Newer
Older
/*
* Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <openssl/opensslconf.h>
#include <openssl/bio.h>
#include <openssl/crypto.h>
#include <openssl/ssl.h>
#include "test_main_custom.h"
static char *cert = NULL;
static char *privkey = NULL;
#define LOG_BUFFER_SIZE 1024
static char server_log_buffer[LOG_BUFFER_SIZE + 1] = {0};
static int server_log_buffer_index = 0;
static char client_log_buffer[LOG_BUFFER_SIZE + 1] = {0};
static int client_log_buffer_index = 0;
static int error_writing_log = 0;
static const unsigned char orespder[] = "Dummy OCSP Response";
static int ocsp_server_called = 0;
static int ocsp_client_called = 0;
static int cdummyarg = 1;
static X509 *ocspcert = NULL;
/*
* This structure is used to validate that the correct number of log messages
* of various types are emitted when emitting secret logs.
*/
struct sslapitest_log_counts {
unsigned int rsa_key_exchange_count;
unsigned int master_secret_count;
unsigned int client_handshake_secret_count;
unsigned int server_handshake_secret_count;
unsigned int client_application_secret_count;
unsigned int server_application_secret_count;
};
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
static void client_keylog_callback(const SSL *ssl, const char *line) {
int line_length = strlen(line);
/* If the log doesn't fit, error out. */
if ((client_log_buffer_index + line_length) > LOG_BUFFER_SIZE) {
printf("No room in client log\n");
error_writing_log = 1;
return;
}
strcat(client_log_buffer, line);
client_log_buffer_index += line_length;
client_log_buffer[client_log_buffer_index] = '\n';
client_log_buffer_index += 1;
return;
}
static void server_keylog_callback(const SSL *ssl, const char *line) {
int line_length = strlen(line);
/* If the log doesn't fit, error out. */
if ((server_log_buffer_index + line_length) > LOG_BUFFER_SIZE) {
printf("No room in server log\n");
error_writing_log = 1;
return;
}
strcat(server_log_buffer, line);
server_log_buffer_index += line_length;
server_log_buffer[server_log_buffer_index] = '\n';
server_log_buffer_index += 1;
return;
}
static int compare_hex_encoded_buffer(const char *hex_encoded,
size_t hex_length,
const uint8_t *raw,
size_t raw_length) {
size_t i;
size_t j;
/* One byte too big, just to be safe. */
char hexed[3] = {0};
if ((raw_length * 2) != hex_length) {
printf("Inconsistent hex encoded lengths.\n");
return 1;
}
for (i = j = 0; (i < raw_length) && ((j + 1) < hex_length); i++) {
sprintf(hexed, "%02x", raw[i]);
if ((hexed[0] != hex_encoded[j]) || (hexed[1] != hex_encoded[j + 1])) {
printf("Hex output does not match.\n");
return 1;
}
j += 2;
}
return 0;
}
static int test_keylog_output(char *buffer, const SSL *ssl,
const SSL_SESSION *session,
struct sslapitest_log_counts *expected) {
char *token = NULL;
unsigned char actual_client_random[SSL3_RANDOM_SIZE] = {0};
size_t client_random_size = SSL3_RANDOM_SIZE;
unsigned char actual_master_key[SSL_MAX_MASTER_KEY_LENGTH] = {0};
size_t master_key_size = SSL_MAX_MASTER_KEY_LENGTH;
unsigned int rsa_key_exchange_count = 0;
unsigned int master_secret_count = 0;
unsigned int client_handshake_secret_count = 0;
unsigned int server_handshake_secret_count = 0;
unsigned int client_application_secret_count = 0;
unsigned int server_application_secret_count = 0;
token = strtok(buffer, " \n");
while (token) {
if (strcmp(token, "RSA") == 0) {
/*
* Premaster secret. Tokens should be: 16 ASCII bytes of
* hex-encoded encrypted secret, then the hex-encoded pre-master
* secret.
*/
token = strtok(NULL, " \n");
if (!token) {
printf("Unexpectedly short premaster secret log.\n");
}
if (strlen(token) != 16) {
printf("Bad value for encrypted secret: %s\n", token);
}
token = strtok(NULL, " \n");
if (!token) {
printf("Unexpectedly short premaster secret log.\n");
/*
* We can't sensibly check the log because the premaster secret is
* transient, and OpenSSL doesn't keep hold of it once the master
* secret is generated.
