e985b92992
Change-Id: Ic75f4cac5eb07ffaba8f97d10673d7d7e2b1762d
474 lines
13 KiB
C
474 lines
13 KiB
C
/* $NetBSD: regress_ssl.c,v 1.2 2013/04/11 16:56:42 christos Exp $ */
|
|
/*
|
|
* Copyright (c) 2009-2012 Niels Provos and Nick Mathewson
|
|
*
|
|
* Redistribution and use in source and binary forms, with or without
|
|
* modification, are permitted provided that the following conditions
|
|
* are met:
|
|
* 1. Redistributions of source code must retain the above copyright
|
|
* notice, this list of conditions and the following disclaimer.
|
|
* 2. Redistributions in binary form must reproduce the above copyright
|
|
* notice, this list of conditions and the following disclaimer in the
|
|
* documentation and/or other materials provided with the distribution.
|
|
* 3. The name of the author may not be used to endorse or promote products
|
|
* derived from this software without specific prior written permission.
|
|
*
|
|
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
|
|
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
|
|
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
|
|
* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
|
|
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
|
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
*/
|
|
|
|
#ifdef WIN32
|
|
#include <winsock2.h>
|
|
#include <windows.h>
|
|
#endif
|
|
|
|
#ifndef WIN32
|
|
#include <sys/types.h>
|
|
#include <sys/socket.h>
|
|
#include <netinet/in.h>
|
|
#endif
|
|
|
|
#include "event2/util.h"
|
|
#include "event2/event.h"
|
|
#include "event2/bufferevent_ssl.h"
|
|
#include "event2/buffer.h"
|
|
#include "event2/listener.h"
|
|
|
|
#include "regress.h"
|
|
#include "tinytest.h"
|
|
#include "tinytest_macros.h"
|
|
|
|
#include <openssl/ssl.h>
|
|
#include <openssl/bio.h>
|
|
#include <openssl/err.h>
|
|
#include <openssl/pem.h>
|
|
|
|
#include <string.h>
|
|
|
|
/* A short pre-generated key, to save the cost of doing an RSA key generation
|
|
* step during the unit tests. It's only 512 bits long, and it is published
|
|
* in this file, so you would have to be very foolish to consider using it in
|
|
* your own code. */
|
|
static const char KEY[] =
|
|
"-----BEGIN RSA PRIVATE KEY-----\n"
|
|
"MIIBOgIBAAJBAKibTEzXjj+sqpipePX1lEk5BNFuL/dDBbw8QCXgaJWikOiKHeJq\n"
|
|
"3FQ0OmCnmpkdsPFE4x3ojYmmdgE2i0dJwq0CAwEAAQJAZ08gpUS+qE1IClps/2gG\n"
|
|
"AAer6Bc31K2AaiIQvCSQcH440cp062QtWMC3V5sEoWmdLsbAHFH26/9ZHn5zAflp\n"
|
|
"gQIhANWOx/UYeR8HD0WREU5kcuSzgzNLwUErHLzxP7U6aojpAiEAyh2H35CjN/P7\n"
|
|
"NhcZ4QYw3PeUWpqgJnaE/4i80BSYkSUCIQDLHFhLYLJZ80HwHTADif/ISn9/Ow6b\n"
|
|
"p6BWh3DbMar/eQIgBPS6azH5vpp983KXkNv9AL4VZi9ac/b+BeINdzC6GP0CIDmB\n"
|
|
