113d40330Schristos /*
2*b0d17251Schristos * Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved.
313d40330Schristos *
4*b0d17251Schristos * Licensed under the Apache License 2.0 (the "License"). You may not use
513d40330Schristos * this file except in compliance with the License. You can obtain a copy
613d40330Schristos * in the file LICENSE in the source distribution or at
713d40330Schristos * https://www.openssl.org/source/license.html
813d40330Schristos */
913d40330Schristos
1013d40330Schristos #include <openssl/ssl.h>
1113d40330Schristos #include <string.h>
12*b0d17251Schristos #include "helpers/ssltestlib.h"
1313d40330Schristos #include "testutil.h"
14*b0d17251Schristos #include "internal/packet.h"
1513d40330Schristos
1613d40330Schristos static char *cert = NULL;
1713d40330Schristos static char *privkey = NULL;
1813d40330Schristos
1913d40330Schristos static BIO *s_to_c_fbio = NULL, *c_to_s_fbio = NULL;
2013d40330Schristos static int chseen = 0, shseen = 0, sccsseen = 0, ccsaftersh = 0;
2113d40330Schristos static int ccsbeforesh = 0, sappdataseen = 0, cappdataseen = 0, badccs = 0;
2213d40330Schristos static int badvers = 0, badsessid = 0;
2313d40330Schristos
2413d40330Schristos static unsigned char chsessid[SSL_MAX_SSL_SESSION_ID_LENGTH];
2513d40330Schristos static size_t chsessidlen = 0;
2613d40330Schristos
2713d40330Schristos static int watchccs_new(BIO *bi);
2813d40330Schristos static int watchccs_free(BIO *a);
2913d40330Schristos static int watchccs_read(BIO *b, char *out, int outl);
3013d40330Schristos static int watchccs_write(BIO *b, const char *in, int inl);
3113d40330Schristos static long watchccs_ctrl(BIO *b, int cmd, long num, void *ptr);
3213d40330Schristos static int watchccs_gets(BIO *bp, char *buf, int size);
3313d40330Schristos static int watchccs_puts(BIO *bp, const char *str);
3413d40330Schristos
3513d40330Schristos /* Choose a sufficiently large type likely to be unused for this custom BIO */
3613d40330Schristos # define BIO_TYPE_WATCHCCS_FILTER (0x80 | BIO_TYPE_FILTER)
3713d40330Schristos
3813d40330Schristos static BIO_METHOD *method_watchccs = NULL;
3913d40330Schristos
bio_f_watchccs_filter(void)4013d40330Schristos static const BIO_METHOD *bio_f_watchccs_filter(void)
4113d40330Schristos {
4213d40330Schristos if (method_watchccs == NULL) {
4313d40330Schristos method_watchccs = BIO_meth_new(BIO_TYPE_WATCHCCS_FILTER,
4413d40330Schristos "Watch CCS filter");
4513d40330Schristos if ( method_watchccs == NULL
4613d40330Schristos || !BIO_meth_set_write(method_watchccs, watchccs_write)
4713d40330Schristos || !BIO_meth_set_read(method_watchccs, watchccs_read)
4813d40330Schristos || !BIO_meth_set_puts(method_watchccs, watchccs_puts)
4913d40330Schristos || !BIO_meth_set_gets(method_watchccs, watchccs_gets)
5013d40330Schristos || !BIO_meth_set_ctrl(method_watchccs, watchccs_ctrl)
5113d40330Schristos || !BIO_meth_set_create(method_watchccs, watchccs_new)
5213d40330Schristos || !BIO_meth_set_destroy(method_watchccs, watchccs_free))
5313d40330Schristos return NULL;
5413d40330Schristos }
5513d40330Schristos return method_watchccs;
5613d40330Schristos }
5713d40330Schristos
watchccs_new(BIO * bio)5813d40330Schristos static int watchccs_new(BIO *bio)
5913d40330Schristos {
6013d40330Schristos BIO_set_init(bio, 1);
6113d40330Schristos return 1;
6213d40330Schristos }
