Add a test for renegotiation on busy write buffer.

The write path for TLS is going to need some work. There are some fiddly cases when there is a write in progress. Start adding tests to cover this logic. Later I'm hoping we can extend this flag so it drains the unfinished write and thus test the interaction of read/write paths in 0-RTT. (We may discover 1-RTT keys while we're in the middle of writing data.) Change-Id: Iac2c417e4b5e84794fb699dd7cbba26a883b64ef Reviewed-on: https://boringssl-review.googlesource.com/13049 Reviewed-by: Adam Langley <agl@google.com>
2017-01-01 23:19:22 -05:00 · 2017-01-01 23:19:22 -05:00 · a1eaba1dc6
commit a1eaba1dc6
parent f53e390962
4 changed files with 33 additions and 0 deletions
--- a/ssl/test/bssl_shim.cc
+++ b/ssl/test/bssl_shim.cc
@ -1760,6 +1760,19 @@ static bool DoExchange(bssl::UniquePtr<SSL_SESSION> *out_session,
      }
    }
  } else {
+    if (config->read_with_unfinished_write) {
+      if (!config->async) {
+        fprintf(stderr, "-read-with-unfinished-write requires -async.\n");
+        return false;
+      }
+
+      int write_ret = SSL_write(ssl.get(),
+                          reinterpret_cast<const uint8_t *>("unfinished"), 10);
+      if (SSL_get_error(ssl.get(), write_ret) != SSL_ERROR_WANT_WRITE) {
+        fprintf(stderr, "Failed to leave unfinished write.\n");
+        return false;
+      }
+    }
    if (config->shim_writes_first) {
      if (WriteAll(ssl.get(), reinterpret_cast<const uint8_t *>("hello"),
                   5) < 0) {
--- a/ssl/test/runner/runner.go
+++ b/ssl/test/runner/runner.go
@ -6262,6 +6262,24 @@ func addRenegotiationTests() {
 		expectedLocalError: "remote error: no renegotiation",
 	})

+	// Renegotiation is not allowed when there is an unfinished write.
+	testCases = append(testCases, testCase{
+		name: "Renegotiate-Client-UnfinishedWrite",
+		config: Config{
+			MaxVersion: VersionTLS12,
+		},
+		renegotiate: 1,
+		flags: []string{
+			"-async",
+			"-renegotiate-freely",
+			"-read-with-unfinished-write",
+		},
+		shouldFail:    true,
+		expectedError: ":NO_RENEGOTIATION:",
+		// We do not successfully send the no_renegotiation alert in
+		// this case. https://crbug.com/boringssl/130
+	})
+
 	// Stray HelloRequests during the handshake are ignored in TLS 1.2.
 	testCases = append(testCases, testCase{
 		name: "StrayHelloRequest",
--- a/ssl/test/test_config.cc
+++ b/ssl/test/test_config.cc
@ -116,6 +116,7 @@ const Flag<bool> kBoolFlags[] = {
  { "-expect-sha256-client-cert-resume",
    &TestConfig::expect_sha256_client_cert_resume },
  { "-enable-short-header", &TestConfig::enable_short_header },
+  { "-read-with-unfinished-write", &TestConfig::read_with_unfinished_write },
 };

 const Flag<std::string> kStringFlags[] = {
--- a/ssl/test/test_config.h
+++ b/ssl/test/test_config.h
@ -124,6 +124,7 @@ struct TestConfig {
  bool expect_sha256_client_cert_initial = false;
  bool expect_sha256_client_cert_resume = false;
  bool enable_short_header = false;
+  bool read_with_unfinished_write = false;
 };

 bool ParseConfig(int argc, char **argv, TestConfig *out_config);