diff options
author | EKR <ekr@rtfm.com> | 2016-11-02 14:16:27 -0700 |
---|---|---|
committer | EKR <ekr@rtfm.com> | 2016-11-02 14:16:27 -0700 |
commit | 7db205e81b7c9fb95577bfc59621898b4a31ff64 (patch) | |
tree | bc90e58134c560c9c4a0ac370c7dd2975213a6cd /gtests | |
parent | df136b889ba2281ec67c56f8306493a6ae0a899f (diff) | |
download | nss-hg-7db205e81b7c9fb95577bfc59621898b4a31ff64.tar.gz |
Bug 1315455 - Constify sslSocket for extension processing. r=mt.
Summary:
Extension handlers now take a const sslSocket* and a non-const xtnData.
Things aren't entirely clean yet. I had to do two things:
- Write a series of ssl_Ext* thunks for things that have innocuous
side effects in sslSocket like updating the transcript or
encrypting stuff.
- Add a CONST_CAST macro for the few cases where it's clear we're
having real side effects but they weren't simple to unwind.
them. The macro makes them easy to find.
Test Plan: None
Differential Revision: https://nss-review.dev.mozaws.net/D17
Diffstat (limited to 'gtests')
-rw-r--r-- | gtests/ssl_gtest/libssl_internals.c | 10 | ||||
-rw-r--r-- | gtests/ssl_gtest/ssl_extension_unittest.cc | 37 |
2 files changed, 42 insertions, 5 deletions
diff --git a/gtests/ssl_gtest/libssl_internals.c b/gtests/ssl_gtest/libssl_internals.c index 5f923cf40..b76394577 100644 --- a/gtests/ssl_gtest/libssl_internals.c +++ b/gtests/ssl_gtest/libssl_internals.c @@ -179,12 +179,12 @@ SECStatus SSLInt_Set0RttAlpn(PRFileDesc *fd, PRUint8 *data, unsigned int len) { return SECFailure; } - ss->ssl3.nextProtoState = SSL_NEXT_PROTO_EARLY_VALUE; - if (ss->ssl3.nextProto.data) { - SECITEM_FreeItem(&ss->ssl3.nextProto, PR_FALSE); + ss->xtnData.nextProtoState = SSL_NEXT_PROTO_EARLY_VALUE; + if (ss->xtnData.nextProto.data) { + SECITEM_FreeItem(&ss->xtnData.nextProto, PR_FALSE); } - if (!SECITEM_AllocItem(NULL, &ss->ssl3.nextProto, len)) return SECFailure; - PORT_Memcpy(ss->ssl3.nextProto.data, data, len); + if (!SECITEM_AllocItem(NULL, &ss->xtnData.nextProto, len)) return SECFailure; + PORT_Memcpy(ss->xtnData.nextProto.data, data, len); return SECSuccess; } diff --git a/gtests/ssl_gtest/ssl_extension_unittest.cc b/gtests/ssl_gtest/ssl_extension_unittest.cc index 04a1d976a..43c9868f7 100644 --- a/gtests/ssl_gtest/ssl_extension_unittest.cc +++ b/gtests/ssl_gtest/ssl_extension_unittest.cc @@ -154,6 +154,25 @@ class TlsExtensionTestBase : public TlsConnectTestBase { extension->Write(3, namelen, 2); extension->Write(5, reinterpret_cast<const uint8_t*>(name), namelen); } + + void HrrThenRemoveExtensionsTest(SSLExtensionType type, PRInt32 client_error, + PRInt32 server_error) { + static const std::vector<SSLNamedGroup> client_groups = { + ssl_grp_ec_secp384r1, ssl_grp_ec_curve25519}; + static const std::vector<SSLNamedGroup> server_groups = { + ssl_grp_ec_curve25519, ssl_grp_ec_secp384r1}; + client_->ConfigNamedGroups(client_groups); + server_->ConfigNamedGroups(server_groups); + EnsureTlsSetup(); + client_->StartConnect(); + server_->StartConnect(); + client_->Handshake(); // Send ClientHello + server_->Handshake(); // Send HRR. + client_->SetPacketFilter(new TlsExtensionDropper(type)); + Handshake(); + client_->CheckErrorCode(client_error); + server_->CheckErrorCode(server_error); + } }; class TlsExtensionTestDtls : public TlsExtensionTestBase, @@ -772,6 +791,24 @@ TEST_P(TlsExtensionTest13, RemoveTls13FromVersionListBothV12) { #endif } +TEST_P(TlsExtensionTest13, HrrThenRemoveSignatureAlgorithms) { + HrrThenRemoveExtensionsTest(ssl_signature_algorithms_xtn, + SSL_ERROR_MISSING_EXTENSION_ALERT, + SSL_ERROR_MISSING_SIGNATURE_ALGORITHMS_EXTENSION); +} + +TEST_P(TlsExtensionTest13, HrrThenRemoveKeyShare) { + HrrThenRemoveExtensionsTest(ssl_tls13_key_share_xtn, + SSL_ERROR_ILLEGAL_PARAMETER_ALERT, + SSL_ERROR_BAD_2ND_CLIENT_HELLO); +} + +TEST_P(TlsExtensionTest13, HrrThenRemoveSupportedGroups) { + HrrThenRemoveExtensionsTest(ssl_supported_groups_xtn, + SSL_ERROR_MISSING_EXTENSION_ALERT, + SSL_ERROR_MISSING_SUPPORTED_GROUPS_EXTENSION); +} + TEST_P(TlsExtensionTest13, EmptyVersionList) { static const uint8_t ext[] = {0x00, 0x00}; ConnectWithBogusVersionList(ext, sizeof(ext)); |