6313d40330Schristos
watchccs_free(BIO * bio)6413d40330Schristos static int watchccs_free(BIO *bio)
6513d40330Schristos {
6613d40330Schristos BIO_set_init(bio, 0);
6713d40330Schristos return 1;
6813d40330Schristos }
6913d40330Schristos
watchccs_read(BIO * bio,char * out,int outl)7013d40330Schristos static int watchccs_read(BIO *bio, char *out, int outl)
7113d40330Schristos {
7213d40330Schristos int ret = 0;
7313d40330Schristos BIO *next = BIO_next(bio);
7413d40330Schristos
7513d40330Schristos if (outl <= 0)
7613d40330Schristos return 0;
7713d40330Schristos if (next == NULL)
7813d40330Schristos return 0;
7913d40330Schristos
8013d40330Schristos BIO_clear_retry_flags(bio);
8113d40330Schristos
8213d40330Schristos ret = BIO_read(next, out, outl);
8313d40330Schristos if (ret <= 0 && BIO_should_read(next))
8413d40330Schristos BIO_set_retry_read(bio);
8513d40330Schristos
8613d40330Schristos return ret;
8713d40330Schristos }
8813d40330Schristos
watchccs_write(BIO * bio,const char * in,int inl)8913d40330Schristos static int watchccs_write(BIO *bio, const char *in, int inl)
9013d40330Schristos {
9113d40330Schristos int ret = 0;
9213d40330Schristos BIO *next = BIO_next(bio);
9313d40330Schristos PACKET pkt, msg, msgbody, sessionid;
9413d40330Schristos unsigned int rectype, recvers, msgtype, expectedrecvers;
9513d40330Schristos
9613d40330Schristos if (inl <= 0)
9713d40330Schristos return 0;
9813d40330Schristos if (next == NULL)
9913d40330Schristos return 0;
10013d40330Schristos
10113d40330Schristos BIO_clear_retry_flags(bio);
10213d40330Schristos
10313d40330Schristos if (!PACKET_buf_init(&pkt, (const unsigned char *)in, inl))
10413d40330Schristos return 0;
10513d40330Schristos
10613d40330Schristos /* We assume that we always write complete records each time */
10713d40330Schristos while (PACKET_remaining(&pkt)) {
10813d40330Schristos if (!PACKET_get_1(&pkt, &rectype)
10913d40330Schristos || !PACKET_get_net_2(&pkt, &recvers)
11013d40330Schristos || !PACKET_get_length_prefixed_2(&pkt, &msg))
11113d40330Schristos return 0;
11213d40330Schristos
11313d40330Schristos expectedrecvers = TLS1_2_VERSION;
11413d40330Schristos
11513d40330Schristos if (rectype == SSL3_RT_HANDSHAKE) {
11613d40330Schristos if (!PACKET_get_1(&msg, &msgtype)
11713d40330Schristos || !PACKET_get_length_prefixed_3(&msg, &msgbody))
11813d40330Schristos return 0;
11913d40330Schristos if (msgtype == SSL3_MT_CLIENT_HELLO) {
12013d40330Schristos chseen++;
12113d40330Schristos
12213d40330Schristos /*
12313d40330Schristos * Skip legacy_version (2 bytes) and Random (32 bytes) to read
12413d40330Schristos * session_id.
12513d40330Schristos */
12613d40330Schristos if (!PACKET_forward(&msgbody, 34)
12713d40330Schristos || !PACKET_get_length_prefixed_1(&msgbody, &sessionid))
12813d40330Schristos return 0;
12913d40330Schristos
13013d40330Schristos if (chseen == 1) {
13113d40330Schristos expectedrecvers = TLS1_VERSION;
13213d40330Schristos
13313d40330Schristos /* Save the session id for later */
13413d40330Schristos chsessidlen = PACKET_remaining(&sessionid);
13513d40330Schristos if (!PACKET_copy_bytes(&sessionid, chsessid, chsessidlen))
13613d40330Schristos return 0;
13713d40330Schristos } else {
13813d40330Schristos /*
13913d40330Schristos * Check the session id for the second ClientHello is the
14013d40330Schristos * same as the first one.
