-/* $OpenBSD: tlsexttest.c,v 1.58 2022/01/11 18:29:10 jsing Exp $ */
+/* $OpenBSD: tlsexttest.c,v 1.59 2022/02/05 14:54:40 jsing Exp $ */
/*
* Copyright (c) 2017 Joel Sing <jsing@openbsd.org>
* Copyright (c) 2017 Doug Hogan <doug@openbsd.org>
* 1) Set s->internal->alpn_client_proto_list
* - Using SSL_set_alpn_protos()
* 2) We have not finished or renegotiated.
- * - S3I(s)->tmp.finish_md_len == 0
+ * - s->s3->tmp.finish_md_len == 0
*/
if (SSL_set_alpn_protos(ssl, tlsext_alpn_single_proto_val,
sizeof(tlsext_alpn_single_proto_val)) != 0) {
*
* This will be a plain name and separate length.
*/
- if ((S3I(ssl)->alpn_selected = malloc(sizeof(tlsext_alpn_single_proto_name))) == NULL) {
+ if ((ssl->s3->alpn_selected = malloc(sizeof(tlsext_alpn_single_proto_name))) == NULL) {
errx(1, "failed to malloc");
}
- memcpy(S3I(ssl)->alpn_selected, tlsext_alpn_single_proto_name,
+ memcpy(ssl->s3->alpn_selected, tlsext_alpn_single_proto_name,
sizeof(tlsext_alpn_single_proto_name));
- S3I(ssl)->alpn_selected_len = sizeof(tlsext_alpn_single_proto_name);
+ ssl->s3->alpn_selected_len = sizeof(tlsext_alpn_single_proto_name);
if (!tlsext_alpn_server_needs(ssl, SSL_TLSEXT_MSG_SH)) {
FAIL("server should need ALPN after a protocol is selected\n");
goto err;
}
- if (S3I(ssl)->alpn_selected_len !=
+ if (ssl->s3->alpn_selected_len !=
sizeof(tlsext_alpn_single_proto_name)) {
FAIL("got server ALPN with length %zu, "
"want length %zu\n", dlen,
sizeof(tlsext_alpn_single_proto_name));
- compare_data(S3I(ssl)->alpn_selected,
- S3I(ssl)->alpn_selected_len,
+ compare_data(ssl->s3->alpn_selected,
+ ssl->s3->alpn_selected_len,
tlsext_alpn_single_proto_name,
sizeof(tlsext_alpn_single_proto_name));
goto err;
}
- if (memcmp(S3I(ssl)->alpn_selected,
+ if (memcmp(ssl->s3->alpn_selected,
tlsext_alpn_single_proto_name,
sizeof(tlsext_alpn_single_proto_name)) != 0) {
FAIL("server ALPN differs:\n");
- compare_data(S3I(ssl)->alpn_selected,
- S3I(ssl)->alpn_selected_len,
+ compare_data(ssl->s3->alpn_selected,
+ ssl->s3->alpn_selected_len,
tlsext_alpn_single_proto_name,
sizeof(tlsext_alpn_single_proto_name));
goto err;
/* Make sure we can remove the list and avoid ALPN */
- free(S3I(ssl)->alpn_selected);
- S3I(ssl)->alpn_selected = NULL;
- S3I(ssl)->alpn_selected_len = 0;
+ free(ssl->s3->alpn_selected);
+ ssl->s3->alpn_selected = NULL;
+ ssl->s3->alpn_selected_len = 0;
if (tlsext_alpn_server_needs(ssl, SSL_TLSEXT_MSG_SH)) {
FAIL("server should need ALPN by default\n");
errx(1, "failed to create session");
/* Setup the state so we can call needs. */
- if ((S3I(ssl)->hs.cipher =
+ if ((ssl->s3->hs.cipher =
ssl3_get_cipher_by_id(TLS1_CK_ECDHE_ECDSA_CHACHA20_POLY1305))
== NULL) {
FAIL("server cannot find cipher\n");
goto err;
}
- memcpy(S3I(ssl)->previous_client_finished, tlsext_ri_prev_client,
+ memcpy(ssl->s3->previous_client_finished, tlsext_ri_prev_client,
sizeof(tlsext_ri_prev_client));
- S3I(ssl)->previous_client_finished_len = sizeof(tlsext_ri_prev_client);
