SecBSD/src
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

sync with OpenBSD -current

Browse source
This commit is contained in:
purplerain 2024-07-11 15:49:23 +00:00
parent a8049e67d3
commit ae019f102d
Signed by: purplerain
GPG key ID: F42C07F07E2E35B7
77 changed files with 4413 additions and 6362 deletions
Download patch file Download diff file Expand all files Collapse all files

222
regress/lib/libssl/unit/ssl_set_alpn_protos.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: ssl_set_alpn_protos.c,v 1.3 2024/06/28 14:50:37 tb Exp $ */
/* $OpenBSD: ssl_set_alpn_protos.c,v 1.4 2024/07/11 13:51:47 tb Exp $ */
/*
* Copyright (c) 2022 Theo Buehler <tb@openbsd.org>
*
@ -202,162 +202,138 @@ test_ssl_set_alpn_protos_edge_cases(void)
}
static const struct select_next_proto_test {
const unsigned char *server_list;
size_t server_list_len;
const unsigned char *client_list;
size_t client_list_len;
const unsigned char *peer_list;
size_t peer_list_len;
const unsigned char *supported_list;
size_t supported_list_len;
int want_ret;
const unsigned char *want_out;
unsigned char want_out_len; /* yes, unsigned char */
} select_next_proto_tests[] = {
{
.server_list = "\x01" "a" "\x01" "b" "\x01" "c",
.server_list_len = 6,
.client_list = "\x01" "a",
.client_list_len = 2,
.peer_list = "\x01" "a" "\x01" "b" "\x01" "c",
.peer_list_len = 6,
.supported_list = "\x01" "a",
.supported_list_len = 2,
.want_ret = OPENSSL_NPN_NEGOTIATED,
.want_out = "a",
.want_out_len = 1,
},
{
.server_list = "\x01" "a" "\x01" "b" "\x01" "c",
.server_list_len = 6,
.client_list = "\x02" "aa" "\x01" "b" "\x01" "c",
.client_list_len = 7,
.peer_list = "\x01" "a" "\x01" "b" "\x01" "c",
.peer_list_len = 6,
.supported_list = "\x02" "aa" "\x01" "b" "\x01" "c",
.supported_list_len = 7,
.want_ret = OPENSSL_NPN_NEGOTIATED,
.want_out = "b",
.want_out_len = 1,
},
{
/* Use server preference. */
.server_list = "\x01" "a" "\x01" "b" "\x01" "c",
.server_list_len = 6,
.client_list = "\x01" "c" "\x01" "b" "\x01" "a",
.client_list_len = 6,
/* Use peer preference. */
.peer_list = "\x01" "a" "\x01" "b" "\x01" "c",
.peer_list_len = 6,
.supported_list = "\x01" "c" "\x01" "b" "\x01" "a",
.supported_list_len = 6,
.want_ret = OPENSSL_NPN_NEGOTIATED,
.want_out = "a",
.want_out_len = 1,
},
{
/* Again server preference wins. */
.server_list = "\x01" "a" "\x03" "bbb" "\x02" "cc",
.server_list_len = 9,
.client_list = "\x01" "z" "\x02" "cc" "\x03" "bbb",
.client_list_len = 9,
/* Again peer preference wins. */
.peer_list = "\x01" "a" "\x03" "bbb" "\x02" "cc",
.peer_list_len = 9,
.supported_list = "\x01" "z" "\x02" "cc" "\x03" "bbb",
.supported_list_len = 9,
.want_ret = OPENSSL_NPN_NEGOTIATED,
.want_out = "bbb",
.want_out_len = 3,
},
{
/* No overlap fails with first client protocol. */
.server_list = "\x01" "a" "\x01" "b" "\x01" "c",
.server_list_len = 6,
.client_list = "\x01" "z" "\x01" "y",
.client_list_len = 4,
/* No overlap fails with first supported protocol. */
.peer_list = "\x01" "a" "\x01" "b" "\x01" "c",
.peer_list_len = 6,
.supported_list = "\x01" "z" "\x01" "y",
.supported_list_len = 4,
.want_ret = OPENSSL_NPN_NO_OVERLAP,
.want_out = "z",
.want_out_len = 1,
},
{
/*
* No server protocols is a misconfiguration, but should fail
* cleanly.
*/
.server_list = "",
.server_list_len = 0,
.client_list = "\x01" "a" "\x01" "b" "\x01" "c",
.client_list_len = 6,
/* No peer protocols fails cleanly. */
.peer_list = "",
.peer_list_len = 0,
.supported_list = "\x01" "a" "\x01" "b" "\x01" "c",
.supported_list_len = 6,
.want_out = "a",
.want_out_len = 1,
.want_ret = OPENSSL_NPN_NO_OVERLAP,
},
{
/*
* NULL server protocols is a programming error that fails
* cleanly.