14113d40330Schristos */
14213d40330Schristos if (PACKET_remaining(&sessionid) != chsessidlen
14313d40330Schristos || (chsessidlen > 0
14413d40330Schristos && memcmp(chsessid, PACKET_data(&sessionid),
14513d40330Schristos chsessidlen) != 0))
14613d40330Schristos badsessid = 1;
14713d40330Schristos }
14813d40330Schristos } else if (msgtype == SSL3_MT_SERVER_HELLO) {
14913d40330Schristos shseen++;
15013d40330Schristos /*
15113d40330Schristos * Skip legacy_version (2 bytes) and Random (32 bytes) to read
15213d40330Schristos * session_id.
15313d40330Schristos */
15413d40330Schristos if (!PACKET_forward(&msgbody, 34)
15513d40330Schristos || !PACKET_get_length_prefixed_1(&msgbody, &sessionid))
15613d40330Schristos return 0;
15713d40330Schristos
15813d40330Schristos /*
15913d40330Schristos * Check the session id is the same as the one in the
16013d40330Schristos * ClientHello
16113d40330Schristos */
16213d40330Schristos if (PACKET_remaining(&sessionid) != chsessidlen
16313d40330Schristos || (chsessidlen > 0
16413d40330Schristos && memcmp(chsessid, PACKET_data(&sessionid),
16513d40330Schristos chsessidlen) != 0))
16613d40330Schristos badsessid = 1;
16713d40330Schristos }
16813d40330Schristos } else if (rectype == SSL3_RT_CHANGE_CIPHER_SPEC) {
16913d40330Schristos if (bio == s_to_c_fbio) {
17013d40330Schristos /*
17113d40330Schristos * Server writing. We shouldn't have written any app data
17213d40330Schristos * yet, and we should have seen both the ClientHello and the
17313d40330Schristos * ServerHello
17413d40330Schristos */
17513d40330Schristos if (!sappdataseen
17613d40330Schristos && chseen == 1
17713d40330Schristos && shseen == 1
17813d40330Schristos && !sccsseen)
17913d40330Schristos sccsseen = 1;
18013d40330Schristos else
18113d40330Schristos badccs = 1;
18213d40330Schristos } else if (!cappdataseen) {
18313d40330Schristos /*
18413d40330Schristos * Client writing. We shouldn't have written any app data
18513d40330Schristos * yet, and we should have seen the ClientHello
18613d40330Schristos */
18713d40330Schristos if (shseen == 1 && !ccsaftersh)
18813d40330Schristos ccsaftersh = 1;
18913d40330Schristos else if (shseen == 0 && !ccsbeforesh)
19013d40330Schristos ccsbeforesh = 1;
19113d40330Schristos else
19213d40330Schristos badccs = 1;
19313d40330Schristos } else {
19413d40330Schristos badccs = 1;
19513d40330Schristos }
19613d40330Schristos } else if(rectype == SSL3_RT_APPLICATION_DATA) {
19713d40330Schristos if (bio == s_to_c_fbio)
19813d40330Schristos sappdataseen = 1;
19913d40330Schristos else
20013d40330Schristos cappdataseen = 1;
20113d40330Schristos }
20213d40330Schristos if (recvers != expectedrecvers)
20313d40330Schristos badvers = 1;
20413d40330Schristos }
20513d40330Schristos
20613d40330Schristos ret = BIO_write(next, in, inl);
20713d40330Schristos if (ret <= 0 && BIO_should_write(next))
20813d40330Schristos BIO_set_retry_write(bio);
20913d40330Schristos
21013d40330Schristos return ret;
21113d40330Schristos }
21213d40330Schristos
watchccs_ctrl(BIO * bio,int cmd,long num,void * ptr)21313d40330Schristos static long watchccs_ctrl(BIO *bio, int cmd, long num, void *ptr)
21413d40330Schristos {
21513d40330Schristos long ret;
21613d40330Schristos BIO *next = BIO_next(bio);
21713d40330Schristos
21813d40330Schristos if (next == NULL)
21913d40330Schristos return 0;
22013d40330Schristos
22113d40330Schristos switch (cmd) {
22213d40330Schristos case BIO_CTRL_DUP:
22313d40330Schristos ret = 0;
