openssl/test/fatalerrtest.c

/*
 * Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

#include <openssl/ssl.h>
#include <openssl/err.h>
#include "helpers/ssltestlib.h"
#include "testutil.h"
#include <string.h>

static char *cert = NULL;
static char *privkey = NULL;

static int test_fatalerr(void)
{
    SSL_CTX *sctx = NULL, *cctx = NULL;
    SSL *sssl = NULL, *cssl = NULL;
    const char *msg = "Dummy";
    BIO *wbio = NULL;
    int ret = 0, len;
    char buf[80];
    unsigned char dummyrec[] = {
        0x17, 0x03, 0x03, 0x00, 0x05, 'D', 'u', 'm', 'm', 'y'
    };

    if (!TEST_true(create_ssl_ctx_pair(NULL, TLS_method(), TLS_method(),
                                       TLS1_VERSION, 0,
                                       &sctx, &cctx, cert, privkey)))
        goto err;

    /*
     * Deliberately set the cipher lists for client and server to be different
     * to force a handshake failure.
     */
    if (!TEST_true(SSL_CTX_set_cipher_list(sctx, "AES128-SHA"))
            || !TEST_true(SSL_CTX_set_cipher_list(cctx, "AES256-SHA"))
            || !TEST_true(SSL_CTX_set_ciphersuites(sctx,
                                                   "TLS_AES_128_GCM_SHA256"))
            || !TEST_true(SSL_CTX_set_ciphersuites(cctx,
                                                   "TLS_AES_256_GCM_SHA384"))
            || !TEST_true(create_ssl_objects(sctx, cctx, &sssl, &cssl, NULL,
                          NULL)))
        goto err;

    wbio = SSL_get_wbio(cssl);
    if (!TEST_ptr(wbio)) {
        printf("Unexpected NULL bio received\n");
        goto err;
    }

    /* Connection should fail */
    if (!TEST_false(create_ssl_connection(sssl, cssl, SSL_ERROR_NONE)))
        goto err;

    ERR_clear_error();

    /* Inject a plaintext record from client to server */
    if (!TEST_int_gt(BIO_write(wbio, dummyrec, sizeof(dummyrec)), 0))
        goto err;

    /* SSL_read()/SSL_write should fail because of a previous fatal error */
    if (!TEST_int_le(len = SSL_read(sssl, buf, sizeof(buf) - 1), 0)) {
        buf[len] = '\0';
        TEST_error("Unexpected success reading data: %s\n", buf);
        goto err;
    }
    if (!TEST_int_le(SSL_write(sssl, msg, strlen(msg)), 0))
        goto err;

    ret = 1;
 err:
    SSL_free(sssl);
    SSL_free(cssl);
    SSL_CTX_free(sctx);
    SSL_CTX_free(cctx);

    return ret;
}

OPT_TEST_DECLARE_USAGE("certfile privkeyfile\n")

int setup_tests(void)
{
    if (!test_skip_common_options()) {
        TEST_error("Error parsing test options\n");
        return 0;
    }

    if (!TEST_ptr(cert = test_get_argument(0))
            || !TEST_ptr(privkey = test_get_argument(1)))
        return 0;

    ADD_TEST(test_fatalerr);

    return 1;
}
Add a test for CVE-2017-3737 Test reading/writing to an SSL object after a fatal error has been detected. This CVE only affected 1.0.2, but we should add it to other branches for completeness. Reviewed-by: Viktor Dukhovni <viktor@openssl.org> 2017-11-29 21:56:15 +08:00			`/*`
Update copyright year Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11616) 2020-04-23 20:55:52 +08:00			`* Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved.`
Add a test for CVE-2017-3737 Test reading/writing to an SSL object after a fatal error has been detected. This CVE only affected 1.0.2, but we should add it to other branches for completeness. Reviewed-by: Viktor Dukhovni <viktor@openssl.org> 2017-11-29 21:56:15 +08:00			`*`
Following the license change, modify the boilerplates in test/ Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7767) 2018-12-06 20:05:25 +08:00			`* Licensed under the Apache License 2.0 (the "License"). You may not use`
Add a test for CVE-2017-3737 Test reading/writing to an SSL object after a fatal error has been detected. This CVE only affected 1.0.2, but we should add it to other branches for completeness. Reviewed-by: Viktor Dukhovni <viktor@openssl.org> 2017-11-29 21:56:15 +08:00			`* this file except in compliance with the License. You can obtain a copy`
			`* in the file LICENSE in the source distribution or at`
			`* https://www.openssl.org/source/license.html`
			`*/`