*/
rsa_key_exchange_count++;
} else if (strcmp(token, "CLIENT_RANDOM") == 0) {
/*
* Master secret. Tokens should be: 64 ASCII bytes of hex-encoded
* client random, then the hex-encoded master secret.
*/
client_random_size = SSL_get_client_random(ssl,
actual_client_random,
SSL3_RANDOM_SIZE);
if (client_random_size != SSL3_RANDOM_SIZE) {
printf("Unexpected short client random.\n");
}
token = strtok(NULL, " \n");
if (!token) {
printf("Unexpected short master secret log.\n");
}
if (strlen(token) != 64) {
printf("Bad value for client random: %s\n", token);
}
if (compare_hex_encoded_buffer(token, 64, actual_client_random,
client_random_size)) {
printf("Bad value for client random: %s\n", token);
}
token = strtok(NULL, " \n");
if (!token) {
printf("Unexpectedly short master secret log.\n");
}
master_key_size = SSL_SESSION_get_master_key(session,
actual_master_key,
master_key_size);
if (!master_key_size) {
printf("Error getting master key to compare.\n");
}
if (compare_hex_encoded_buffer(token, strlen(token),
actual_master_key,
master_key_size)) {
printf("Bad value for master key: %s\n", token);
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
return 0;
}
master_secret_count++;
} else if ((strcmp(token, "CLIENT_HANDSHAKE_TRAFFIC_SECRET") == 0) ||
(strcmp(token, "SERVER_HANDSHAKE_TRAFFIC_SECRET") == 0) ||
(strcmp(token, "CLIENT_TRAFFIC_SECRET_0") == 0) ||
(strcmp(token, "SERVER_TRAFFIC_SECRET_0") == 0)) {
/*
* TLSv1.3 secret. Tokens should be: 64 ASCII bytes of hex-encoded
* client random, and then the hex-encoded secret. In this case,
* we treat all of these secrets identically and then just
* distinguish between them when counting what we saw.
*/
if (strcmp(token, "CLIENT_HANDSHAKE_TRAFFIC_SECRET") == 0)
client_handshake_secret_count++;
else if (strcmp(token, "SERVER_HANDSHAKE_TRAFFIC_SECRET") == 0)
server_handshake_secret_count++;
else if (strcmp(token, "CLIENT_TRAFFIC_SECRET_0") == 0)
client_application_secret_count++;
else if (strcmp(token, "SERVER_TRAFFIC_SECRET_0") == 0)
server_application_secret_count++;
client_random_size = SSL_get_client_random(ssl,
actual_client_random,
SSL3_RANDOM_SIZE);
if (client_random_size != SSL3_RANDOM_SIZE) {
printf("Unexpected short client random.\n");
return 0;
}
token = strtok(NULL, " \n");
if (!token) {
printf("Unexpected short client handshake secret log.\n");
return 0;
}
if (strlen(token) != 64) {
printf("Bad value for client random: %s\n", token);
return 0;
}
if (compare_hex_encoded_buffer(token, 64, actual_client_random,
client_random_size)) {
printf("Bad value for client random: %s\n", token);
return 0;
token = strtok(NULL, " \n");
if (!token) {
printf("Unexpectedly short master secret log.\n");
return 0;
}
/*
* TODO(TLS1.3): test that application traffic secrets are what
* we expect */
} else {
printf("Unexpected token in buffer: %s\n", token);
}
token = strtok(NULL, " \n");
}
/* Return whether we got what we expected. */
return ((rsa_key_exchange_count == expected->rsa_key_exchange_count) &&
(master_secret_count == expected->master_secret_count) &&
(client_handshake_secret_count == expected->client_handshake_secret_count) &&
(server_handshake_secret_count == expected->server_handshake_secret_count) &&
(client_application_secret_count == expected->client_application_secret_count) &&
(server_application_secret_count == expected->server_application_secret_count));
}
static int test_keylog(void) {
SSL_CTX *cctx = NULL, *sctx = NULL;
SSL *clientssl = NULL, *serverssl = NULL;
int testresult = 0;
struct sslapitest_log_counts expected = {0};
/* Clean up logging space */
memset(client_log_buffer, 0, LOG_BUFFER_SIZE + 1);
memset(server_log_buffer, 0, LOG_BUFFER_SIZE + 1);
client_log_buffer_index = 0;
server_log_buffer_index = 0;
error_writing_log = 0;
if (!create_ssl_ctx_pair(TLS_server_method(), TLS_client_method(), &sctx,
&cctx, cert, privkey)) {
printf("Unable to create SSL_CTX pair\n");
return 0;
}
/* We cannot log the master secret for TLSv1.3, so we should forbid it. */
SSL_CTX_set_options(cctx, SSL_OP_NO_TLSv1_3);
SSL_CTX_set_options(sctx, SSL_OP_NO_TLSv1_3);
/* We also want to ensure that we use RSA-based key exchange. */