22413d40330Schristos break;
22513d40330Schristos default:
22613d40330Schristos ret = BIO_ctrl(next, cmd, num, ptr);
22713d40330Schristos break;
22813d40330Schristos }
22913d40330Schristos return ret;
23013d40330Schristos }
23113d40330Schristos
watchccs_gets(BIO * bio,char * buf,int size)23213d40330Schristos static int watchccs_gets(BIO *bio, char *buf, int size)
23313d40330Schristos {
23413d40330Schristos /* We don't support this - not needed anyway */
23513d40330Schristos return -1;
23613d40330Schristos }
23713d40330Schristos
watchccs_puts(BIO * bio,const char * str)23813d40330Schristos static int watchccs_puts(BIO *bio, const char *str)
23913d40330Schristos {
24013d40330Schristos return watchccs_write(bio, str, strlen(str));
24113d40330Schristos }
24213d40330Schristos
test_tls13ccs(int tst)24313d40330Schristos static int test_tls13ccs(int tst)
24413d40330Schristos {
24513d40330Schristos SSL_CTX *sctx = NULL, *cctx = NULL;
24613d40330Schristos SSL *sssl = NULL, *cssl = NULL;
24713d40330Schristos int ret = 0;
24813d40330Schristos const char msg[] = "Dummy data";
24913d40330Schristos char buf[80];
25013d40330Schristos size_t written, readbytes;
25113d40330Schristos SSL_SESSION *sess = NULL;
25213d40330Schristos
25313d40330Schristos chseen = shseen = sccsseen = ccsaftersh = ccsbeforesh = 0;
25413d40330Schristos sappdataseen = cappdataseen = badccs = badvers = badsessid = 0;
25513d40330Schristos chsessidlen = 0;
25613d40330Schristos
257*b0d17251Schristos if (!TEST_true(create_ssl_ctx_pair(NULL, TLS_server_method(),
258*b0d17251Schristos TLS_client_method(), TLS1_VERSION, 0,
25913d40330Schristos &sctx, &cctx, cert, privkey))
26013d40330Schristos || !TEST_true(SSL_CTX_set_max_early_data(sctx,
26113d40330Schristos SSL3_RT_MAX_PLAIN_LENGTH)))
26213d40330Schristos goto err;
26313d40330Schristos
26413d40330Schristos /*
26513d40330Schristos * Test 0: Simple Handshake
26613d40330Schristos * Test 1: Simple Handshake, client middlebox compat mode disabled
26713d40330Schristos * Test 2: Simple Handshake, server middlebox compat mode disabled
26813d40330Schristos * Test 3: HRR Handshake
26913d40330Schristos * Test 4: HRR Handshake, client middlebox compat mode disabled
27013d40330Schristos * Test 5: HRR Handshake, server middlebox compat mode disabled
27113d40330Schristos * Test 6: Early data handshake
27213d40330Schristos * Test 7: Early data handshake, client middlebox compat mode disabled
27313d40330Schristos * Test 8: Early data handshake, server middlebox compat mode disabled
27413d40330Schristos * Test 9: Early data then HRR
27513d40330Schristos * Test 10: Early data then HRR, client middlebox compat mode disabled
27613d40330Schristos * Test 11: Early data then HRR, server middlebox compat mode disabled
27713d40330Schristos */
27813d40330Schristos switch (tst) {
27913d40330Schristos case 0:
28013d40330Schristos case 3:
28113d40330Schristos case 6:
28213d40330Schristos case 9:
28313d40330Schristos break;
28413d40330Schristos case 1:
28513d40330Schristos case 4:
28613d40330Schristos case 7:
28713d40330Schristos case 10:
28813d40330Schristos SSL_CTX_clear_options(cctx, SSL_OP_ENABLE_MIDDLEBOX_COMPAT);
28913d40330Schristos break;
29013d40330Schristos case 2:
29113d40330Schristos case 5:
29213d40330Schristos case 8:
29313d40330Schristos case 11:
29413d40330Schristos SSL_CTX_clear_options(sctx, SSL_OP_ENABLE_MIDDLEBOX_COMPAT);
29513d40330Schristos break;
29613d40330Schristos default:
29713d40330Schristos TEST_error("Invalid test value");
29813d40330Schristos goto err;
29913d40330Schristos }
30013d40330Schristos
30113d40330Schristos if (tst >= 6) {
30213d40330Schristos /* Get a session suitable for early_data */
30313d40330Schristos if (!TEST_true(create_ssl_objects(sctx, cctx, &sssl, &cssl, NULL, NULL))
30413d40330Schristos || !TEST_true(create_ssl_connection(sssl, cssl, SSL_ERROR_NONE)))
30513d40330Schristos goto err;
30613d40330Schristos sess = SSL_get1_session(cssl);
30713d40330Schristos if (!TEST_ptr(sess))
30813d40330Schristos goto err;
30913d40330Schristos SSL_shutdown(cssl);
31013d40330Schristos SSL_shutdown(sssl);
31113d40330Schristos SSL_free(sssl);
31213d40330Schristos SSL_free(cssl);
31313d40330Schristos sssl = cssl = NULL;
31413d40330Schristos }
31513d40330Schristos
31613d40330Schristos if ((tst >= 3 && tst <= 5) || tst >= 9) {
31713d40330Schristos /* HRR handshake */
318*b0d17251Schristos #if defined(OPENSSL_NO_EC)
319*b0d17251Schristos # if !defined(OPENSSL_NO_DH)
320*b0d17251Schristos if (!TEST_true(SSL_CTX_set1_groups_list(sctx, "ffdhe3072")))
321*b0d17251Schristos goto err;
322*b0d17251Schristos # endif
323*b0d17251Schristos #else
32413d40330Schristos if (!TEST_true(SSL_CTX_set1_groups_list(sctx, "P-256")))
32513d40330Schristos goto err;
326*b0d17251Schristos #endif
32713d40330Schristos }
32813d40330Schristos
32913d40330Schristos s_to_c_fbio = BIO_new(bio_f_watchccs_filter());
33013d40330Schristos c_to_s_fbio = BIO_new(bio_f_watchccs_filter());
33113d40330Schristos if (!TEST_ptr(s_to_c_fbio)
33213d40330Schristos || !TEST_ptr(c_to_s_fbio)) {
33313d40330Schristos BIO_free(s_to_c_fbio);
33413d40330Schristos BIO_free(c_to_s_fbio);
33513d40330Schristos goto err;
33613d40330Schristos }
33713d40330Schristos
33813d40330Schristos /* BIOs get freed on error */
33913d40330Schristos if (!TEST_true(create_ssl_objects(sctx, cctx, &sssl, &cssl, s_to_c_fbio,
34013d40330Schristos c_to_s_fbio)))
34113d40330Schristos goto err;
34213d40330Schristos
34313d40330Schristos if (tst >= 6) {
34413d40330Schristos /* Early data */
34513d40330Schristos if (!TEST_true(SSL_set_session(cssl, sess))
34613d40330Schristos || !TEST_true(SSL_write_early_data(cssl, msg, strlen(msg),
34713d40330Schristos &written))
34813d40330Schristos || (tst <= 8
34913d40330Schristos && !TEST_int_eq(SSL_read_early_data(sssl, buf, sizeof(buf),
35013d40330Schristos &readbytes),
35113d40330Schristos SSL_READ_EARLY_DATA_SUCCESS)))
35213d40330Schristos goto err;
35313d40330Schristos if (tst <= 8) {
35413d40330Schristos if (!TEST_int_gt(SSL_connect(cssl), 0))
35513d40330Schristos goto err;
35613d40330Schristos } else {
35713d40330Schristos if (!TEST_int_le(SSL_connect(cssl), 0))
35813d40330Schristos goto err;
35913d40330Schristos }
36013d40330Schristos if (!TEST_int_eq(SSL_read_early_data(sssl, buf, sizeof(buf),
36113d40330Schristos &readbytes),
36213d40330Schristos SSL_READ_EARLY_DATA_FINISH))
36313d40330Schristos goto err;
36413d40330Schristos }
36513d40330Schristos
36613d40330Schristos /* Perform handshake (or complete it if doing early data ) */
36713d40330Schristos if (!TEST_true(create_ssl_connection(sssl, cssl, SSL_ERROR_NONE)))
36813d40330Schristos goto err;
36913d40330Schristos
37013d40330Schristos /*
37113d40330Schristos * Check there were no unexpected CCS messages, all record versions
37213d40330Schristos * were as expected, and that the session ids were reflected by the server
37313d40330Schristos * correctly.
