SSLTest.Handoff: extend to include a session resumption. This was a tricky thing to get right for both TLS 1.2 and TLS 1.3, and having this test around made it easier. Change-Id: I47f55160c7e267d122f310165a17a1f9402dadd7 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/38925 Commit-Queue: Matt Braithwaite <mab@google.com> Reviewed-by: David Benjamin <davidben@google.com>
diff --git a/ssl/ssl_test.cc b/ssl/ssl_test.cc index 41d6bc2..d8210df 100644 --- a/ssl/ssl_test.cc +++ b/ssl/ssl_test.cc
@@ -4169,10 +4169,15 @@ ASSERT_TRUE(server_ctx); ASSERT_TRUE(handshaker_ctx); + SSL_CTX_set_session_cache_mode(client_ctx.get(), SSL_SESS_CACHE_CLIENT); + SSL_CTX_sess_set_new_cb(client_ctx.get(), SaveLastSession); SSL_CTX_set_handoff_mode(server_ctx.get(), 1); ASSERT_TRUE(SSL_CTX_set_max_proto_version(server_ctx.get(), TLS1_2_VERSION)); ASSERT_TRUE( SSL_CTX_set_max_proto_version(handshaker_ctx.get(), TLS1_2_VERSION)); + uint8_t keys[48]; + SSL_CTX_set_tlsext_ticket_keys(server_ctx.get(), &keys, sizeof(keys)); + SSL_CTX_set_tlsext_ticket_keys(handshaker_ctx.get(), &keys, sizeof(keys)); bssl::UniquePtr<X509> cert = GetTestCertificate(); bssl::UniquePtr<EVP_PKEY> key = GetTestKey(); @@ -4181,62 +4186,71 @@ ASSERT_TRUE(SSL_CTX_use_certificate(handshaker_ctx.get(), cert.get())); ASSERT_TRUE(SSL_CTX_use_PrivateKey(handshaker_ctx.get(), key.get())); - bssl::UniquePtr<SSL> client, server; - ASSERT_TRUE(ConnectClientAndServer(&client, &server, client_ctx.get(), - server_ctx.get(), ClientConfig(), - false /* don't handshake */)); + for (int i = 0; i < 2; ++i) { + bssl::UniquePtr<SSL> client, server; + bool is_resume = i > 0; + auto config = ClientConfig(); + if (is_resume) { + ASSERT_TRUE(g_last_session); + config.session = g_last_session.get(); + } + ASSERT_TRUE(ConnectClientAndServer(&client, &server, client_ctx.get(), + server_ctx.get(), config, + false /* don't handshake */)); - int client_ret = SSL_do_handshake(client.get()); - int client_err = SSL_get_error(client.get(), client_ret); - ASSERT_EQ(client_err, SSL_ERROR_WANT_READ); + int client_ret = SSL_do_handshake(client.get()); + int client_err = SSL_get_error(client.get(), client_ret); + ASSERT_EQ(client_err, SSL_ERROR_WANT_READ); - int server_ret = SSL_do_handshake(server.get()); - int server_err = SSL_get_error(server.get(), server_ret); - ASSERT_EQ(server_err, SSL_ERROR_HANDOFF); + int server_ret = SSL_do_handshake(server.get()); + int server_err = SSL_get_error(server.get(), server_ret); + ASSERT_EQ(server_err, SSL_ERROR_HANDOFF); - ScopedCBB cbb; - Array<uint8_t> handoff; - SSL_CLIENT_HELLO hello; - ASSERT_TRUE(CBB_init(cbb.get(), 256)); - ASSERT_TRUE(SSL_serialize_handoff(server.get(), cbb.get(), &hello)); - ASSERT_TRUE(CBBFinishArray(cbb.get(), &handoff)); + ScopedCBB cbb; + Array<uint8_t> handoff; + SSL_CLIENT_HELLO hello; + ASSERT_TRUE(CBB_init(cbb.get(), 