permitted, client "
287	"initiated renegotiation",
288	.ssl_max_proto_version = TLS1_2_VERSION,
289	.ssl_server_options = SSL_OP_NO_CLIENT_RENEGOTIATION,
290	.renegotiate_client = 1,
291	.want_client_alert = SSL3_AL_FATAL << 8 \| SSL_AD_NO_RENEGOTIATION,
292	},
293	{
294	.desc = "TLSv1.2 - Client renegotiation not permitted, client "
295	"initiated renegotiation",
296	.ssl_max_proto_version = TLS1_2_VERSION,
297	.ssl_server_options = SSL_OP_NO_RENEGOTIATION,
298	.renegotiate_client = 1,
299	.want_client_alert = SSL3_AL_FATAL << 8 \| SSL_AD_NO_RENEGOTIATION,
300	},
301	{
302	.desc = "TLSv1.2 - Server renegotiation not permitted, server "
303	"initiated renegotiation",
304	.ssl_max_proto_version = TLS1_2_VERSION,
305	.ssl_client_options = SSL_OP_NO_RENEGOTIATION,
306	.renegotiate_server = 1,
307	.client_ignored = 1,
308	.want_server_alert = SSL3_AL_WARNING << 8 \| SSL_AD_NO_RENEGOTIATION,
309	},
310	{
311	.desc = "TLSv1.2 - Client renegotiation permitted, client "
312	"initiated renegotiation",
313	.ssl_max_proto_version = TLS1_2_VERSION,
314	.ssl_server_options = SSL_OP_NO_RENEGOTIATION \|
315	SSL_OP_ALLOW_CLIENT_RENEGOTIATION,
316	.renegotiate_client = 1,
317	},
318	{
319	.desc = "TLSv1.2 - Client renegotiation permitted, server "
320	"initiated renegotiation",
321	.ssl_max_proto_version = TLS1_2_VERSION,
322	.ssl_server_options = SSL_OP_ALLOW_CLIENT_RENEGOTIATION,
323	.renegotiate_server = 1,
324	},
325	{
326	.desc = "TLSv1.2 - Client renegotiation permitted, client "
327	"initiated renegotiation",
328	.ssl_max_proto_version = TLS1_2_VERSION,
329	.ssl_server_options = SSL_OP_ALLOW_CLIENT_RENEGOTIATION,
330	.renegotiate_client = 1,
331	},
332	{
333	.desc = "TLSv1.2 - Client renegotiation disabled, client "
334	"initiated renegotiation",
335	.ssl_max_proto_version = TLS1_2_VERSION,
336	.ssl_client_options = SSL_OP_NO_RENEGOTIATION,
337	.renegotiate_client = 1,
338	.want_failure = 1,
339	},
340	{
341	.desc = "TLSv1.2 - Server renegotiation disabled, server "
342	"initiated renegotiation",
343	.ssl_max_proto_version = TLS1_2_VERSION,
344	.ssl_server_options = SSL_OP_NO_RENEGOTIATION,
345	.renegotiate_server = 1,
346	.want_failure = 1,
347	},
348	{
349	.desc = "TLSv1.3 - No renegotiation supported, no renegotiation",
350	.ssl_max_proto_version = TLS1_3_VERSION,
351	},
352	{
353	.desc = "TLSv1.3 - No renegotiation supported, server "
354	"initiated renegotiation",
355	.ssl_max_proto_version = TLS1_3_VERSION,
356	.renegotiate_server = 1,
357	.want_failure = 1,
358	},
359	{
360	.desc = "TLSv1.3 - No renegotiation supported, client "
361	"initiated renegotiation",
362	.ssl_max_proto_version = TLS1_3_VERSION,
363	.renegotiate_client = 1,
364	.want_failure = 1,
365	},
366	};
367
368	#define N_TLS_RENEG_TESTS (sizeof(tls_reneg_tests) / sizeof(*tls_reneg_tests))
369
370	static void
371	tls_client_info_callback(const SSL *ssl, int where, int value)
372	{
373	if (where == SSL_CB_READ_ALERT) {
374	fprintf(stderr, "INFO: client read %s alert - %s\n",
375	SSL_alert_type_string_long(value),
376	SSL_alert_desc_string_long(value));
377	tls_client_alert = value;
378	}
379	}
380
381	static void
382	tls_server_info_callback(const SSL *ssl, int where, int value)
383	{
384	if (where == SSL_CB_READ_ALERT) {
385	fprintf(stderr, "INFO: server read %s alert - %s\n",
386	SSL_alert_type_string_long(value),