"U6GFEQTZ3IfuiVabG5pummdC4DNbcdI+WKrSFNmQ\n"
|
|
"-----END RSA PRIVATE KEY-----\n";
|
|
static void *xkey = __UNCONST(KEY);
|
|
|
|
static EVP_PKEY *
|
|
getkey(void)
|
|
{
|
|
EVP_PKEY *key;
|
|
BIO *bio;
|
|
|
|
/* new read-only BIO backed by KEY. */
|
|
bio = BIO_new_mem_buf(xkey, -1);
|
|
tt_assert(bio);
|
|
|
|
key = PEM_read_bio_PrivateKey(bio,NULL,NULL,NULL);
|
|
BIO_free(bio);
|
|
tt_assert(key);
|
|
|
|
return key;
|
|
end:
|
|
return NULL;
|
|
}
|
|
|
|
static X509 *
|
|
getcert(void)
|
|
{
|
|
/* Dummy code to make a quick-and-dirty valid certificate with
|
|
OpenSSL. Don't copy this code into your own program! It does a
|
|
number of things in a stupid and insecure way. */
|
|
X509 *x509 = NULL;
|
|
X509_NAME *name = NULL;
|
|
EVP_PKEY *key = getkey();
|
|
int nid;
|
|
time_t now = time(NULL);
|
|
|
|
tt_assert(key);
|
|
|
|
x509 = X509_new();
|
|
tt_assert(x509);
|
|
tt_assert(0 != X509_set_version(x509, 2));
|
|
tt_assert(0 != ASN1_INTEGER_set(X509_get_serialNumber(x509),
|
|
(long)now));
|
|
|
|
name = X509_NAME_new();
|
|
tt_assert(name);
|
|
nid = OBJ_txt2nid("commonName");
|
|
tt_assert(NID_undef != nid);
|
|
tt_assert(0 != X509_NAME_add_entry_by_NID(
|
|
name, nid, MBSTRING_ASC, __UNCONST("example.com"),
|
|
-1, -1, 0));
|
|
|
|
X509_set_subject_name(x509, name);
|
|
X509_set_issuer_name(x509, name);
|
|
|
|
X509_time_adj(X509_get_notBefore(x509), 0, &now);
|
|
now += 3600;
|
|
X509_time_adj(X509_get_notAfter(x509), 0, &now);
|
|
X509_set_pubkey(x509, key);
|
|
tt_assert(0 != X509_sign(x509, key, EVP_sha1()));
|
|
|
|
return x509;
|
|
end:
|
|
X509_free(x509);
|
|
return NULL;
|
|
}
|
|
|
|
static int disable_tls_11_and_12 = 0;
|
|
static SSL_CTX *the_ssl_ctx = NULL;
|
|
|
|
static SSL_CTX *
|
|
get_ssl_ctx(void)
|
|
{
|
|
if (the_ssl_ctx)
|
|
return the_ssl_ctx;
|
|
the_ssl_ctx = SSL_CTX_new(SSLv23_method());
|
|
if (!the_ssl_ctx)
|
|
return NULL;
|
|
if (disable_tls_11_and_12) {
|
|
#ifdef SSL_OP_NO_TLSv1_2
|
|
SSL_CTX_set_options(the_ssl_ctx, SSL_OP_NO_TLSv1_2);
|
|
#endif
|
|
#ifdef SSL_OP_NO_TLSv1_1
|
|
SSL_CTX_set_options(the_ssl_ctx, SSL_OP_NO_TLSv1_1);
|
|
#endif
|
|
}
|
|
return the_ssl_ctx;
|
|
}
|
|
|
|
static void
|
|
init_ssl(void)
|
|
{
|
|
SSL_library_init();
|
|
ERR_load_crypto_strings();
|
|
SSL_load_error_strings();
|
|
OpenSSL_add_all_algorithms();
|
|
if (SSLeay() != OPENSSL_VERSION_NUMBER) {
|
|
TT_DECLARE("WARN", ("Version mismatch for openssl: compiled with %lx but running with %lx", (unsigned long)OPENSSL_VERSION_NUMBER, (unsigned long)SSLeay()));
|
|
}
|
|
}
|
|
|
|
/* ====================
|
|
Here's a simple test: we read a number from the input, increment it, and
|
|
reply, until we get to 1001.
