2 * Copyright 2023 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
9 #include <openssl/ssl.h>
10 #include <openssl/quic.h>
11 #include <openssl/bio.h>
12 #include <openssl/lhash.h>
13 #include "internal/quic_tserver.h"
14 #include "internal/quic_ssl.h"
16 #if defined(OPENSSL_THREADS)
17 # include "internal/thread_arch.h"
20 static const char *certfile, *keyfile;
22 #if defined(OPENSSL_THREADS)
23 struct child_thread_args {
25 const struct script_op *script;
35 typedef struct stream_info {
41 DEFINE_LHASH_OF_EX(STREAM_INFO);
45 BIO *s_net_bio, *s_net_bio_own;
46 BIO_ADDR *s_net_bio_addr;
48 LHASH_OF(STREAM_INFO) *s_streams;
51 BIO *c_net_bio, *c_net_bio_own;
54 LHASH_OF(STREAM_INFO) *c_streams;
56 #if defined(OPENSSL_THREADS)
57 struct child_thread_args *threads;
64 * This is a duration recording the amount of time we have skipped forwards
65 * for testing purposes relative to the real ossl_time_now() clock. We add
66 * a quantity of time to this every time we skip some time.
68 CRYPTO_RWLOCK *time_lock;
69 OSSL_TIME time_slip; /* protected by time_lock */
71 int init, blocking, check_spin_again;
77 LHASH_OF(STREAM_INFO) *c_streams;
85 int (*check_func)(struct helper *h, const struct script_op *op);
86 const char *stream_name;
92 #define OPK_C_SET_ALPN 2
93 #define OPK_C_CONNECT_WAIT 3
96 #define OPK_C_READ_EXPECT 6
97 #define OPK_S_READ_EXPECT 7
98 #define OPK_C_EXPECT_FIN 8
99 #define OPK_S_EXPECT_FIN 9
100 #define OPK_C_CONCLUDE 10
101 #define OPK_S_CONCLUDE 11
102 #define OPK_C_DETACH 12
103 #define OPK_C_ATTACH 13
104 #define OPK_C_NEW_STREAM 14
105 #define OPK_S_NEW_STREAM 15
106 #define OPK_C_ACCEPT_STREAM_WAIT 16
107 #define OPK_C_ACCEPT_STREAM_NONE 17
108 #define OPK_C_FREE_STREAM 18
109 #define OPK_C_SET_DEFAULT_STREAM_MODE 19
110 #define OPK_C_SET_INCOMING_STREAM_POLICY 20
111 #define OPK_C_SHUTDOWN 21
112 #define OPK_C_EXPECT_CONN_CLOSE_INFO 22
113 #define OPK_S_EXPECT_CONN_CLOSE_INFO 23
114 #define OPK_S_BIND_STREAM_ID 24
115 #define OPK_C_WAIT_FOR_DATA 25
116 #define OPK_C_WRITE_FAIL 26
117 #define OPK_S_WRITE_FAIL 27
118 #define OPK_C_READ_FAIL 28
119 #define OPK_C_STREAM_RESET 29
120 #define OPK_S_ACCEPT_STREAM_WAIT 30
121 #define OPK_NEW_THREAD 31
122 #define OPK_BEGIN_REPEAT 32
123 #define OPK_END_REPEAT 33
124 #define OPK_S_UNBIND_STREAM_ID 34
125 #define OPK_C_READ_FAIL_WAIT 35
126 #define OPK_C_CLOSE_SOCKET 36
127 #define OPK_C_EXPECT_SSL_ERR 37
128 #define OPK_EXPECT_ERR_REASON 38
129 #define OPK_EXPECT_ERR_LIB 39
132 #define EXPECT_CONN_CLOSE_APP (1U << 0)
133 #define EXPECT_CONN_CLOSE_REMOTE (1U << 1)
135 #define C_BIDI_ID(ordinal) \
136 (((ordinal) << 2) | QUIC_STREAM_INITIATOR_CLIENT | QUIC_STREAM_DIR_BIDI)
137 #define S_BIDI_ID(ordinal) \
138 (((ordinal) << 2) | QUIC_STREAM_INITIATOR_SERVER | QUIC_STREAM_DIR_BIDI)
139 #define C_UNI_ID(ordinal) \
140 (((ordinal) << 2) | QUIC_STREAM_INITIATOR_CLIENT | QUIC_STREAM_DIR_UNI)
141 #define S_UNI_ID(ordinal) \
142 (((ordinal) << 2) | QUIC_STREAM_INITIATOR_SERVER | QUIC_STREAM_DIR_UNI)
144 #define ANY_ID UINT64_MAX
148 #define OP_CHECK(func, arg2) \
149 {OPK_CHECK, NULL, 0, (func), NULL, (arg2)},
150 #define OP_C_SET_ALPN(alpn) \
151 {OPK_C_SET_ALPN, (alpn), 0, NULL, NULL},
152 #define OP_C_CONNECT_WAIT() \
153 {OPK_C_CONNECT_WAIT, NULL, 0, NULL, NULL},
154 #define OP_C_WRITE(stream_name, buf, buf_len) \
155 {OPK_C_WRITE, (buf), (buf_len), NULL, #stream_name},
156 #define OP_S_WRITE(stream_name, buf, buf_len) \
157 {OPK_S_WRITE, (buf), (buf_len), NULL, #stream_name},
158 #define OP_C_READ_EXPECT(stream_name, buf, buf_len) \
159 {OPK_C_READ_EXPECT, (buf), (buf_len), NULL, #stream_name},
160 #define OP_S_READ_EXPECT(stream_name, buf, buf_len) \
161 {OPK_S_READ_EXPECT, (buf), (buf_len), NULL, #stream_name},
162 #define OP_C_EXPECT_FIN(stream_name) \
163 {OPK_C_EXPECT_FIN, NULL, 0, NULL, #stream_name},
164 #define OP_S_EXPECT_FIN(stream_name) \
165 {OPK_S_EXPECT_FIN, NULL, 0, NULL, #stream_name},
166 #define OP_C_CONCLUDE(stream_name) \
167 {OPK_C_CONCLUDE, NULL, 0, NULL, #stream_name},
168 #define OP_S_CONCLUDE(stream_name) \
169 {OPK_S_CONCLUDE, NULL, 0, NULL, #stream_name},
170 #define OP_C_DETACH(stream_name) \
171 {OPK_C_DETACH, NULL, 0, NULL, #stream_name},
172 #define OP_C_ATTACH(stream_name) \
173 {OPK_C_ATTACH, NULL, 0, NULL, #stream_name},
174 #define OP_C_NEW_STREAM_BIDI(stream_name, expect_id) \
175 {OPK_C_NEW_STREAM, NULL, 0, NULL, #stream_name, (expect_id)},
176 #define OP_C_NEW_STREAM_UNI(stream_name, expect_id) \
177 {OPK_C_NEW_STREAM, NULL, 1, NULL, #stream_name, (expect_id)},
178 #define OP_S_NEW_STREAM_BIDI(stream_name, expect_id) \
179 {OPK_S_NEW_STREAM, NULL, 0, NULL, #stream_name, (expect_id)},
180 #define OP_S_NEW_STREAM_UNI(stream_name, expect_id) \