37413d40330Schristos */
37513d40330Schristos if (!TEST_false(badccs) || !TEST_false(badvers) || !TEST_false(badsessid))
37613d40330Schristos goto err;
37713d40330Schristos
37813d40330Schristos switch (tst) {
37913d40330Schristos case 0:
38013d40330Schristos if (!TEST_true(sccsseen)
38113d40330Schristos || !TEST_true(ccsaftersh)
38213d40330Schristos || !TEST_false(ccsbeforesh)
38313d40330Schristos || !TEST_size_t_gt(chsessidlen, 0))
38413d40330Schristos goto err;
38513d40330Schristos break;
38613d40330Schristos
38713d40330Schristos case 1:
38813d40330Schristos if (!TEST_true(sccsseen)
38913d40330Schristos || !TEST_false(ccsaftersh)
39013d40330Schristos || !TEST_false(ccsbeforesh)
39113d40330Schristos || !TEST_size_t_eq(chsessidlen, 0))
39213d40330Schristos goto err;
39313d40330Schristos break;
39413d40330Schristos
39513d40330Schristos case 2:
39613d40330Schristos if (!TEST_false(sccsseen)
39713d40330Schristos || !TEST_true(ccsaftersh)
39813d40330Schristos || !TEST_false(ccsbeforesh)
39913d40330Schristos || !TEST_size_t_gt(chsessidlen, 0))
40013d40330Schristos goto err;
40113d40330Schristos break;
40213d40330Schristos
40313d40330Schristos case 3:
40413d40330Schristos if (!TEST_true(sccsseen)
40513d40330Schristos || !TEST_true(ccsaftersh)
40613d40330Schristos || !TEST_false(ccsbeforesh)
40713d40330Schristos || !TEST_size_t_gt(chsessidlen, 0))
40813d40330Schristos goto err;
40913d40330Schristos break;
41013d40330Schristos
41113d40330Schristos case 4:
41213d40330Schristos if (!TEST_true(sccsseen)
41313d40330Schristos || !TEST_false(ccsaftersh)
41413d40330Schristos || !TEST_false(ccsbeforesh)
41513d40330Schristos || !TEST_size_t_eq(chsessidlen, 0))
41613d40330Schristos goto err;
41713d40330Schristos break;
41813d40330Schristos
41913d40330Schristos case 5:
42013d40330Schristos if (!TEST_false(sccsseen)
42113d40330Schristos || !TEST_true(ccsaftersh)
42213d40330Schristos || !TEST_false(ccsbeforesh)
42313d40330Schristos || !TEST_size_t_gt(chsessidlen, 0))
42413d40330Schristos goto err;
42513d40330Schristos break;
42613d40330Schristos
42713d40330Schristos case 6:
42813d40330Schristos if (!TEST_true(sccsseen)
42913d40330Schristos || !TEST_false(ccsaftersh)
43013d40330Schristos || !TEST_true(ccsbeforesh)
43113d40330Schristos || !TEST_size_t_gt(chsessidlen, 0))
43213d40330Schristos goto err;
43313d40330Schristos break;
43413d40330Schristos
43513d40330Schristos case 7:
43613d40330Schristos if (!TEST_true(sccsseen)
43713d40330Schristos || !TEST_false(ccsaftersh)
43813d40330Schristos || !TEST_false(ccsbeforesh)
43913d40330Schristos || !TEST_size_t_eq(chsessidlen, 0))
44013d40330Schristos goto err;
44113d40330Schristos break;