|
|
*/
|
|
|
|
static int test_is_done = 0;
|
|
static int n_connected = 0;
|
|
static int got_close = 0;
|
|
static int got_error = 0;
|
|
static int renegotiate_at = -1;
|
|
static int stop_when_connected = 0;
|
|
static int pending_connect_events = 0;
|
|
static struct event_base *exit_base = NULL;
|
|
|
|
static void
|
|
respond_to_number(struct bufferevent *bev, void *ctx)
|
|
{
|
|
struct evbuffer *b = bufferevent_get_input(bev);
|
|
char *line;
|
|
int n;
|
|
line = evbuffer_readln(b, NULL, EVBUFFER_EOL_LF);
|
|
if (! line)
|
|
return;
|
|
n = atoi(line);
|
|
if (n <= 0)
|
|
TT_FAIL(("Bad number: %s", line));
|
|
TT_BLATHER(("The number was %d", n));
|
|
if (n == 1001) {
|
|
++test_is_done;
|
|
bufferevent_free(bev); /* Should trigger close on other side. */
|
|
return;
|
|
}
|
|
if (!strcmp(ctx, "client") && n == renegotiate_at) {
|
|
SSL_renegotiate(bufferevent_openssl_get_ssl(bev));
|
|
}
|
|
++n;
|
|
evbuffer_add_printf(bufferevent_get_output(bev),
|
|
"%d\n", n);
|
|
TT_BLATHER(("Done reading; now writing."));
|
|
bufferevent_enable(bev, EV_WRITE);
|
|
bufferevent_disable(bev, EV_READ);
|
|
}
|
|
|
|
static void
|
|
done_writing_cb(struct bufferevent *bev, void *ctx)
|
|
{
|
|
struct evbuffer *b = bufferevent_get_output(bev);
|
|
if (evbuffer_get_length(b))
|
|
return;
|
|
TT_BLATHER(("Done writing."));
|
|
bufferevent_disable(bev, EV_WRITE);
|
|
bufferevent_enable(bev, EV_READ);
|
|
}
|
|
|
|
static void
|
|
eventcb(struct bufferevent *bev, short what, void *ctx)
|
|
{
|
|
TT_BLATHER(("Got event %d", (int)what));
|
|
if (what & BEV_EVENT_CONNECTED) {
|
|
SSL *ssl;
|
|
X509 *peer_cert;
|
|
++n_connected;
|
|
ssl = bufferevent_openssl_get_ssl(bev);
|
|
tt_assert(ssl);
|
|
peer_cert = SSL_get_peer_certificate(ssl);
|
|
if (0==strcmp(ctx, "server")) {
|
|
tt_assert(peer_cert == NULL);
|
|
} else {
|
|
tt_assert(peer_cert != NULL);
|
|
}
|
|
if (stop_when_connected) {
|
|
if (--pending_connect_events == 0)
|
|
event_base_loopexit(exit_base, NULL);
|
|
}
|
|
} else if (what & BEV_EVENT_EOF) {
|
|
TT_BLATHER(("Got a good EOF"));
|
|
++got_close;
|
|
bufferevent_free(bev);
|
|
} else if (what & BEV_EVENT_ERROR) {
|
|
TT_BLATHER(("Got an error."));
|
|
++got_error;
|
|
bufferevent_free(bev);
|
|
}
|
|
end:
|
|
;
|
|
}
|
|
|
|
static void
|
|
open_ssl_bufevs(struct bufferevent **bev1_out, struct bufferevent **bev2_out,
|
|
struct event_base *base, int is_open, int flags, SSL *ssl1, SSL *ssl2,
|
|
evutil_socket_t *fd_pair, struct bufferevent **underlying_pair)
|
|
{
|
|
int state1 = is_open ? BUFFEREVENT_SSL_OPEN :BUFFEREVENT_SSL_CONNECTING;
|
|
int state2 = is_open ? BUFFEREVENT_SSL_OPEN :BUFFEREVENT_SSL_ACCEPTING;
|
|
if (fd_pair) {
|
|
*bev1_out = bufferevent_openssl_socket_new(
|
|
base, fd_pair[0], ssl1, state1, flags);
|
|
*bev2_out = bufferevent_openssl_socket_new(
|
|
base, fd_pair[1], ssl2, state2, flags);
|
|
} else {
|
|