181 {OPK_S_NEW_STREAM, NULL, 1, NULL, #stream_name, (expect_id)},
182 #define OP_C_ACCEPT_STREAM_WAIT(stream_name) \
183 {OPK_C_ACCEPT_STREAM_WAIT, NULL, 0, NULL, #stream_name},
184 #define OP_C_ACCEPT_STREAM_NONE() \
185 {OPK_C_ACCEPT_STREAM_NONE, NULL, 0, NULL, NULL},
186 #define OP_C_FREE_STREAM(stream_name) \
187 {OPK_C_FREE_STREAM, NULL, 0, NULL, #stream_name},
188 #define OP_C_SET_DEFAULT_STREAM_MODE(mode) \
189 {OPK_C_SET_DEFAULT_STREAM_MODE, NULL, (mode), NULL, NULL},
190 #define OP_C_SET_INCOMING_STREAM_POLICY(policy) \
191 {OPK_C_SET_INCOMING_STREAM_POLICY, NULL, (policy), NULL, NULL},
192 #define OP_C_SHUTDOWN() \
193 {OPK_C_SHUTDOWN, NULL, 0, NULL, NULL},
194 #define OP_C_EXPECT_CONN_CLOSE_INFO(ec, app, remote) \
195 {OPK_C_EXPECT_CONN_CLOSE_INFO, NULL, \
196 ((app) ? EXPECT_CONN_CLOSE_APP : 0) | \
197 ((remote) ? EXPECT_CONN_CLOSE_REMOTE : 0), \
199 #define OP_S_EXPECT_CONN_CLOSE_INFO(ec, app, remote) \
200 {OPK_S_EXPECT_CONN_CLOSE_INFO, NULL, \
201 ((app) ? EXPECT_CONN_CLOSE_APP : 0) | \
202 ((remote) ? EXPECT_CONN_CLOSE_REMOTE : 0), \
204 #define OP_S_BIND_STREAM_ID(stream_name, stream_id) \
205 {OPK_S_BIND_STREAM_ID, NULL, 0, NULL, #stream_name, (stream_id)},
206 #define OP_C_WAIT_FOR_DATA(stream_name) \
207 {OPK_C_WAIT_FOR_DATA, NULL, 0, NULL, #stream_name},
208 #define OP_C_WRITE_FAIL(stream_name) \
209 {OPK_C_WRITE_FAIL, NULL, 0, NULL, #stream_name},
210 #define OP_S_WRITE_FAIL(stream_name) \
211 {OPK_S_WRITE_FAIL, NULL, 0, NULL, #stream_name},
212 #define OP_C_READ_FAIL(stream_name) \
213 {OPK_C_READ_FAIL, NULL, 0, NULL, #stream_name},
214 #define OP_C_STREAM_RESET(stream_name, aec) \
215 {OPK_C_STREAM_RESET, NULL, 0, NULL, #stream_name, (aec)},
216 #define OP_S_ACCEPT_STREAM_WAIT(stream_name) \
217 {OPK_S_ACCEPT_STREAM_WAIT, NULL, 0, NULL, #stream_name},
218 #define OP_NEW_THREAD(num_threads, script) \
219 {OPK_NEW_THREAD, (script), (num_threads), NULL, NULL, 0 },
220 #define OP_BEGIN_REPEAT(n) \
221 {OPK_BEGIN_REPEAT, NULL, (n)},
222 #define OP_END_REPEAT() \
224 #define OP_S_UNBIND_STREAM_ID(stream_name) \
225 {OPK_S_UNBIND_STREAM_ID, NULL, 0, NULL, #stream_name},
226 #define OP_C_READ_FAIL_WAIT(stream_name) \
227 {OPK_C_READ_FAIL_WAIT, NULL, 0, NULL, #stream_name},
228 #define OP_C_CLOSE_SOCKET() \
229 {OPK_C_CLOSE_SOCKET},
230 #define OP_C_EXPECT_SSL_ERR(stream_name, err) \
231 {OPK_C_EXPECT_SSL_ERR, NULL, (err), NULL, #stream_name},
232 #define OP_EXPECT_ERR_REASON(err) \
233 {OPK_EXPECT_ERR_REASON, NULL, (err)},
234 #define OP_EXPECT_ERR_LIB(lib) \
235 {OPK_EXPECT_ERR_LIB, NULL, (lib)},
236 #define OP_SLEEP(ms) \
237 {OPK_SLEEP, NULL, 0, NULL, NULL, (ms)},
239 static OSSL_TIME get_time(void *arg)
241 struct helper *h = arg;
244 if (!TEST_true(CRYPTO_THREAD_read_lock(h->time_lock)))
245 return ossl_time_zero();
247 t = ossl_time_add(ossl_time_now(), h->time_slip);
249 CRYPTO_THREAD_unlock(h->time_lock);
253 static int skip_time_ms(struct helper *h, const struct script_op *op)
255 if (!TEST_true(CRYPTO_THREAD_write_lock(h->time_lock)))
258 h->time_slip = ossl_time_add(h->time_slip, ossl_ms2time(op->arg2));
260 CRYPTO_THREAD_unlock(h->time_lock);
264 static int check_rejected(struct helper *h, const struct script_op *op)
266 uint64_t stream_id = op->arg2;
268 if (!ossl_quic_tserver_stream_has_peer_stop_sending(h->s, stream_id, NULL)
269 || !ossl_quic_tserver_stream_has_peer_reset_stream(h->s, stream_id, NULL)) {
270 h->check_spin_again = 1;
277 static int check_stream_reset(struct helper *h, const struct script_op *op)
279 uint64_t stream_id = op->arg2, aec = 0;
281 if (!ossl_quic_tserver_stream_has_peer_reset_stream(h->s, stream_id, &aec)) {
282 h->check_spin_again = 1;
286 return TEST_uint64_t_eq(aec, 42);
289 static int check_stream_stopped(struct helper *h, const struct script_op *op)
291 uint64_t stream_id = op->arg2;
293 if (!ossl_quic_tserver_stream_has_peer_stop_sending(h->s, stream_id, NULL)) {
294 h->check_spin_again = 1;
301 static int override_key_update(struct helper *h, const struct script_op *op)
303 QUIC_CHANNEL *ch = ossl_quic_conn_get_channel(h->c_conn);
305 ossl_quic_channel_set_txku_threshold_override(ch, op->arg2);
309 static int trigger_key_update(struct helper *h, const struct script_op *op)
311 if (!TEST_true(SSL_key_update(h->c_conn, SSL_KEY_UPDATE_REQUESTED)))
317 static int check_key_update_ge(struct helper *h, const struct script_op *op)
319 QUIC_CHANNEL *ch = ossl_quic_conn_get_channel(h->c_conn);
320 int64_t txke = (int64_t)ossl_quic_channel_get_tx_key_epoch(ch);
321 int64_t rxke = (int64_t)ossl_quic_channel_get_rx_key_epoch(ch);
322 int64_t diff = txke - rxke;
325 * TXKE must always be equal to or ahead of RXKE.
326 * It can be ahead of RXKE by at most 1.