+ ssl->s3->previous_client_finished_len = sizeof(tlsext_ri_prev_client);
- S3I(ssl)->renegotiate_seen = 0;
+ ssl->s3->renegotiate_seen = 0;
if (!tlsext_ri_client_build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) {
FAIL("client failed to build RI\n");
goto err;
}
- if (S3I(ssl)->renegotiate_seen != 1) {
+ if (ssl->s3->renegotiate_seen != 1) {
FAIL("renegotiate seen not set\n");
goto err;
}
- if (S3I(ssl)->send_connection_binding != 1) {
+ if (ssl->s3->send_connection_binding != 1) {
FAIL("send connection binding not set\n");
goto err;
}
- memset(S3I(ssl)->previous_client_finished, 0,
- sizeof(S3I(ssl)->previous_client_finished));
+ memset(ssl->s3->previous_client_finished, 0,
+ sizeof(ssl->s3->previous_client_finished));
- S3I(ssl)->renegotiate_seen = 0;
+ ssl->s3->renegotiate_seen = 0;
CBS_init(&cbs, tlsext_ri_client, sizeof(tlsext_ri_client));
if (tlsext_ri_server_parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
goto err;
}
- if (S3I(ssl)->renegotiate_seen == 1) {
+ if (ssl->s3->renegotiate_seen == 1) {
FAIL("renegotiate seen set\n");
goto err;
}
goto err;
}
- S3I(ssl)->send_connection_binding = 1;
+ ssl->s3->send_connection_binding = 1;
if (!tlsext_ri_server_needs(ssl, SSL_TLSEXT_MSG_SH)) {
FAIL("server should need RI\n");
goto err;
}
- memcpy(S3I(ssl)->previous_client_finished, tlsext_ri_prev_client,
+ memcpy(ssl->s3->previous_client_finished, tlsext_ri_prev_client,
sizeof(tlsext_ri_prev_client));
- S3I(ssl)->previous_client_finished_len = sizeof(tlsext_ri_prev_client);
+ ssl->s3->previous_client_finished_len = sizeof(tlsext_ri_prev_client);
- memcpy(S3I(ssl)->previous_server_finished, tlsext_ri_prev_server,
+ memcpy(ssl->s3->previous_server_finished, tlsext_ri_prev_server,
sizeof(tlsext_ri_prev_server));
- S3I(ssl)->previous_server_finished_len = sizeof(tlsext_ri_prev_server);
+ ssl->s3->previous_server_finished_len = sizeof(tlsext_ri_prev_server);
- S3I(ssl)->renegotiate_seen = 0;
+ ssl->s3->renegotiate_seen = 0;
if (!tlsext_ri_server_build(ssl, SSL_TLSEXT_MSG_SH, &cbb)) {
FAIL("server failed to build RI\n");
goto err;
}
- if (S3I(ssl)->renegotiate_seen != 1) {
+ if (ssl->s3->renegotiate_seen != 1) {
FAIL("renegotiate seen not set\n");
goto err;
}
- if (S3I(ssl)->send_connection_binding != 1) {
+ if (ssl->s3->send_connection_binding != 1) {
FAIL("send connection binding not set\n");
goto err;
}
- memset(S3I(ssl)->previous_client_finished, 0,
- sizeof(S3I(ssl)->previous_client_finished));
- memset(S3I(ssl)->previous_server_finished, 0,
- sizeof(S3I(ssl)->previous_server_finished));
+ memset(ssl->s3->previous_client_finished, 0,
+ sizeof(ssl->s3->previous_client_finished));
+ memset(ssl->s3->previous_server_finished, 0,
+ sizeof(ssl->s3->previous_server_finished));
- S3I(ssl)->renegotiate_seen = 0;
+ ssl->s3->renegotiate_seen = 0;
CBS_init(&cbs, tlsext_ri_server, sizeof(tlsext_ri_server));
if (tlsext_ri_client_parse(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) {
