@@ -35,7 +35,7 @@
#include "scoped_types.h"
#include "test_config.h"
static int u sage(const char *program) {
static int U sage(const char *program) {
fprintf(stderr, "Usage: %s [flags...]\n", program);
return 1;
}
@@ -110,10 +110,10 @@ static bool InstallCertificate(SSL *ssl) {
return true;
}
static int early_callback_called = 0;
static int g_ early_callback_called = 0;
static int select_certificate_c allback(const struct ssl_early_callback_ctx *ctx) {
early_callback_called = 1;
static int SelectCertificateC allback(const struct ssl_early_callback_ctx *ctx) {
g_ early_callback_called = 1;
const TestConfig *config = GetConfigPtr(ctx->ssl);
@@ -153,47 +153,40 @@ static int select_certificate_callback(const struct ssl_early_callback_ctx *ctx)
return 1;
}
static int skip_v erify(int preverify_ok, X509_STORE_CTX *store_ctx) {
static int SkipV erify(int preverify_ok, X509_STORE_CTX *store_ctx) {
return 1;
}
static int next_protos_advertised_callback(SSL *ssl,
const uint8_t **out,
unsigned int *out_len,
void *arg) {
static int NextProtosAdvertisedCallback(SSL *ssl, const uint8_t **out,
unsigned int *out_len, void *arg) {
const TestConfig *config = GetConfigPtr(ssl);
if (config->advertise_npn.empty())
if (config->advertise_npn.empty()) {
return SSL_TLSEXT_ERR_NOACK;
}
*out = (const uint8_t*)config->advertise_npn.data();
*out_len = config->advertise_npn.size();
return SSL_TLSEXT_ERR_OK;
}
static int next_proto_select_callback(SSL* ssl,
uint8_t** out,
uint8_t* outlen,
const uint8_t* in,
unsigned inlen,
void* arg) {
static int NextProtoSelectCallback(SSL* ssl, uint8_t** out, uint8_t* outlen,
const uint8_t* in, unsigned inlen, void* arg) {
const TestConfig *config = GetConfigPtr(ssl);
if (config->select_next_proto.empty())
if (config->select_next_proto.empty()) {
return SSL_TLSEXT_ERR_NOACK;
}
*out = (uint8_t*)config->select_next_proto.data();
*outlen = config->select_next_proto.size();
return SSL_TLSEXT_ERR_OK;
}
static int alpn_select_callback(SSL* ssl,
const uint8_t** out,
uint8_t* outlen,
const uint8_t* in,
unsigned inlen,
void* arg) {
static int AlpnSelectCallback(SSL* ssl, const uint8_t** out, uint8_t* outlen,
const uint8_t* in, unsigned inlen, void* arg) {
const TestConfig *config = GetConfigPtr(ssl);
if (config->select_alpn.empty())
if (config->select_alpn.empty()) {
return SSL_TLSEXT_ERR_NOACK;
}
if (!config->expected_advertised_alpn.empty() &&
(config->expected_advertised_alpn.size() != inlen ||
@@ -208,7 +201,8 @@ static int alpn_select_callback(SSL* ssl,
return SSL_TLSEXT_ERR_OK;
}
static int cookie_generate_callback(SSL *ssl, uint8_t *cookie, size_t *cookie_len) {
static int CookieGenerateCallback(SSL *ssl, uint8_t *cookie,
size_t *cookie_len) {
if (*cookie_len < 32) {
fprintf(stderr, "Insufficient space for cookie\n");
return 0;
@@ -218,7 +212,8 @@ static int cookie_generate_callback(SSL *ssl, uint8_t *cookie, size_t *cookie_le
return 1;
}
static int cookie_verify_callback(SSL *ssl, const uint8_t *cookie, size_t cookie_len) {
static int CookieVerifyCallback(SSL *ssl, const uint8_t *cookie,
size_t cookie_len) {
if (cookie_len != 32) {
fprintf(stderr, "Cookie length mismatch.\n");
return 0;
@@ -232,10 +227,10 @@ static int cookie_verify_callback(SSL *ssl, const uint8_t *cookie, size_t cookie
return 1;
}
static unsigned psk_client_c allback(SSL *ssl, const char *hint,
char *out_identity,
unsigned max_identity_len,
uint8_t *out_psk, unsigned max_psk_len) {
static unsigned PskClientC allback(SSL *ssl, const char *hint,
char *out_identity,
unsigned max_identity_len,
uint8_t *out_psk, unsigned max_psk_len) {
const TestConfig *config = GetConfigPtr(ssl);