328 if (!TEST_int64_t_ge(diff, 0) || !TEST_int64_t_le(diff, 1))
331 /* Caller specifies a minimum number of RXKEs which must have happened. */
332 if (!TEST_uint64_t_ge((uint64_t)rxke, op->arg2))
338 static int check_key_update_lt(struct helper *h, const struct script_op *op)
340 QUIC_CHANNEL *ch = ossl_quic_conn_get_channel(h->c_conn);
341 uint64_t txke = ossl_quic_channel_get_tx_key_epoch(ch);
343 /* Caller specifies a maximum number of TXKEs which must have happened. */
344 if (!TEST_uint64_t_lt(txke, op->arg2))
350 static unsigned long stream_info_hash(const STREAM_INFO *info)
352 return OPENSSL_LH_strhash(info->name);
355 static int stream_info_cmp(const STREAM_INFO *a, const STREAM_INFO *b)
357 return strcmp(a->name, b->name);
360 static void cleanup_stream(STREAM_INFO *info)
362 SSL_free(info->c_stream);
366 static void helper_cleanup_streams(LHASH_OF(STREAM_INFO) **lh)
371 lh_STREAM_INFO_doall(*lh, cleanup_stream);
372 lh_STREAM_INFO_free(*lh);
376 #if defined(OPENSSL_THREADS)
377 static CRYPTO_THREAD_RETVAL run_script_child_thread(void *arg);
379 static int join_threads(struct child_thread_args *threads, size_t num_threads)
383 CRYPTO_THREAD_RETVAL rv;
385 for (i = 0; i < num_threads; ++i) {
386 if (threads[i].t != NULL) {
387 ossl_crypto_thread_native_join(threads[i].t, &rv);
389 if (!threads[i].testresult)
390 /* Do not log failure here, worker will do it. */
393 ossl_crypto_thread_native_clean(threads[i].t);
397 ossl_crypto_mutex_free(&threads[i].m);
404 static void helper_cleanup(struct helper *h)
406 #if defined(OPENSSL_THREADS)
407 join_threads(h->threads, h->num_threads);
408 OPENSSL_free(h->threads);
413 if (h->free_order == 0) {
414 /* order 0: streams, then conn */
415 helper_cleanup_streams(&h->c_streams);
420 /* order 1: conn, then streams */
424 helper_cleanup_streams(&h->c_streams);
427 helper_cleanup_streams(&h->s_streams);
428 ossl_quic_tserver_free(h->s);
431 BIO_free(h->s_net_bio_own);
432 h->s_net_bio_own = NULL;
434 BIO_free(h->c_net_bio_own);
435 h->c_net_bio_own = NULL;
438 BIO_closesocket(h->s_fd);
443 BIO_closesocket(h->c_fd);
447 BIO_ADDR_free(h->s_net_bio_addr);
448 h->s_net_bio_addr = NULL;
450 SSL_CTX_free(h->c_ctx);
453 CRYPTO_THREAD_lock_free(h->time_lock);
457 static int helper_init(struct helper *h, int free_order)
460 struct in_addr ina = {0};
461 QUIC_TSERVER_ARGS s_args = {0};
463 memset(h, 0, sizeof(*h));
466 h->free_order = free_order;
467 h->time_slip = ossl_time_zero();
469 if (!TEST_ptr(h->time_lock = CRYPTO_THREAD_lock_new()))
472 if (!TEST_ptr(h->s_streams = lh_STREAM_INFO_new(stream_info_hash,
476 if (!TEST_ptr(h->c_streams = lh_STREAM_INFO_new(stream_info_hash,
480 ina.s_addr = htonl(0x7f000001UL);
482 h->s_fd = BIO_socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP, 0);
483 if (!TEST_int_ge(h->s_fd, 0))
486 if (!TEST_true(BIO_socket_nbio(h->s_fd, 1)))
489 if (!TEST_ptr(h->s_net_bio_addr = BIO_ADDR_new()))
492 if (!TEST_true(BIO_ADDR_rawmake(h->s_net_bio_addr, AF_INET, &ina, sizeof(ina),
496 if (!TEST_true(BIO_bind(h->s_fd, h->s_net_bio_addr, 0)))
499 if (!TEST_int_gt(BIO_ADDR_rawport(h->s_net_bio_addr), 0))
502 if (!TEST_ptr(h->s_net_bio = h->s_net_bio_own = BIO_new_dgram(h->s_fd, 0)))
505 if (!BIO_up_ref(h->s_net_bio))
508 s_args.net_rbio = h->s_net_bio;
509 s_args.net_wbio = h->s_net_bio;
511 s_args.now_cb = get_time;
512 s_args.now_cb_arg = h;
514 if (!TEST_ptr(h->s = ossl_quic_tserver_new(&s_args, certfile, keyfile)))
517 h->s_net_bio_own = NULL;
519 h->c_fd = BIO_socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP, 0);
520 if (!TEST_int_ge(h->c_fd, 0))
523 if (!TEST_true(BIO_socket_nbio(h->c_fd, 1)))
526 if (!TEST_ptr(h->c_net_bio = h->c_net_bio_own = BIO_new_dgram(h->c_fd, 0)))
529 if (!TEST_true(BIO_dgram_set_peer(h->c_net_bio, h->s_net_bio_addr)))
533 if (!TEST_ptr(h->c_ctx = SSL_CTX_new(OSSL_QUIC_client_method())))
536 if (!TEST_ptr(h->c_conn = SSL_new(h->c_ctx)))
539 /* Use custom time function for virtual time skip. */
540 if (!TEST_true(ossl_quic_conn_set_override_now_cb(h->c_conn, get_time, h)))
543 /* Takes ownership of our reference to the BIO. */
544 SSL_set0_rbio(h->c_conn, h->c_net_bio);
545 h->c_net_bio_own = NULL;
547 if (!TEST_true(BIO_up_ref(h->c_net_bio)))
550 SSL_set0_wbio(h->c_conn, h->c_net_bio);
552 if (!TEST_true(SSL_set_blocking_mode(h->c_conn, 0)))
555 h->start_time = ossl_time_now();
564 static int helper_local_init(struct helper_local *hl, struct helper *h,
568 hl->c_streams = NULL;
569 hl->thread_idx = thread_idx;
574 if (thread_idx < 0) {
575 hl->c_streams = h->c_streams;
577 if (!TEST_ptr(hl->c_streams = lh_STREAM_INFO_new(stream_info_hash,
585 static void helper_local_cleanup(struct helper_local *hl)
590 if (hl->thread_idx >= 0)
591 helper_cleanup_streams(&hl->c_streams);
596 static STREAM_INFO *get_stream_info(LHASH_OF(STREAM_INFO) *lh,
597 const char *stream_name)
599 STREAM_INFO key, *info;
601 if (!TEST_ptr(stream_name))
604 if (!strcmp(stream_name, "DEFAULT"))
607 key.name = stream_name;
608 info = lh_STREAM_INFO_retrieve(lh, &key);
610 info = OPENSSL_zalloc(sizeof(*info));
614 info->name = stream_name;
615 info->s_stream_id = UINT64_MAX;
616 lh_STREAM_INFO_insert(lh, info);
622 static int helper_local_set_c_stream(struct helper_local *hl,
623 const char *stream_name,
626 STREAM_INFO *info = get_stream_info(hl->c_streams, stream_name);
631 info->c_stream = c_stream;
632 info->s_stream_id = UINT64_MAX;
636 static SSL *helper_local_get_c_stream(struct helper_local *hl,