rc = SSL_CTX_set_cipher_list(cctx, "RSA");
if (rc == 0) {
printf("Unable to restrict to RSA key exchange.\n");
goto end;
}
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
if (SSL_CTX_get_keylog_callback(cctx)) {
printf("Unexpected initial value for client "
"SSL_CTX_get_keylog_callback()\n");
goto end;
}
if (SSL_CTX_get_keylog_callback(sctx)) {
printf("Unexpected initial value for server "
"SSL_CTX_get_keylog_callback()\n");
goto end;
}
SSL_CTX_set_keylog_callback(cctx, client_keylog_callback);
SSL_CTX_set_keylog_callback(sctx, server_keylog_callback);
if (SSL_CTX_get_keylog_callback(cctx) != client_keylog_callback) {
printf("Unexpected set value for client "
"SSL_CTX_get_keylog_callback()\n");
}
if (SSL_CTX_get_keylog_callback(sctx) != server_keylog_callback) {
printf("Unexpected set value for server "
"SSL_CTX_get_keylog_callback()\n");
}
/* Now do a handshake and check that the logs have been written to. */
if (!create_ssl_objects(sctx, cctx, &serverssl, &clientssl, NULL, NULL)) {
printf("Unable to create SSL objects\n");
goto end;
}
if (!create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE)) {
printf("Unable to create SSL connection\n");
goto end;
}
if (error_writing_log) {
printf("Error encountered while logging\n");
goto end;
}
if ((client_log_buffer_index == 0) || (server_log_buffer_index == 0)) {
printf("No logs written\n");
goto end;
}
/*
* Now we want to test that our output data was vaguely sensible. We
* do that by using strtok and confirming that we have more or less the
* data we expect. For both client and server, we expect to see one master
* secret. The client should also see a RSA key exchange.
expected.rsa_key_exchange_count = 1;
expected.master_secret_count = 1;
if (!test_keylog_output(client_log_buffer, clientssl,
SSL_get_session(clientssl), &expected)) {
printf("Error encountered in client log buffer\n");
goto end;
}
expected.rsa_key_exchange_count = 0;
if (!test_keylog_output(server_log_buffer, serverssl,
SSL_get_session(serverssl), &expected)) {
printf("Error encountered in server log buffer\n");
goto end;
}
testresult = 1;
end:
SSL_free(serverssl);
SSL_free(clientssl);
SSL_CTX_free(sctx);
SSL_CTX_free(cctx);
return testresult;
}
#ifndef OPENSSL_NO_TLS1_3
static int test_keylog_no_master_key(void) {
SSL_CTX *cctx = NULL, *sctx = NULL;
SSL *clientssl = NULL, *serverssl = NULL;
int testresult = 0;
struct sslapitest_log_counts expected = {0};
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
/* Clean up logging space */
memset(client_log_buffer, 0, LOG_BUFFER_SIZE + 1);
memset(server_log_buffer, 0, LOG_BUFFER_SIZE + 1);
client_log_buffer_index = 0;
server_log_buffer_index = 0;
error_writing_log = 0;
if (!create_ssl_ctx_pair(TLS_server_method(), TLS_client_method(), &sctx,
&cctx, cert, privkey)) {
printf("Unable to create SSL_CTX pair\n");
return 0;
}
if (SSL_CTX_get_keylog_callback(cctx)) {
printf("Unexpected initial value for client "
"SSL_CTX_get_keylog_callback()\n");
goto end;
}
if (SSL_CTX_get_keylog_callback(sctx)) {
printf("Unexpected initial value for server "
"SSL_CTX_get_keylog_callback()\n");
goto end;
}
SSL_CTX_set_keylog_callback(cctx, client_keylog_callback);
SSL_CTX_set_keylog_callback(sctx, server_keylog_callback);
if (SSL_CTX_get_keylog_callback(cctx) != client_keylog_callback) {
printf("Unexpected set value for client "
"SSL_CTX_get_keylog_callback()\n");
}
if (SSL_CTX_get_keylog_callback(sctx) != server_keylog_callback) {
printf("Unexpected set value for server "
"SSL_CTX_get_keylog_callback()\n");
}
/* Now do a handshake and check that the logs have been written to. */
if (!create_ssl_objects(sctx, cctx, &serverssl, &clientssl, NULL, NULL)) {
printf("Unable to create SSL objects\n");
goto end;
}
if (!create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE)) {
printf("Unable to create SSL connection\n");
goto end;
}
if (error_writing_log) {
printf("Error encountered while logging\n");
goto end;
}
/*
* Now we want to test that our output data was vaguely sensible. For this
* test, we expect no CLIENT_RANDOM entry becuase it doesn't make sense for
* TLSv1.3, but we do expect both client and server to emit keys.
