1 /* 2 * Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the Apache License 2.0 (the "License"). You may not use 5 * this file except in compliance with the License. You can obtain a copy 6 * in the file LICENSE in the source distribution or at 7 * https://www.openssl.org/source/license.html 8 */ 9 10 #include <string.h> 11 12 #include "internal/nelem.h" 13 #include "ssltestlib.h" 14 #include "../testutil.h" 15 #include "e_os.h" /* for ossl_sleep() etc. */ 16 17 #ifdef OPENSSL_SYS_UNIX 18 # include <unistd.h> 19 # ifndef OPENSSL_NO_KTLS 20 # include <netinet/in.h> 21 # include <netinet/in.h> 22 # include <arpa/inet.h> 23 # include <sys/socket.h> 24 # include <unistd.h> 25 # include <fcntl.h> 26 # endif 27 #endif 28 29 static int tls_dump_new(BIO *bi); 30 static int tls_dump_free(BIO *a); 31 static int tls_dump_read(BIO *b, char *out, int outl); 32 static int tls_dump_write(BIO *b, const char *in, int inl); 33 static long tls_dump_ctrl(BIO *b, int cmd, long num, void *ptr); 34 static int tls_dump_gets(BIO *bp, char *buf, int size); 35 static int tls_dump_puts(BIO *bp, const char *str); 36 37 /* Choose a sufficiently large type likely to be unused for this custom BIO */ 38 #define BIO_TYPE_TLS_DUMP_FILTER (0x80 | BIO_TYPE_FILTER) 39 #define BIO_TYPE_MEMPACKET_TEST 0x81 40 #define BIO_TYPE_ALWAYS_RETRY 0x82 41 42 static BIO_METHOD *method_tls_dump = NULL; 43 static BIO_METHOD *meth_mem = NULL; 44 static BIO_METHOD *meth_always_retry = NULL; 45 46 /* Note: Not thread safe! */ 47 const BIO_METHOD *bio_f_tls_dump_filter(void) 48 { 49 if (method_tls_dump == NULL) { 50 method_tls_dump = BIO_meth_new(BIO_TYPE_TLS_DUMP_FILTER, 51 "TLS dump filter"); 52 if ( method_tls_dump == NULL 53 || !BIO_meth_set_write(method_tls_dump, tls_dump_write) 54 || !BIO_meth_set_read(method_tls_dump, tls_dump_read) 55 || !BIO_meth_set_puts(method_tls_dump, tls_dump_puts) 56 || !BIO_meth_set_gets(method_tls_dump, tls_dump_gets) 57 || !BIO_meth_set_ctrl(method_tls_dump, tls_dump_ctrl) 58 || !BIO_meth_set_create(method_tls_dump, tls_dump_new) 59 || !BIO_meth_set_destroy(method_tls_dump, tls_dump_free)) 60 return NULL; 61 } 62 return method_tls_dump; 63 } 64 65 void bio_f_tls_dump_filter_free(void) 66 { 67 BIO_meth_free(method_tls_dump); 68 } 69 70 static int tls_dump_new(BIO *bio) 71 { 72 BIO_set_init(bio, 1); 73 return 1; 74 } 75 76 static int tls_dump_free(BIO *bio) 77 { 78 BIO_set_init(bio, 0); 79 80 return 1; 81 } 82 83 static void copy_flags(BIO *bio) 84 { 85 int flags; 86 BIO *next = BIO_next(bio); 87 88 flags = BIO_test_flags(next, BIO_FLAGS_SHOULD_RETRY | BIO_FLAGS_RWS); 89 BIO_clear_flags(bio, BIO_FLAGS_SHOULD_RETRY | BIO_FLAGS_RWS); 90 BIO_set_flags(bio, flags); 91 } 92 93 #define RECORD_CONTENT_TYPE 0 94 #define RECORD_VERSION_HI 1 95 #define RECORD_VERSION_LO 2 96 #define RECORD_EPOCH_HI 3 97 #define RECORD_EPOCH_LO 4 98 #define RECORD_SEQUENCE_START 5 99 #define RECORD_SEQUENCE_END 10 100 #define RECORD_LEN_HI 11 101 #define RECORD_LEN_LO 12 102 103 #define MSG_TYPE 0 104 #define MSG_LEN_HI 1 105 #define MSG_LEN_MID 2 106 #define MSG_LEN_LO 3 107 #define MSG_SEQ_HI 4 108 #define MSG_SEQ_LO 5 109 #define MSG_FRAG_OFF_HI 6 110 #define MSG_FRAG_OFF_MID 7 111 #define MSG_FRAG_OFF_LO 8 112 #define MSG_FRAG_LEN_HI 9 113 #define MSG_FRAG_LEN_MID 10 114 #define MSG_FRAG_LEN_LO 11 115 116 117 static void dump_data(const char *data, int len) 118 { 119 int rem, i, content, reclen, msglen, fragoff, fraglen, epoch; 120 unsigned char *rec; 121 122 printf("---- START OF PACKET ----\n"); 123 124 rem = len; 125 rec = (unsigned char *)data; 126 127 while (rem > 0) { 128 if (rem != len) 129 printf("*\n"); 130 printf("*---- START OF RECORD ----\n"); 131 if (rem < DTLS1_RT_HEADER_LENGTH) { 132 printf("*---- RECORD TRUNCATED ----\n"); 