*/
int qtest_create_quic_connection(QUIC_TSERVER *qtserv, SSL *clientssl);
+/*
+ * Same as qtest_create_quic_connection but will stop (successfully) if the
+ * clientssl indicates SSL_ERROR_WANT_XXX as specified by |wanterr|
+ */
+int qtest_create_quic_connection_ex(QUIC_TSERVER *qtserv, SSL *clientssl,
+ int wanterr);
+
/*
* Confirm that the server has received the given transport error code.
*/
#if defined(OPENSSL_THREADS) && !defined(CRYPTO_TDEBUG)
static int globserverret = 0;
+static TSAN_QUALIFIER int abortserverthread = 0;
static QUIC_TSERVER *globtserv;
static const thread_t thread_zero;
}
#endif
-int qtest_create_quic_connection(QUIC_TSERVER *qtserv, SSL *clientssl)
+int qtest_create_quic_connection_ex(QUIC_TSERVER *qtserv, SSL *clientssl,
+ int wanterr)
{
int retc = -1, rets = 0, abortctr = 0, ret = 0;
int clienterr = 0, servererr = 0;
* t uninitialised
*/
thread_t t = thread_zero;
+
+ if (clientssl != NULL)
+ abortserverthread = 0;
#endif
if (!TEST_ptr(qtserv)) {
if (retc <= 0) {
err = SSL_get_error(clientssl, retc);
- if (err != SSL_ERROR_WANT_READ && err != SSL_ERROR_WANT_WRITE) {
- TEST_info("SSL_connect() failed %d, %d", retc, err);
- TEST_openssl_errors();
- clienterr = 1;
+ if (err == wanterr) {
+ retc = 1;
+#if defined(OPENSSL_THREADS) && !defined(CRYPTO_TDEBUG)
+ if (qtserv == NULL && rets > 0)
+ tsan_store(&abortserverthread, 1);
+ else
+#endif
+ rets = 1;
+ } else {
+ if (err != SSL_ERROR_WANT_READ
+ && err != SSL_ERROR_WANT_WRITE) {
+ TEST_info("SSL_connect() failed %d, %d", retc, err);
+ TEST_openssl_errors();
+ clienterr = 1;
+ }
}
}
}
*/
if (!clienterr && retc <= 0)
SSL_handle_events(clientssl);
+
if (!servererr && rets <= 0) {
qtest_add_time(1);
ossl_quic_tserver_tick(qtserv);
TEST_info("No progress made");
goto err;
}
- } while ((retc <= 0 && !clienterr) || (rets <= 0 && !servererr));
+ } while ((retc <= 0 && !clienterr)
+ || (rets <= 0 && !servererr
+#if defined(OPENSSL_THREADS) && !defined(CRYPTO_TDEBUG)
+ && !tsan_load(&abortserverthread)
+#endif
+ ));
if (qtserv == NULL && rets > 0) {
#if defined(OPENSSL_THREADS) && !defined(CRYPTO_TDEBUG)
return ret;
}
+int qtest_create_quic_connection(QUIC_TSERVER *qtserv, SSL *clientssl)
+{
+ return qtest_create_quic_connection_ex(qtserv, clientssl, SSL_ERROR_NONE);
+}
+
#if defined(OPENSSL_THREADS) && !defined(CRYPTO_TDEBUG)
static TSAN_QUALIFIER int shutdowndone;
*/
int qtest_create_quic_connection(QUIC_TSERVER *qtserv, SSL *clientssl);
+/*
+ * Same as qtest_create_quic_connection but will stop (successfully) if the
+ * clientssl indicates SSL_ERROR_WANT_XXX as specified by |wanterr|
+ */
+int qtest_create_quic_connection_ex(QUIC_TSERVER *qtserv, SSL *clientssl,
+ int wanterr);
+
/*
* Shutdown the client SSL object gracefully
*/
return testresult;
}
+static int non_io_retry_cert_verify_cb(X509_STORE_CTX *ctx, void *arg)
+{
+ int idx = SSL_get_ex_data_X509_STORE_CTX_idx();
+ SSL *ssl;
+ int *ctr = (int *)arg;
+
+ /* this should not happen but check anyway */
+ if (idx < 0
+ || (ssl = X509_STORE_CTX_get_ex_data(ctx, idx)) == NULL)
+ return 0;
+
+ /* If this is the first time we've been called then retry */
+ if (((*ctr)++) == 0)
+ return SSL_set_retry_verify(ssl);
+
+ /* Otherwise do nothing - verification succeeds. Continue as normal */
+ return 1;
+}
+
+/* Test that we can handle a non-io related retry error
+ * Test 0: Non-blocking
+ * Test 1: Blocking
+ */
+static int test_non_io_retry(int idx)
+{
+ SSL_CTX *cctx;
+ SSL *clientquic = NULL;
+ QUIC_TSERVER *qtserv = NULL;
+ int testresult = 0;
+ int flags = 0, ctr = 0;
+
+ if (idx >= 1 && !qtest_supports_blocking())
+ return TEST_skip("Blocking tests not supported in this build");
+
+ cctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method());
+ if (!TEST_ptr(cctx))
+ goto err;
+
+ SSL_CTX_set_cert_verify_callback(cctx, non_io_retry_cert_verify_cb, &ctr);
+
+ flags = (idx >= 1) ? QTEST_FLAG_BLOCK : 0;
+ if (!TEST_true(qtest_create_quic_objects(libctx, cctx, NULL, cert, privkey,
+ flags, &qtserv, &clientquic, NULL))
+ || !TEST_true(qtest_create_quic_connection_ex(qtserv, clientquic,
+ SSL_ERROR_WANT_RETRY_VERIFY))
+ || !TEST_int_eq(SSL_want(clientquic), SSL_RETRY_VERIFY)
+ || !TEST_true(qtest_create_quic_connection(qtserv, clientquic)))
+ goto err;
+
+ testresult = 1;
+ err:
+ SSL_free(clientquic);
+ ossl_quic_tserver_free(qtserv);
+ SSL_CTX_free(cctx);
+
+ return testresult;
+}
+
OPT_TEST_DECLARE_USAGE("provider config certsdir datadir\n")
int setup_tests(void)
ADD_TEST(test_bio_ssl);
ADD_TEST(test_back_pressure);
ADD_TEST(test_multiple_dgrams);
+ ADD_ALL_TESTS(test_non_io_retry, 2);
return 1;
err:
cleanup_tests();