637 const char *stream_name)
641 if (!strcmp(stream_name, "DEFAULT"))
642 return hl->h->c_conn;
644 info = get_stream_info(hl->c_streams, stream_name);
648 return info->c_stream;
652 helper_set_s_stream(struct helper *h, const char *stream_name,
653 uint64_t s_stream_id)
657 if (!strcmp(stream_name, "DEFAULT"))
660 info = get_stream_info(h->s_streams, stream_name);
664 info->c_stream = NULL;
665 info->s_stream_id = s_stream_id;
669 static uint64_t helper_get_s_stream(struct helper *h, const char *stream_name)
673 if (!strcmp(stream_name, "DEFAULT"))
676 info = get_stream_info(h->s_streams, stream_name);
680 return info->s_stream_id;
683 static int is_want(SSL *s, int ret)
685 int ec = SSL_get_error(s, ret);
687 return ec == SSL_ERROR_WANT_READ || ec == SSL_ERROR_WANT_WRITE;
690 static int run_script_worker(struct helper *h, const struct script_op *script,
694 unsigned char *tmp_buf = NULL;
695 int connect_started = 0;
698 const struct script_op *op = NULL;
699 int no_advance = 0, first = 1;
700 #if defined(OPENSSL_THREADS)
701 int end_wait_warning = 0;
703 OSSL_TIME op_start_time = ossl_time_zero(), op_deadline = ossl_time_zero();
704 struct helper_local hl;
705 #define REPEAT_SLOTS 8
706 size_t repeat_stack_idx[REPEAT_SLOTS], repeat_stack_done[REPEAT_SLOTS];
707 size_t repeat_stack_limit[REPEAT_SLOTS];
708 size_t repeat_stack_len = 0;
710 if (!TEST_true(helper_local_init(&hl, h, thread_idx)))
713 #define SPIN_AGAIN() { OSSL_sleep(1); no_advance = 1; continue; }
716 SSL *c_tgt = h->c_conn;
717 uint64_t s_stream_id = UINT64_MAX;
727 op_start_time = ossl_time_now();
728 op_deadline = ossl_time_add(op_start_time, ossl_ms2time(2000));
731 if (!TEST_int_le(ossl_time_compare(ossl_time_now(), op_deadline), 0)) {
732 TEST_error("op %zu timed out on thread %d", op_idx + 1, thread_idx);
736 op = &script[op_idx];
738 if (op->stream_name != NULL) {
739 c_tgt = helper_local_get_c_stream(&hl, op->stream_name);
741 s_stream_id = helper_get_s_stream(h, op->stream_name);
743 s_stream_id = UINT64_MAX;
747 ossl_quic_tserver_tick(h->s);
749 if (thread_idx >= 0 || connect_started)
750 SSL_handle_events(h->c_conn);
752 if (thread_idx >= 0) {
753 /* Only allow certain opcodes on child threads. */
756 case OPK_C_ACCEPT_STREAM_WAIT:
757 case OPK_C_NEW_STREAM:
758 case OPK_C_READ_EXPECT:
759 case OPK_C_EXPECT_FIN:
762 case OPK_C_FREE_STREAM:
763 case OPK_BEGIN_REPEAT:
765 case OPK_C_READ_FAIL_WAIT:
766 case OPK_C_EXPECT_SSL_ERR:
767 case OPK_EXPECT_ERR_REASON:
768 case OPK_EXPECT_ERR_LIB:
773 TEST_error("opcode %lu not allowed on child thread",
774 (unsigned long)op->op);
781 if (!TEST_size_t_eq(repeat_stack_len, 0))
784 #if defined(OPENSSL_THREADS)
785 if (thread_idx < 0) {
789 for (i = 0; i < h->num_threads; ++i) {
790 if (h->threads[i].m == NULL)
793 ossl_crypto_mutex_lock(h->threads[i].m);
794 done = h->threads[i].done;
795 ossl_crypto_mutex_unlock(h->threads[i].m);
798 if (!end_wait_warning) {
799 TEST_info("still waiting for other threads to finish (%zu)", i);
800 end_wait_warning = 1;
809 TEST_info("script finished on thread %d", thread_idx);
813 case OPK_BEGIN_REPEAT:
814 if (!TEST_size_t_lt(repeat_stack_len, OSSL_NELEM(repeat_stack_idx)))
817 if (!TEST_size_t_gt(op->arg1, 0))
820 repeat_stack_idx[repeat_stack_len] = op_idx + 1;
821 repeat_stack_done[repeat_stack_len] = 0;
822 repeat_stack_limit[repeat_stack_len] = op->arg1;
827 if (!TEST_size_t_gt(repeat_stack_len, 0))
830 if (++repeat_stack_done[repeat_stack_len - 1]
831 == repeat_stack_limit[repeat_stack_len - 1]) {
834 op_idx = repeat_stack_idx[repeat_stack_len - 1];
843 int ok = op->check_func(h, op);
844 if (h->check_spin_again) {
845 h->check_spin_again = 0;
856 const char *alpn = op->arg0;
857 size_t alpn_len = strlen(alpn);
859 if (!TEST_size_t_le(alpn_len, UINT8_MAX)
860 || !TEST_ptr(tmp_buf = (unsigned char *)OPENSSL_malloc(alpn_len + 1)))
863 memcpy(tmp_buf + 1, alpn, alpn_len);
864 tmp_buf[0] = (unsigned char)alpn_len;
866 /* 0 is the success case for SSL_set_alpn_protos(). */
867 if (!TEST_false(SSL_set_alpn_protos(h->c_conn, tmp_buf,
871 OPENSSL_free(tmp_buf);
876 case OPK_C_CONNECT_WAIT:
882 ret = SSL_connect(h->c_conn);
883 if (!TEST_true(ret == 1
884 || (!h->blocking && is_want(h->c_conn, ret))))
887 if (!h->blocking && ret != 1)
894 size_t bytes_written = 0;
896 if (!TEST_ptr(c_tgt))
899 if (!TEST_true(SSL_write_ex(c_tgt, op->arg0, op->arg1,
901 || !TEST_size_t_eq(bytes_written, op->arg1))
908 size_t bytes_written = 0;
910 if (!TEST_uint64_t_ne(s_stream_id, UINT64_MAX))
913 if (!TEST_true(ossl_quic_tserver_write(h->s, s_stream_id,
916 || !TEST_size_t_eq(bytes_written, op->arg1))
923 if (!TEST_true(SSL_stream_conclude(c_tgt, 0)))
930 if (!TEST_uint64_t_ne(s_stream_id, UINT64_MAX))
933 ossl_quic_tserver_conclude(h->s, s_stream_id);
937 case OPK_C_WAIT_FOR_DATA:
940 size_t bytes_read = 0;
942 if (!TEST_ptr(c_tgt))
945 if (!SSL_peek_ex(c_tgt, buf, sizeof(buf), &bytes_read)
951 case OPK_C_READ_EXPECT:
953 size_t bytes_read = 0;
955 if (op->arg1 > 0 && tmp_buf == NULL
956 && !TEST_ptr(tmp_buf = OPENSSL_malloc(op->arg1)))
959 if (!SSL_read_ex(c_tgt, tmp_buf + offset, op->arg1 - offset,
963 if (bytes_read + offset != op->arg1) {
964 offset += bytes_read;
969 && !TEST_mem_eq(tmp_buf, op->arg1, op->arg0, op->arg1))
972 OPENSSL_free(tmp_buf);
977 case OPK_S_READ_EXPECT:
979 size_t bytes_read = 0;
981 if (!TEST_uint64_t_ne(s_stream_id, UINT64_MAX))
984 if (op->arg1 > 0 && tmp_buf == NULL
985 && !TEST_ptr(tmp_buf = OPENSSL_malloc(op->arg1)))
