diff options
author | Martin Thomson <martin.thomson@gmail.com> | 2018-01-23 10:00:08 +1100 |
---|---|---|
committer | Martin Thomson <martin.thomson@gmail.com> | 2018-01-23 10:00:08 +1100 |
commit | db777fd65ea21a2eff9955f9149158c6fd20b732 (patch) | |
tree | 4b49d783f4623cb5288e5fccc331bcd581304571 /gtests | |
parent | cdd25e1ebf52ed92553971540c0891c9d47a7303 (diff) | |
download | nss-hg-db777fd65ea21a2eff9955f9149158c6fd20b732.tar.gz |
Bug 1427556 - API for setting max_early_data_size, r=ekr
Summary:
We had an API for this in tests, but this formalizes it. Note that we
can't use SSL_OptionSet here, but I decided to use the structures.
Reviewers: ekr
Subscribers: mcmanus
Bug #: 1427556
Differential Revision: https://phabricator.services.mozilla.com/D344
Diffstat (limited to 'gtests')
-rw-r--r-- | gtests/ssl_gtest/libssl_internals.c | 4 | ||||
-rw-r--r-- | gtests/ssl_gtest/libssl_internals.h | 1 | ||||
-rw-r--r-- | gtests/ssl_gtest/ssl_0rtt_unittest.cc | 9 | ||||
-rw-r--r-- | gtests/ssl_gtest/tls_agent.cc | 4 | ||||
-rw-r--r-- | gtests/ssl_gtest/tls_connect.cc | 1 |
5 files changed, 11 insertions, 8 deletions
diff --git a/gtests/ssl_gtest/libssl_internals.c b/gtests/ssl_gtest/libssl_internals.c index 887d85278..17b4ffe49 100644 --- a/gtests/ssl_gtest/libssl_internals.c +++ b/gtests/ssl_gtest/libssl_internals.c @@ -332,10 +332,6 @@ void SSLInt_SetTicketLifetime(uint32_t lifetime) { ssl_ticket_lifetime = lifetime; } -void SSLInt_SetMaxEarlyDataSize(uint32_t size) { - ssl_max_early_data_size = size; -} - SECStatus SSLInt_SetSocketMaxEarlyDataSize(PRFileDesc *fd, uint32_t size) { sslSocket *ss; diff --git a/gtests/ssl_gtest/libssl_internals.h b/gtests/ssl_gtest/libssl_internals.h index 95d4afdaf..3efb362c2 100644 --- a/gtests/ssl_gtest/libssl_internals.h +++ b/gtests/ssl_gtest/libssl_internals.h @@ -50,7 +50,6 @@ PK11SymKey *SSLInt_CipherSpecToKey(const ssl3CipherSpec *spec); SSLCipherAlgorithm SSLInt_CipherSpecToAlgorithm(const ssl3CipherSpec *spec); const PRUint8 *SSLInt_CipherSpecToIv(const ssl3CipherSpec *spec); void SSLInt_SetTicketLifetime(uint32_t lifetime); -void SSLInt_SetMaxEarlyDataSize(uint32_t size); SECStatus SSLInt_SetSocketMaxEarlyDataSize(PRFileDesc *fd, uint32_t size); void SSLInt_RolloverAntiReplay(void); diff --git a/gtests/ssl_gtest/ssl_0rtt_unittest.cc b/gtests/ssl_gtest/ssl_0rtt_unittest.cc index 1fd26b2ec..8847312b8 100644 --- a/gtests/ssl_gtest/ssl_0rtt_unittest.cc +++ b/gtests/ssl_gtest/ssl_0rtt_unittest.cc @@ -459,10 +459,13 @@ static void CheckEarlyDataLimit(const std::shared_ptr<TlsAgent>& agent, } TEST_P(TlsConnectTls13, SendTooMuchEarlyData) { + EnsureTlsSetup(); const char* big_message = "0123456789abcdef"; const size_t short_size = strlen(big_message) - 1; const PRInt32 short_length = static_cast<PRInt32>(short_size); - SSLInt_SetMaxEarlyDataSize(static_cast<PRUint32>(short_size)); + EXPECT_EQ(SECSuccess, + SSL_SetMaxEarlyDataSize(server_->ssl_fd(), + static_cast<PRUint32>(short_size))); SetupForZeroRtt(); client_->Set0RttEnabled(true); @@ -514,8 +517,10 @@ TEST_P(TlsConnectTls13, SendTooMuchEarlyData) { } TEST_P(TlsConnectTls13, ReceiveTooMuchEarlyData) { + EnsureTlsSetup(); + const size_t limit = 5; - SSLInt_SetMaxEarlyDataSize(limit); + EXPECT_EQ(SECSuccess, SSL_SetMaxEarlyDataSize(server_->ssl_fd(), limit)); SetupForZeroRtt(); client_->Set0RttEnabled(true); diff --git a/gtests/ssl_gtest/tls_agent.cc b/gtests/ssl_gtest/tls_agent.cc index ded09cb99..4a0fcd38a 100644 --- a/gtests/ssl_gtest/tls_agent.cc +++ b/gtests/ssl_gtest/tls_agent.cc @@ -183,6 +183,10 @@ bool TlsAgent::EnsureTlsSetup(PRFileDesc* modelSocket) { ScopedCERTCertList anchors(CERT_NewCertList()); rv = SSL_SetTrustAnchors(ssl_fd(), anchors.get()); if (rv != SECSuccess) return false; + + rv = SSL_SetMaxEarlyDataSize(ssl_fd(), 1024); + EXPECT_EQ(SECSuccess, rv); + if (rv != SECSuccess) return false; } else { rv = SSL_SetURL(ssl_fd(), "server"); EXPECT_EQ(SECSuccess, rv); diff --git a/gtests/ssl_gtest/tls_connect.cc b/gtests/ssl_gtest/tls_connect.cc index c5cfda9ec..b1e90d89d 100644 --- a/gtests/ssl_gtest/tls_connect.cc +++ b/gtests/ssl_gtest/tls_connect.cc @@ -197,7 +197,6 @@ void TlsConnectTestBase::SetUp() { SSL_ConfigServerSessionIDCache(1024, 0, 0, g_working_dir_path.c_str()); SSLInt_ClearSelfEncryptKey(); SSLInt_SetTicketLifetime(30); - SSLInt_SetMaxEarlyDataSize(1024); SSL_SetupAntiReplay(1 * PR_USEC_PER_SEC, 1, 3); ClearStats(); Init(); |