133 break; 134 } 135 content = rec[RECORD_CONTENT_TYPE]; 136 printf("** Record Content-type: %d\n", content); 137 printf("** Record Version: %02x%02x\n", 138 rec[RECORD_VERSION_HI], rec[RECORD_VERSION_LO]); 139 epoch = (rec[RECORD_EPOCH_HI] << 8) | rec[RECORD_EPOCH_LO]; 140 printf("** Record Epoch: %d\n", epoch); 141 printf("** Record Sequence: "); 142 for (i = RECORD_SEQUENCE_START; i <= RECORD_SEQUENCE_END; i++) 143 printf("%02x", rec[i]); 144 reclen = (rec[RECORD_LEN_HI] << 8) | rec[RECORD_LEN_LO]; 145 printf("\n** Record Length: %d\n", reclen); 146 147 /* Now look at message */ 148 rec += DTLS1_RT_HEADER_LENGTH; 149 rem -= DTLS1_RT_HEADER_LENGTH; 150 if (content == SSL3_RT_HANDSHAKE) { 151 printf("**---- START OF HANDSHAKE MESSAGE FRAGMENT ----\n"); 152 if (epoch > 0) { 153 printf("**---- HANDSHAKE MESSAGE FRAGMENT ENCRYPTED ----\n"); 154 } else if (rem < DTLS1_HM_HEADER_LENGTH 155 || reclen < DTLS1_HM_HEADER_LENGTH) { 156 printf("**---- HANDSHAKE MESSAGE FRAGMENT TRUNCATED ----\n"); 157 } else { 158 printf("*** Message Type: %d\n", rec[MSG_TYPE]); 159 msglen = (rec[MSG_LEN_HI] << 16) | (rec[MSG_LEN_MID] << 8) 160 | rec[MSG_LEN_LO]; 161 printf("*** Message Length: %d\n", msglen); 162 printf("*** Message sequence: %d\n", 163 (rec[MSG_SEQ_HI] << 8) | rec[MSG_SEQ_LO]); 164 fragoff = (rec[MSG_FRAG_OFF_HI] << 16) 165 | (rec[MSG_FRAG_OFF_MID] << 8) 166 | rec[MSG_FRAG_OFF_LO]; 167 printf("*** Message Fragment offset: %d\n", fragoff); 168 fraglen = (rec[MSG_FRAG_LEN_HI] << 16) 169 | (rec[MSG_FRAG_LEN_MID] << 8) 170 | rec[MSG_FRAG_LEN_LO]; 171 printf("*** Message Fragment len: %d\n", fraglen); 172 if (fragoff + fraglen > msglen) 173 printf("***---- HANDSHAKE MESSAGE FRAGMENT INVALID ----\n"); 174 else if (reclen < fraglen) 175 printf("**---- HANDSHAKE MESSAGE FRAGMENT TRUNCATED ----\n"); 176 else 177 printf("**---- END OF HANDSHAKE MESSAGE FRAGMENT ----\n"); 178 } 179 } 180 if (rem < reclen) { 181 printf("*---- RECORD TRUNCATED ----\n"); 182 rem = 0; 183 } else { 184 rec += reclen; 185 rem -= reclen; 186 printf("*---- END OF RECORD ----\n"); 187 } 188 } 189 printf("---- END OF PACKET ----\n\n"); 190 fflush(stdout); 191 } 192 193 static int tls_dump_read(BIO *bio, char *out, int outl) 194 { 195 int ret; 196 BIO *next = BIO_next(bio); 197 198 ret = BIO_read(next, out, outl); 199 copy_flags(bio); 200 201 if (ret > 0) { 202 dump_data(out, ret); 203 } 204 205 return ret; 206 } 207 208 static int tls_dump_write(BIO *bio, const char *in, int inl) 209 { 210 int ret; 211 BIO *next = BIO_next(bio); 212 213 ret = BIO_write(next, in, inl); 214 copy_flags(bio); 215 216 return ret; 217 } 218 219 static long tls_dump_ctrl(BIO *bio, int cmd, long num, void *ptr) 220 { 221 long ret; 222 BIO *next = BIO_next(bio); 223 224 if (next == NULL) 225 return 0; 226 227 switch (cmd) { 228 case BIO_CTRL_DUP: 229 ret = 0L; 230 break; 231 default: 232 ret = BIO_ctrl(next, cmd, num, ptr); 233 break; 234 } 235 return ret; 236 } 237 238 static int tls_dump_gets(BIO *bio, char *buf, int size) 239 { 240 /* We don't support this - not needed anyway */ 241 return -1; 242 } 243 244 static int tls_dump_puts(BIO *bio, const char *str) 245 { 246 return tls_dump_write(bio, str, strlen(str)); 247 } 248 249 250 struct mempacket_st { 251 unsigned char *data; 252 int len; 253 unsigned int num; 254 unsigned int type; 255 }; 256 257 static void mempacket_free(MEMPACKET *pkt) 258 { 259 if (pkt->data != NULL) 260 OPENSSL_free(pkt->data); 261 OPENSSL_free(pkt); 262 } 263 264 typedef struct mempacket_test_ctx_st { 265 STACK_OF(MEMPACKET) *pkts; 266 unsigned int epoch; 267 unsigned int currrec; 268 unsigned int currpkt; 269 unsigned int lastpkt; 270 unsigned int injected; 271 unsigned int noinject; 272 unsigned int dropepoch; 273 int droprec; 274 int