if (strcmp(hint ? hint : "", config->psk_identity.c_str()) != 0) {
@@ -256,8 +251,8 @@ static unsigned psk_client_callback(SSL *ssl, const char *hint,
return config->psk.size();
}
static unsigned psk_server_c allback(SSL *ssl, const char *identity,
uint8_t *out_psk, unsigned max_psk_len) {
static unsigned PskServerC allback(SSL *ssl, const char *identity,
uint8_t *out_psk, unsigned max_psk_len) {
const TestConfig *config = GetConfigPtr(ssl);
if (strcmp(identity, config->psk_identity.c_str()) != 0) {
@@ -274,15 +269,15 @@ static unsigned psk_server_callback(SSL *ssl, const char *identity,
return config->psk.size();
}
static void current_time_cb (SSL *ssl, OPENSSL_timeval *out_clock) {
static void CurrentTimeCallback (SSL *ssl, OPENSSL_timeval *out_clock) {
*out_clock = *GetClockPtr(ssl);
}
static void channel_id_c allback(SSL *ssl, EVP_PKEY **out_pkey) {
static void ChannelIdC allback(SSL *ssl, EVP_PKEY **out_pkey) {
*out_pkey = GetAsyncState(ssl)->channel_id.release();
}
static int cert_c allback(SSL *ssl, void *arg) {
static int CertC allback(SSL *ssl, void *arg) {
if (!GetAsyncState(ssl)->cert_ready) {
return -1;
}
@@ -292,8 +287,8 @@ static int cert_callback(SSL *ssl, void *arg) {
return 1;
}
static SSL_SESSION *get_session_c allback(SSL *ssl, uint8_t *data, int len,
int *copy) {
static SSL_SESSION *GetSessionC allback(SSL *ssl, uint8_t *data, int len,
int *copy) {
AsyncState *async_state = GetAsyncState(ssl);
if (async_state->session) {
*copy = 0;
@@ -305,7 +300,7 @@ static SSL_SESSION *get_session_callback(SSL *ssl, uint8_t *data, int len,
}
}
static ScopedSSL_CTX setup_c tx(const TestConfig *config) {
static ScopedSSL_CTX SetupC tx(const TestConfig *config) {
ScopedSSL_CTX ssl_ctx(SSL_CTX_new(
config->is_dtls ? DTLS_method() : TLS_method()));
if (!ssl_ctx) {
@@ -338,37 +333,37 @@ static ScopedSSL_CTX setup_ctx(const TestConfig *config) {
// we use an external session cache.
SSL_CTX_set_session_cache_mode(
ssl_ctx.get(), SSL_SESS_CACHE_BOTH | SSL_SESS_CACHE_NO_INTERNAL);
SSL_CTX_sess_set_get_cb(ssl_ctx.get(), get_session_c allback);
SSL_CTX_sess_set_get_cb(ssl_ctx.get(), GetSessionC allback);
} else {
SSL_CTX_set_session_cache_mode(ssl_ctx.get(), SSL_SESS_CACHE_BOTH);
}
ssl_ctx->select_certificate_cb = select_certificate_c allback;
ssl_ctx->select_certificate_cb = SelectCertificateC allback;
SSL_CTX_set_next_protos_advertised_cb(
ssl_ctx.get(), next_protos_advertised_c allback, NULL);
ssl_ctx.get(), NextProtosAdvertisedC allback, NULL);
if (!config->select_next_proto.empty()) {
SSL_CTX_set_next_proto_select_cb(ssl_ctx.get(), next_proto_select_c allback,
SSL_CTX_set_next_proto_select_cb(ssl_ctx.get(), NextProtoSelectC allback,
NULL);
}
if (!config->select_alpn.empty()) {
SSL_CTX_set_alpn_select_cb(ssl_ctx.get(), alpn_select_c allback, NULL);
SSL_CTX_set_alpn_select_cb(ssl_ctx.get(), AlpnSelectC allback, NULL);
}
SSL_CTX_set_cookie_generate_cb(ssl_ctx.get(), cookie_generate_c allback);
SSL_CTX_set_cookie_verify_cb(ssl_ctx.get(), cookie_verify_c allback);
SSL_CTX_set_cookie_generate_cb(ssl_ctx.get(), CookieGenerateC allback);
SSL_CTX_set_cookie_verify_cb(ssl_ctx.get(), CookieVerifyC allback);
ssl_ctx->tlsext_channel_id_enabled_new = 1;
SSL_CTX_set_channel_id_cb(ssl_ctx.get(), channel_id_c allback);
SSL_CTX_set_channel_id_cb(ssl_ctx.get(), ChannelIdC allback);
ssl_ctx->current_time_cb = current_time_cb ;
ssl_ctx->current_time_cb = CurrentTimeCallback ;
return ssl_ctx;
}
static int retry_a sync(SSL *ssl, int ret, BIO *async,
OPENSSL_timeval *clock_delta) {
static int RetryA sync(SSL *ssl, int ret, BIO *async,
OPENSSL_timeval *clock_delta) {
// No error; don't retry.
