diff options
| author | Matt Caswell <matt@openssl.org> | 2022-04-11 15:37:16 +0200 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2022-08-18 17:38:12 +0200 |
| commit | 26dad42e9ca609569073463165263173ab2a27ab (patch) | |
| tree | dbf48577b723bc1fb36bd695661e32a3aae111d6 /test/dtlstest.c | |
| parent | Transfer the functionality from ssl3_read_n to the new record layer (diff) | |
| download | openssl-26dad42e9ca609569073463165263173ab2a27ab.tar.xz openssl-26dad42e9ca609569073463165263173ab2a27ab.zip | |
Add a DTLSv1_listen() test
Add a test to ensure that a connection started via DTLSv1_listen() can
be completed through to handshake success. Previous DTLSv1_listen()
testing only tested the function itself and did not confirm that a
connection can actually be achieved using it.
This is important to test some codepaths being affected by the record layer
refactor.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)
Diffstat (limited to 'test/dtlstest.c')
| -rw-r--r-- | test/dtlstest.c | 53 |
1 files changed, 52 insertions, 1 deletions
diff --git a/test/dtlstest.c b/test/dtlstest.c index f84f2c1299..8016a112e9 100644 --- a/test/dtlstest.c +++ b/test/dtlstest.c @@ -109,7 +109,7 @@ static int test_dtls_unprocessed(int testidx) * they will fail to decrypt. */ if (!TEST_true(create_bare_ssl_connection(serverssl1, clientssl1, - SSL_ERROR_NONE, 0))) + SSL_ERROR_NONE, 0, 0))) goto end; if (timer_cb_count == 0) { @@ -606,6 +606,56 @@ static int test_swap_app_data(void) SSL_free(sssl); SSL_CTX_free(cctx); SSL_CTX_free(sctx); + + return testresult; +} + +/* Confirm that we can create a connections using DTLSv1_listen() */ +static int test_listen(void) +{ + SSL_CTX *sctx = NULL, *cctx = NULL; + SSL *serverssl = NULL, *clientssl = NULL; + int testresult = 0; + + if (!TEST_true(create_ssl_ctx_pair(NULL, DTLS_server_method(), + DTLS_client_method(), + DTLS1_VERSION, 0, + &sctx, &cctx, cert, privkey))) + return 0; + +#ifdef OPENSSL_NO_DTLS1_2 + /* Default sigalgs are SHA1 based in <DTLS1.2 which is in security level 0 */ + if (!TEST_true(SSL_CTX_set_cipher_list(sctx, "DEFAULT:@SECLEVEL=0")) + || !TEST_true(SSL_CTX_set_cipher_list(cctx, + "DEFAULT:@SECLEVEL=0"))) + goto end; +#endif + + SSL_CTX_set_cookie_generate_cb(sctx, generate_cookie_cb); + SSL_CTX_set_cookie_verify_cb(sctx, verify_cookie_cb); + + if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl, + NULL, NULL))) + goto end; + + DTLS_set_timer_cb(clientssl, timer_cb); + DTLS_set_timer_cb(serverssl, timer_cb); + + /* + * The last parameter to create_bare_ssl_connection() requests that + * DLTSv1_listen() is used. + */ + if (!TEST_true(create_bare_ssl_connection(serverssl, clientssl, + SSL_ERROR_NONE, 1, 1))) + goto end; + + testresult = 1; + end: + SSL_free(serverssl); + SSL_free(clientssl); + SSL_CTX_free(sctx); + SSL_CTX_free(cctx); + return testresult; } @@ -631,6 +681,7 @@ int setup_tests(void) ADD_TEST(test_just_finished); ADD_TEST(test_swap_epoch); ADD_TEST(test_swap_app_data); + ADD_TEST(test_listen); return 1; } |