-/* $OpenBSD: ssl_set_alpn_protos.c,v 1.3 2024/06/28 14:50:37 tb Exp $ */
+/* $OpenBSD: ssl_set_alpn_protos.c,v 1.4 2024/07/11 13:51:47 tb Exp $ */
/*
* Copyright (c) 2022 Theo Buehler <tb@openbsd.org>
*
}
static const struct select_next_proto_test {
- const unsigned char *server_list;
- size_t server_list_len;
- const unsigned char *client_list;
- size_t client_list_len;
+ const unsigned char *peer_list;
+ size_t peer_list_len;
+ const unsigned char *supported_list;
+ size_t supported_list_len;
int want_ret;
const unsigned char *want_out;
unsigned char want_out_len; /* yes, unsigned char */
} select_next_proto_tests[] = {
{
- .server_list = "\x01" "a" "\x01" "b" "\x01" "c",
- .server_list_len = 6,
- .client_list = "\x01" "a",
- .client_list_len = 2,
+ .peer_list = "\x01" "a" "\x01" "b" "\x01" "c",
+ .peer_list_len = 6,
+ .supported_list = "\x01" "a",
+ .supported_list_len = 2,
.want_ret = OPENSSL_NPN_NEGOTIATED,
.want_out = "a",
.want_out_len = 1,
},
{
- .server_list = "\x01" "a" "\x01" "b" "\x01" "c",
- .server_list_len = 6,
- .client_list = "\x02" "aa" "\x01" "b" "\x01" "c",
- .client_list_len = 7,
+ .peer_list = "\x01" "a" "\x01" "b" "\x01" "c",
+ .peer_list_len = 6,
+ .supported_list = "\x02" "aa" "\x01" "b" "\x01" "c",
+ .supported_list_len = 7,
.want_ret = OPENSSL_NPN_NEGOTIATED,
.want_out = "b",
.want_out_len = 1,
},
{
- /* Use server preference. */
- .server_list = "\x01" "a" "\x01" "b" "\x01" "c",
- .server_list_len = 6,
- .client_list = "\x01" "c" "\x01" "b" "\x01" "a",
- .client_list_len = 6,
+ /* Use peer preference. */
+ .peer_list = "\x01" "a" "\x01" "b" "\x01" "c",
+ .peer_list_len = 6,
+ .supported_list = "\x01" "c" "\x01" "b" "\x01" "a",
+ .supported_list_len = 6,
.want_ret = OPENSSL_NPN_NEGOTIATED,
.want_out = "a",
.want_out_len = 1,
},
{
- /* Again server preference wins. */
- .server_list = "\x01" "a" "\x03" "bbb" "\x02" "cc",
- .server_list_len = 9,
- .client_list = "\x01" "z" "\x02" "cc" "\x03" "bbb",
- .client_list_len = 9,
+ /* Again peer preference wins. */
+ .peer_list = "\x01" "a" "\x03" "bbb" "\x02" "cc",
+ .peer_list_len = 9,
+ .supported_list = "\x01" "z" "\x02" "cc" "\x03" "bbb",
+ .supported_list_len = 9,
.want_ret = OPENSSL_NPN_NEGOTIATED,
.want_out = "bbb",
.want_out_len = 3,
},
{
- /* No overlap fails with first client protocol. */
- .server_list = "\x01" "a" "\x01" "b" "\x01" "c",
- .server_list_len = 6,
- .client_list = "\x01" "z" "\x01" "y",
- .client_list_len = 4,
+ /* No overlap fails with first supported protocol. */
+ .peer_list = "\x01" "a" "\x01" "b" "\x01" "c",
+ .peer_list_len = 6,
+ .supported_list = "\x01" "z" "\x01" "y",
+ .supported_list_len = 4,
.want_ret = OPENSSL_NPN_NO_OVERLAP,
.want_out = "z",
.want_out_len = 1,
},
{
- /*
- * No server protocols is a misconfiguration, but should fail
- * cleanly.
- */
- .server_list = "",
- .server_list_len = 0,
- .client_list = "\x01" "a" "\x01" "b" "\x01" "c",
- .client_list_len = 6,
+ /* No peer protocols fails cleanly. */
+ .peer_list = "",
+ .peer_list_len = 0,
+ .supported_list = "\x01" "a" "\x01" "b" "\x01" "c",
+ .supported_list_len = 6,
.want_out = "a",
.want_out_len = 1,
.want_ret = OPENSSL_NPN_NO_OVERLAP,
},
{
- /*
- * NULL server protocols is a programming error that fails
- * cleanly.