44213d40330Schristos
44313d40330Schristos case 8:
44413d40330Schristos if (!TEST_false(sccsseen)
44513d40330Schristos || !TEST_false(ccsaftersh)
44613d40330Schristos || !TEST_true(ccsbeforesh)
44713d40330Schristos || !TEST_size_t_gt(chsessidlen, 0))
44813d40330Schristos goto err;
44913d40330Schristos break;
45013d40330Schristos
45113d40330Schristos case 9:
45213d40330Schristos if (!TEST_true(sccsseen)
45313d40330Schristos || !TEST_false(ccsaftersh)
45413d40330Schristos || !TEST_true(ccsbeforesh)
45513d40330Schristos || !TEST_size_t_gt(chsessidlen, 0))
45613d40330Schristos goto err;
45713d40330Schristos break;
45813d40330Schristos
45913d40330Schristos case 10:
46013d40330Schristos if (!TEST_true(sccsseen)
46113d40330Schristos || !TEST_false(ccsaftersh)
46213d40330Schristos || !TEST_false(ccsbeforesh)
46313d40330Schristos || !TEST_size_t_eq(chsessidlen, 0))
46413d40330Schristos goto err;
46513d40330Schristos break;
46613d40330Schristos
46713d40330Schristos case 11:
46813d40330Schristos if (!TEST_false(sccsseen)
46913d40330Schristos || !TEST_false(ccsaftersh)
47013d40330Schristos || !TEST_true(ccsbeforesh)
47113d40330Schristos || !TEST_size_t_gt(chsessidlen, 0))
47213d40330Schristos goto err;
47313d40330Schristos break;
47413d40330Schristos
47513d40330Schristos default:
47613d40330Schristos TEST_error("Invalid test value");
47713d40330Schristos goto err;
47813d40330Schristos }
47913d40330Schristos
48013d40330Schristos ret = 1;
48113d40330Schristos err:
48213d40330Schristos SSL_SESSION_free(sess);
48313d40330Schristos SSL_free(sssl);
48413d40330Schristos SSL_free(cssl);
48513d40330Schristos SSL_CTX_free(sctx);
48613d40330Schristos SSL_CTX_free(cctx);
48713d40330Schristos
48813d40330Schristos return ret;
48913d40330Schristos }
49013d40330Schristos
491*b0d17251Schristos OPT_TEST_DECLARE_USAGE("certfile privkeyfile\n")
492*b0d17251Schristos
setup_tests(void)49313d40330Schristos int setup_tests(void)
49413d40330Schristos {
495*b0d17251Schristos if (!test_skip_common_options()) {
496*b0d17251Schristos TEST_error("Error parsing test options\n");
497*b0d17251Schristos return 0;
498*b0d17251Schristos }
499*b0d17251Schristos
50013d40330Schristos if (!TEST_ptr(cert = test_get_argument(0))
50113d40330Schristos || !TEST_ptr(privkey = test_get_argument(1)))
50213d40330Schristos return 0;
50313d40330Schristos
50413d40330Schristos ADD_ALL_TESTS(test_tls13ccs, 12);
50513d40330Schristos
50613d40330Schristos return 1;
50713d40330Schristos }
50813d40330Schristos
cleanup_tests(void)50913d40330Schristos void cleanup_tests(void)
51013d40330Schristos {
51113d40330Schristos BIO_meth_free(method_watchccs);
51213d40330Schristos }
513