988 if (!TEST_true(ossl_quic_tserver_read(h->s, s_stream_id,
994 if (bytes_read + offset != op->arg1) {
995 offset += bytes_read;
1000 && !TEST_mem_eq(tmp_buf, op->arg1, op->arg0, op->arg1))
1003 OPENSSL_free(tmp_buf);
1008 case OPK_C_EXPECT_FIN:
1011 size_t bytes_read = 0;
1013 if (!TEST_false(SSL_read_ex(c_tgt, buf, sizeof(buf),
1015 || !TEST_size_t_eq(bytes_read, 0))
1018 if (is_want(c_tgt, 0))
1021 if (!TEST_int_eq(SSL_get_error(c_tgt, 0),
1022 SSL_ERROR_ZERO_RETURN))
1027 case OPK_S_EXPECT_FIN:
1029 if (!TEST_uint64_t_ne(s_stream_id, UINT64_MAX))
1032 if (!ossl_quic_tserver_has_read_ended(h->s, s_stream_id))
1041 if (!TEST_ptr_null(c_tgt))
1042 goto out; /* don't overwrite existing stream with same name */
1044 if (!TEST_ptr(c_stream = ossl_quic_detach_stream(h->c_conn)))
1047 if (!TEST_true(helper_local_set_c_stream(&hl, op->stream_name, c_stream)))
1054 if (!TEST_ptr(c_tgt))
1057 if (!TEST_true(ossl_quic_attach_stream(h->c_conn, c_tgt)))
1060 if (!TEST_true(helper_local_set_c_stream(&hl, op->stream_name, NULL)))
1065 case OPK_C_NEW_STREAM:
1070 if (!TEST_ptr_null(c_tgt))
1071 goto out; /* don't overwrite existing stream with same name */
1074 flags |= SSL_STREAM_FLAG_UNI;
1076 if (!TEST_ptr(c_stream = SSL_new_stream(h->c_conn, flags)))
1079 if (op->arg2 != UINT64_MAX
1080 && !TEST_uint64_t_eq(SSL_get_stream_id(c_stream),
1084 if (!TEST_true(helper_local_set_c_stream(&hl, op->stream_name, c_stream)))
1089 case OPK_S_NEW_STREAM:
1091 uint64_t stream_id = UINT64_MAX;
1093 if (!TEST_uint64_t_eq(s_stream_id, UINT64_MAX))
1094 goto out; /* don't overwrite existing stream with same name */
1096 if (!TEST_true(ossl_quic_tserver_stream_new(h->s,
1101 if (op->arg2 != UINT64_MAX
1102 && !TEST_uint64_t_eq(stream_id, op->arg2))
1105 if (!TEST_true(helper_set_s_stream(h, op->stream_name,
1111 case OPK_C_ACCEPT_STREAM_WAIT:
1115 if (!TEST_ptr_null(c_tgt))
1116 goto out; /* don't overwrite existing stream with same name */
1118 if ((c_stream = SSL_accept_stream(h->c_conn, 0)) == NULL)
1121 if (!TEST_true(helper_local_set_c_stream(&hl, op->stream_name,
1127 case OPK_S_ACCEPT_STREAM_WAIT:
1129 uint64_t new_stream_id;
1131 if (!TEST_uint64_t_eq(s_stream_id, UINT64_MAX))
1134 new_stream_id = ossl_quic_tserver_pop_incoming_stream(h->s);
1135 if (new_stream_id == UINT64_MAX)
1138 if (!TEST_true(helper_set_s_stream(h, op->stream_name, new_stream_id)))
1143 case OPK_C_ACCEPT_STREAM_NONE:
1147 if (!TEST_ptr_null(c_stream = SSL_accept_stream(h->c_conn, 0))) {
1154 case OPK_C_FREE_STREAM:
1156 if (!TEST_ptr(c_tgt)
1157 || !TEST_true(!SSL_is_connection(c_tgt)))
1160 if (!TEST_true(helper_local_set_c_stream(&hl, op->stream_name, NULL)))
1168 case OPK_C_SET_DEFAULT_STREAM_MODE:
1170 if (!TEST_ptr(c_tgt))
1173 if (!TEST_true(SSL_set_default_stream_mode(c_tgt, op->arg1)))
1178 case OPK_C_SET_INCOMING_STREAM_POLICY:
1180 if (!TEST_ptr(c_tgt))
1183 if (!TEST_true(SSL_set_incoming_stream_policy(c_tgt,
1189 case OPK_C_SHUTDOWN:
1193 if (!TEST_ptr(c_tgt))
1196 ret = SSL_shutdown_ex(c_tgt, 0, NULL, 0);
1197 if (!TEST_int_ge(ret, 0))
1203 case OPK_C_EXPECT_CONN_CLOSE_INFO:
1205 SSL_CONN_CLOSE_INFO cc_info = {0};
1206 int expect_app = (op->arg1 & EXPECT_CONN_CLOSE_APP) != 0;
1207 int expect_remote = (op->arg1 & EXPECT_CONN_CLOSE_REMOTE) != 0;
1208 uint64_t error_code = op->arg2;
1210 if (!TEST_ptr(c_tgt))
1213 if (!SSL_get_conn_close_info(c_tgt, &cc_info, sizeof(cc_info)))
1216 if (!TEST_int_eq(expect_app, !cc_info.is_transport)
1217 || !TEST_int_eq(expect_remote, !cc_info.is_local)
1218 || !TEST_uint64_t_eq(error_code, cc_info.error_code))
1223 case OPK_S_EXPECT_CONN_CLOSE_INFO:
1225 const QUIC_TERMINATE_CAUSE *tc;
1226 int expect_app = (op->arg1 & EXPECT_CONN_CLOSE_APP) != 0;
1227 int expect_remote = (op->arg1 & EXPECT_CONN_CLOSE_REMOTE) != 0;
1228 uint64_t error_code = op->arg2;
1230 if (!ossl_quic_tserver_is_term_any(h->s))
1233 if (!TEST_ptr(tc = ossl_quic_tserver_get_terminate_cause(h->s)))
1236 if (!TEST_uint64_t_eq(error_code, tc->error_code)
1237 || !TEST_int_eq(expect_app, tc->app)
1238 || !TEST_int_eq(expect_remote, tc->remote))
1243 case OPK_S_BIND_STREAM_ID:
1245 if (!TEST_uint64_t_eq(s_stream_id, UINT64_MAX))
1248 if (!TEST_true(helper_set_s_stream(h, op->stream_name, op->arg2)))
1253 case OPK_S_UNBIND_STREAM_ID:
1255 if (!TEST_uint64_t_ne(s_stream_id, UINT64_MAX))
1258 if (!TEST_true(helper_set_s_stream(h, op->stream_name, UINT64_MAX)))
1263 case OPK_C_WRITE_FAIL:
1265 size_t bytes_written = 0;
1267 if (!TEST_ptr(c_tgt))
1270 if (!TEST_false(SSL_write_ex(c_tgt, "apple", 5, &bytes_written)))
1275 case OPK_S_WRITE_FAIL:
1277 size_t bytes_written = 0;
1279 if (!TEST_uint64_t_ne(s_stream_id, UINT64_MAX))
1282 if (!TEST_false(ossl_quic_tserver_write(h->s, s_stream_id,
1283 (const unsigned char *)"apple", 5,
1289 case OPK_C_READ_FAIL:
1291 size_t bytes_read = 0;
1294 if (!TEST_ptr(c_tgt))
1297 if (!TEST_false(SSL_read_ex(c_tgt, buf, sizeof(buf), &bytes_read)))
1302 case OPK_C_READ_FAIL_WAIT:
1304 size_t bytes_read = 0;
1307 if (!TEST_ptr(c_tgt))
1310 if (!TEST_false(SSL_read_ex(c_tgt, buf, sizeof(buf), &bytes_read)))
1313 if (is_want(c_tgt, 0))
1318 case OPK_C_STREAM_RESET:
1320 SSL_STREAM_RESET_ARGS args = {0};
1322 if (!TEST_ptr(c_tgt))
1325 args.quic_error_code = op->arg2;
1327 if (!TEST_true(SSL_stream_reset(c_tgt, &args, sizeof(args))))
1332 case OPK_NEW_THREAD:
1334 #if !defined(OPENSSL_THREADS)
1336 * If this test script requires threading and we do not have
1337 * support for it, skip the rest of it.