- */
- .server_list = NULL,
- .server_list_len = 0,
- .client_list = "\x01" "a" "\x01" "b" "\x01" "c",
- .client_list_len = 6,
+ /* NULL peer protocols fails cleanly. */
+ .peer_list = NULL,
+ .peer_list_len = 0,
+ .supported_list = "\x01" "a" "\x01" "b" "\x01" "c",
+ .supported_list_len = 6,
.want_out = "a",
.want_out_len = 1,
.want_ret = OPENSSL_NPN_NO_OVERLAP,
},
{
- /*
- * Malformed server protocols is a misconfiguration, but it
- * should fail cleanly.
- */
- .server_list = "\x00",
- .server_list_len = 1,
- .client_list = "\x01" "a" "\x01" "b" "\x01" "c",
- .client_list_len = 6,
+ /* Malformed peer protocols fails cleanly. */
+ .peer_list = "\x00",
+ .peer_list_len = 1,
+ .supported_list = "\x01" "a" "\x01" "b" "\x01" "c",
+ .supported_list_len = 6,
.want_out = "a",
.want_out_len = 1,
.want_ret = OPENSSL_NPN_NO_OVERLAP,
},
{
- /*
- * Malformed server protocols is a misconfiguration, but it
- * should fail cleanly.
- */
- .server_list = "\x01" "a" "\x03" "bb",
- .server_list_len = 5,
- .client_list = "\x01" "a" "\x01" "b" "\x01" "c",
- .client_list_len = 6,
+ /* Malformed peer protocols fails cleanly. */
+ .peer_list = "\x01" "a" "\x03" "bb",
+ .peer_list_len = 5,
+ .supported_list = "\x01" "a" "\x01" "b" "\x01" "c",
+ .supported_list_len = 6,
.want_out = "a",
.want_out_len = 1,
.want_ret = OPENSSL_NPN_NO_OVERLAP,
},
{
- /*
- * Empty client protocols is not reachable from the ALPN
- * callback. It fails cleanly with NULL protocol and 0 length.
- */
- .server_list = "\x01" "a",
- .server_list_len = 2,
- .client_list = "",
- .client_list_len = 0,
+ /* Empty supported list fails cleanly. */
+ .peer_list = "\x01" "a",
+ .peer_list_len = 2,
+ .supported_list = "",
+ .supported_list_len = 0,
.want_out = NULL,
.want_out_len = 0,
.want_ret = OPENSSL_NPN_NO_OVERLAP,
},
{
- /*
- * NULL client protocols is not reachable from the ALPN
- * callback. It fails cleanly with NULL protocol and 0 length.
- */
- .server_list = "\x01" "a",
- .server_list_len = 2,
- .client_list = NULL,
- .client_list_len = 0,
+ /* NULL supported list fails cleanly. */
+ .peer_list = "\x01" "a",
+ .peer_list_len = 2,
+ .supported_list = NULL,
+ .supported_list_len = 0,
.want_out = NULL,
.want_out_len = 0,
.want_ret = OPENSSL_NPN_NO_OVERLAP,
},
{
- /*
- * Malformed client list fails cleanly with NULL protocol and
- * 0 length.
- */
- .server_list = "\x01" "a",
- .server_list_len = 2,
- .client_list = "\x01" "a" "\x02" "bb" "\x03" "cc" "\x04" "ddd",
- .client_list_len = 12,
+ /* Malformed supported list fails cleanly. */
+ .peer_list = "\x01" "a",
+ .peer_list_len = 2,
+ .supported_list = "\x01" "a" "\x02" "bb" "\x03" "cc" "\x04" "ddd",
+ .supported_list_len = 12,
.want_out = NULL,
.want_out_len = 0,
.want_ret = OPENSSL_NPN_NO_OVERLAP,
},
{
- /*
- * Malformed client list fails cleanly with NULL protocol and
- * 0 length.