goto err;
}
- if (S3I(ssl)->renegotiate_seen == 1) {
+ if (ssl->s3->renegotiate_seen == 1) {
FAIL("renegotiate seen set\n");
goto err;
}
if ((ssl = SSL_new(ssl_ctx)) == NULL)
errx(1, "failed to create SSL");
- S3I(ssl)->hs.our_max_tls_version = TLS1_1_VERSION;
+ ssl->s3->hs.our_max_tls_version = TLS1_1_VERSION;
if (tlsext_sigalgs_client_needs(ssl, SSL_TLSEXT_MSG_CH)) {
fprintf(stderr, "FAIL: client should not need sigalgs\n");
goto done;
}
- S3I(ssl)->hs.our_max_tls_version = TLS1_2_VERSION;
+ ssl->s3->hs.our_max_tls_version = TLS1_2_VERSION;
if (!tlsext_sigalgs_client_needs(ssl, SSL_TLSEXT_MSG_CH)) {
fprintf(stderr, "FAIL: client should need sigalgs\n");
goto err;
}
- S3I(ssl)->hs.our_min_tls_version = TLS1_VERSION;
- S3I(ssl)->hs.our_max_tls_version = TLS1_2_VERSION;
+ ssl->s3->hs.our_min_tls_version = TLS1_VERSION;
+ ssl->s3->hs.our_max_tls_version = TLS1_2_VERSION;
if (!tlsext_client_build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) {
FAIL("failed to build clienthello extensions\n");
CBB_init(&cbb, 0);
/* Switch to TLSv1.1, disable EC ciphers and session tickets. */
- S3I(ssl)->hs.our_max_tls_version = TLS1_1_VERSION;
+ ssl->s3->hs.our_max_tls_version = TLS1_1_VERSION;
if (!SSL_set_cipher_list(ssl, "TLSv1.2:!ECDHE:!ECDSA")) {
FAIL("failed to set cipher list\n");
goto err;
goto err;
}
- S3I(ssl)->hs.our_max_tls_version = TLS1_3_VERSION;
- S3I(ssl)->hs.negotiated_tls_version = TLS1_3_VERSION;
- S3I(ssl)->hs.cipher =
+ ssl->s3->hs.our_max_tls_version = TLS1_3_VERSION;
+ ssl->s3->hs.negotiated_tls_version = TLS1_3_VERSION;
+ ssl->s3->hs.cipher =
ssl3_get_cipher_by_id(TLS1_CK_RSA_WITH_AES_128_SHA256);
if (!tlsext_server_build(ssl, SSL_TLSEXT_MSG_SH, &cbb)) {
CBB_init(&cbb, 0);
/* Turn a few things on so we get extensions... */
- S3I(ssl)->send_connection_binding = 1;
- S3I(ssl)->hs.cipher =
+ ssl->s3->send_connection_binding = 1;
+ ssl->s3->hs.cipher =
ssl3_get_cipher_by_id(TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256);
ssl->internal->tlsext_status_expected = 1;
ssl->internal->tlsext_ticket_expected = 1;
if ((ssl = SSL_new(ssl_ctx)) == NULL)
errx(1, "failed to create SSL");
- S3I(ssl)->hs.our_max_tls_version = TLS1_1_VERSION;
+ ssl->s3->hs.our_max_tls_version = TLS1_1_VERSION;
if (tlsext_versions_client_needs(ssl, SSL_TLSEXT_MSG_CH)) {
FAIL("client should not need versions\n");
goto done;
}
- S3I(ssl)->hs.our_max_tls_version = TLS1_2_VERSION;
+ ssl->s3->hs.our_max_tls_version = TLS1_2_VERSION;
if (tlsext_versions_client_needs(ssl, SSL_TLSEXT_MSG_CH)) {
FAIL("client should not need versions\n");
goto done;
}
- S3I(ssl)->hs.our_max_tls_version = TLS1_3_VERSION;
+ ssl->s3->hs.our_max_tls_version = TLS1_3_VERSION;
if (!tlsext_versions_client_needs(ssl, SSL_TLSEXT_MSG_CH)) {
FAIL("client should need versions\n");
goto done;
}
- S3I(ssl)->hs.our_min_tls_version = TLS1_VERSION;
- S3I(ssl)->hs.our_max_tls_version = TLS1_3_VERSION;
+ ssl->s3->hs.our_min_tls_version = TLS1_VERSION;