duprec; 275 } MEMPACKET_TEST_CTX; 276 277 static int mempacket_test_new(BIO *bi); 278 static int mempacket_test_free(BIO *a); 279 static int mempacket_test_read(BIO *b, char *out, int outl); 280 static int mempacket_test_write(BIO *b, const char *in, int inl); 281 static long mempacket_test_ctrl(BIO *b, int cmd, long num, void *ptr); 282 static int mempacket_test_gets(BIO *bp, char *buf, int size); 283 static int mempacket_test_puts(BIO *bp, const char *str); 284 285 const BIO_METHOD *bio_s_mempacket_test(void) 286 { 287 if (meth_mem == NULL) { 288 if (!TEST_ptr(meth_mem = BIO_meth_new(BIO_TYPE_MEMPACKET_TEST, 289 "Mem Packet Test")) 290 || !TEST_true(BIO_meth_set_write(meth_mem, mempacket_test_write)) 291 || !TEST_true(BIO_meth_set_read(meth_mem, mempacket_test_read)) 292 || !TEST_true(BIO_meth_set_puts(meth_mem, mempacket_test_puts)) 293 || !TEST_true(BIO_meth_set_gets(meth_mem, mempacket_test_gets)) 294 || !TEST_true(BIO_meth_set_ctrl(meth_mem, mempacket_test_ctrl)) 295 || !TEST_true(BIO_meth_set_create(meth_mem, mempacket_test_new)) 296 || !TEST_true(BIO_meth_set_destroy(meth_mem, mempacket_test_free))) 297 return NULL; 298 } 299 return meth_mem; 300 } 301 302 void bio_s_mempacket_test_free(void) 303 { 304 BIO_meth_free(meth_mem); 305 } 306 307 static int mempacket_test_new(BIO *bio) 308 { 309 MEMPACKET_TEST_CTX *ctx; 310 311 if (!TEST_ptr(ctx = OPENSSL_zalloc(sizeof(*ctx)))) 312 return 0; 313 if (!TEST_ptr(ctx->pkts = sk_MEMPACKET_new_null())) { 314 OPENSSL_free(ctx); 315 return 0; 316 } 317 ctx->dropepoch = 0; 318 ctx->droprec = -1; 319 BIO_set_init(bio, 1); 320 BIO_set_data(bio, ctx); 321 return 1; 322 } 323 324 static int mempacket_test_free(BIO *bio) 325 { 326 MEMPACKET_TEST_CTX *ctx = BIO_get_data(bio); 327 328 sk_MEMPACKET_pop_free(ctx->pkts, mempacket_free); 329 OPENSSL_free(ctx); 330 BIO_set_data(bio, NULL); 331 BIO_set_init(bio, 0); 332 return 1; 333 } 334 335 /* Record Header values */ 336 #define EPOCH_HI 3 337 #define EPOCH_LO 4 338 #define RECORD_SEQUENCE 10 339 #define RECORD_LEN_HI 11 340 #define RECORD_LEN_LO 12 341 342 #define STANDARD_PACKET 0 343 344 static int mempacket_test_read(BIO *bio, char *out, int outl) 345 { 346 MEMPACKET_TEST_CTX *ctx = BIO_get_data(bio); 347 MEMPACKET *thispkt; 348 unsigned char *rec; 349 int rem; 350 unsigned int seq, offset, len, epoch; 351 352 BIO_clear_retry_flags(bio); 353 if ((thispkt = sk_MEMPACKET_value(ctx->pkts, 0)) == NULL 354 || thispkt->num != ctx->currpkt) { 355 /* Probably run out of data */ 356 BIO_set_retry_read(bio); 357 return -1; 358 } 359 (void)sk_MEMPACKET_shift(ctx->pkts); 360 ctx->currpkt++; 361 362 if (outl > thispkt->len) 363 outl = thispkt->len; 364 365 if (thispkt->type != INJECT_PACKET_IGNORE_REC_SEQ 366 && (ctx->injected || ctx->droprec >= 0)) { 367 /* 368 * Overwrite the record sequence number. We strictly number them in 369 * the order received. Since we are actually a reliable transport 370 * we know that there won't be any re-ordering. We overwrite to deal 371 * with any packets that have been injected 372 */ 373 for (rem = thispkt->len, rec = thispkt->data; rem > 0; rem -= len) { 374 if (rem < DTLS1_RT_HEADER_LENGTH) 375 return -1; 376 epoch = (rec[EPOCH_HI] << 8) | rec[EPOCH_LO]; 377 if (epoch != ctx->epoch) { 378 ctx->epoch = epoch; 379 ctx->currrec = 0; 380 } 381 seq = ctx->currrec; 382 offset = 0; 383 do { 384 rec[RECORD_SEQUENCE - offset] = seq & 0xFF; 385 seq >>= 8; 386 offset++; 387 } while (seq > 0); 388 389 len = ((rec[RECORD_LEN_HI] << 8) | rec[RECORD_LEN_LO]) 390 + DTLS1_RT_HEADER_LENGTH; 391 if (rem < (int)len) 392 return -1; 393 if (ctx->droprec == (int)ctx->currrec && ctx->dropepoch == epoch) { 394 if (rem > (int)len) 395 memmove(rec, rec + len, rem - len); 396 outl -= len; 397 ctx->droprec = -1; 398 