1339 TEST_skip("threading not supported, skipping");
1345 if (!TEST_ptr_null(h->threads)) {
1346 TEST_error("max one NEW_THREAD operation per script");
1350 h->threads = OPENSSL_zalloc(op->arg1 * sizeof(struct child_thread_args));
1351 if (!TEST_ptr(h->threads))
1354 h->num_threads = op->arg1;
1356 for (i = 0; i < op->arg1; ++i) {
1357 h->threads[i].h = h;
1358 h->threads[i].script = op->arg0;
1359 h->threads[i].thread_idx = i;
1361 h->threads[i].m = ossl_crypto_mutex_new();
1362 if (!TEST_ptr(h->threads[i].m))
1366 = ossl_crypto_thread_native_start(run_script_child_thread,
1368 if (!TEST_ptr(h->threads[i].t))
1375 case OPK_C_CLOSE_SOCKET:
1377 BIO_closesocket(h->c_fd);
1381 case OPK_C_EXPECT_SSL_ERR:
1383 if (!TEST_size_t_eq((size_t)SSL_get_error(c_tgt, 0), op->arg1))
1388 case OPK_EXPECT_ERR_REASON:
1390 if (!TEST_size_t_eq((size_t)ERR_GET_REASON(ERR_get_error()), op->arg1))
1395 case OPK_EXPECT_ERR_LIB:
1397 if (!TEST_size_t_eq((size_t)ERR_GET_LIB(ERR_get_error()), op->arg1))
1404 OSSL_sleep(op->arg2);
1409 TEST_error("unknown op");
1418 TEST_error("failed at script op %zu, thread %d\n",
1419 op_idx + 1, thread_idx);
1421 for (i = 0; i < repeat_stack_len; ++i)
1422 TEST_info("while repeating, iteration %zu of %zu, starting at script op %zu",
1423 repeat_stack_done[i],
1424 repeat_stack_limit[i],
1425 repeat_stack_idx[i]);
1428 OPENSSL_free(tmp_buf);
1429 helper_local_cleanup(&hl);
1433 static int run_script(const struct script_op *script, int free_order)
1438 if (!TEST_true(helper_init(&h, free_order)))
1441 if (!TEST_true(run_script_worker(&h, script, -1)))
1444 #if defined(OPENSSL_THREADS)
1445 if (!TEST_true(join_threads(h.threads, h.num_threads)))
1455 #if defined(OPENSSL_THREADS)
1456 static CRYPTO_THREAD_RETVAL run_script_child_thread(void *arg)
1459 struct child_thread_args *args = arg;
1461 testresult = run_script_worker(args->h, args->script,
1464 ossl_crypto_mutex_lock(args->m);
1465 args->testresult = testresult;
1467 ossl_crypto_mutex_unlock(args->m);
1472 /* 1. Simple single-stream test */
1473 static const struct script_op script_1[] = {
1474 OP_C_SET_ALPN ("ossltest")
1475 OP_C_CONNECT_WAIT ()
1476 OP_C_WRITE (DEFAULT, "apple", 5)
1477 OP_C_CONCLUDE (DEFAULT)
1478 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
1479 OP_S_READ_EXPECT (a, "apple", 5)
1481 OP_S_WRITE (a, "orange", 6)
1483 OP_C_READ_EXPECT (DEFAULT, "orange", 6)
1484 OP_C_EXPECT_FIN (DEFAULT)
1488 /* 2. Multi-stream test */
1489 static const struct script_op script_2[] = {
1490 OP_C_SET_ALPN ("ossltest")
1491 OP_C_CONNECT_WAIT ()
1492 OP_C_SET_INCOMING_STREAM_POLICY(SSL_INCOMING_STREAM_POLICY_ACCEPT)
1493 OP_C_WRITE (DEFAULT, "apple", 5)
1494 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
1495 OP_S_READ_EXPECT (a, "apple", 5)
1496 OP_S_WRITE (a, "orange", 6)
1497 OP_C_READ_EXPECT (DEFAULT, "orange", 6)
1499 OP_C_NEW_STREAM_BIDI (b, C_BIDI_ID(1))
1500 OP_C_WRITE (b, "flamingo", 8)
1502 OP_S_BIND_STREAM_ID (b, C_BIDI_ID(1))
1503 OP_S_READ_EXPECT (b, "flamingo", 8)
1505 OP_S_WRITE (b, "gargoyle", 8)
1507 OP_C_READ_EXPECT (b, "gargoyle", 8)
1510 OP_C_NEW_STREAM_UNI (c, C_UNI_ID(0))
1511 OP_C_WRITE (c, "elephant", 8)
1513 OP_S_BIND_STREAM_ID (c, C_UNI_ID(0))
1514 OP_S_READ_EXPECT (c, "elephant", 8)
1518 OP_C_ACCEPT_STREAM_NONE ()
1520 OP_S_NEW_STREAM_BIDI (d, S_BIDI_ID(0))
1521 OP_S_WRITE (d, "frog", 4)
1524 OP_C_ACCEPT_STREAM_WAIT (d)
1525 OP_C_ACCEPT_STREAM_NONE ()
1526 OP_C_READ_EXPECT (d, "frog", 4)
1529 OP_S_NEW_STREAM_BIDI (e, S_BIDI_ID(1))
1530 OP_S_WRITE (e, "mixture", 7)
1533 OP_C_ACCEPT_STREAM_WAIT (e)
1534 OP_C_READ_EXPECT (e, "mixture", 7)
1536 OP_C_WRITE (e, "ramble", 6)
1537 OP_S_READ_EXPECT (e, "ramble", 6)
1541 OP_S_NEW_STREAM_UNI (f, S_UNI_ID(0))
1542 OP_S_WRITE (f, "yonder", 6)
1545 OP_C_ACCEPT_STREAM_WAIT (f)
1546 OP_C_ACCEPT_STREAM_NONE ()
1547 OP_C_READ_EXPECT (f, "yonder", 6)
1551 OP_C_SET_INCOMING_STREAM_POLICY(SSL_INCOMING_STREAM_POLICY_REJECT)
1552 OP_S_NEW_STREAM_BIDI (g, S_BIDI_ID(2))
1553 OP_S_WRITE (g, "unseen", 6)
1556 OP_C_ACCEPT_STREAM_NONE ()
1558 OP_C_SET_INCOMING_STREAM_POLICY(SSL_INCOMING_STREAM_POLICY_AUTO)
1559 OP_S_NEW_STREAM_BIDI (h, S_BIDI_ID(3))
1560 OP_S_WRITE (h, "UNSEEN", 6)
1563 OP_C_ACCEPT_STREAM_NONE ()
1566 * Streams g, h should have been rejected, so server should have got
1567 * STOP_SENDING/RESET_STREAM.