+ ssl->s3->hs.our_max_tls_version = TLS1_3_VERSION;
if (!tlsext_versions_client_build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) {
FAIL("client should have built versions\n");
if ((ssl = SSL_new(ssl_ctx)) == NULL)
errx(1, "failed to create SSL");
- S3I(ssl)->hs.negotiated_tls_version = TLS1_2_VERSION;
+ ssl->s3->hs.negotiated_tls_version = TLS1_2_VERSION;
if (tlsext_versions_server_needs(ssl, SSL_TLSEXT_MSG_SH)) {
FAIL("server should not need versions\n");
goto done;
}
- S3I(ssl)->hs.negotiated_tls_version = TLS1_3_VERSION;
+ ssl->s3->hs.negotiated_tls_version = TLS1_3_VERSION;
if (!tlsext_versions_server_needs(ssl, SSL_TLSEXT_MSG_SH)) {
FAIL("server should need versions\n");
if ((ssl = SSL_new(ssl_ctx)) == NULL)
errx(1, "failed to create SSL");
- if ((S3I(ssl)->hs.key_share =
+ if ((ssl->s3->hs.key_share =
tls_key_share_new_nid(NID_X25519)) == NULL)
errx(1, "failed to create key share");
- if (!tls_key_share_generate(S3I(ssl)->hs.key_share))
+ if (!tls_key_share_generate(ssl->s3->hs.key_share))
errx(1, "failed to generate key share");
- S3I(ssl)->hs.our_max_tls_version = TLS1_2_VERSION;
+ ssl->s3->hs.our_max_tls_version = TLS1_2_VERSION;
if (tlsext_keyshare_client_needs(ssl, SSL_TLSEXT_MSG_CH)) {
FAIL("client should not need keyshare\n");
failure = 1;
goto done;
}
- S3I(ssl)->hs.our_max_tls_version = TLS1_3_VERSION;
+ ssl->s3->hs.our_max_tls_version = TLS1_3_VERSION;
if (!tlsext_keyshare_client_needs(ssl, SSL_TLSEXT_MSG_CH)) {
FAIL("client should need keyshare\n");
failure = 1;
goto done;
}
- S3I(ssl)->hs.our_max_tls_version = TLS1_3_VERSION;
+ ssl->s3->hs.our_max_tls_version = TLS1_3_VERSION;
if (!tlsext_keyshare_client_build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) {
FAIL("client should have built keyshare\n");
failure = 1;
CBB_init(&cbb, 0);
- S3I(ssl)->hs.negotiated_tls_version = TLS1_2_VERSION;
+ ssl->s3->hs.negotiated_tls_version = TLS1_2_VERSION;
if (tlsext_keyshare_server_needs(ssl, SSL_TLSEXT_MSG_SH)) {
FAIL("server should not need keyshare\n");
goto done;
}
- S3I(ssl)->hs.negotiated_tls_version = TLS1_3_VERSION;
+ ssl->s3->hs.negotiated_tls_version = TLS1_3_VERSION;
if (tlsext_keyshare_server_needs(ssl, SSL_TLSEXT_MSG_SH)) {
FAIL("client should not need keyshare\n");
goto done;
FAIL("failed to find keyshare extension\n");
goto done;
}
- S3I(ssl)->hs.extensions_seen |= (1 << idx);
+ ssl->s3->hs.extensions_seen |= (1 << idx);
if (!tlsext_keyshare_server_needs(ssl, SSL_TLSEXT_MSG_SH)) {
FAIL("server should need keyshare\n");
goto done;
}
- if ((S3I(ssl)->hs.key_share =
+ if ((ssl->s3->hs.key_share =
tls_key_share_new_nid(NID_X25519)) == NULL) {
FAIL("failed to create key share");
goto done;
}
- if (!tls_key_share_generate(S3I(ssl)->hs.key_share)) {
+ if (!tls_key_share_generate(ssl->s3->hs.key_share)) {
FAIL("failed to generate key share");
goto done;
}
CBS_init(&cbs, bogokey, sizeof(bogokey));
- if (!tls_key_share_peer_public(S3I(ssl)->hs.key_share, &cbs,