if (outl == 0) 399 BIO_set_retry_read(bio); 400 } else { 401 rec += len; 402 } 403 404 ctx->currrec++; 405 } 406 } 407 408 memcpy(out, thispkt->data, outl); 409 mempacket_free(thispkt); 410 return outl; 411 } 412 413 /* Take the last and penultimate packets and swap them around */ 414 int mempacket_swap_recent(BIO *bio) 415 { 416 MEMPACKET_TEST_CTX *ctx = BIO_get_data(bio); 417 MEMPACKET *thispkt; 418 int numpkts = sk_MEMPACKET_num(ctx->pkts); 419 420 /* We need at least 2 packets to be able to swap them */ 421 if (numpkts <= 1) 422 return 0; 423 424 /* Get the penultimate packet */ 425 thispkt = sk_MEMPACKET_value(ctx->pkts, numpkts - 2); 426 if (thispkt == NULL) 427 return 0; 428 429 if (sk_MEMPACKET_delete(ctx->pkts, numpkts - 2) != thispkt) 430 return 0; 431 432 /* Re-add it to the end of the list */ 433 thispkt->num++; 434 if (sk_MEMPACKET_insert(ctx->pkts, thispkt, numpkts - 1) <= 0) 435 return 0; 436 437 /* We also have to adjust the packet number of the other packet */ 438 thispkt = sk_MEMPACKET_value(ctx->pkts, numpkts - 2); 439 if (thispkt == NULL) 440 return 0; 441 thispkt->num--; 442 443 return 1; 444 } 445 446 int mempacket_test_inject(BIO *bio, const char *in, int inl, int pktnum, 447 int type) 448 { 449 MEMPACKET_TEST_CTX *ctx = BIO_get_data(bio); 450 MEMPACKET *thispkt = NULL, *looppkt, *nextpkt, *allpkts[3]; 451 int i, duprec; 452 const unsigned char *inu = (const unsigned char *)in; 453 size_t len = ((inu[RECORD_LEN_HI] << 8) | inu[RECORD_LEN_LO]) 454 + DTLS1_RT_HEADER_LENGTH; 455 456 if (ctx == NULL) 457 return -1; 458 459 if ((size_t)inl < len) 460 return -1; 461 462 if ((size_t)inl == len) 463 duprec = 0; 464 else 465 duprec = ctx->duprec > 0; 466 467 /* We don't support arbitrary injection when duplicating records */ 468 if (duprec && pktnum != -1) 469 return -1; 470 471 /* We only allow injection before we've started writing any data */ 472 if (pktnum >= 0) { 473 if (ctx->noinject) 474 return -1; 475 ctx->injected = 1; 476 } else { 477 ctx->noinject = 1; 478 } 479 480 for (i = 0; i < (duprec ? 3 : 1); i++) { 481 if (!TEST_ptr(allpkts[i] = OPENSSL_malloc(sizeof(*thispkt)))) 482 goto err; 483 thispkt = allpkts[i]; 484 485 if (!TEST_ptr(thispkt->data = OPENSSL_malloc(inl))) 486 goto err; 487 /* 488 * If we are duplicating the packet, we duplicate it three times. The 489 * first two times we drop the first record if there are more than one. 490 * In this way we know that libssl will not be able to make progress 491 * until it receives the last packet, and hence will be forced to 492 * buffer these records. 493 */ 494 if (duprec && i != 2) { 495 memcpy(thispkt->data, in + len, inl - len); 496 thispkt->len = inl - len; 497 } else { 498 memcpy(thispkt->data, in, inl); 499 thispkt->len = inl; 500 } 501 thispkt->num = (pktnum >= 0) ? (unsigned int)pktnum : ctx->lastpkt + i; 502 thispkt->type = type; 503 } 504 505 for (i = 0; i < sk_MEMPACKET_num(ctx->pkts); i++) { 506 if (!TEST_ptr(looppkt = sk_MEMPACKET_value(ctx->pkts, i))) 507 goto err; 508 /* Check if we found the right place to insert this packet */ 509 if (looppkt->num > thispkt->num) { 510 if (sk_MEMPACKET_insert(ctx->pkts, thispkt, i) == 0) 511 goto err; 512 /* If we're doing up front injection then we're done */ 513 if (pktnum >= 0) 514 return inl; 515 /* 516 * We need to do some accounting on lastpkt. We increment it first, 517 * but it might now equal the value of injected packets, so we need 518 * to skip over those 519 */ 520 ctx->lastpkt++; 521 do { 522 i++; 523 nextpkt = sk_MEMPACKET_value(ctx->pkts, i); 524 if (nextpkt != NULL && nextpkt->num == ctx->lastpkt) 525 ctx->lastpkt++; 526 else 527 return inl; 528 } while(1); 529 } else if (looppkt->num == thispkt->num) { 530 if (!ctx->noinject) { 531 /* We injected two packets with the same packet number! */ 532 goto err; 533 } 534 ctx->lastpkt++; 535 thispkt->num++; 536 } 537 } 538 /* 539 * We didn't find any packets with a packet number equal to or greater than 540 * this one, so we just add it onto the end 541 */ 542 for (i = 0; i < (duprec ? 