expected.client_handshake_secret_count = 1;
expected.server_handshake_secret_count = 1;
expected.client_application_secret_count = 1;
expected.server_application_secret_count = 1;
if (!test_keylog_output(client_log_buffer, clientssl,
SSL_get_session(clientssl), &expected)) {
printf("Error encountered in client log buffer\n");
goto end;
}
if (!test_keylog_output(server_log_buffer, serverssl,
SSL_get_session(serverssl), &expected)) {
printf("Error encountered in server log buffer\n");
goto end;
}
testresult = 1;
end:
SSL_free(serverssl);
SSL_free(clientssl);
SSL_CTX_free(sctx);
SSL_CTX_free(cctx);
return testresult;
}
#endif
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
static int full_early_callback(SSL *s, int *al, void *arg)
{
int *ctr = arg;
const unsigned char *p;
/* We only configure two ciphers, but the SCSV is added automatically. */
#ifdef OPENSSL_NO_EC
const unsigned char expected_ciphers[] = {0x00, 0x9d, 0x00, 0xff};
#else
const unsigned char expected_ciphers[] = {0x00, 0x9d, 0xc0,
0x2c, 0x00, 0xff};
#endif
size_t len;
/* Make sure we can defer processing and get called back. */
if ((*ctr)++ == 0)
return -1;
len = SSL_early_get0_ciphers(s, &p);
if (len != sizeof(expected_ciphers) ||
memcmp(p, expected_ciphers, len) != 0) {
printf("Early callback expected ciphers mismatch\n");
return 0;
}
len = SSL_early_get0_compression_methods(s, &p);
if (len != 1 || *p != 0) {
printf("Early callback expected comperssion methods mismatch\n");
return 0;
}
return 1;
}
static int test_early_cb(void) {
SSL_CTX *cctx = NULL, *sctx = NULL;
SSL *clientssl = NULL, *serverssl = NULL;
int testctr = 0, testresult = 0;
if (!create_ssl_ctx_pair(TLS_server_method(), TLS_client_method(), &sctx,
&cctx, cert, privkey)) {
printf("Unable to create SSL_CTX pair\n");
goto end;
}
SSL_CTX_set_early_cb(sctx, full_early_callback, &testctr);
/* The gimpy cipher list we configure can't do TLS 1.3. */
SSL_CTX_set_max_proto_version(cctx, TLS1_2_VERSION);
if (!SSL_CTX_set_cipher_list(cctx,
"AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384")) {
printf("Failed to set cipher list\n");
goto end;
}
if (!create_ssl_objects(sctx, cctx, &serverssl, &clientssl, NULL, NULL)) {
printf("Unable to create SSL objects\n");
goto end;
}
if (create_ssl_connection(serverssl, clientssl, SSL_ERROR_WANT_EARLY)) {
printf("Creating SSL connection succeeded with async early return\n");
goto end;
}
/* Passing a -1 literal is a hack since the real value was lost. */
if (SSL_get_error(serverssl, -1) != SSL_ERROR_WANT_EARLY) {
printf("Early callback failed to make state SSL_ERROR_WANT_EARLY\n");
goto end;
}
if (!create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE)) {
