|
- /* Copyright (c) 2018, Google Inc.
- *
- * Permission to use, copy, modify, and/or distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
- * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
- * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
- * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
-
- #include "handshake_util.h"
-
- #include <assert.h>
-
- #include <functional>
-
- #include "async_bio.h"
- #include "packeted_bio.h"
- #include "test_config.h"
- #include "test_state.h"
-
- #include <openssl/ssl.h>
-
- using namespace bssl;
-
- bool RetryAsync(SSL *ssl, int ret) {
- // No error; don't retry.
- if (ret >= 0) {
- return false;
- }
-
- TestState *test_state = GetTestState(ssl);
- assert(GetTestConfig(ssl)->async);
-
- if (test_state->packeted_bio != nullptr &&
- PacketedBioAdvanceClock(test_state->packeted_bio)) {
- // The DTLS retransmit logic silently ignores write failures. So the test
- // may progress, allow writes through synchronously.
- AsyncBioEnforceWriteQuota(test_state->async_bio, false);
- int timeout_ret = DTLSv1_handle_timeout(ssl);
- AsyncBioEnforceWriteQuota(test_state->async_bio, true);
-
- if (timeout_ret < 0) {
- fprintf(stderr, "Error retransmitting.\n");
- return false;
- }
- return true;
- }
-
- // See if we needed to read or write more. If so, allow one byte through on
- // the appropriate end to maximally stress the state machine.
- switch (SSL_get_error(ssl, ret)) {
- case SSL_ERROR_WANT_READ:
- AsyncBioAllowRead(test_state->async_bio, 1);
- return true;
- case SSL_ERROR_WANT_WRITE:
- AsyncBioAllowWrite(test_state->async_bio, 1);
- return true;
- case SSL_ERROR_WANT_CHANNEL_ID_LOOKUP: {
- UniquePtr<EVP_PKEY> pkey =
- LoadPrivateKey(GetTestConfig(ssl)->send_channel_id);
- if (!pkey) {
- return false;
- }
- test_state->channel_id = std::move(pkey);
- return true;
- }
- case SSL_ERROR_WANT_X509_LOOKUP:
- test_state->cert_ready = true;
- return true;
- case SSL_ERROR_PENDING_SESSION:
- test_state->session = std::move(test_state->pending_session);
- return true;
- case SSL_ERROR_PENDING_CERTIFICATE:
- test_state->early_callback_ready = true;
- return true;
- case SSL_ERROR_WANT_PRIVATE_KEY_OPERATION:
- test_state->private_key_retries++;
- return true;
- case SSL_ERROR_WANT_CERTIFICATE_VERIFY:
- test_state->custom_verify_ready = true;
- return true;
- default:
- return false;
- }
- }
-
- int CheckIdempotentError(const char *name, SSL *ssl,
- std::function<int()> func) {
- int ret = func();
- int ssl_err = SSL_get_error(ssl, ret);
- uint32_t err = ERR_peek_error();
- if (ssl_err == SSL_ERROR_SSL || ssl_err == SSL_ERROR_ZERO_RETURN) {
- int ret2 = func();
- int ssl_err2 = SSL_get_error(ssl, ret2);
- uint32_t err2 = ERR_peek_error();
- if (ret != ret2 || ssl_err != ssl_err2 || err != err2) {
- fprintf(stderr, "Repeating %s did not replay the error.\n", name);
- char buf[256];
- ERR_error_string_n(err, buf, sizeof(buf));
- fprintf(stderr, "Wanted: %d %d %s\n", ret, ssl_err, buf);
- ERR_error_string_n(err2, buf, sizeof(buf));
- fprintf(stderr, "Got: %d %d %s\n", ret2, ssl_err2, buf);
- // runner treats exit code 90 as always failing. Otherwise, it may
- // accidentally consider the result an expected protocol failure.
- exit(90);
- }
- }
- return ret;
- }
-
- // MoveBIOs moves the |BIO|s of |src| to |dst|. It is used for handoff.