3 : 1); i++) { 543 thispkt = allpkts[i]; 544 if (!sk_MEMPACKET_push(ctx->pkts, thispkt)) 545 goto err; 546 547 if (pktnum < 0) 548 ctx->lastpkt++; 549 } 550 551 return inl; 552 553 err: 554 for (i = 0; i < (ctx->duprec > 0 ? 3 : 1); i++) 555 mempacket_free(allpkts[i]); 556 return -1; 557 } 558 559 static int mempacket_test_write(BIO *bio, const char *in, int inl) 560 { 561 return mempacket_test_inject(bio, in, inl, -1, STANDARD_PACKET); 562 } 563 564 static long mempacket_test_ctrl(BIO *bio, int cmd, long num, void *ptr) 565 { 566 long ret = 1; 567 MEMPACKET_TEST_CTX *ctx = BIO_get_data(bio); 568 MEMPACKET *thispkt; 569 570 switch (cmd) { 571 case BIO_CTRL_EOF: 572 ret = (long)(sk_MEMPACKET_num(ctx->pkts) == 0); 573 break; 574 case BIO_CTRL_GET_CLOSE: 575 ret = BIO_get_shutdown(bio); 576 break; 577 case BIO_CTRL_SET_CLOSE: 578 BIO_set_shutdown(bio, (int)num); 579 break; 580 case BIO_CTRL_WPENDING: 581 ret = 0L; 582 break; 583 case BIO_CTRL_PENDING: 584 thispkt = sk_MEMPACKET_value(ctx->pkts, 0); 585 if (thispkt == NULL) 586 ret = 0; 587 else 588 ret = thispkt->len; 589 break; 590 case BIO_CTRL_FLUSH: 591 ret = 1; 592 break; 593 case MEMPACKET_CTRL_SET_DROP_EPOCH: 594 ctx->dropepoch = (unsigned int)num; 595 break; 596 case MEMPACKET_CTRL_SET_DROP_REC: 597 ctx->droprec = (int)num; 598 break; 599 case MEMPACKET_CTRL_GET_DROP_REC: 600 ret = ctx->droprec; 601 break; 602 case MEMPACKET_CTRL_SET_DUPLICATE_REC: 603 ctx->duprec = (int)num; 604 break; 605 case BIO_CTRL_RESET: 606 case BIO_CTRL_DUP: 607 case BIO_CTRL_PUSH: 608 case BIO_CTRL_POP: 609 default: 610 ret = 0; 611 break; 612 } 613 return ret; 614 } 615 616 static int mempacket_test_gets(BIO *bio, char *buf, int size) 617 { 618 /* We don't support this - not needed anyway */ 619 return -1; 620 } 621 622 static int mempacket_test_puts(BIO *bio, const char *str) 623 { 624 return mempacket_test_write(bio, str, strlen(str)); 625 } 626 627 static int always_retry_new(BIO *bi); 628 static int always_retry_free(BIO *a); 629 static int always_retry_read(BIO *b, char *out, int outl); 630 static int always_retry_write(BIO *b, const char *in, int inl); 631 static long always_retry_ctrl(BIO *b, int cmd, long num, void *ptr); 632 static int always_retry_gets(BIO *bp, char *buf, int size); 633 static int always_retry_puts(BIO *bp, const char *str); 634 635 const BIO_METHOD *bio_s_always_retry(void) 636 { 637 if (meth_always_retry == NULL) { 638 if (!TEST_ptr(meth_always_retry = BIO_meth_new(BIO_TYPE_ALWAYS_RETRY, 639 "Always Retry")) 640 || !TEST_true(BIO_meth_set_write(meth_always_retry, 641 always_retry_write)) 642 || !TEST_true(BIO_meth_set_read(meth_always_retry, 643 always_retry_read)) 644 || !TEST_true(BIO_meth_set_puts(meth_always_retry, 645 always_retry_puts)) 646 || !TEST_true(BIO_meth_set_gets(meth_always_retry, 647 always_retry_gets)) 648 || !TEST_true(BIO_meth_set_ctrl(meth_always_retry, 649 always_retry_ctrl)) 650 || !TEST_true(BIO_meth_set_create(meth_always_retry, 651 always_retry_new)) 652 || !TEST_true(BIO_meth_set_destroy(meth_always_retry, 653 always_retry_free))) 654 return NULL; 655 } 656 return meth_always_retry; 657 } 658 659 void bio_s_always_retry_free(void) 660 { 661 BIO_meth_free(meth_always_retry); 662 } 663 664 static int always_retry_new(BIO *bio) 665 { 666 BIO_set_init(bio, 1); 667 return 1; 668 } 669 670 static int always_retry_free(BIO *bio) 671 { 672 BIO_set_data(bio, NULL); 673 BIO_set_init(bio, 0); 674 return 1; 675 } 676 677 static int always_retry_read(BIO *bio, char *out, int outl) 678 { 679 BIO_set_retry_read(bio); 680 return -1; 681 } 682 683 static int always_retry_write(BIO *bio, const char *in, int inl) 684 { 685 BIO_set_retry_write(bio); 686 return -1; 687 } 688 689 static long always_retry_ctrl(BIO *bio, int cmd, long num, void *ptr) 690 { 691 long ret = 1; 692 693 switch (cmd) { 694 case BIO_CTRL_FLUSH: 695 BIO_set_retry_write(bio); 696 /* fall through */ 697 case BIO_CTRL_EOF: 698 case BIO_CTRL_RESET: 699 case BIO_CTRL_DUP: 700 case BIO_CTRL_PUSH: 701 case BIO_CTRL_POP: 702 default: 703 ret = 0; 704 break; 705 } 706 return ret; 707 } 708 709 static int always_retry_gets(BIO *bio, char *buf, int size) 710 { 711 BIO_set_retry_read(bio); 712 return -1; 713 } 714 715 static int always_retry_puts(BIO *bio, const char *str) 716 { 717 BIO_set_retry_write(bio); 718 return -1; 719 } 720 721 int create_ssl_ctx_pair(OSSL_LIB_CTX *libctx, const SSL_METHOD *sm, 722 const SSL_METHOD *cm, int min_proto_version, 723 int max_proto_version, SSL_CTX **sctx, SSL_CTX **cctx, 724 char *certfile, char *privkeyfile) 725 { 726 SSL_CTX *serverctx = NULL; 727 SSL_CTX *clientctx = NULL; 728 729 if (sctx != NULL) { 730 if (*sctx != NULL) 731 serverctx = *sctx; 732 else if (!TEST_ptr(serverctx = SSL_CTX_new_ex(libctx, NULL, sm)) 733 || !TEST_true(SSL_CTX_set_options(serverctx, 734 SSL_OP_ALLOW_CLIENT_RENEGOTIATION))) 735 goto err; 736 } 737 738 if (cctx != NULL) { 739 if (*cctx != NULL) 740 clientctx = *cctx; 741 else if (!TEST_ptr(clientctx = SSL_CTX_new_ex(libctx, NULL, cm))) 742 goto err; 743 } 744 745 #if !defined(OPENSSL_NO_TLS1_3) \ 746 && defined(OPENSSL_NO_EC) \ 747 && defined(OPENSSL_NO_DH) 748 /* 749 * There are no usable built-in TLSv1.3 groups if ec and dh are both 750 * disabled 751 */ 752 if (max_proto_version == 0 753 && (sm == TLS_server_method() || cm == TLS_client_method())) 754 max_proto_version = TLS1_2_VERSION; 755 #endif 756 757 if (serverctx != NULL 758 && ((min_proto_version > 0 759 && !TEST_true(SSL_CTX_set_min_proto_version(serverctx, 760 min_proto_version))) 761 || (max_proto_version > 0 762 && !TEST_true(SSL_CTX_set_max_proto_version(serverctx, 763 max_proto_version))))) 764 goto err; 765 if (clientctx != NULL 766 && ((min_proto_version > 0 767 && !TEST_true(SSL_CTX_set_min_proto_version(clientctx, 768 min_proto_version))) 769 || (max_proto_version > 0 770 && !TEST_true(SSL_CTX_set_max_proto_version(clientctx, 771 max_proto_version))))) 772 goto err; 773 774 if (serverctx != NULL && certfile != NULL && privkeyfile != NULL) { 775 if (!TEST_int_eq(SSL_CTX_use_certificate_file(serverctx, certfile, 776 SSL_FILETYPE_PEM), 1) 777 || !TEST_int_eq(SSL_CTX_use_PrivateKey_file(serverctx, 778 privkeyfile, 779 SSL_FILETYPE_PEM), 1) 780 || !TEST_int_eq(SSL_CTX_check_private_key(serverctx), 1)) 781 goto err; 782 } 783 784 if (sctx != NULL) 785 *sctx = serverctx; 786 if (cctx != NULL) 787 *cctx = clientctx; 788 return 1; 789 790 err: 791 if (sctx != NULL && *sctx == NULL) 792 SSL_CTX_free(serverctx); 793 if (cctx != NULL && *cctx == NULL) 794 SSL_CTX_free(clientctx); 795 return 0; 796 } 797 798 #define MAXLOOPS 1000000 799 800 #if !defined(OPENSSL_NO_KTLS) && !defined(OPENSSL_NO_SOCK) 801 static int set_nb(int fd) 802 { 803 int flags; 804 805 flags = fcntl(fd,F_GETFL,0); 806 if (flags == -1) 807 return flags; 808 flags = fcntl(fd, F_SETFL, flags | O_NONBLOCK); 809 return flags; 810 } 811 812 int create_test_sockets(int *cfdp, int *sfdp) 813 { 814 struct sockaddr_in sin; 815 const char *host = "127.0.0.1"; 816 int cfd_connected = 0, ret = 0; 817 socklen_t slen = sizeof(sin); 818 int afd = -1, cfd = -1, sfd = -1; 819 820 memset ((char *) &sin, 0, sizeof(sin)); 821 sin.sin_family = AF_INET; 822 sin.sin_addr.s_addr = inet_addr(host); 823 824 afd = socket(AF_INET, SOCK_STREAM, 0); 825 if (afd < 0) 826 return 0; 827 828 if (bind(afd, (struct sockaddr*)&sin, sizeof(sin)) < 0) 829 goto out; 830 831 if (getsockname(afd, (struct sockaddr*)&sin, &slen) < 0) 832 goto out; 833 834 if (listen(afd, 1) < 0) 835 goto out; 836 837 cfd = socket(AF_INET, SOCK_STREAM, 0); 838 if (cfd < 0) 839 goto out; 840 841 if (set_nb(afd) == -1) 842 goto out; 843 844 while (sfd == -1 || !cfd_connected ) { 845 sfd = accept(afd, NULL, 0); 846 if (sfd == -1 && errno != EAGAIN) 847 goto out; 848 849 if (!cfd_connected && connect(cfd, (struct sockaddr*)&sin, sizeof(sin)) < 0) 850 goto out; 851 else 852 cfd_connected = 1; 853 } 854 855 if (set_nb(cfd) == -1 || set_nb(sfd) == -1) 856 goto out; 857 ret = 1; 858 *cfdp = cfd; 859 *sfdp = sfd; 860 goto success; 861 862 out: 863 if (cfd != -1) 864 close(cfd); 865 if (sfd != -1) 866 close(sfd); 867 success: 868 if (afd != -1) 869 close(afd); 870 return ret; 871 } 872 873 int create_ssl_objects2(SSL_CTX *serverctx, SSL_CTX *clientctx, SSL **sssl, 874 SSL **cssl, int sfd, int cfd) 875 { 876 SSL *serverssl = NULL, *clientssl = NULL; 877 BIO *s_to_c_bio = NULL, *c_to_s_bio = NULL; 878 879 if (*sssl != NULL) 880 serverssl = *sssl; 881 else if (!TEST_ptr(serverssl = SSL_new(serverctx))) 882 goto error; 883 if (*cssl != NULL) 884 clientssl = *cssl; 885 else if (!TEST_ptr(clientssl = SSL_new(clientctx))) 886 goto error; 887 888 if (!TEST_ptr(s_to_c_bio = BIO_new_socket(sfd, BIO_NOCLOSE)) 889 || !TEST_ptr(c_to_s_bio = BIO_new_socket(cfd, BIO_NOCLOSE))) 890 goto error; 891 892 SSL_set_bio(clientssl, c_to_s_bio, c_to_s_bio); 893 SSL_set_bio(serverssl, s_to_c_bio, s_to_c_bio); 894 *sssl = serverssl; 895 *cssl = clientssl; 896 return 1; 897 898 error: 899 SSL_free(serverssl); 900 SSL_free(clientssl); 901 BIO_free(s_to_c_bio); 902 BIO_free(c_to_s_bio); 903 return 0; 904 } 905 #endif 906 907 /* 908 * NOTE: Transfers control of the BIOs - this function will free them on error 909 */ 910 int create_ssl_objects(SSL_CTX *serverctx, SSL_CTX *clientctx, SSL **sssl, 911 SSL **cssl, BIO *s_to_c_fbio, BIO *c_to_s_fbio) 912 { 913 SSL *serverssl = NULL, *clientssl = NULL; 914 BIO *s_to_c_bio = NULL, *c_to_s_bio = NULL; 915 916 if (*sssl != NULL) 917 serverssl = *sssl; 918 else if (!TEST_ptr(serverssl = SSL_new(serverctx))) 919 goto error; 920 if (*cssl != NULL) 921 clientssl = *cssl; 922 else if (!TEST_ptr(clientssl = SSL_new(clientctx))) 923 goto error; 924 925 if (SSL_is_dtls(clientssl)) { 926 if (!TEST_ptr(s_to_c_bio = BIO_new(bio_s_mempacket_test())) 927 || !TEST_ptr(c_to_s_bio = BIO_new(bio_s_mempacket_test()))) 928 goto error; 929 } else { 930 if (!TEST_ptr(s_to_c_bio = BIO_new(BIO_s_mem())) 931 || !TEST_ptr(c_to_s_bio = BIO_new(BIO_s_mem()))) 932 goto error; 933 } 934 935 if (s_to_c_fbio != NULL 936 && !TEST_ptr(s_to_c_bio = BIO_push(s_to_c_fbio, s_to_c_bio))) 937 goto error; 938 if (c_to_s_fbio != NULL 939 && !TEST_ptr(c_to_s_bio = BIO_push(c_to_s_fbio, c_to_s_bio))) 940 goto error; 941 942 /* Set Non-blocking IO behaviour */ 943 BIO_set_mem_eof_return(s_to_c_bio, -1); 944 BIO_set_mem_eof_return(c_to_s_bio, -1); 945 946 /* Up ref these as we are passing them to two SSL objects */ 947 SSL_set_bio(serverssl, c_to_s_bio, s_to_c_bio); 948 BIO_up_ref(s_to_c_bio); 949 BIO_up_ref(c_to_s_bio); 950 SSL_set_bio(clientssl, s_to_c_bio, c_to_s_bio); 951 *sssl = serverssl; 952 *cssl = clientssl; 953 return 1; 954 955 error: 956 SSL_free(serverssl); 957 SSL_free(clientssl); 958 BIO_free(s_to_c_bio); 959 BIO_free(c_to_s_bio); 960 BIO_free(s_to_c_fbio); 961 BIO_free(c_to_s_fbio); 962 963 return 0; 964 } 965 966 /* 967 * Create an SSL connection, but does not read any post-handshake 968 * NewSessionTicket messages. 