printf("Restarting SSL connection failed\n");
goto end;
}
testresult = 1;
end:
SSL_free(serverssl);
SSL_free(clientssl);
SSL_CTX_free(sctx);
SSL_CTX_free(cctx);
return testresult;
}
static int execute_test_large_message(const SSL_METHOD *smeth,
{
SSL_CTX *cctx = NULL, *sctx = NULL;
SSL *clientssl = NULL, *serverssl = NULL;
int testresult = 0;
int i;
BIO *certbio = BIO_new_file(cert, "r");
X509 *chaincert = NULL;
int certlen;
if (certbio == NULL) {
printf("Can't load the certficate file\n");
goto end;
}
chaincert = PEM_read_bio_X509(certbio, NULL, NULL, NULL);
BIO_free(certbio);
certbio = NULL;
if (chaincert == NULL) {
printf("Unable to load certificate for chain\n");
goto end;
}
if (!create_ssl_ctx_pair(smeth, cmeth, &sctx,
&cctx, cert, privkey)) {
printf("Unable to create SSL_CTX pair\n");
goto end;
}
if(read_ahead) {
/*
* Test that read_ahead works correctly when dealing with large
* records
*/
SSL_CTX_set_read_ahead(cctx, 1);
}
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
/*
* We assume the supplied certificate is big enough so that if we add
* NUM_EXTRA_CERTS it will make the overall message large enough. The
* default buffer size is requested to be 16k, but due to the way BUF_MEM
* works, it ends up allocing a little over 21k (16 * 4/3). So, in this test
* we need to have a message larger than that.
*/
certlen = i2d_X509(chaincert, NULL);
OPENSSL_assert((certlen * NUM_EXTRA_CERTS)
> ((SSL3_RT_MAX_PLAIN_LENGTH * 4) / 3));
for (i = 0; i < NUM_EXTRA_CERTS; i++) {
if (!X509_up_ref(chaincert)) {
printf("Unable to up ref cert\n");
goto end;
}
if (!SSL_CTX_add_extra_chain_cert(sctx, chaincert)) {
printf("Unable to add extra chain cert %d\n", i);
X509_free(chaincert);
goto end;
}
}
if (!create_ssl_objects(sctx, cctx, &serverssl, &clientssl, NULL, NULL)) {
printf("Unable to create SSL objects\n");
goto end;
}
if (!create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE)) {
printf("Unable to create SSL connection\n");
goto end;
}
/*
* Calling SSL_clear() first is not required but this tests that SSL_clear()
* doesn't leak (when using enable-crypto-mdebug).
*/
if (!SSL_clear(serverssl)) {
printf("Unexpected failure from SSL_clear()\n");
goto end;
}
end:
X509_free(chaincert);
SSL_free(serverssl);
SSL_free(clientssl);
SSL_CTX_free(sctx);
SSL_CTX_free(cctx);
return testresult;
}
static int test_large_message_tls(void)
{
return execute_test_large_message(TLS_server_method(), TLS_client_method(),
0);
}
static int test_large_message_tls_read_ahead(void)
{
return execute_test_large_message(TLS_server_method(), TLS_client_method(),
1);
static int test_large_message_dtls(void)
{
/*
* read_ahead is not relevant to DTLS because DTLS always acts as if
* read_ahead is set.
