From cd4afec69f13e283f74d59f1c97e15db6803bdcb Mon Sep 17 00:00:00 2001
From: Tomas Mraz <tmraz@fedoraproject.org>
Date: Fri, 5 Jun 2020 10:50:25 +0200
Subject: [PATCH] Add a test for renegotiation with EXTMS dropped

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12045)
---
 test/handshake_helper.c              | 12 ++++++++--
 test/ssl-tests/17-renegotiate.cnf    | 35 +++++++++++++++++++++++++++-
 test/ssl-tests/17-renegotiate.cnf.in | 18 ++++++++++++++
 test/ssl_test_ctx.c                  |  2 ++
 test/ssl_test_ctx.h                  |  2 ++
 5 files changed, 66 insertions(+), 3 deletions(-)

diff --git a/test/handshake_helper.c b/test/handshake_helper.c
index 32aa12c466..030073289a 100644
--- a/test/handshake_helper.c
+++ b/test/handshake_helper.c
@@ -938,16 +938,24 @@ static void do_reneg_setup_step(const SSL_TEST_CTX *test_ctx, PEER *peer)
             if (SSL_is_server(peer->ssl)) {
                 ret = SSL_renegotiate(peer->ssl);
             } else {
+                int full_reneg = 0;
+
+                if (test_ctx->extra.client.no_extms_on_reneg) {
+                    SSL_set_options(peer->ssl, SSL_OP_NO_EXTENDED_MASTER_SECRET);
+                    full_reneg = 1;
+                }
                 if (test_ctx->extra.client.reneg_ciphers != NULL) {
                     if (!SSL_set_cipher_list(peer->ssl,
                                 test_ctx->extra.client.reneg_ciphers)) {
                         peer->status = PEER_ERROR;
                         return;
                     }
+                    full_reneg = 1;
+                }
+                if (full_reneg)
                     ret = SSL_renegotiate(peer->ssl);
-                } else {
+                else
                     ret = SSL_renegotiate_abbreviated(peer->ssl);
-                }
             }
             if (!ret) {
                 peer->status = PEER_ERROR;
diff --git a/test/ssl-tests/17-renegotiate.cnf b/test/ssl-tests/17-renegotiate.cnf
index 12cf791310..ac826af187 100644
--- a/test/ssl-tests/17-renegotiate.cnf
+++ b/test/ssl-tests/17-renegotiate.cnf
@@ -1,6 +1,6 @@
 # Generated with generate_ssl_tests.pl
 
-num_tests = 14
+num_tests = 15
 
 test-0 = 0-renegotiate-client-no-resume
 test-1 = 1-renegotiate-client-resume
@@ -16,6 +16,7 @@ test-10 = 10-no-renegotiation-server-by-client
 test-11 = 11-no-renegotiation-server-by-server
 test-12 = 12-no-renegotiation-client-by-server
 test-13 = 13-no-renegotiation-client-by-client
+test-14 = 14-no-extms-on-renegotiation
 # ===========================================================
 
 [0-renegotiate-client-no-resume]
@@ -430,3 +431,35 @@ Method = TLS
 ResumptionExpected = No
 
 
+# ===========================================================
+
+[14-no-extms-on-renegotiation]
+ssl_conf = 14-no-extms-on-renegotiation-ssl
+
+[14-no-extms-on-renegotiation-ssl]
+server = 14-no-extms-on-renegotiation-server
+client = 14-no-extms-on-renegotiation-client
+
+[14-no-extms-on-renegotiation-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[14-no-extms-on-renegotiation-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-14]
+ExpectedResult = ServerFail
+HandshakeMode = RenegotiateClient
+Method = TLS
+ResumptionExpected = No
+client = 14-no-extms-on-renegotiation-client-extra
+
+[14-no-extms-on-renegotiation-client-extra]
+RenegotiateNoExtms = Yes
+
+
diff --git a/test/ssl-tests/17-renegotiate.cnf.in b/test/ssl-tests/17-renegotiate.cnf.in
index 2cc2181532..ff3f74906a 100644
--- a/test/ssl-tests/17-renegotiate.cnf.in
+++ b/test/ssl-tests/17-renegotiate.cnf.in
@@ -243,6 +243,24 @@ our @tests_tls1_2 = (
             "ResumptionExpected" => "No",
             "ExpectedResult" => "ClientFail"
         }
+    },
+    {
+        name => "no-extms-on-renegotiation",
+        server => {
+            "MaxProtocol" => "TLSv1.2"
+        },
+        client => {
+            "MaxProtocol" => "TLSv1.2",
+            extra => {
+                "RenegotiateNoExtms" => "Yes"
+            }
+        },
+        test => {
+            "Method" => "TLS",
+            "HandshakeMode" => "RenegotiateClient",
+            "ResumptionExpected" => "No",
+            "ExpectedResult" => "ServerFail"
+        }
     }
 );
 
diff --git a/test/ssl_test_ctx.c b/test/ssl_test_ctx.c
index aee9773bf8..31da26b0d7 100644
--- a/test/ssl_test_ctx.c
+++ b/test/ssl_test_ctx.c
@@ -638,6 +638,7 @@ IMPLEMENT_SSL_TEST_STRING_OPTION(SSL_TEST_CTX, test, expected_cipher)
 
 IMPLEMENT_SSL_TEST_BOOL_OPTION(SSL_TEST_CLIENT_CONF, client, enable_pha)
 IMPLEMENT_SSL_TEST_BOOL_OPTION(SSL_TEST_SERVER_CONF, server, force_pha)
+IMPLEMENT_SSL_TEST_BOOL_OPTION(SSL_TEST_CLIENT_CONF, client, no_extms_on_reneg)
 
 /* Known test options and their corresponding parse methods. */
 
@@ -697,6 +698,7 @@ static const ssl_test_client_option ssl_test_client_options[] = {
     { "SRPPassword", &parse_client_srp_password },
     { "MaxFragmentLenExt", &parse_max_fragment_len_mode },
     { "EnablePHA", &parse_client_enable_pha },
+    { "RenegotiateNoExtms", &parse_client_no_extms_on_reneg },
 };
 
 /* Nested server options. */
diff --git a/test/ssl_test_ctx.h b/test/ssl_test_ctx.h
index 29a989abc8..d08c415fd2 100644
--- a/test/ssl_test_ctx.h
+++ b/test/ssl_test_ctx.h
@@ -110,6 +110,8 @@ typedef struct {
     char *srp_password;
     /* PHA enabled */
     int enable_pha;
+    /* Do not send extms on renegotiation */
+    int no_extms_on_reneg;
 } SSL_TEST_CLIENT_CONF;
 
 typedef struct {
-- 
2.34.1