Fix most of the clienttest. With this only test cases 9 and 13 fail.

author tb <tb@openbsd.org>

Tue, 11 Jul 2023 08:31:34 +0000 (08:31 +0000)

committer tb <tb@openbsd.org>

Tue, 11 Jul 2023 08:31:34 +0000 (08:31 +0000)
author tb <tb@openbsd.org>
Tue, 11 Jul 2023 08:31:34 +0000 (08:31 +0000)
committer tb <tb@openbsd.org>
Tue, 11 Jul 2023 08:31:34 +0000 (08:31 +0000)
diff --git a/regress/lib/libssl/client/clienttest.c b/regress/lib/libssl/client/clienttest.c

index 8ecc544..c1c518b 100644 (file)
--- a/regress/lib/libssl/client/clienttest.c
+++ b/regress/lib/libssl/client/clienttest.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: clienttest.c,v 1.40 2023/04/23 18:59:41 tb Exp $ */
+/*     $OpenBSD: clienttest.c,v 1.41 2023/07/11 08:31:34 tb Exp $ */
  /*
   * Copyright (c) 2015 Joel Sing <jsing@openbsd.org>
   *
@@ -36,7 +36,7 @@
  #define TLS13_RANDOM_OFFSET (TLS13_HM_OFFSET + 2)
  #define TLS13_SESSION_OFFSET (TLS13_HM_OFFSET + 34)
  #define TLS13_CIPHER_OFFSET (TLS13_HM_OFFSET + 69)
-#define TLS13_KEY_SHARE_OFFSET (TLS13_HM_OFFSET + 192)
+#define TLS13_KEY_SHARE_OFFSET (TLS13_HM_OFFSET + 188)
  #define TLS13_ONLY_KEY_SHARE_OFFSET (TLS13_HM_OFFSET + 98)
  
  #define TLS1_3_VERSION_ONLY (TLS1_3_VERSION | 0x10000)
@@ -270,8 +270,8 @@ static const uint8_t cipher_list_tls13_chacha[] = {
  };
  
  static const uint8_t client_hello_tls13[] = {
-       0x16, 0x03, 0x01, 0x01, 0x18, 0x01, 0x00, 0x01,
-       0x14, 0x03, 0x03, 0x00, 0x00, 0x00, 0x00, 0x00,
+       0x16, 0x03, 0x03, 0x01, 0x14, 0x01, 0x00, 0x01,
+       0x10, 0x03, 0x03, 0x00, 0x00, 0x00, 0x00, 0x00,
         0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
         0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
         0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
@@ -292,20 +292,20 @@ static const uint8_t client_hello_tls13[] = {
         0x00, 0x2f, 0x00, 0xba, 0x00, 0x41, 0xc0, 0x11,
         0xc0, 0x07, 0x00, 0x05, 0xc0, 0x12, 0xc0, 0x08,
         0x00, 0x16, 0x00, 0x0a, 0x00, 0xff, 0x01, 0x00,
-       0x00, 0x6b, 0x00, 0x2b, 0x00, 0x09, 0x08, 0x03,
-       0x04, 0x03, 0x03, 0x03, 0x02, 0x03, 0x01, 0x00,
-       0x33, 0x00, 0x26, 0x00, 0x24, 0x00, 0x1d, 0x00,
-       0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+       0x00, 0x67, 0x00, 0x2b, 0x00, 0x05, 0x04, 0x03,
+       0x04, 0x03, 0x03, 0x00, 0x33, 0x00, 0x26, 0x00,
+       0x24, 0x00, 0x1d, 0x00, 0x20, 0x00, 0x00, 0x00,
         0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
         0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
         0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-       0x00, 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00, 0x00,
-       0x0a, 0x00, 0x0a, 0x00, 0x08, 0x00, 0x1d, 0x00,
-       0x17, 0x00, 0x18, 0x00, 0x19, 0x00, 0x23, 0x00,
-       0x00, 0x00, 0x0d, 0x00, 0x18, 0x00, 0x16, 0x08,
-       0x06, 0x06, 0x01, 0x06, 0x03, 0x08, 0x05, 0x05,
-       0x01, 0x05, 0x03, 0x08, 0x04, 0x04, 0x01, 0x04,
-       0x03, 0x02, 0x01, 0x02, 0x03,
+       0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0b, 0x00,
+       0x02, 0x01, 0x00, 0x00, 0x0a, 0x00, 0x0a, 0x00,
+       0x08, 0x00, 0x1d, 0x00, 0x17, 0x00, 0x18, 0x00,
+       0x19, 0x00, 0x23, 0x00, 0x00, 0x00, 0x0d, 0x00,
+       0x18, 0x00, 0x16, 0x08, 0x06, 0x06, 0x01, 0x06,
+       0x03, 0x08, 0x05, 0x05, 0x01, 0x05, 0x03, 0x08,
+       0x04, 0x04, 0x01, 0x04, 0x03, 0x02, 0x01, 0x02,
+       0x03,
  };
  