387	SSL_alert_desc_string_long(value));
388	tls_server_alert = value;
389	}
390	}
391
392	static int
393	tls_check_reneg(SSL client, SSL server, int client_pending,
394	int server_pending, long client_num_reneg, long server_num_reneg)
395	{
396	if (debug) {
397	fprintf(stderr, "DEBUG: client - pending = %d, num reneg = %ld\n",
398	SSL_renegotiate_pending(client), SSL_num_renegotiations(client));
399	fprintf(stderr, "DEBUG: server - pending = %d, num reneg = %ld\n",
400	SSL_renegotiate_pending(server), SSL_num_renegotiations(server));
401	}
402
403	if (SSL_renegotiate_pending(client) != client_pending) {
404	fprintf(stderr, "FAIL: client SSL_renegotiate_pending() = %d, want %d\n",
405	SSL_renegotiate_pending(client), client_pending);
406	return 0;
407	}
408	if (SSL_renegotiate_pending(server) != server_pending) {
409	fprintf(stderr, "FAIL: server SSL_renegotiate_pending() = %d, want %d\n",
410	SSL_renegotiate_pending(server), server_pending);
411	return 0;
412	}
413	if (SSL_num_renegotiations(client) != client_num_reneg) {
414	fprintf(stderr, "FAIL: client SSL_num_renegotiations() = %ld, want %ld\n",
415	SSL_num_renegotiations(client), client_num_reneg);
416	return 0;
417	}
418	if (SSL_num_renegotiations(server) != server_num_reneg) {
419	fprintf(stderr, "FAIL: server SSL_num_renegotiations() = %ld, want %ld\n",
420	SSL_num_renegotiations(server), server_num_reneg);
421	return 0;
422	}
423	return 1;
424	}
425
426	static int
427	tls_reneg_test(const struct tls_reneg_test *trt)
428	{
429	BIO client_wbio = NULL, server_wbio = NULL;
430	SSL client = NULL, server = NULL;
431	int failed = 1;
432
433	fprintf(stderr, "\n== Testing %s... ==\n", trt->desc);
434
435	if ((client_wbio = BIO_new(BIO_s_mem())) == NULL)
436	goto failure;
437	if (BIO_set_mem_eof_return(client_wbio, -1) <= 0)
438	goto failure;
439
440	if ((server_wbio = BIO_new(BIO_s_mem())) == NULL)
441	goto failure;
442	if (BIO_set_mem_eof_return(server_wbio, -1) <= 0)
443	goto failure;
444
445	if ((client = tls_client(server_wbio, client_wbio)) == NULL)
446	goto failure;
447
448	SSL_set_options(client, trt->ssl_client_options);
449	SSL_set_info_callback(client, tls_client_info_callback);
450
451	if ((server = tls_server(client_wbio, server_wbio)) == NULL)
452	goto failure;
453
454	SSL_set_options(server, trt->ssl_server_options);
455	SSL_set_info_callback(server, tls_server_info_callback);
456
457	if (!SSL_set_max_proto_version(server, trt->ssl_max_proto_version))
458	goto failure;
459
460	tls_client_alert = 0;
461	tls_server_alert = 0;
462
463	if (!do_client_server_loop(client, do_connect, server, do_accept)) {
464	fprintf(stderr, "FAIL: client and server handshake failed\n");
465	goto failure;
466	}
467
468	if (!do_client_server_loop(client, do_write, server, do_read)) {
469	fprintf(stderr, "FAIL: client write and server read failed\n");
470	goto failure;
471	}
472
473	if (!do_client_server_loop(client, do_read, server, do_write)) {
474	fprintf(stderr, "FAIL: client read and server write failed\n");
475	goto failure;
476	}
477
478	if (!tls_check_reneg(client, server, 0, 0, 0, 0))
479	goto failure;
480
481	if (trt->renegotiate_server) {
482	/*
483	* Trigger renegotiation from the server - this results in the
484	* server sending a HelloRequest, then waiting for the client to
485	* respond with a ClientHello.