*/
.server_list = NULL,
.server_list_len = 0,
.client_list = "\x01" "a" "\x01" "b" "\x01" "c",
.client_list_len = 6,
/* NULL peer protocols fails cleanly. */
.peer_list = NULL,
.peer_list_len = 0,
.supported_list = "\x01" "a" "\x01" "b" "\x01" "c",
.supported_list_len = 6,
.want_out = "a",
.want_out_len = 1,
.want_ret = OPENSSL_NPN_NO_OVERLAP,
},
{
/*
* Malformed server protocols is a misconfiguration, but it
* should fail cleanly.
*/
.server_list = "\x00",
.server_list_len = 1,
.client_list = "\x01" "a" "\x01" "b" "\x01" "c",
.client_list_len = 6,
/* Malformed peer protocols fails cleanly. */
.peer_list = "\x00",
.peer_list_len = 1,
.supported_list = "\x01" "a" "\x01" "b" "\x01" "c",
.supported_list_len = 6,
.want_out = "a",
.want_out_len = 1,
.want_ret = OPENSSL_NPN_NO_OVERLAP,
},
{
/*
* Malformed server protocols is a misconfiguration, but it
* should fail cleanly.
*/
.server_list = "\x01" "a" "\x03" "bb",
.server_list_len = 5,
.client_list = "\x01" "a" "\x01" "b" "\x01" "c",
.client_list_len = 6,
/* Malformed peer protocols fails cleanly. */
.peer_list = "\x01" "a" "\x03" "bb",
.peer_list_len = 5,
.supported_list = "\x01" "a" "\x01" "b" "\x01" "c",
.supported_list_len = 6,
.want_out = "a",
.want_out_len = 1,
.want_ret = OPENSSL_NPN_NO_OVERLAP,
},
{
/*
* Empty client protocols is not reachable from the ALPN
* callback. It fails cleanly with NULL protocol and 0 length.
*/
.server_list = "\x01" "a",
.server_list_len = 2,
.client_list = "",
.client_list_len = 0,
/* Empty supported list fails cleanly. */
.peer_list = "\x01" "a",
.peer_list_len = 2,
.supported_list = "",
.supported_list_len = 0,
.want_out = NULL,
.want_out_len = 0,
.want_ret = OPENSSL_NPN_NO_OVERLAP,
},
{
/*
* NULL client protocols is not reachable from the ALPN
* callback. It fails cleanly with NULL protocol and 0 length.
*/
.server_list = "\x01" "a",
.server_list_len = 2,
.client_list = NULL,
.client_list_len = 0,
/* NULL supported list fails cleanly. */
.peer_list = "\x01" "a",
.peer_list_len = 2,
.supported_list = NULL,
.supported_list_len = 0,
.want_out = NULL,
.want_out_len = 0,
.want_ret = OPENSSL_NPN_NO_OVERLAP,
},
{
/*
* Malformed client list fails cleanly with NULL protocol and
* 0 length.
*/
.server_list = "\x01" "a",
.server_list_len = 2,
.client_list = "\x01" "a" "\x02" "bb" "\x03" "cc" "\x04" "ddd",
.client_list_len = 12,
/* Malformed supported list fails cleanly. */
.peer_list = "\x01" "a",
.peer_list_len = 2,
.supported_list = "\x01" "a" "\x02" "bb" "\x03" "cc" "\x04" "ddd",
.supported_list_len = 12,
.want_out = NULL,
.want_out_len = 0,
.want_ret = OPENSSL_NPN_NO_OVERLAP,
},
{
/*
* Malformed client list fails cleanly with NULL protocol and
* 0 length.