*/
return execute_test_large_message(DTLS_server_method(),
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
static int ocsp_server_cb(SSL *s, void *arg)
{
int *argi = (int *)arg;
unsigned char *orespdercopy = NULL;
STACK_OF(OCSP_RESPID) *ids = NULL;
OCSP_RESPID *id = NULL;
if (*argi == 2) {
/* In this test we are expecting exactly 1 OCSP_RESPID */
SSL_get_tlsext_status_ids(s, &ids);
if (ids == NULL || sk_OCSP_RESPID_num(ids) != 1)
return SSL_TLSEXT_ERR_ALERT_FATAL;
id = sk_OCSP_RESPID_value(ids, 0);
if (id == NULL || !OCSP_RESPID_match(id, ocspcert))
return SSL_TLSEXT_ERR_ALERT_FATAL;
} else if (*argi != 1) {
return SSL_TLSEXT_ERR_ALERT_FATAL;
}
orespdercopy = OPENSSL_memdup(orespder, sizeof(orespder));
if (orespdercopy == NULL)
return SSL_TLSEXT_ERR_ALERT_FATAL;
SSL_set_tlsext_status_ocsp_resp(s, orespdercopy, sizeof(orespder));
ocsp_server_called = 1;
return SSL_TLSEXT_ERR_OK;
}
static int ocsp_client_cb(SSL *s, void *arg)
{
int *argi = (int *)arg;
const unsigned char *respderin;
size_t len;
if (*argi != 1 && *argi != 2)
return 0;
len = SSL_get_tlsext_status_ocsp_resp(s, &respderin);
if (memcmp(orespder, respderin, len) != 0)
return 0;
ocsp_client_called = 1;
return 1;
}
static int test_tlsext_status_type(void)
{
SSL_CTX *cctx = NULL, *sctx = NULL;
SSL *clientssl = NULL, *serverssl = NULL;
STACK_OF(OCSP_RESPID) *ids = NULL;
OCSP_RESPID *id = NULL;
BIO *certbio = NULL;
if (!create_ssl_ctx_pair(TLS_server_method(), TLS_client_method(), &sctx,
&cctx, cert, privkey)) {
printf("Unable to create SSL_CTX pair\n");
return 0;
}
if (SSL_CTX_get_tlsext_status_type(cctx) != -1) {
printf("Unexpected initial value for "
"SSL_CTX_get_tlsext_status_type()\n");
goto end;
}
/* First just do various checks getting and setting tlsext_status_type */
clientssl = SSL_new(cctx);
if (SSL_get_tlsext_status_type(clientssl) != -1) {
printf("Unexpected initial value for SSL_get_tlsext_status_type()\n");
goto end;
}
if (!SSL_set_tlsext_status_type(clientssl, TLSEXT_STATUSTYPE_ocsp)) {
printf("Unexpected fail for SSL_set_tlsext_status_type()\n");
goto end;
}
if (SSL_get_tlsext_status_type(clientssl) != TLSEXT_STATUSTYPE_ocsp) {
printf("Unexpected result for SSL_get_tlsext_status_type()\n");
goto end;
}
if (!SSL_CTX_set_tlsext_status_type(cctx, TLSEXT_STATUSTYPE_ocsp)) {
printf("Unexpected fail for SSL_CTX_set_tlsext_status_type()\n");
goto end;
}
if (SSL_CTX_get_tlsext_status_type(cctx) != TLSEXT_STATUSTYPE_ocsp) {
printf("Unexpected result for SSL_CTX_get_tlsext_status_type()\n");
goto end;
}
if (SSL_get_tlsext_status_type(clientssl) != TLSEXT_STATUSTYPE_ocsp) {
printf("Unexpected result for SSL_get_tlsext_status_type() (test 2)\n");
goto end;
}
SSL_free(clientssl);
clientssl = NULL;
/*
* Now actually do a handshake and check OCSP information is exchanged and
* the callbacks get called
*/
SSL_CTX_set_tlsext_status_cb(cctx, ocsp_client_cb);
SSL_CTX_set_tlsext_status_arg(cctx, &cdummyarg);
SSL_CTX_set_tlsext_status_cb(sctx, ocsp_server_cb);
SSL_CTX_set_tlsext_status_arg(sctx, &cdummyarg);
if (!create_ssl_objects(sctx, cctx, &serverssl, &clientssl, NULL, NULL)) {
printf("Unable to create SSL objects\n");
goto end;
}
if (!create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE)) {
printf("Unable to create SSL connection\n");
goto end;
}
if (!ocsp_client_called || !ocsp_server_called) {
printf("OCSP callbacks not called\n");
goto end;
}
SSL_free(serverssl);
SSL_free(clientssl);
serverssl = NULL;
clientssl = NULL;
/* Try again but this time force the server side callback to fail */
ocsp_client_called = 0;
ocsp_server_called = 0;
cdummyarg = 0;
if (!create_ssl_objects(sctx, cctx, &serverssl, &clientssl, NULL, NULL)) {
printf("Unable to create SSL objects\n");
goto end;
}
/* This should fail because the callback will fail */
if (create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE)) {
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
printf("Unexpected success creating the connection\n");
goto end;
}
if (ocsp_client_called || ocsp_server_called) {
printf("OCSP callbacks successfully called unexpectedly\n");
goto end;
}
SSL_free(serverssl);
SSL_free(clientssl);
serverssl = NULL;
clientssl = NULL;
/*
* This time we'll get the client to send an OCSP_RESPID that it will
* accept.