- static void MoveBIOs(SSL *dest, SSL *src) {
- BIO *rbio = SSL_get_rbio(src);
- BIO_up_ref(rbio);
- SSL_set0_rbio(dest, rbio);
-
- BIO *wbio = SSL_get_wbio(src);
- BIO_up_ref(wbio);
- SSL_set0_wbio(dest, wbio);
-
- SSL_set0_rbio(src, nullptr);
- SSL_set0_wbio(src, nullptr);
- }
-
- static bool HandoffReady(SSL *ssl, int ret) {
- return ret < 0 && SSL_get_error(ssl, ret) == SSL_ERROR_HANDOFF;
- }
-
- static bool HandbackReady(SSL *ssl, int ret) {
- return ret < 0 && SSL_get_error(ssl, ret) == SSL_ERROR_HANDBACK;
- }
-
- bool DoSplitHandshake(UniquePtr<SSL> *ssl_uniqueptr, SettingsWriter *writer,
- bool is_resume) {
- SSL *ssl = ssl_uniqueptr->get();
- SSL_set_handoff_mode(ssl, 1);
-
- const TestConfig *config = GetTestConfig(ssl);
- int ret = -1;
- do {
- ret = CheckIdempotentError("SSL_do_handshake", ssl,
- [&]() -> int { return SSL_do_handshake(ssl); });
- } while (!HandoffReady(ssl, ret) &&
- config->async &&
- RetryAsync(ssl, ret));
-
- ScopedCBB cbb;
- Array<uint8_t> handoff;
- if (!HandoffReady(ssl, ret) ||
- !CBB_init(cbb.get(), 512) ||
- !SSL_serialize_handoff(ssl, cbb.get()) ||
- !CBBFinishArray(cbb.get(), &handoff) ||
- !writer->WriteHandoff(handoff)) {
- fprintf(stderr, "Handoff failed.\n");
- return false;
- }
-
- UniquePtr<SSL_CTX> ctx = config->SetupCtx(ssl->ctx.get());
- if (!ctx) {
- return false;
- }
- UniquePtr<SSL> ssl_handshaker =
- config->NewSSL(ctx.get(), nullptr, false, nullptr);
- if (!ssl_handshaker) {
- return false;
- }
- MoveBIOs(ssl_handshaker.get(), ssl);
-
- if (!MoveTestState(ssl_handshaker.get(), ssl) ||
- !SSL_apply_handoff(ssl_handshaker.get(), handoff)) {
- fprintf(stderr, "Handoff application failed.\n");
- return false;
- }
-
- do {
- ret = CheckIdempotentError(
- "SSL_do_handshake", ssl_handshaker.get(),
- [&]() -> int { return SSL_do_handshake(ssl_handshaker.get()); });
- } while (config->async && RetryAsync(ssl_handshaker.get(), ret));
-
- Array<uint8_t> handback;
- if (!HandbackReady(ssl_handshaker.get(), ret) ||
- !CBB_init(cbb.get(), 512) ||
- !SSL_serialize_handback(ssl_handshaker.get(), cbb.get()) ||
- !CBBFinishArray(cbb.get(), &handback) ||
- !writer->WriteHandback(handback)) {
- fprintf(stderr, "Handback failed.\n");
- return false;
- }
-
- UniquePtr<SSL> ssl_handback =
- config->NewSSL(ctx.get(), nullptr, false, nullptr);
- if (!ssl_handback) {
- return false;
- }
- MoveBIOs(ssl_handback.get(), ssl_handshaker.get());
-
- if (!MoveTestState(ssl_handback.get(), ssl_handshaker.get()) ||
- !SSL_apply_handback(ssl_handback.get(), handback)) {
- fprintf(stderr, "Handback application failed.\n");
- return false;
- }
-
- *ssl_uniqueptr = std::move(ssl_handback);
- return true;
- }
|