X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=test%2Fssl_test_ctx_test.c;h=6f277e52425b171b57a9547642be363e83d5e5e7;hp=6b202ef3e50d4c9d5ab916f2d10a62275f636365;hb=2fae041d6c507315a619e2f29bff86e44cc1d0a1;hpb=5c753de668322bf9903a49ba713b2cbc62667571 diff --git a/test/ssl_test_ctx_test.c b/test/ssl_test_ctx_test.c index 6b202ef3e5..6f277e5242 100644 --- a/test/ssl_test_ctx_test.c +++ b/test/ssl_test_ctx_test.c @@ -13,10 +13,12 @@ */ #include +#include #include "e_os.h" #include "ssl_test_ctx.h" #include "testutil.h" +#include "test_main_custom.h" #include #include #include @@ -31,52 +33,144 @@ typedef struct ssl_test_ctx_test_fixture { SSL_TEST_CTX *expected_ctx; } SSL_TEST_CTX_TEST_FIXTURE; + +static int SSL_TEST_CLIENT_CONF_equal(SSL_TEST_CLIENT_CONF *client, + SSL_TEST_CLIENT_CONF *client2) +{ + if (!TEST_int_eq(client->verify_callback, client2->verify_callback)) { + TEST_info("ClientVerifyCallback mismatch: %s vs %s.", + ssl_verify_callback_name(client->verify_callback), + ssl_verify_callback_name(client2->verify_callback)); + return 0; + } + if (!TEST_int_eq(client->servername, client2->servername)) { + TEST_info("ServerName mismatch: %s vs %s.", + ssl_servername_name(client->servername), + ssl_servername_name(client2->servername)); + return 0; + } + if (!TEST_str_eq(client->npn_protocols, client2->npn_protocols)) + return 0; + if (!TEST_str_eq(client->alpn_protocols, client2->alpn_protocols)) + return 0; + if (!TEST_int_eq(client->ct_validation, client2->ct_validation)) { + TEST_info("CTValidation mismatch: %s vs %s.", + ssl_ct_validation_name(client->ct_validation), + ssl_ct_validation_name(client2->ct_validation)); + return 0; + } + return 1; +} + +static int SSL_TEST_SERVER_CONF_equal(SSL_TEST_SERVER_CONF *server, + SSL_TEST_SERVER_CONF *server2) +{ + if (!TEST_int_eq(server->servername_callback, + server2->servername_callback)) { + TEST_info("ServerNameCallback mismatch: %s vs %s.", + ssl_servername_callback_name(server->servername_callback), + ssl_servername_callback_name(server2->servername_callback)); + return 0; + } + if (!TEST_str_eq(server->npn_protocols, server2->npn_protocols)) + return 0; + if (!TEST_str_eq(server->alpn_protocols, server2->alpn_protocols)) + return 0; + if (!TEST_int_eq(server->broken_session_ticket, + server2->broken_session_ticket)) + return 0; + if (!TEST_int_eq(server->cert_status, server2->cert_status)) { + TEST_info("CertStatus mismatch: %s vs %s.", + ssl_certstatus_name(server->cert_status), + ssl_certstatus_name(server2->cert_status)); + return 0; + } + return 1; +} + +static int SSL_TEST_EXTRA_CONF_equal(SSL_TEST_EXTRA_CONF *extra, + SSL_TEST_EXTRA_CONF *extra2) +{ + return SSL_TEST_CLIENT_CONF_equal(&extra->client, &extra2->client) + && SSL_TEST_SERVER_CONF_equal(&extra->server, &extra2->server) + && SSL_TEST_SERVER_CONF_equal(&extra->server2, &extra2->server2); +} + /* Returns 1 if the contexts are equal, 0 otherwise. */ static int SSL_TEST_CTX_equal(SSL_TEST_CTX *ctx, SSL_TEST_CTX *ctx2) { - if (ctx->expected_result != ctx2->expected_result) { - fprintf(stderr, "ExpectedResult mismatch: %s vs %s.