*bev1_out = bufferevent_openssl_filter_new(
|
|
base, underlying_pair[0], ssl1, state1, flags);
|
|
*bev2_out = bufferevent_openssl_filter_new(
|
|
base, underlying_pair[1], ssl2, state2, flags);
|
|
|
|
}
|
|
bufferevent_setcb(*bev1_out, respond_to_number, done_writing_cb,
|
|
eventcb, __UNCONST("client"));
|
|
bufferevent_setcb(*bev2_out, respond_to_number, done_writing_cb,
|
|
eventcb, __UNCONST("server"));
|
|
}
|
|
|
|
static void
|
|
regress_bufferevent_openssl(void *arg)
|
|
{
|
|
struct basic_test_data *data = arg;
|
|
|
|
struct bufferevent *bev1, *bev2;
|
|
SSL *ssl1, *ssl2;
|
|
X509 *cert = getcert();
|
|
EVP_PKEY *key = getkey();
|
|
const int start_open = strstr((char*)data->setup_data, "open")!=NULL;
|
|
const int filter = strstr((char*)data->setup_data, "filter")!=NULL;
|
|
int flags = BEV_OPT_DEFER_CALLBACKS;
|
|
struct bufferevent *bev_ll[2] = { NULL, NULL };
|
|
evutil_socket_t *fd_pair = NULL;
|
|
|
|
tt_assert(cert);
|
|
tt_assert(key);
|
|
|
|
init_ssl();
|
|
|
|
if (strstr((char*)data->setup_data, "renegotiate")) {
|
|
if (SSLeay() >= 0x10001000 &&
|
|
SSLeay() < 0x1000104f) {
|
|
/* 1.0.1 up to 1.0.1c has a bug where TLS1.1 and 1.2
|
|
* can't renegotiate with themselves. Disable. */
|
|
disable_tls_11_and_12 = 1;
|
|
}
|
|
renegotiate_at = 600;
|
|
}
|
|
|
|
ssl1 = SSL_new(get_ssl_ctx());
|
|
ssl2 = SSL_new(get_ssl_ctx());
|
|
|
|
SSL_use_certificate(ssl2, cert);
|
|
SSL_use_PrivateKey(ssl2, key);
|
|
|
|
if (! start_open)
|
|
flags |= BEV_OPT_CLOSE_ON_FREE;
|
|
|
|
if (!filter) {
|
|
tt_assert(strstr((char*)data->setup_data, "socketpair"));
|
|
fd_pair = data->pair;
|
|
} else {
|
|
bev_ll[0] = bufferevent_socket_new(data->base, data->pair[0],
|
|
BEV_OPT_CLOSE_ON_FREE);
|
|
bev_ll[1] = bufferevent_socket_new(data->base, data->pair[1],
|
|
BEV_OPT_CLOSE_ON_FREE);
|
|
}
|
|
|
|
open_ssl_bufevs(&bev1, &bev2, data->base, 0, flags, ssl1, ssl2,
|
|
fd_pair, bev_ll);
|
|
|
|
if (!filter) {
|
|
tt_int_op(bufferevent_getfd(bev1), ==, data->pair[0]);
|
|
} else {
|
|
tt_ptr_op(bufferevent_get_underlying(bev1), ==, bev_ll[0]);
|
|
}
|
|
|
|
if (start_open) {
|
|
pending_connect_events = 2;
|
|
stop_when_connected = 1;
|
|
exit_base = data->base;
|
|
event_base_dispatch(data->base);
|
|
/* Okay, now the renegotiation is done. Make new
|
|
* bufferevents to test opening in BUFFEREVENT_SSL_OPEN */
|
|
flags |= BEV_OPT_CLOSE_ON_FREE;
|
|
bufferevent_free(bev1);
|
|
bufferevent_free(bev2);
|
|
bev1 = bev2 = NULL;
|
|
open_ssl_bufevs(&bev1, &bev2, data->base, 1, flags, ssl1, ssl2,
|
|
fd_pair, bev_ll);
|
|
}
|
|
|
|
bufferevent_enable(bev1, EV_READ|EV_WRITE);
|
|
bufferevent_enable(bev2, EV_READ|EV_WRITE);
|
|
|
|
evbuffer_add_printf(bufferevent_get_output(bev1), "1\n");
|
|
|
|
event_base_dispatch(data->base);
|
|
|
|
tt_assert(test_is_done == 1);
|
|
tt_assert(n_connected == 2);
|
|
|
|
/* We don't handle shutdown properly yet.