*/
ocsp_client_called = 0;
ocsp_server_called = 0;
cdummyarg = 2;
if (!create_ssl_objects(sctx, cctx, &serverssl, &clientssl, NULL, NULL)) {
printf("Unable to create SSL objects\n");
goto end;
}
/*
* We'll just use any old cert for this test - it doesn't have to be an OCSP
* specifc one. We'll use the server cert.
*/
certbio = BIO_new_file(cert, "r");
if (certbio == NULL) {
printf("Can't load the certficate file\n");
goto end;
}
id = OCSP_RESPID_new();
ids = sk_OCSP_RESPID_new_null();
ocspcert = PEM_read_bio_X509(certbio, NULL, NULL, NULL);
if (id == NULL || ids == NULL || ocspcert == NULL
|| !OCSP_RESPID_set_by_key(id, ocspcert)
|| !sk_OCSP_RESPID_push(ids, id)) {
printf("Unable to set OCSP_RESPIDs\n");
goto end;
}
id = NULL;
SSL_set_tlsext_status_ids(clientssl, ids);
/* Control has been transferred */
ids = NULL;
BIO_free(certbio);
certbio = NULL;
if (!create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE)) {
printf("Unable to create SSL connection\n");
goto end;
}
if (!ocsp_client_called || !ocsp_server_called) {
printf("OCSP callbacks not called\n");
goto end;
}
SSL_free(serverssl);
SSL_free(clientssl);
SSL_CTX_free(sctx);
SSL_CTX_free(cctx);
sk_OCSP_RESPID_pop_free(ids, OCSP_RESPID_free);
OCSP_RESPID_free(id);
BIO_free(certbio);
X509_free(ocspcert);
ocspcert = NULL;
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
typedef struct ssl_session_test_fixture {
const char *test_case_name;
int use_ext_cache;
int use_int_cache;
} SSL_SESSION_TEST_FIXTURE;
static int new_called = 0, remove_called = 0;
static SSL_SESSION_TEST_FIXTURE
ssl_session_set_up(const char *const test_case_name)
{
SSL_SESSION_TEST_FIXTURE fixture;
fixture.test_case_name = test_case_name;
fixture.use_ext_cache = 1;
fixture.use_int_cache = 1;
new_called = remove_called = 0;
return fixture;
}
static void ssl_session_tear_down(SSL_SESSION_TEST_FIXTURE fixture)
{
}
static int new_session_cb(SSL *ssl, SSL_SESSION *sess)
{
new_called++;
return 1;
}
static void remove_session_cb(SSL_CTX *ctx, SSL_SESSION *sess)
{
remove_called++;
}
static int execute_test_session(SSL_SESSION_TEST_FIXTURE fix)
{
SSL_CTX *sctx = NULL, *cctx = NULL;
SSL *serverssl1 = NULL, *clientssl1 = NULL;
SSL *serverssl2 = NULL, *clientssl2 = NULL;
SSL_SESSION *sess1 = NULL, *sess2 = NULL;
int testresult = 0;
if (!create_ssl_ctx_pair(TLS_server_method(), TLS_client_method(), &sctx,
&cctx, cert, privkey)) {
printf("Unable to create SSL_CTX pair\n");
return 0;
}
#ifndef OPENSSL_NO_TLS1_2
/* Only allow TLS1.2 so we can force a connection failure later */
SSL_CTX_set_min_proto_version(cctx, TLS1_2_VERSION);
#endif
/* Set up session cache */
if (fix.use_ext_cache) {
SSL_CTX_sess_set_new_cb(cctx, new_session_cb);
SSL_CTX_sess_set_remove_cb(cctx, remove_session_cb);
}
if (fix.use_int_cache) {
/* Also covers instance where both are set */
SSL_CTX_set_session_cache_mode(cctx, SSL_SESS_CACHE_CLIENT);
} else {
SSL_CTX_set_session_cache_mode(cctx,
SSL_SESS_CACHE_CLIENT
| SSL_SESS_CACHE_NO_INTERNAL_STORE);
}
if (!create_ssl_objects(sctx, cctx, &serverssl1, &clientssl1, NULL,
printf("Unable to create SSL objects\n");
goto end;
}
if (!create_ssl_connection(serverssl1, clientssl1, SSL_ERROR_NONE)) {
printf("Unable to create SSL connection\n");
goto end;
}
sess1 = SSL_get1_session(clientssl1);
if (sess1 == NULL) {
printf("Unexpected NULL session\n");