1569 OP_CHECK (check_rejected, S_BIDI_ID(2))
1570 OP_CHECK (check_rejected, S_BIDI_ID(3))
1575 /* 3. Default stream detach/reattach test */
1576 static const struct script_op script_3[] = {
1577 OP_C_SET_ALPN ("ossltest")
1578 OP_C_CONNECT_WAIT ()
1580 OP_C_WRITE (DEFAULT, "apple", 5)
1581 OP_C_DETACH (a) /* DEFAULT becomes stream 'a' */
1582 OP_C_WRITE_FAIL (DEFAULT)
1584 OP_C_WRITE (a, "by", 2)
1586 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
1587 OP_S_READ_EXPECT (a, "appleby", 7)
1589 OP_S_WRITE (a, "hello", 5)
1590 OP_C_READ_EXPECT (a, "hello", 5)
1592 OP_C_WRITE_FAIL (DEFAULT)
1594 OP_C_WRITE (DEFAULT, "is here", 7)
1595 OP_S_READ_EXPECT (a, "is here", 7)
1604 /* 4. Default stream mode test */
1605 static const struct script_op script_4[] = {
1606 OP_C_SET_ALPN ("ossltest")
1607 OP_C_CONNECT_WAIT ()
1609 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
1610 OP_C_WRITE_FAIL (DEFAULT)
1612 OP_S_NEW_STREAM_BIDI (a, S_BIDI_ID(0))
1613 OP_S_WRITE (a, "apple", 5)
1615 OP_C_READ_FAIL (DEFAULT)
1617 OP_C_ACCEPT_STREAM_WAIT (a)
1618 OP_C_READ_EXPECT (a, "apple", 5)
1621 OP_C_WRITE (DEFAULT, "orange", 6)
1622 OP_S_READ_EXPECT (a, "orange", 6)
1627 /* 5. Test stream reset functionality */
1628 static const struct script_op script_5[] = {
1629 OP_C_SET_ALPN ("ossltest")
1630 OP_C_CONNECT_WAIT ()
1632 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
1633 OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
1635 OP_C_WRITE (a, "apple", 5)
1636 OP_C_STREAM_RESET (a, 42)
1638 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
1639 OP_S_READ_EXPECT (a, "apple", 5)
1640 OP_CHECK (check_stream_reset, C_BIDI_ID(0))
1645 /* 6. Test STOP_SENDING functionality */
1646 static const struct script_op script_6[] = {
1647 OP_C_SET_ALPN ("ossltest")
1648 OP_C_CONNECT_WAIT ()
1650 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
1651 OP_S_NEW_STREAM_BIDI (a, S_BIDI_ID(0))
1652 OP_S_WRITE (a, "apple", 5)
1654 OP_C_ACCEPT_STREAM_WAIT (a)
1655 OP_C_FREE_STREAM (a)
1656 OP_C_ACCEPT_STREAM_NONE ()
1658 OP_CHECK (check_stream_stopped, S_BIDI_ID(0))
1663 /* 7. Unidirectional default stream mode test (client sends first) */
1664 static const struct script_op script_7[] = {
1665 OP_C_SET_ALPN ("ossltest")
1666 OP_C_CONNECT_WAIT ()
1668 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_AUTO_UNI)
1669 OP_C_WRITE (DEFAULT, "apple", 5)
1671 OP_S_BIND_STREAM_ID (a, C_UNI_ID(0))
1672 OP_S_READ_EXPECT (a, "apple", 5)
1678 /* 8. Unidirectional default stream mode test (server sends first) */
1679 static const struct script_op script_8[] = {
1680 OP_C_SET_ALPN ("ossltest")
1681 OP_C_CONNECT_WAIT ()
1683 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_AUTO_UNI)
1684 OP_S_NEW_STREAM_UNI (a, S_UNI_ID(0))
1685 OP_S_WRITE (a, "apple", 5)
1686 OP_C_READ_EXPECT (DEFAULT, "apple", 5)
1687 OP_C_WRITE_FAIL (DEFAULT)
1692 /* 9. Unidirectional default stream mode test (server sends first on bidi) */
1693 static const struct script_op script_9[] = {
1694 OP_C_SET_ALPN ("ossltest")
1695 OP_C_CONNECT_WAIT ()
1697 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_AUTO_UNI)
1698 OP_S_NEW_STREAM_BIDI (a, S_BIDI_ID(0))
1699 OP_S_WRITE (a, "apple", 5)
1700 OP_C_READ_EXPECT (DEFAULT, "apple", 5)
1701 OP_C_WRITE (DEFAULT, "orange", 6)
1702 OP_S_READ_EXPECT (a, "orange", 6)
1708 static const struct script_op script_10[] = {
1709 OP_C_SET_ALPN ("ossltest")
1710 OP_C_CONNECT_WAIT ()
1712 OP_C_WRITE (DEFAULT, "apple", 5)
1713 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
1714 OP_S_READ_EXPECT (a, "apple", 5)
1717 OP_C_EXPECT_CONN_CLOSE_INFO(0, 1, 0)
1718 OP_S_EXPECT_CONN_CLOSE_INFO(0, 1, 1)
1723 /* 11. Many threads accepted on the same client connection */
1724 static const struct script_op script_11_child[] = {
1725 OP_C_ACCEPT_STREAM_WAIT (a)
1726 OP_C_READ_EXPECT (a, "foo", 3)
1732 static const struct script_op script_11[] = {
1733 OP_C_SET_ALPN ("ossltest")
1734 OP_C_CONNECT_WAIT ()
1735 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
1737 OP_NEW_THREAD (5, script_11_child)
1739 OP_S_NEW_STREAM_BIDI (a, ANY_ID)
1740 OP_S_WRITE (a, "foo", 3)
1743 OP_S_NEW_STREAM_BIDI (b, ANY_ID)
1744 OP_S_WRITE (b, "foo", 3)
1747 OP_S_NEW_STREAM_BIDI (c, ANY_ID)
1748 OP_S_WRITE (c, "foo", 3)
1751 OP_S_NEW_STREAM_BIDI (d, ANY_ID)
1752 OP_S_WRITE (d, "foo", 3)
1755 OP_S_NEW_STREAM_BIDI (e, ANY_ID)
1756 OP_S_WRITE (e, "foo", 3)
1762 /* 12. Many threads initiated on the same client connection */
1763 static const struct script_op script_12_child[] = {
1764 OP_C_NEW_STREAM_BIDI (a, ANY_ID)
1765 OP_C_WRITE (a, "foo", 3)
1767 OP_C_FREE_STREAM (a)
1772 static const struct script_op script_12[] = {
1773 OP_C_SET_ALPN ("ossltest")
1774 OP_C_CONNECT_WAIT ()
1775 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
1777 OP_NEW_THREAD (5, script_12_child)
1779 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
1780 OP_S_READ_EXPECT (a, "foo", 3)
1782 OP_S_BIND_STREAM_ID (b, C_BIDI_ID(1))
1783 OP_S_READ_EXPECT (b, "foo", 3)
1785 OP_S_BIND_STREAM_ID (c, C_BIDI_ID(2))
1786 OP_S_READ_EXPECT (c, "foo", 3)
1788 OP_S_BIND_STREAM_ID (d, C_BIDI_ID(3))
1789 OP_S_READ_EXPECT (d, "foo", 3)
1791 OP_S_BIND_STREAM_ID (e, C_BIDI_ID(4))
1792 OP_S_READ_EXPECT (e, "foo", 3)
1798 /* 13. Many threads accepted on the same client connection (stress test) */
1799 static const struct script_op script_13_child[] = {
1800 OP_BEGIN_REPEAT (10)
1802 OP_C_ACCEPT_STREAM_WAIT (a)
1803 OP_C_READ_EXPECT (a, "foo", 3)
1805 OP_C_FREE_STREAM (a)
1812 static const struct script_op script_13[] = {
1813 OP_C_SET_ALPN ("ossltest")
1814 OP_C_CONNECT_WAIT ()
1815 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
1817 OP_NEW_THREAD (5, script_13_child)
1819 OP_BEGIN_REPEAT (50)
1821 OP_S_NEW_STREAM_BIDI (a, ANY_ID)
1822 OP_S_WRITE (a, "foo", 3)
1824 OP_S_UNBIND_STREAM_ID (a)
1831 /* 14. Many threads initiating on the same client connection (stress test) */
1832 static const struct script_op script_14_child[] = {
1833 OP_BEGIN_REPEAT (10)
1835 OP_C_NEW_STREAM_BIDI (a, ANY_ID)
1836 OP_C_WRITE (a, "foo", 3)
1838 OP_C_FREE_STREAM (a)
1845 static const struct script_op script_14[] = {
1846 OP_C_SET_ALPN ("ossltest")
1847 OP_C_CONNECT_WAIT ()
1848 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
1850 OP_NEW_THREAD (5, script_14_child)
1852 OP_BEGIN_REPEAT (50)
1854 OP_S_ACCEPT_STREAM_WAIT (a)
1855 OP_S_READ_EXPECT (a, "foo", 3)
1857 OP_S_UNBIND_STREAM_ID (a)
1864 /* 15. Client sending large number of streams, MAX_STREAMS test */
1865 static const struct script_op script_15[] = {
1866 OP_C_SET_ALPN ("ossltest")
1867 OP_C_CONNECT_WAIT ()
1868 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
1871 * This will cause a protocol violation to be raised by the server if we are
1872 * not handling the stream limit correctly on the TX side.