969 * If |read| is set and we're using DTLS then we will attempt to SSL_read on 970 * the connection once we've completed one half of it, to ensure any retransmits 971 * get triggered. 972 * We stop the connection attempt (and return a failure value) if either peer 973 * has SSL_get_error() return the value in the |want| parameter. The connection 974 * attempt could be restarted by a subsequent call to this function. 975 */ 976 int create_bare_ssl_connection(SSL *serverssl, SSL *clientssl, int want, 977 int read) 978 { 979 int retc = -1, rets = -1, err, abortctr = 0; 980 int clienterr = 0, servererr = 0; 981 int isdtls = SSL_is_dtls(serverssl); 982 983 do { 984 err = SSL_ERROR_WANT_WRITE; 985 while (!clienterr && retc <= 0 && err == SSL_ERROR_WANT_WRITE) { 986 retc = SSL_connect(clientssl); 987 if (retc <= 0) 988 err = SSL_get_error(clientssl, retc); 989 } 990 991 if (!clienterr && retc <= 0 && err != SSL_ERROR_WANT_READ) { 992 TEST_info("SSL_connect() failed %d, %d", retc, err); 993 if (want != SSL_ERROR_SSL) 994 TEST_openssl_errors(); 995 clienterr = 1; 996 } 997 if (want != SSL_ERROR_NONE && err == want) 998 return 0; 999 1000 err = SSL_ERROR_WANT_WRITE; 1001 while (!servererr && rets <= 0 && err == SSL_ERROR_WANT_WRITE) { 1002 rets = SSL_accept(serverssl); 1003 if (rets <= 0) 1004 err = SSL_get_error(serverssl, rets); 1005 } 1006 1007 if (!servererr && rets <= 0 1008 && err != SSL_ERROR_WANT_READ 1009 && err != SSL_ERROR_WANT_X509_LOOKUP) { 1010 TEST_info("SSL_accept() failed %d, %d", rets, err); 1011 if (want != SSL_ERROR_SSL) 1012 TEST_openssl_errors(); 1013 servererr = 1; 1014 } 1015 if (want != SSL_ERROR_NONE && err == want) 1016 return 0; 1017 if (clienterr && servererr) 1018 return 0; 1019 if (isdtls && read) { 1020 unsigned char buf[20]; 1021 1022 /* Trigger any retransmits that may be appropriate */ 1023 if (rets > 0 && retc <= 0) { 1024 if (SSL_read(serverssl, buf, sizeof(buf)) > 0) { 1025 /* We don't expect this to succeed! */ 1026 TEST_info("Unexpected SSL_read() success!"); 1027 return 0; 1028 } 1029 } 1030 if (retc > 0 && rets <= 0) { 1031 if (SSL_read(clientssl, buf, sizeof(buf)) > 0) { 1032 /* We don't expect this to succeed! */ 1033 TEST_info("Unexpected SSL_read() success!"); 1034 return 0; 1035 } 1036 } 1037 } 1038 if (++abortctr == MAXLOOPS) { 1039 TEST_info("No progress made"); 1040 return 0; 1041 } 1042 if (isdtls && abortctr <= 50 && (abortctr % 10) == 0) { 1043 /* 1044 * It looks like we're just spinning. Pause for a short period to 1045 * give the DTLS timer a chance to do something. We only do this for 1046 * the first few times to prevent hangs. 1047 */ 1048 ossl_sleep(50); 1049 } 1050 } while (retc <=0 || rets <= 0); 1051 1052 return 1; 1053 } 1054 1055 /* 1056 * Create an SSL connection including any post handshake NewSessionTicket 1057 * messages. 1058 */ 1059 int create_ssl_connection(SSL *serverssl, SSL *clientssl, int want) 1060 { 1061 int i; 1062 unsigned char buf; 1063 size_t readbytes; 1064 1065 if (!create_bare_ssl_connection(serverssl, clientssl, want, 1)) 1066 return 0; 1067 1068 /* 1069 * We attempt to read some data on the client side which we expect to fail. 1070 * This will ensure we have received the NewSessionTicket in TLSv1.3 where 1071 * appropriate. We do this twice because there are 2 NewSessionTickets. 1072 */ 1073 for (i = 0; i < 2; i++) { 1074 if (SSL_read_ex(clientssl, &buf, sizeof(buf), &readbytes) > 0) { 1075 if (!TEST_ulong_eq(readbytes, 0)) 1076 return 0; 1077 } else if (!TEST_int_eq(SSL_get_error(clientssl, 0), 1078 SSL_ERROR_WANT_READ)) { 1079 return 0; 1080 } 1081 } 1082 1083 return 1; 1084 } 1085 1086 void shutdown_ssl_connection(SSL *serverssl, SSL *clientssl) 1087 { 1088 SSL_shutdown(clientssl); 1089 SSL_shutdown(serverssl); 1090 SSL_free(serverssl); 1091 SSL_free(clientssl); 1092 } 1093