486	*/
487	if (!SSL_renegotiate(server)) {
488	if (!trt->want_failure) {
489	fprintf(stderr, "FAIL: server renegotiation failed\n");
490	goto failure;
491	}
492	goto done;
493	}
494	if (trt->want_failure) {
495	fprintf(stderr, "FAIL: server renegotiation should have failed\n");
496	goto failure;
497	}
498
499	if (!tls_check_reneg(client, server, 0, 1, 0, 0))
500	goto failure;
501
502	if (!do_client_server_loop(client, do_read, server, do_write)) {
503	fprintf(stderr, "FAIL: client read and server write failed\n");
504	goto failure;
505	}
506
507	if (!tls_check_reneg(client, server, (trt->client_ignored == 0), 1,
508	(trt->client_ignored == 0), 1))
509	goto failure;
510
511	if (!do_client_server_loop(client, do_write, server, do_read)) {
512	if (!trt->want_client_alert && !trt->want_server_alert) {
513	fprintf(stderr, "FAIL: client write and server read failed\n");
514	goto failure;
515	}
516	if (tls_client_alert != trt->want_client_alert) {
517	fprintf(stderr, "FAIL: client alert = %x, want %x\n",
518	tls_client_alert, trt->want_client_alert);
519	goto failure;
520	}
521	if (tls_server_alert != trt->want_server_alert) {
522	fprintf(stderr, "FAIL: server alert = %x, want %x\n",
523	tls_server_alert, trt->want_server_alert);
524	goto failure;
525	}
526	goto done;
527	}
528	if (tls_client_alert != trt->want_client_alert) {
529	fprintf(stderr, "FAIL: client alert = %x, want %x\n",
530	tls_client_alert, trt->want_client_alert);
531	goto failure;
532	}
533	if (tls_server_alert != trt->want_server_alert) {
534	fprintf(stderr, "FAIL: server alert = %x, want %x\n",
535	tls_server_alert, trt->want_server_alert);
536	goto failure;
537	}
538
539	if (!tls_check_reneg(client, server, 0, (trt->client_ignored != 0),
540	(trt->client_ignored == 0), 1))
541	goto failure;
542	}
543
544	SSL_clear_num_renegotiations(client);
545	SSL_clear_num_renegotiations(server);
546
547	tls_client_alert = 0;
548	tls_server_alert = 0;
549
550	if (trt->renegotiate_client) {
551	/*
552	* Trigger renegotiation from the client - this results in the
553	* client sending a ClientHello.
554	*/
555	if (!SSL_renegotiate(client)) {
556	if (!trt->want_failure) {
557	fprintf(stderr, "FAIL: client renegotiation failed\n");
558	goto failure;
559	}
560	goto done;
561	}
562	if (trt->want_failure) {
563	fprintf(stderr, "FAIL: client renegotiation should have failed\n");
564	goto failure;
565	}
566
567	if (!tls_check_reneg(client, server, 1, 0, 0, 0))
568	goto failure;
569
570	if (!do_client_server_loop(client, do_read, server, do_write)) {
571	fprintf(stderr, "FAIL: client read and server write failed\n");
572	goto failure;
573	}
574
575	if (!tls_check_reneg(client, server, 1, 0, 1, 0))
576	goto failure;
577
578	if (!do_client_server_loop(client, do_write, server, do_read)) {
579	if (!trt->want_client_alert && !trt->want_server_alert) {
580	fprintf(stderr, "FAIL: client write and server read failed\n");
581	goto failure;
582	}
583	if (tls_client_alert != trt->want_client_alert) {
584	fprintf(stderr, "FAIL: client alert = %x, want %x\n",
585	tls_client_alert, trt->want_client_alert);
586	goto failure;
587	}
588	if (tls_server_alert != trt->want_server_alert) {
589	fprintf(stderr, "FAIL: server alert = %x, want %x\n",
590	tls_server_alert, trt->want_server_alert);
591	goto failure;
592	}
593	goto done;
594	}
595	if (tls_client_alert != trt->want_client_alert) {
596	fprintf(stderr, "FAIL: client alert = %x, want %x\n",
597	tls_client_alert, trt->want_client_alert);
598	goto failure;
599	}
600	if (tls_server_alert != trt->want_server_alert) {
601	fprintf(stderr, "FAIL: server alert = %x, want %x\n",
602	tls_server_alert, trt->want_server_alert);
603	goto failure;
604	}
605
606	if (!tls_check_reneg(client, server, 0, 0, 1, 0))
607	goto failure;
608	}
609
610	if (!do_client_server_loop(client, do_shutdown, server, do_shutdown)) {
611	fprintf(stderr, "FAIL: client and server shutdown failed\n");
612	goto failure;
613	}
614
615	done:
616	fprintf(stderr, "INFO: Done!\n");
617
618	failed = 0;
619
620	failure:
621	BIO_free(client_wbio);
622	BIO_free(server_wbio);
623
624	SSL_free(client);
625	SSL_free(server);
626
627	return failed;
628	}
629
630	int
631	main(int argc, char **argv)
632	{
633	int failed = 0;
634	size_t i;
635
636	if (argc != 4) {
637	fprintf(stderr, "usage: %s keyfile certfile cafile\n",
638	argv[0]);
639	exit(1);
640	}
641
642	server_key_file = argv[1];
643	server_cert_file = argv[2];
644	server_ca_file = argv[3];
645
646	for (i = 0; i < N_TLS_RENEG_TESTS; i++)
647	failed \|= tls_reneg_test(&tls_reneg_tests[i]);
648
649	return failed;
650	}