			`#include <openssl/ssl.h>`
			`#include <openssl/err.h>`
test cleanup: move helper .c and .h files to test/helpers/ Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13568) 2020-11-29 19:40:10 +08:00			`#include "helpers/ssltestlib.h"`
Add a test for CVE-2017-3737 Test reading/writing to an SSL object after a fatal error has been detected. This CVE only affected 1.0.2, but we should add it to other branches for completeness. Reviewed-by: Viktor Dukhovni <viktor@openssl.org> 2017-11-29 21:56:15 +08:00			`#include "testutil.h"`
			`#include <string.h>`

			`static char *cert = NULL;`
			`static char *privkey = NULL;`

			`static int test_fatalerr(void)`
			`{`
			`SSL_CTX sctx = NULL, cctx = NULL;`
			`SSL sssl = NULL, cssl = NULL;`
			`const char *msg = "Dummy";`
			`BIO *wbio = NULL;`
			`int ret = 0, len;`
			`char buf[80];`
			`unsigned char dummyrec[] = {`
			`0x17, 0x03, 0x03, 0x00, 0x05, 'D', 'u', 'm', 'm', 'y'`
			`};`

Use a non-default libctx in sslapitest We also don't load the default provider into the default libctx to make sure there is no accidental "leakage". Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11508) 2020-03-19 01:17:37 +08:00			`if (!TEST_true(create_ssl_ctx_pair(NULL, TLS_method(), TLS_method(),`
Use (D)TLS_MAX_VERSION_INTERNAL internally Use 0 if we don't want to set a minimum or maximum version Reviewed-by: Matt Caswell <matt@openssl.org> GH: #7260 2018-12-10 03:53:05 +08:00			`TLS1_VERSION, 0,`
Enhance ssltestlib's create_ssl_ctx_pair to take min and max proto version Have all test programs using that function specify those versions. Additionally, have the remaining test programs that use SSL_CTX_new directly specify at least the maximum protocol version. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5663) 2018-03-19 16:08:06 +08:00			`&sctx, &cctx, cert, privkey)))`
Add a test for CVE-2017-3737 Test reading/writing to an SSL object after a fatal error has been detected. This CVE only affected 1.0.2, but we should add it to other branches for completeness. Reviewed-by: Viktor Dukhovni <viktor@openssl.org> 2017-11-29 21:56:15 +08:00			`goto err;`

			`/*`
			`* Deliberately set the cipher lists for client and server to be different`
			`* to force a handshake failure.`
			`*/`
			`if (!TEST_true(SSL_CTX_set_cipher_list(sctx, "AES128-SHA"))`
			`\|\| !TEST_true(SSL_CTX_set_cipher_list(cctx, "AES256-SHA"))`
Split configuration of TLSv1.3 ciphers from older ciphers With the current mechanism, old cipher strings that used to work in 1.1.0, may inadvertently disable all TLSv1.3 ciphersuites causing connections to fail. This is confusing for users. In reality TLSv1.3 are quite different to older ciphers. They are much simpler and there are only a small number of them so, arguably, they don't need the same level of control that the older ciphers have. This change splits the configuration of TLSv1.3 ciphers from older ones. By default the TLSv1.3 ciphers are on, so you cannot inadvertently disable them through your existing config. Fixes #5359 Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5392) 2018-02-16 19:26:02 +08:00			`\|\| !TEST_true(SSL_CTX_set_ciphersuites(sctx,`
			`"TLS_AES_128_GCM_SHA256"))`
			`\|\| !TEST_true(SSL_CTX_set_ciphersuites(cctx,`
			`"TLS_AES_256_GCM_SHA384"))`
Add a test for CVE-2017-3737 Test reading/writing to an SSL object after a fatal error has been detected. This CVE only affected 1.0.2, but we should add it to other branches for completeness. Reviewed-by: Viktor Dukhovni <viktor@openssl.org> 2017-11-29 21:56:15 +08:00			`\|\| !TEST_true(create_ssl_objects(sctx, cctx, &sssl, &cssl, NULL,`
			`NULL)))`
			`goto err;`