*/
.server_list = "\x01" "a",
.server_list_len = 2,
.client_list = "\x01" "a" "\x02" "bb" "\x00" "\x03" "ddd",
.client_list_len = 10,
/* Malformed client list fails cleanly. */
.peer_list = "\x01" "a",
.peer_list_len = 2,
.supported_list = "\x01" "a" "\x02" "bb" "\x00" "\x03" "ddd",
.supported_list_len = 10,
.want_out = NULL,
.want_out_len = 0,
.want_ret = OPENSSL_NPN_NO_OVERLAP,
@ -368,58 +344,58 @@ static const struct select_next_proto_test {
*/
{
.server_list = "\x08" "http/1.1" "\x06" "spdy/1",
.server_list_len = 16,
.client_list = "\x08" "http/2.0" "\x08" "http/1.1",
.client_list_len = 18,
.peer_list = "\x08" "http/1.1" "\x06" "spdy/1",
.peer_list_len = 16,
.supported_list = "\x08" "http/2.0" "\x08" "http/1.1",
.supported_list_len = 18,
.want_out = "http/1.1",
.want_out_len = 8,
.want_ret = OPENSSL_NPN_NEGOTIATED,
},
{
.server_list = "\x08" "http/2.0" "\x06" "spdy/1",
.server_list_len = 16,
.client_list = "\x08" "http/1.0" "\x08" "http/1.1",
.client_list_len = 18,
.peer_list = "\x08" "http/2.0" "\x06" "spdy/1",
.peer_list_len = 16,
.supported_list = "\x08" "http/1.0" "\x08" "http/1.1",
.supported_list_len = 18,
.want_out = "http/1.0",
.want_out_len = 8,
.want_ret = OPENSSL_NPN_NO_OVERLAP,
},
{
.server_list = "\x08" "http/1.1" "\x08" "http/1.0",
.server_list_len = 18,
.client_list = "\x08" "http/1.0" "\x08" "http/1.1",
.client_list_len = 18,
.peer_list = "\x08" "http/1.1" "\x08" "http/1.0",
.peer_list_len = 18,
.supported_list = "\x08" "http/1.0" "\x08" "http/1.1",
.supported_list_len = 18,
.want_out = "http/1.1",
.want_out_len = 8,
.want_ret = OPENSSL_NPN_NEGOTIATED,
},
{
/* Server malformed. */
.server_list = "\x08" "http/1.1" "\x07" "http/1.0",
.server_list_len = 18,
.client_list = "\x08" "http/1.0" "\x08" "http/1.1",
.client_list_len = 18,
/* Peer list malformed. */
.peer_list = "\x08" "http/1.1" "\x07" "http/1.0",
.peer_list_len = 18,
.supported_list = "\x08" "http/1.0" "\x08" "http/1.1",
.supported_list_len = 18,
.want_out = "http/1.0",
.want_out_len = 8,
.want_ret = OPENSSL_NPN_NO_OVERLAP,
},
{
/* Server malformed. */
.server_list = "\x07" "http/1.1" "\x08" "http/1.0",
.server_list_len = 18,
.client_list = "\x08" "http/1.0" "\x08" "http/1.1",
.client_list_len = 18,
/* Peer list malformed. */
.peer_list = "\x07" "http/1.1" "\x08" "http/1.0",
.peer_list_len = 18,
.supported_list = "\x08" "http/1.0" "\x08" "http/1.1",
.supported_list_len = 18,
.want_out = "http/1.0",
.want_out_len = 8,
.want_ret = OPENSSL_NPN_NO_OVERLAP,
},
{
/* Client has trailing bytes. */
.server_list = "\x08" "http/1.1" "\x08" "http/1.0",
.server_list_len = 18,
.client_list = "\x08" "http/1.0" "\x07" "http/1.1",
.client_list_len = 18,
/* Supported list has trailing bytes. */
.peer_list = "\x08" "http/1.1" "\x08" "http/1.0",
.peer_list_len = 18,
.supported_list = "\x08" "http/1.0" "\x07" "http/1.1",
.supported_list_len = 18,
.want_out = NULL,
.want_out_len = 0,
.want_ret = OPENSSL_NPN_NO_OVERLAP,
@ -437,8 +413,8 @@ select_next_proto_testcase(const struct select_next_proto_test *test)
int ret;
int failed = 0;
ret = SSL_select_next_proto(&out, &out_len, test->server_list,
test->server_list_len, test->client_list, test->client_list_len);
ret = SSL_select_next_proto(&out, &out_len, test->peer_list,
test->peer_list_len, test->supported_list, test->supported_list_len);
if (ret != test->want_ret || out_len != test->want_out_len ||
(out == NULL && test->want_out != NULL) ||
@ -452,9 +428,9 @@ select_next_proto_testcase(const struct select_next_proto_test *test)
fprintf(stderr, "\nwant:\n");
hexdump(test->want_out, test->want_out_len);
fprintf(stderr, "\nserver:\n");
hexdump(test->server_list, test->server_list_len);
hexdump(test->peer_list, test->peer_list_len);
fprintf(stderr, "\nclient:\n");
hexdump(test->client_list, test->client_list_len);
hexdump(test->supported_list, test->supported_list_len);
fprintf(stderr, "\n");
failed = 1;
}