if (ret >= 0) {
return 0;
@@ -394,10 +389,10 @@ static int retry_async(SSL *ssl, int ret, BIO *async,
// the appropriate end to maximally stress the state machine.
switch (SSL_get_error(ssl, ret)) {
case SSL_ERROR_WANT_READ:
async_bio_allow_r ead(async, 1);
AsyncBioAllowR ead(async, 1);
return 1;
case SSL_ERROR_WANT_WRITE:
async_bio_allow_w rite(async, 1);
AsyncBioAllowW rite(async, 1);
return 1;
case SSL_ERROR_WANT_CHANNEL_ID_LOOKUP:
GetAsyncState(ssl)->channel_id =
@@ -415,13 +410,10 @@ static int retry_async(SSL *ssl, int ret, BIO *async,
}
}
static int do_exchange(ScopedSSL_SESSION *out_session,
SSL_CTX *ssl_ctx,
const TestConfig *config,
bool is_resume,
int fd,
SSL_SESSION *session) {
early_callback_called = 0;
static int DoExchange(ScopedSSL_SESSION *out_session, SSL_CTX *ssl_ctx,
const TestConfig *config, bool is_resume,
int fd, SSL_SESSION *session) {
g_early_callback_called = 0;
OPENSSL_timeval clock = {0}, clock_delta = {0};
ScopedSSL ssl(SSL_new(ssl_ctx));
@@ -446,14 +438,14 @@ static int do_exchange(ScopedSSL_SESSION *out_session,
if (config->async) {
// TODO(davidben): Also test |s->ctx->client_cert_cb| on the client and
// |s->ctx->select_certificate_cb| on the server.
SSL_set_cert_cb(ssl.get(), cert_c allback, NULL);
SSL_set_cert_cb(ssl.get(), CertC allback, NULL);
} else if (!InstallCertificate(ssl.get())) {
BIO_print_errors_fp(stdout);
return 1;
}
if (config->require_any_client_certificate) {
SSL_set_verify(ssl.get(), SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
skip_v erify);
SkipV erify);
}
if (config->false_start) {
SSL_set_mode(ssl.get(), SSL_MODE_HANDSHAKE_CUTTHROUGH);
@@ -491,7 +483,7 @@ static int do_exchange(ScopedSSL_SESSION *out_session,
if (!config->send_channel_id.empty()) {
SSL_enable_tls_channel_id(ssl.get());
if (!config->async) {
// The async case will be supplied by |channel_id_c allback|.
// The async case will be supplied by |ChannelIdC allback|.
ScopedEVP_PKEY pkey = LoadPrivateKey(config->send_channel_id);
if (!pkey || !SSL_set1_tls_channel_id(ssl.get(), pkey.get())) {
BIO_print_errors_fp(stdout);
@@ -507,8 +499,8 @@ static int do_exchange(ScopedSSL_SESSION *out_session,
config->advertise_alpn.size());
}
if (!config->psk.empty()) {
SSL_set_psk_client_callback(ssl.get(), psk_client_c allback);
SSL_set_psk_server_callback(ssl.get(), psk_server_c allback);
SSL_set_psk_client_callback(ssl.get(), PskClientC allback);
SSL_set_psk_server_callback(ssl.get(), PskServerC allback);
}
if (!config->psk_identity.empty() &&
!SSL_use_psk_identity_hint(ssl.get(), config->psk_identity.c_str())) {
@@ -548,14 +540,14 @@ static int do_exchange(ScopedSSL_SESSION *out_session,
return 1;
}
if (config->is_dtls) {
ScopedBIO packeted = packeted_bio_c reate(&clock_delta);
ScopedBIO packeted = PacketedBioC reate(&clock_delta);
BIO_push(packeted.get(), bio.release());
bio = std::move(packeted);
}
BIO *async = NULL;
if (config->async) {
ScopedBIO async_scoped =
config->is_dtls ? async_bio_create_datagram() : async_bio_c reate();
config->is_dtls ? AsyncBioCreateDatagram() : AsyncBioC reate();
BIO_push(async_scoped.get(), bio.release());
async = async_scoped.get();
bio = std::move(async_scoped);
@@ -591,7 +583,7 @@ static int do_exchange(ScopedSSL_SESSION *out_session,
} else {