			`wbio = SSL_get_wbio(cssl);`
			`if (!TEST_ptr(wbio)) {`
			`printf("Unexpected NULL bio received\n");`
			`goto err;`
			`}`

			`/* Connection should fail */`
			`if (!TEST_false(create_ssl_connection(sssl, cssl, SSL_ERROR_NONE)))`
			`goto err;`

			`ERR_clear_error();`

			`/* Inject a plaintext record from client to server */`
			`if (!TEST_int_gt(BIO_write(wbio, dummyrec, sizeof(dummyrec)), 0))`
			`goto err;`

			`/* SSL_read()/SSL_write should fail because of a previous fatal error */`
Fix the buffer sizing in the fatalerrtest Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4867) 2017-12-07 22:35:30 +08:00			`if (!TEST_int_le(len = SSL_read(sssl, buf, sizeof(buf) - 1), 0)) {`
Add a test for CVE-2017-3737 Test reading/writing to an SSL object after a fatal error has been detected. This CVE only affected 1.0.2, but we should add it to other branches for completeness. Reviewed-by: Viktor Dukhovni <viktor@openssl.org> 2017-11-29 21:56:15 +08:00			`buf[len] = '\0';`
			`TEST_error("Unexpected success reading data: %s\n", buf);`
			`goto err;`
			`}`
			`if (!TEST_int_le(SSL_write(sssl, msg, strlen(msg)), 0))`
			`goto err;`

			`ret = 1;`
			`err:`
			`SSL_free(sssl);`
			`SSL_free(cssl);`
			`SSL_CTX_free(sctx);`
			`SSL_CTX_free(cctx);`

			`return ret;`
			`}`

Updated test command line parsing to support commmon commands Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6975) 2018-08-16 10:36:01 +08:00			`OPT_TEST_DECLARE_USAGE("certfile privkeyfile\n")`

Add a test for CVE-2017-3737 Test reading/writing to an SSL object after a fatal error has been detected. This CVE only affected 1.0.2, but we should add it to other branches for completeness. Reviewed-by: Viktor Dukhovni <viktor@openssl.org> 2017-11-29 21:56:15 +08:00			`int setup_tests(void)`
			`{`
Fix common test framework options PR#6975 added the ability to our test framework to have common options to all tests. For example providing the option "-test 5" to one of our test programs will just run test number 5. This can be useful when debugging tests. Unforuntately this does not work well for a number of tests. In particular those tests that call test_get_argument() without first skipping over these common test options will not get the expected value. Some tests did this correctly but a large number did not. A helper function is introduced, test_skip_common_options(), to make this easier for those tests which do not have their own specialised test option handling, but yet still need to call test_get_argument(). This function call is then added to all those tests that need it. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/10975) 2020-01-30 23:30:17 +08:00			`if (!test_skip_common_options()) {`
			`TEST_error("Error parsing test options\n");`
			`return 0;`
			`}`

Add a test for CVE-2017-3737 Test reading/writing to an SSL object after a fatal error has been detected. This CVE only affected 1.0.2, but we should add it to other branches for completeness. Reviewed-by: Viktor Dukhovni <viktor@openssl.org> 2017-11-29 21:56:15 +08:00			`if (!TEST_ptr(cert = test_get_argument(0))`
			`\|\| !TEST_ptr(privkey = test_get_argument(1)))`
			`return 0;`

			`ADD_TEST(test_fatalerr);`

			`return 1;`
			`}`