1874 OP_BEGIN_REPEAT (200)
1876 OP_C_NEW_STREAM_BIDI (a, ANY_ID)
1877 OP_C_WRITE (a, "foo", 3)
1879 OP_C_FREE_STREAM (a)
1883 /* Prove the connection is still good. */
1884 OP_S_NEW_STREAM_BIDI (a, S_BIDI_ID(0))
1885 OP_S_WRITE (a, "bar", 3)
1888 OP_C_ACCEPT_STREAM_WAIT (a)
1889 OP_C_READ_EXPECT (a, "bar", 3)
1893 * Drain the queue of incoming streams. We should be able to get all 200
1894 * even though only 100 can be initiated at a time.
1896 OP_BEGIN_REPEAT (200)
1898 OP_S_ACCEPT_STREAM_WAIT (b)
1899 OP_S_READ_EXPECT (b, "foo", 3)
1901 OP_S_UNBIND_STREAM_ID (b)
1908 /* 16. Server sending large number of streams, MAX_STREAMS test */
1909 static const struct script_op script_16[] = {
1910 OP_C_SET_ALPN ("ossltest")
1911 OP_C_CONNECT_WAIT ()
1912 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
1915 * This will cause a protocol violation to be raised by the client if we are
1916 * not handling the stream limit correctly on the TX side.
1918 OP_BEGIN_REPEAT (200)
1920 OP_S_NEW_STREAM_BIDI (a, ANY_ID)
1921 OP_S_WRITE (a, "foo", 3)
1923 OP_S_UNBIND_STREAM_ID (a)
1927 /* Prove that the connection is still good. */
1928 OP_C_NEW_STREAM_BIDI (a, ANY_ID)
1929 OP_C_WRITE (a, "bar", 3)
1932 OP_S_ACCEPT_STREAM_WAIT (b)
1933 OP_S_READ_EXPECT (b, "bar", 3)
1936 /* Drain the queue of incoming streams. */
1937 OP_BEGIN_REPEAT (200)
1939 OP_C_ACCEPT_STREAM_WAIT (b)
1940 OP_C_READ_EXPECT (b, "foo", 3)
1942 OP_C_FREE_STREAM (b)
1949 /* 17. Key update test - unlimited */
1950 static const struct script_op script_17[] = {
1951 OP_C_SET_ALPN ("ossltest")
1952 OP_C_CONNECT_WAIT ()
1954 OP_C_WRITE (DEFAULT, "apple", 5)
1956 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
1957 OP_S_READ_EXPECT (a, "apple", 5)
1959 OP_CHECK (override_key_update, 1)
1961 OP_BEGIN_REPEAT (200)
1963 OP_C_WRITE (DEFAULT, "apple", 5)
1964 OP_S_READ_EXPECT (a, "apple", 5)
1967 * TXKU frequency is bounded by RTT because a previous TXKU needs to be
1968 * acknowledged by the peer first before another one can be begin. By
1969 * waiting this long, we eliminate any such concern and ensure as many key
1970 * updates as possible can occur for the purposes of this test.
1972 OP_CHECK (skip_time_ms, 100)
1976 /* At least 5 RXKUs detected */
1977 OP_CHECK (check_key_update_ge, 5)
1980 * Prove the connection is still healthy by sending something in both
1983 OP_C_WRITE (DEFAULT, "xyzzy", 5)
1984 OP_S_READ_EXPECT (a, "xyzzy", 5)
1986 OP_S_WRITE (a, "plugh", 5)
1987 OP_C_READ_EXPECT (DEFAULT, "plugh", 5)
1992 /* 18. Key update test - RTT-bounded */
1993 static const struct script_op script_18[] = {
1994 OP_C_SET_ALPN ("ossltest")
1995 OP_C_CONNECT_WAIT ()
1997 OP_C_WRITE (DEFAULT, "apple", 5)
1999 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
2000 OP_S_READ_EXPECT (a, "apple", 5)
2002 OP_CHECK (override_key_update, 1)
2004 OP_BEGIN_REPEAT (200)
2006 OP_C_WRITE (DEFAULT, "apple", 5)
2007 OP_S_READ_EXPECT (a, "apple", 5)
2008 OP_CHECK (skip_time_ms, 4)
2013 * This time we simulate far less time passing between writes, so there are
2014 * fewer opportunities to initiate TXKUs. Note that we ask for a TXKU every
2015 * 1 packet above, which is absurd; thus this ensures we only actually
2016 * generate TXKUs when we are allowed to.
2018 OP_CHECK (check_key_update_lt, 240)
2021 * Prove the connection is still healthy by sending something in both
2024 OP_C_WRITE (DEFAULT, "xyzzy", 5)
2025 OP_S_READ_EXPECT (a, "xyzzy", 5)
2027 OP_S_WRITE (a, "plugh", 5)
2028 OP_C_READ_EXPECT (DEFAULT, "plugh", 5)
2033 /* 19. Key update test - artificially triggered */
2034 static const struct script_op script_19[] = {
2035 OP_C_SET_ALPN ("ossltest")
2036 OP_C_CONNECT_WAIT ()
2038 OP_C_WRITE (DEFAULT, "apple", 5)
2040 OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
2041 OP_S_READ_EXPECT (a, "apple", 5)
2043 OP_C_WRITE (DEFAULT, "orange", 6)
2044 OP_S_READ_EXPECT (a, "orange", 6)
2046 OP_S_WRITE (a, "strawberry", 10)
2047 OP_C_READ_EXPECT (DEFAULT, "strawberry", 10)
2049 OP_CHECK (check_key_update_lt, 1)
2050 OP_CHECK (trigger_key_update, 0)
2052 OP_C_WRITE (DEFAULT, "orange", 6)
2053 OP_S_READ_EXPECT (a, "orange", 6)
2054 OP_S_WRITE (a, "ok", 2)
2056 OP_C_READ_EXPECT (DEFAULT, "ok", 2)
2057 OP_CHECK (check_key_update_ge, 1)
2062 /* 20. Multiple threads accept stream with socket forcibly closed (error test) */
2063 static const struct script_op script_20_child[] = {
2064 OP_C_ACCEPT_STREAM_WAIT (a)
2065 OP_C_READ_EXPECT (a, "foo", 3)
2069 OP_C_READ_FAIL_WAIT (a)
2070 OP_C_EXPECT_SSL_ERR (a, SSL_ERROR_SYSCALL)
2071 OP_EXPECT_ERR_LIB (ERR_LIB_SYS)
2072 OP_EXPECT_ERR_REASON (SSL_R_PROTOCOL_IS_SHUTDOWN)
2073 OP_C_FREE_STREAM (a)
2078 static const struct script_op script_20[] = {
2079 OP_C_SET_ALPN ("ossltest")
2080 OP_C_CONNECT_WAIT ()
2081 OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
2083 OP_NEW_THREAD (5, script_20_child)
2087 OP_S_NEW_STREAM_BIDI (a, ANY_ID)
2088 OP_S_WRITE (a, "foo", 3)
2089 OP_S_UNBIND_STREAM_ID (a)
2095 OP_C_CLOSE_SOCKET ()
2100 static const struct script_op *const scripts[] = {
2123 static int test_script(int idx)
2125 int script_idx = idx >> 1;
2126 int free_order = idx & 1;
2128 TEST_info("Running script %d (order=%d)", script_idx + 1, free_order);
2129 return run_script(scripts[script_idx], free_order);
2132 OPT_TEST_DECLARE_USAGE("certfile privkeyfile\n")
2134 int setup_tests(void)
2136 if (!test_skip_common_options()) {
2137 TEST_error("Error parsing test options\n");
2141 if (!TEST_ptr(certfile = test_get_argument(0))
2142 || !TEST_ptr(keyfile = test_get_argument(1)))
2145 ADD_ALL_TESTS(test_script, OSSL_NELEM(scripts) * 2);
projects / openssl.git / blob