- */
- .server_list = "\x01" "a",
- .server_list_len = 2,
- .client_list = "\x01" "a" "\x02" "bb" "\x00" "\x03" "ddd",
- .client_list_len = 10,
+ /* Malformed client list fails cleanly. */
+ .peer_list = "\x01" "a",
+ .peer_list_len = 2,
+ .supported_list = "\x01" "a" "\x02" "bb" "\x00" "\x03" "ddd",
+ .supported_list_len = 10,
.want_out = NULL,
.want_out_len = 0,
.want_ret = OPENSSL_NPN_NO_OVERLAP,
*/
{
- .server_list = "\x08" "http/1.1" "\x06" "spdy/1",
- .server_list_len = 16,
- .client_list = "\x08" "http/2.0" "\x08" "http/1.1",
- .client_list_len = 18,
+ .peer_list = "\x08" "http/1.1" "\x06" "spdy/1",
+ .peer_list_len = 16,
+ .supported_list = "\x08" "http/2.0" "\x08" "http/1.1",
+ .supported_list_len = 18,
.want_out = "http/1.1",
.want_out_len = 8,
.want_ret = OPENSSL_NPN_NEGOTIATED,
},
{
- .server_list = "\x08" "http/2.0" "\x06" "spdy/1",
- .server_list_len = 16,
- .client_list = "\x08" "http/1.0" "\x08" "http/1.1",
- .client_list_len = 18,
+ .peer_list = "\x08" "http/2.0" "\x06" "spdy/1",
+ .peer_list_len = 16,
+ .supported_list = "\x08" "http/1.0" "\x08" "http/1.1",
+ .supported_list_len = 18,
.want_out = "http/1.0",
.want_out_len = 8,
.want_ret = OPENSSL_NPN_NO_OVERLAP,
},
{
- .server_list = "\x08" "http/1.1" "\x08" "http/1.0",
- .server_list_len = 18,
- .client_list = "\x08" "http/1.0" "\x08" "http/1.1",
- .client_list_len = 18,
+ .peer_list = "\x08" "http/1.1" "\x08" "http/1.0",
+ .peer_list_len = 18,
+ .supported_list = "\x08" "http/1.0" "\x08" "http/1.1",
+ .supported_list_len = 18,
.want_out = "http/1.1",
.want_out_len = 8,
.want_ret = OPENSSL_NPN_NEGOTIATED,
},
{
- /* Server malformed. */
- .server_list = "\x08" "http/1.1" "\x07" "http/1.0",
- .server_list_len = 18,
- .client_list = "\x08" "http/1.0" "\x08" "http/1.1",
- .client_list_len = 18,
+ /* Peer list malformed. */
+ .peer_list = "\x08" "http/1.1" "\x07" "http/1.0",
+ .peer_list_len = 18,
+ .supported_list = "\x08" "http/1.0" "\x08" "http/1.1",
+ .supported_list_len = 18,
.want_out = "http/1.0",
.want_out_len = 8,
.want_ret = OPENSSL_NPN_NO_OVERLAP,
},
{
- /* Server malformed. */
- .server_list = "\x07" "http/1.1" "\x08" "http/1.0",
- .server_list_len = 18,
- .client_list = "\x08" "http/1.0" "\x08" "http/1.1",
- .client_list_len = 18,
+ /* Peer list malformed. */
+ .peer_list = "\x07" "http/1.1" "\x08" "http/1.0",
+ .peer_list_len = 18,
+ .supported_list = "\x08" "http/1.0" "\x08" "http/1.1",
+ .supported_list_len = 18,
.want_out = "http/1.0",
.want_out_len = 8,
.want_ret = OPENSSL_NPN_NO_OVERLAP,
},
{
- /* Client has trailing bytes. */
- .server_list = "\x08" "http/1.1" "\x08" "http/1.0",
- .server_list_len = 18,
- .client_list = "\x08" "http/1.0" "\x07" "http/1.1",
- .client_list_len = 18,
+ /* Supported list has trailing bytes. */
+ .peer_list = "\x08" "http/1.1" "\x08" "http/1.0",
+ .peer_list_len = 18,
+ .supported_list = "\x08" "http/1.0" "\x07" "http/1.1",
+ .supported_list_len = 18,
.want_out = NULL,
.want_out_len = 0,
.want_ret = OPENSSL_NPN_NO_OVERLAP,
int ret;
int failed = 0;
- ret = SSL_select_next_proto(&out, &out_len, test->server_list,
- test->server_list_len, test->client_list, test->client_list_len);
+ ret = SSL_select_next_proto(&out, &out_len, test->peer_list,
+ test->peer_list_len, test->supported_list, test->supported_list_len);
if (ret != test->want_ret || out_len != test->want_out_len ||
(out == NULL && test->want_out != NULL) ||
fprintf(stderr, "\nwant:\n");
hexdump(test->want_out, test->want_out_len);
fprintf(stderr, "\nserver:\n");
- hexdump(test->server_list, test->server_list_len);
+ hexdump(test->peer_list, test->peer_list_len);
fprintf(stderr, "\nclient:\n");
- hexdump(test->client_list, test->client_list_len);
+ hexdump(test->supported_list, test->supported_list_len);
fprintf(stderr, "\n");
failed = 1;
}
projects / openbsd / commitdiff