+ if (!tls_key_share_peer_public(ssl->s3->hs.key_share, &cbs,
&decode_error, NULL)) {
FAIL("failed to load peer public key\n");
goto done;
goto done;
}
- if ((S3I(ssl)->hs.key_share =
+ if ((ssl->s3->hs.key_share =
tls_key_share_new_nid(NID_X25519)) == NULL) {
FAIL("failed to create key share");
goto done;
}
- if (!tls_key_share_generate(S3I(ssl)->hs.key_share)) {
+ if (!tls_key_share_generate(ssl->s3->hs.key_share)) {
FAIL("failed to generate key share");
goto done;
}
if ((ssl = SSL_new(ssl_ctx)) == NULL)
errx(1, "failed to create SSL");
- S3I(ssl)->hs.our_max_tls_version = TLS1_2_VERSION;
+ ssl->s3->hs.our_max_tls_version = TLS1_2_VERSION;
if (tlsext_cookie_client_needs(ssl, SSL_TLSEXT_MSG_CH)) {
FAIL("client should not need cookie\n");
failure = 1;
}
- S3I(ssl)->hs.our_max_tls_version = TLS1_3_VERSION;
+ ssl->s3->hs.our_max_tls_version = TLS1_3_VERSION;
if (tlsext_cookie_client_needs(ssl, SSL_TLSEXT_MSG_CH)) {
FAIL("client should not need cookie\n");
failure = 1;
}
/* Normally would be set by receiving a server cookie in an HRR */
- S3I(ssl)->hs.tls13.cookie = strdup(cookie);
- S3I(ssl)->hs.tls13.cookie_len = strlen(cookie);
+ ssl->s3->hs.tls13.cookie = strdup(cookie);
+ ssl->s3->hs.tls13.cookie_len = strlen(cookie);
if (!tlsext_cookie_client_needs(ssl, SSL_TLSEXT_MSG_CH)) {
FAIL("client should need cookie\n");
if ((ssl = SSL_new(ssl_ctx)) == NULL)
errx(1, "failed to create SSL");
- S3I(ssl)->hs.our_max_tls_version = TLS1_2_VERSION;
+ ssl->s3->hs.our_max_tls_version = TLS1_2_VERSION;
if (tlsext_cookie_server_needs(ssl, SSL_TLSEXT_MSG_SH)) {
FAIL("server should not need cookie\n");
failure = 1;
goto done;
}
- S3I(ssl)->hs.our_max_tls_version = TLS1_3_VERSION;
+ ssl->s3->hs.our_max_tls_version = TLS1_3_VERSION;
if (tlsext_cookie_server_needs(ssl, SSL_TLSEXT_MSG_SH)) {
FAIL("server should not need cookie\n");
failure = 1;
}
/* Normally would be set by server before sending HRR */
- S3I(ssl)->hs.tls13.cookie = strdup(cookie);
- S3I(ssl)->hs.tls13.cookie_len = strlen(cookie);
+ ssl->s3->hs.tls13.cookie = strdup(cookie);
+ ssl->s3->hs.tls13.cookie_len = strlen(cookie);
if (!tlsext_cookie_server_needs(ssl, SSL_TLSEXT_MSG_HRR)) {
FAIL("server should need cookie\n");
goto done;
}
- freezero(S3I(ssl)->hs.tls13.cookie, S3I(ssl)->hs.tls13.cookie_len);
- S3I(ssl)->hs.tls13.cookie = NULL;
- S3I(ssl)->hs.tls13.cookie_len = 0;
+ freezero(ssl->s3->hs.tls13.cookie, ssl->s3->hs.tls13.cookie_len);
+ ssl->s3->hs.tls13.cookie = NULL;
+ ssl->s3->hs.tls13.cookie_len = 0;
if (!tlsext_cookie_client_parse(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) {
FAIL("failed to parse server cookie\n");
goto done;
}
- if (memcmp(cookie, S3I(ssl)->hs.tls13.cookie,
- S3I(ssl)->hs.tls13.cookie_len) != 0) {
+ if (memcmp(cookie, ssl->s3->hs.tls13.cookie,
+ ssl->s3->hs.tls13.cookie_len) != 0) {
FAIL("parsed server cookie does not match sent cookie\n");
failure = 1;
goto done;
projects / openbsd / commitdiff