256)); + ASSERT_TRUE(SSL_serialize_handoff(server.get(), cbb.get(), &hello)); + ASSERT_TRUE(CBBFinishArray(cbb.get(), &handoff)); - bssl::UniquePtr<SSL> handshaker(SSL_new(handshaker_ctx.get())); - ASSERT_TRUE(SSL_apply_handoff(handshaker.get(), handoff)); + bssl::UniquePtr<SSL> handshaker(SSL_new(handshaker_ctx.get())); + ASSERT_TRUE(SSL_apply_handoff(handshaker.get(), handoff)); - MoveBIOs(handshaker.get(), server.get()); + MoveBIOs(handshaker.get(), server.get()); - int handshake_ret = SSL_do_handshake(handshaker.get()); - int handshake_err = SSL_get_error(handshaker.get(), handshake_ret); - ASSERT_EQ(handshake_err, SSL_ERROR_HANDBACK); + int handshake_ret = SSL_do_handshake(handshaker.get()); + int handshake_err = SSL_get_error(handshaker.get(), handshake_ret); + ASSERT_EQ(handshake_err, SSL_ERROR_HANDBACK); - // Double-check that additional calls to |SSL_do_handshake| continue - // to get |SSL_ERRROR_HANDBACK|. - handshake_ret = SSL_do_handshake(handshaker.get()); - handshake_err = SSL_get_error(handshaker.get(), handshake_ret); - ASSERT_EQ(handshake_err, SSL_ERROR_HANDBACK); + // Double-check that additional calls to |SSL_do_handshake| continue + // to get |SSL_ERRROR_HANDBACK|. + handshake_ret = SSL_do_handshake(handshaker.get()); + handshake_err = SSL_get_error(handshaker.get(), handshake_ret); + ASSERT_EQ(handshake_err, SSL_ERROR_HANDBACK); - ScopedCBB cbb_handback; - Array<uint8_t> handback; - ASSERT_TRUE(CBB_init(cbb_handback.get(), 1024)); - ASSERT_TRUE(SSL_serialize_handback(handshaker.get(), cbb_handback.get())); - ASSERT_TRUE(CBBFinishArray(cbb_handback.get(), &handback)); + ScopedCBB cbb_handback; + Array<uint8_t> handback; + ASSERT_TRUE(CBB_init(cbb_handback.get(), 1024)); + ASSERT_TRUE(SSL_serialize_handback(handshaker.get(), cbb_handback.get())); + ASSERT_TRUE(CBBFinishArray(cbb_handback.get(), &handback)); - bssl::UniquePtr<SSL> server2(SSL_new(server_ctx.get())); - ASSERT_TRUE(SSL_apply_handback(server2.get(), handback)); + bssl::UniquePtr<SSL> server2(SSL_new(server_ctx.get())); + ASSERT_TRUE(SSL_apply_handback(server2.get(), handback)); - MoveBIOs(server2.get(), handshaker.get()); - ASSERT_TRUE(CompleteHandshakes(client.get(), server2.get())); + MoveBIOs(server2.get(), handshaker.get()); + ASSERT_TRUE(CompleteHandshakes(client.get(), server2.get())); + EXPECT_EQ(is_resume, SSL_session_reused(client.get())); - uint8_t byte = 42; - EXPECT_EQ(SSL_write(client.get(), &byte, 1), 1); - EXPECT_EQ(SSL_read(server2.get(), &byte, 1), 1); - EXPECT_EQ(42, byte); + uint8_t byte = 42; + EXPECT_EQ(SSL_write(client.get(), &byte, 1), 1); + EXPECT_EQ(SSL_read(server2.get(), &byte, 1), 1); + EXPECT_EQ(42, byte); - byte = 43; - EXPECT_EQ(SSL_write(server2.get(), &byte, 1), 1); - EXPECT_EQ(SSL_read(client.get(), &byte, 1), 1); - EXPECT_EQ(43, byte); + byte = 43; + EXPECT_EQ(SSL_write(server2.get(), &byte, 1), 1); + EXPECT_EQ(SSL_read(client.get(), &byte, 1), 1); + EXPECT_EQ(43, byte); + } } TEST(SSLTest, HandoffDeclined) {