\n", - ssl_test_result_name(ctx->expected_result), - ssl_test_result_name(ctx2->expected_result)); + if (!TEST_int_eq(ctx->method, ctx2->method)) { + TEST_info("Method mismatch: %s vs %s.", + ssl_test_method_name(ctx->method), + ssl_test_method_name(ctx2->method)); return 0; } - if (ctx->client_alert != ctx2->client_alert) { - fprintf(stderr, "ClientAlert mismatch: %s vs %s.\n", - ssl_alert_name(ctx->client_alert), - ssl_alert_name(ctx2->client_alert)); + if (!TEST_int_eq(ctx->handshake_mode, ctx2->handshake_mode)) { + TEST_info("HandshakeMode mismatch: %s vs %s.", + ssl_handshake_mode_name(ctx->handshake_mode), + ssl_handshake_mode_name(ctx2->handshake_mode)); return 0; } - if (ctx->server_alert != ctx2->server_alert) { - fprintf(stderr, "ServerAlert mismatch: %s vs %s.\n", - ssl_alert_name(ctx->server_alert), - ssl_alert_name(ctx2->server_alert)); + if (!TEST_int_eq(ctx->app_data_size, ctx2->app_data_size)) + return 0; + + if (!TEST_int_eq(ctx->max_fragment_size, ctx2->max_fragment_size)) + return 0; + + if (!SSL_TEST_EXTRA_CONF_equal(&ctx->extra, &ctx2->extra)) + return 0; + if (!SSL_TEST_EXTRA_CONF_equal(&ctx->resume_extra, &ctx2->resume_extra)) + return 0; + + if (!TEST_int_eq(ctx->expected_result, ctx2->expected_result)) { + TEST_info("ExpectedResult mismatch: %s vs %s.", + ssl_test_result_name(ctx->expected_result), + ssl_test_result_name(ctx2->expected_result)); return 0; } - if (ctx->protocol != ctx2->protocol) { - fprintf(stderr, "ClientAlert mismatch: %s vs %s.\n", - ssl_protocol_name(ctx->protocol), - ssl_protocol_name(ctx2->protocol)); + if (!TEST_int_eq(ctx->expected_client_alert, ctx2->expected_client_alert)) { + TEST_info("ClientAlert mismatch: %s vs %s.", + ssl_alert_name(ctx->expected_client_alert), + ssl_alert_name(ctx2->expected_client_alert)); return 0; } - if (ctx->client_verify_callback != ctx2->client_verify_callback) { - fprintf(stderr, "ClientVerifyCallback mismatch: %s vs %s.\n", - ssl_verify_callback_name(ctx->client_verify_callback), - ssl_verify_callback_name(ctx2->client_verify_callback)); + if (!TEST_int_eq(ctx->expected_server_alert, ctx2->expected_server_alert)) { + TEST_info("ServerAlert mismatch: %s vs %s.", + ssl_alert_name(ctx->expected_server_alert), + ssl_alert_name(ctx2->expected_server_alert)); return 0; } - if (ctx->servername != ctx2->servername) { - fprintf(stderr, "ServerName mismatch: %s vs %s.\n", - ssl_servername_name(ctx->servername), - ssl_servername_name(ctx2->servername)); + if (!TEST_int_eq(ctx->expected_protocol, ctx2->expected_protocol)) { + TEST_info("ClientAlert mismatch: %s vs %s.", + ssl_protocol_name(ctx->expected_protocol), + ssl_protocol_name(ctx2->expected_protocol)); return 0; } - if (ctx->session_ticket_expected != ctx2->session_ticket_expected) { - fprintf(stderr, "SessionTicketExpected mismatch: %s vs %s.