  static const uint8_t cipher_list_tls13_only_aes[] = {
@@ -351,6 +351,7 @@ struct client_hello_test {
         const size_t key_share_start;
         const SSL_METHOD *(*ssl_method)(void);
         const long ssl_options;
+       int connect_fails;
  };
  
  static const struct client_hello_test client_hello_tests[] = {
@@ -359,6 +360,7 @@ static const struct client_hello_test client_hello_tests[] = {
                 .protocol = DTLS1_VERSION,
                 .random_start = DTLS_RANDOM_OFFSET,
                 .ssl_method = DTLSv1_client_method,
+               .connect_fails = 1,
         },
         {
                 .desc = "DTLSv1.2 client method",
@@ -378,6 +380,7 @@ static const struct client_hello_test client_hello_tests[] = {
                 .random_start = DTLS_RANDOM_OFFSET,
                 .ssl_method = DTLS_client_method,
                 .ssl_options = SSL_OP_NO_DTLSv1_2,
+               .connect_fails = 1,
         },
         {
                 .desc = "DTLS client method (no DTLSv1.0)",
@@ -391,12 +394,14 @@ static const struct client_hello_test client_hello_tests[] = {
                 .protocol = TLS1_VERSION,
                 .random_start = SSL3_RANDOM_OFFSET,
                 .ssl_method = TLSv1_client_method,
+               .connect_fails = 1,
         },
         {
                 .desc = "TLSv1_1 client method",
                 .protocol = TLS1_1_VERSION,
                 .random_start = SSL3_RANDOM_OFFSET,
                 .ssl_method = TLSv1_1_client_method,
+               .connect_fails = 1,
         },
         {
                 .desc = "TLSv1_2 client method",
@@ -422,15 +427,19 @@ static const struct client_hello_test client_hello_tests[] = {
         },
         {
                 .desc = "SSLv23 (no TLSv1.2)",
-               .protocol = TLS1_1_VERSION,
-               .random_start = SSL3_RANDOM_OFFSET,
+               .protocol = TLS1_3_VERSION_ONLY,
+               .random_start = TLS13_RANDOM_OFFSET,
+               .session_start = TLS13_SESSION_OFFSET,
+               .key_share_start = TLS13_ONLY_KEY_SHARE_OFFSET,
                 .ssl_method = SSLv23_client_method,
                 .ssl_options = SSL_OP_NO_TLSv1_2,
         },
         {
                 .desc = "SSLv23 (no TLSv1.1)",
-               .protocol = TLS1_VERSION,
-               .random_start = SSL3_RANDOM_OFFSET,
+               .protocol = TLS1_3_VERSION,
+               .random_start = TLS13_RANDOM_OFFSET,
+               .session_start = TLS13_SESSION_OFFSET,
+               .key_share_start = TLS13_KEY_SHARE_OFFSET,
                 .ssl_method = SSLv23_client_method,
                 .ssl_options = SSL_OP_NO_TLSv1_1,
         },
@@ -452,15 +461,19 @@ static const struct client_hello_test client_hello_tests[] = {
         },
         {
                 .desc = "TLS (no TLSv1.2)",
-               .protocol = TLS1_1_VERSION,
-               .random_start = SSL3_RANDOM_OFFSET,
+               .protocol = TLS1_3_VERSION_ONLY,
+               .random_start = TLS13_RANDOM_OFFSET,
+               .session_start = TLS13_SESSION_OFFSET,
+               .key_share_start = TLS13_ONLY_KEY_SHARE_OFFSET,
                 .ssl_method = TLS_client_method,
                 .ssl_options = SSL_OP_NO_TLSv1_2,
         },
         {
                 .desc = "TLS (no TLSv1.1)",
-               .protocol = TLS1_VERSION,
-               .random_start = SSL3_RANDOM_OFFSET,
+               .protocol = TLS1_3_VERSION,
+               .random_start = TLS13_RANDOM_OFFSET,
+               .session_start = TLS13_SESSION_OFFSET,
+               .key_share_start = TLS13_KEY_SHARE_OFFSET,
                 .ssl_method = TLS_client_method,
                 .ssl_options = SSL_OP_NO_TLSv1_1,
         },
@@ -661,6 +674,8 @@ client_hello_test(int testno, const struct client_hello_test *cht)
         SSL_set_bio(ssl, rbio, wbio);
  
         if (SSL_connect(ssl) != 0) {
+               if (cht->connect_fails)
+                       goto done;
                 fprintf(stderr, "SSL_connect() returned non-zero\n");
                 goto failure;
         }
@@ -709,6 +724,7 @@ client_hello_test(int testno, const struct client_hello_test *cht)
                 goto failure;
         }
  
+ done:
         ret = 0;
  
   failure:
author	tb <tb@openbsd.org>
	Tue, 11 Jul 2023 08:31:34 +0000 (08:31 +0000)
committer	tb <tb@openbsd.org>
	Tue, 11 Jul 2023 08:31:34 +0000 (08:31 +0000)