|
|
tt_int_op(got_close, ==, 1);
|
|
tt_int_op(got_error, ==, 0);
|
|
*/
|
|
end:
|
|
return;
|
|
}
|
|
|
|
static void
|
|
acceptcb(struct evconnlistener *listener, evutil_socket_t fd,
|
|
struct sockaddr *addr, int socklen, void *arg)
|
|
{
|
|
struct basic_test_data *data = arg;
|
|
struct bufferevent *bev;
|
|
SSL *ssl = SSL_new(get_ssl_ctx());
|
|
|
|
SSL_use_certificate(ssl, getcert());
|
|
SSL_use_PrivateKey(ssl, getkey());
|
|
|
|
bev = bufferevent_openssl_socket_new(
|
|
data->base,
|
|
fd,
|
|
ssl,
|
|
BUFFEREVENT_SSL_ACCEPTING,
|
|
BEV_OPT_CLOSE_ON_FREE|BEV_OPT_DEFER_CALLBACKS);
|
|
|
|
bufferevent_setcb(bev, respond_to_number, NULL, eventcb,
|
|
__UNCONST("server"));
|
|
|
|
bufferevent_enable(bev, EV_READ|EV_WRITE);
|
|
|
|
/* Only accept once, then disable ourself. */
|
|
evconnlistener_disable(listener);
|
|
}
|
|
|
|
static void
|
|
regress_bufferevent_openssl_connect(void *arg)
|
|
{
|
|
struct basic_test_data *data = arg;
|
|
|
|
struct event_base *base = data->base;
|
|
|
|
struct evconnlistener *listener;
|
|
struct bufferevent *bev;
|
|
struct sockaddr_in sin;
|
|
struct sockaddr_storage ss;
|
|
ev_socklen_t slen;
|
|
|
|
init_ssl();
|
|
|
|
memset(&sin, 0, sizeof(sin));
|
|
sin.sin_family = AF_INET;
|
|
sin.sin_addr.s_addr = htonl(0x7f000001);
|
|
|
|
memset(&ss, 0, sizeof(ss));
|
|
slen = sizeof(ss);
|
|
|
|
listener = evconnlistener_new_bind(base, acceptcb, data,
|
|
LEV_OPT_CLOSE_ON_FREE|LEV_OPT_REUSEABLE,
|
|
-1, (struct sockaddr *)&sin, sizeof(sin));
|
|
|
|
tt_assert(listener);
|
|
tt_assert(evconnlistener_get_fd(listener) >= 0);
|
|
|
|
bev = bufferevent_openssl_socket_new(
|
|
data->base, -1, SSL_new(get_ssl_ctx()),
|
|
BUFFEREVENT_SSL_CONNECTING,
|
|
BEV_OPT_CLOSE_ON_FREE|BEV_OPT_DEFER_CALLBACKS);
|
|
tt_assert(bev);
|
|
|
|
bufferevent_setcb(bev, respond_to_number, NULL, eventcb,
|
|
__UNCONST("client"));
|
|
|
|
tt_assert(getsockname(evconnlistener_get_fd(listener),
|
|
(struct sockaddr*)&ss, &slen) == 0);
|
|
tt_assert(slen == sizeof(struct sockaddr_in));
|
|
tt_int_op(((struct sockaddr*)&ss)->sa_family, ==, AF_INET);
|
|
tt_int_op(((struct sockaddr*)&ss)->sa_family, ==, AF_INET);
|
|
|
|
tt_assert(0 ==
|
|
bufferevent_socket_connect(bev, (struct sockaddr*)&ss, slen));
|
|
evbuffer_add_printf(bufferevent_get_output(bev), "1\n");
|
|
bufferevent_enable(bev, EV_READ|EV_WRITE);
|
|
|
|
event_base_dispatch(base);
|
|
end:
|
|
;
|
|
}
|
|
|
|
struct testcase_t ssl_testcases[] = {
|
|
|
|
{ "bufferevent_socketpair", regress_bufferevent_openssl, TT_ISOLATED,
|
|
&basic_setup, __UNCONST("socketpair") },
|
|
{ "bufferevent_filter", regress_bufferevent_openssl,
|
|
TT_ISOLATED,
|
|
&basic_setup, __UNCONST("filter") },
|
|
{ "bufferevent_renegotiate_socketpair", regress_bufferevent_openssl,
|
|
TT_ISOLATED,
|
|
&basic_setup, __UNCONST("socketpair renegotiate") },
|
|
{ "bufferevent_renegotiate_filter", regress_bufferevent_openssl,
|
|
TT_ISOLATED,
|
|
&basic_setup, __UNCONST("filter renegotiate") },
|
|
{ "bufferevent_socketpair_startopen", regress_bufferevent_openssl,
|
|
TT_ISOLATED, &basic_setup, __UNCONST("socketpair open") },
|
|
{ "bufferevent_filter_startopen", regress_bufferevent_openssl,
|
|
TT_ISOLATED, &basic_setup, __UNCONST("filter open") },
|
|
|
|
{ "bufferevent_connect", regress_bufferevent_openssl_connect,
|
|
TT_FORK|TT_NEED_BASE, &basic_setup, NULL },
|
|
|
|
END_OF_TESTCASES,
|
|
};
|