\n", - ssl_session_ticket_expected_name(ctx->session_ticket_expected), - ssl_session_ticket_expected_name(ctx2->session_ticket_expected)); + if (!TEST_int_eq(ctx->expected_servername, ctx2->expected_servername)) { + TEST_info("ExpectedServerName mismatch: %s vs %s.", + ssl_servername_name(ctx->expected_servername), + ssl_servername_name(ctx2->expected_servername)); return 0; } - + if (!TEST_int_eq(ctx->session_ticket_expected, + ctx2->session_ticket_expected)) { + TEST_info("SessionTicketExpected mismatch: %s vs %s.", + ssl_session_ticket_name(ctx->session_ticket_expected), + ssl_session_ticket_name(ctx2->session_ticket_expected)); + return 0; + } + if (!TEST_int_eq(ctx->compression_expected, ctx2->compression_expected)) { + TEST_info("ComrpessionExpected mismatch: %d vs %d.", + ctx->compression_expected, + ctx2->compression_expected); + return 0; + } + if (!TEST_str_eq(ctx->expected_npn_protocol, ctx2->expected_npn_protocol)) + return 0; + if (!TEST_str_eq(ctx->expected_alpn_protocol, ctx2->expected_alpn_protocol)) + return 0; + if (!TEST_int_eq(ctx->resumption_expected, ctx2->resumption_expected)) + return 0; return 1; } @@ -85,7 +179,7 @@ static SSL_TEST_CTX_TEST_FIXTURE set_up(const char *const test_case_name) SSL_TEST_CTX_TEST_FIXTURE fixture; fixture.test_case_name = test_case_name; fixture.expected_ctx = SSL_TEST_CTX_new(); - OPENSSL_assert(fixture.expected_ctx != NULL); + TEST_check(fixture.expected_ctx != NULL); return fixture; } @@ -95,9 +189,9 @@ static int execute_test(SSL_TEST_CTX_TEST_FIXTURE fixture) SSL_TEST_CTX *ctx = SSL_TEST_CTX_create(conf, fixture.test_section); - if (ctx == NULL) { - fprintf(stderr, "Failed to parse good configuration %s.\n", - fixture.test_section); + if (!TEST_ptr(ctx)) { + TEST_info("Failed to parse good configuration %s.", + fixture.test_section); goto err; } @@ -110,32 +204,15 @@ static int execute_test(SSL_TEST_CTX_TEST_FIXTURE fixture) return success; } -static int execute_failure_test(SSL_TEST_CTX_TEST_FIXTURE fixture) -{ - SSL_TEST_CTX *ctx = SSL_TEST_CTX_create(conf, fixture.test_section); - - if (ctx != NULL) { - fprintf(stderr, "Parsing bad configuration %s succeeded.\n", - fixture.test_section); - SSL_TEST_CTX_free(ctx); - return 0; - } - - return 1; -} - static void tear_down(SSL_TEST_CTX_TEST_FIXTURE fixture) { SSL_TEST_CTX_free(fixture.expected_ctx); - ERR_print_errors_fp(stderr); } #define SETUP_SSL_TEST_CTX_TEST_FIXTURE() \ SETUP_TEST_FIXTURE(SSL_TEST_CTX_TEST_FIXTURE, set_up) #define EXECUTE_SSL_TEST_CTX_TEST() \ EXECUTE_TEST(execute_test, tear_down) -#define EXECUTE_SSL_TEST_CTX_FAILURE_TEST() \ - EXECUTE_TEST(execute_failure_test, tear_down) static int test_empty_configuration() { @@ -149,34 +226,74 @@ static int test_good_configuration() { SETUP_SSL_TEST_CTX_TEST_FIXTURE(); fixture.test_section = "ssltest_good"; + fixture.expected_ctx->method = SSL_TEST_METHOD_DTLS; + fixture.expected_ctx->handshake_mode = SSL_TEST_HANDSHAKE_RESUME; + fixture.expected_ctx->app_data_size = 1024; + fixture.expected_ctx->max_fragment_size = 2048; + fixture.expected_ctx->expected_result = SSL_TEST_SERVER_FAIL; - fixture.expected_ctx->client_alert = SSL_AD_UNKNOWN_CA; - fixture.expected_ctx->server_alert = 0; /* No alert. */ - fixture.expected_ctx->protocol = TLS1_1_VERSION; - fixture.expected_ctx->client_verify_callback = SSL_TEST_VERIFY_REJECT_ALL; - fixture.expected_ctx->servername = SSL_TEST_SERVERNAME_SERVER2; + fixture.expected_ctx->expected_client_alert = SSL_AD_UNKNOWN_CA; + fixture.expected_ctx->expected_server_alert = 0; /* No alert. */ + fixture.expected_ctx->expected_protocol = TLS1_1_VERSION; + fixture.expected_ctx->expected_servername = SSL_TEST_SERVERNAME_SERVER2; fixture.expected_ctx->session_ticket_expected = SSL_TEST_SESSION_TICKET_YES; + fixture.expected_ctx->compression_expected = SSL_TEST_COMPRESSION_NO; + fixture.expected_ctx->resumption_expected = 1; + + fixture.expected_ctx->extra.client.verify_callback = + SSL_TEST_VERIFY_REJECT_ALL; + fixture.expected_ctx->extra.client.servername = SSL_TEST_SERVERNAME_SERVER2; + fixture.expected_ctx->extra.client.npn_protocols = + OPENSSL_strdup("foo,bar"); + TEST_check(fixture.expected_ctx->extra.client.npn_protocols != NULL); + + fixture.expected_ctx->extra.server.servername_callback = + SSL_TEST_SERVERNAME_IGNORE_MISMATCH; + fixture.expected_ctx->extra.server.broken_session_ticket = 1; + + fixture.expected_ctx->resume_extra.server2.alpn_protocols = + OPENSSL_strdup("baz"); + TEST_check( + fixture.expected_ctx->resume_extra.server2.alpn_protocols != NULL); + + fixture.expected_ctx->resume_extra.client.ct_validation = + SSL_TEST_CT_VALIDATION_STRICT; + EXECUTE_SSL_TEST_CTX_TEST(); } static const char *bad_configurations[] = { "ssltest_unknown_option", + "ssltest_wrong_section", "ssltest_unknown_expected_result", "ssltest_unknown_alert", "ssltest_unknown_protocol", "ssltest_unknown_verify_callback", "ssltest_unknown_servername", + "ssltest_unknown_servername_callback", "ssltest_unknown_session_ticket_expected", + "ssltest_unknown_compression_expected", + "ssltest_unknown_method", + "ssltest_unknown_handshake_mode", + "ssltest_unknown_resumption_expected", + "ssltest_unknown_ct_validation", }; static int test_bad_configuration(int idx) { - SETUP_SSL_TEST_CTX_TEST_FIXTURE(); - fixture.test_section = bad_configurations[idx]; - EXECUTE_SSL_TEST_CTX_FAILURE_TEST(); + SSL_TEST_CTX *ctx = SSL_TEST_CTX_create(conf, bad_configurations[idx]); + + if (!TEST_ptr_null(ctx)) { + TEST_info("Parsing bad configuration %s succeeded.", + bad_configurations[idx]); + SSL_TEST_CTX_free(ctx); + return 0; + } + + return 1; } -int main(int argc, char **argv) +int test_main(int argc, char **argv) { int result = 0; @@ -184,11 +301,10 @@ int main(int argc, char **argv) return 1; conf = NCONF_new(NULL); - OPENSSL_assert(conf != NULL); + TEST_check(conf != NULL); /* argv[1] should point to test/ssl_test_ctx_test.conf */ - OPENSSL_assert(NCONF_load(conf, argv[1], NULL) > 0); - + TEST_check(NCONF_load(conf, argv[1], NULL) > 0); ADD_TEST(test_empty_configuration); ADD_TEST(test_good_configuration);