ret = SSL_connect(ssl.get());
}
} while (config->async && retry_a sync(ssl.get(), ret, async, &clock_delta));
} while (config->async && RetryA sync(ssl.get(), ret, async, &clock_delta));
if (ret != 1) {
BIO_print_errors_fp(stdout);
return 2;
@@ -613,7 +605,7 @@ static int do_exchange(ScopedSSL_SESSION *out_session,
return 2;
}
if (!early_callback_called) {
if (!g_ early_callback_called) {
fprintf(stderr, "early callback not called\n");
return 2;
}
@@ -755,7 +747,7 @@ static int do_exchange(ScopedSSL_SESSION *out_session,
if (w > 0) {
off += (size_t) w;
}
} while ((config->async && retry_a sync(ssl.get(), w, async, &clock_delta)) ||
} while ((config->async && RetryA sync(ssl.get(), w, async, &clock_delta)) ||
(w > 0 && off < len));
if (w < 0 || off != len) {
@@ -768,14 +760,14 @@ static int do_exchange(ScopedSSL_SESSION *out_session,
int w;
do {
w = SSL_write(ssl.get(), "hello", 5);
} while (config->async && retry_a sync(ssl.get(), w, async, &clock_delta));
} while (config->async && RetryA sync(ssl.get(), w, async, &clock_delta));
}
for (;;) {
uint8_t buf[512];
int n;
do {
n = SSL_read(ssl.get(), buf, sizeof(buf));
} while (config->async && retry_a sync(ssl.get(), n, async, &clock_delta));
} while (config->async && RetryA sync(ssl.get(), n, async, &clock_delta));
int err = SSL_get_error(ssl.get(), n);
if (err == SSL_ERROR_ZERO_RETURN ||
(n == 0 && err == SSL_ERROR_SYSCALL)) {
@@ -783,8 +775,8 @@ static int do_exchange(ScopedSSL_SESSION *out_session,
fprintf(stderr, "Invalid SSL_get_error output\n");
return 3;
}
/* Accept shutdowns with or without close_notify.
* TODO(davidben): Write tests which distinguish these two cases. */
// Accept shutdowns with or without close_notify.
// TODO(davidben): Write tests which distinguish these two cases.
break;
} else if (err != SSL_ERROR_NONE) {
if (n > 0) {
@@ -794,7 +786,7 @@ static int do_exchange(ScopedSSL_SESSION *out_session,
BIO_print_errors_fp(stdout);
return 3;
}
/* Successfully read data. */
// Successfully read data.
if (n <= 0) {
fprintf(stderr, "Invalid SSL_get_error output\n");
return 3;
@@ -805,7 +797,7 @@ static int do_exchange(ScopedSSL_SESSION *out_session,
int w;
do {
w = SSL_write(ssl.get(), buf, n);
} while (config->async && retry_a sync(ssl.get(), w, async, &clock_delta));
} while (config->async && RetryA sync(ssl.get(), w, async, &clock_delta));
if (w != n) {
BIO_print_errors_fp(stdout);
return 4;
@@ -838,25 +830,25 @@ int main(int argc, char **argv) {
TestConfig config;
if (!ParseConfig(argc - 1, argv + 1, &config)) {
return u sage(argv[0]);
return U sage(argv[0]);
}
ScopedSSL_CTX ssl_ctx = setup_c tx(&config);
ScopedSSL_CTX ssl_ctx = SetupC tx(&config);
if (!ssl_ctx) {
BIO_print_errors_fp(stdout);
return 1;
}
ScopedSSL_SESSION session;
int ret = do_e xchange(&session, ssl_ctx.get(), &config, false /* is_resume */,
3 /* fd */, NULL /* session */);
int ret = DoE xchange(&session, ssl_ctx.get(), &config, false /* is_resume */,
3 /* fd */, NULL /* session */);
if (ret != 0) {
return ret;
}
if (config.resume) {
ret = do_e xchange(NULL, ssl_ctx.get(), &config, true /* is_resume */,
4 /* fd */, session.get());
ret = DoE xchange(NULL, ssl_ctx.get(), &config, true /* is_resume */,
4 /* fd */, session.get());
if (ret != 0) {
return ret;
}