quicfaultstest.c 11 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411
  1. /*
  2. * Copyright 2022-2023 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License 2.0 (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. #include <string.h>
  10. #include <openssl/ssl.h>
  11. #include "helpers/quictestlib.h"
  12. #include "internal/quic_error.h"
  13. #include "testutil.h"
  14. static char *cert = NULL;
  15. static char *privkey = NULL;
  16. /*
  17. * Basic test that just creates a connection and sends some data without any
  18. * faults injected.
  19. */
  20. static int test_basic(void)
  21. {
  22. int testresult = 0;
  23. SSL_CTX *cctx = SSL_CTX_new(OSSL_QUIC_client_method());
  24. QUIC_TSERVER *qtserv = NULL;
  25. SSL *cssl = NULL;
  26. char *msg = "Hello World!";
  27. size_t msglen = strlen(msg);
  28. unsigned char buf[80];
  29. size_t bytesread;
  30. if (!TEST_ptr(cctx))
  31. goto err;
  32. if (!TEST_true(qtest_create_quic_objects(NULL, cctx, NULL, cert, privkey, 0,
  33. &qtserv, &cssl, NULL, NULL)))
  34. goto err;
  35. if (!TEST_true(qtest_create_quic_connection(qtserv, cssl)))
  36. goto err;
  37. if (!TEST_int_eq(SSL_write(cssl, msg, msglen), msglen))
  38. goto err;
  39. ossl_quic_tserver_tick(qtserv);
  40. if (!TEST_true(ossl_quic_tserver_read(qtserv, 0, buf, sizeof(buf), &bytesread)))
  41. goto err;
  42. /*
  43. * We assume the entire message is read from the server in one go. In
  44. * theory this could get fragmented but its a small message so we assume
  45. * not.
  46. */
  47. if (!TEST_mem_eq(msg, msglen, buf, bytesread))
  48. goto err;
  49. testresult = 1;
  50. err:
  51. SSL_free(cssl);
  52. ossl_quic_tserver_free(qtserv);
  53. SSL_CTX_free(cctx);
  54. return testresult;
  55. }
  56. /*
  57. * Test that adding an unknown frame type is handled correctly
  58. */
  59. static int add_unknown_frame_cb(QTEST_FAULT *fault, QUIC_PKT_HDR *hdr,
  60. unsigned char *buf, size_t len, void *cbarg)
  61. {
  62. static size_t done = 0;
  63. /*
  64. * There are no "reserved" frame types which are definitately safe for us
  65. * to use for testing purposes - but we just use the highest possible
  66. * value (8 byte length integer) and with no payload bytes
  67. */
  68. unsigned char unknown_frame[] = {
  69. 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff
  70. };
  71. /* We only ever add the unknown frame to one packet */
  72. if (done++)
  73. return 1;
  74. return qtest_fault_prepend_frame(fault, unknown_frame,
  75. sizeof(unknown_frame));
  76. }
  77. static int test_unknown_frame(void)
  78. {
  79. int testresult = 0, ret;
  80. SSL_CTX *cctx = SSL_CTX_new(OSSL_QUIC_client_method());
  81. QUIC_TSERVER *qtserv = NULL;
  82. SSL *cssl = NULL;
  83. char *msg = "Hello World!";
  84. size_t msglen = strlen(msg);
  85. unsigned char buf[80];
  86. size_t byteswritten;
  87. QTEST_FAULT *fault = NULL;
  88. uint64_t sid = UINT64_MAX;
  89. if (!TEST_ptr(cctx))
  90. goto err;
  91. if (!TEST_true(qtest_create_quic_objects(NULL, cctx, NULL, cert, privkey, 0,
  92. &qtserv, &cssl, &fault, NULL)))
  93. goto err;
  94. if (!TEST_true(qtest_create_quic_connection(qtserv, cssl)))
  95. goto err;
  96. /*
  97. * Write a message from the server to the client and add an unknown frame
  98. * type
  99. */
  100. if (!TEST_true(qtest_fault_set_packet_plain_listener(fault,
  101. add_unknown_frame_cb,
  102. NULL)))
  103. goto err;
  104. if (!TEST_true(ossl_quic_tserver_stream_new(qtserv, /*is_uni=*/0, &sid))
  105. || !TEST_uint64_t_eq(sid, 1))
  106. goto err;
  107. if (!TEST_true(ossl_quic_tserver_write(qtserv, sid, (unsigned char *)msg, msglen,
  108. &byteswritten)))
  109. goto err;
  110. if (!TEST_size_t_eq(msglen, byteswritten))
  111. goto err;
  112. ossl_quic_tserver_tick(qtserv);
  113. if (!TEST_true(SSL_handle_events(cssl)))
  114. goto err;
  115. if (!TEST_int_le(ret = SSL_read(cssl, buf, sizeof(buf)), 0))
  116. goto err;
  117. if (!TEST_int_eq(SSL_get_error(cssl, ret), SSL_ERROR_SSL))
  118. goto err;
  119. if (!TEST_int_eq(ERR_GET_REASON(ERR_peek_error()),
  120. SSL_R_QUIC_PROTOCOL_ERROR))
  121. goto err;
  122. if (!TEST_true(qtest_check_server_frame_encoding_err(qtserv)))
  123. goto err;
  124. testresult = 1;
  125. err:
  126. qtest_fault_free(fault);
  127. SSL_free(cssl);
  128. ossl_quic_tserver_free(qtserv);
  129. SSL_CTX_free(cctx);
  130. return testresult;
  131. }
  132. /*
  133. * Test that a server that fails to provide transport params cannot be
  134. * connected to.
  135. */
  136. static int drop_extensions_cb(QTEST_FAULT *fault,
  137. QTEST_ENCRYPTED_EXTENSIONS *ee,
  138. size_t eelen, void *encextcbarg)
  139. {
  140. int *ext = (int *)encextcbarg;
  141. if (!qtest_fault_delete_extension(fault, *ext, ee->extensions,
  142. &ee->extensionslen, NULL))
  143. return 0;
  144. return 1;
  145. }
  146. static int test_drop_extensions(int idx)
  147. {
  148. int testresult = 0;
  149. SSL_CTX *cctx = SSL_CTX_new(OSSL_QUIC_client_method());
  150. QUIC_TSERVER *qtserv = NULL;
  151. SSL *cssl = NULL;
  152. QTEST_FAULT *fault = NULL;
  153. int ext, err;
  154. if (!TEST_ptr(cctx))
  155. goto err;
  156. if (!TEST_true(qtest_create_quic_objects(NULL, cctx, NULL, cert, privkey, 0,
  157. &qtserv, &cssl, &fault, NULL)))
  158. goto err;
  159. if (idx == 0) {
  160. ext = TLSEXT_TYPE_quic_transport_parameters;
  161. err = QUIC_ERR_CRYPTO_MISSING_EXT;
  162. } else {
  163. ext = TLSEXT_TYPE_application_layer_protocol_negotiation;
  164. err = QUIC_ERR_CRYPTO_NO_APP_PROTO;
  165. }
  166. if (!TEST_true(qtest_fault_set_hand_enc_ext_listener(fault,
  167. drop_extensions_cb,
  168. &ext)))
  169. goto err;
  170. /*
  171. * We expect the connection to fail because the server failed to provide
  172. * transport parameters
  173. */
  174. if (!TEST_false(qtest_create_quic_connection(qtserv, cssl)))
  175. goto err;
  176. if (!TEST_true(qtest_check_server_transport_err(qtserv, err)))
  177. goto err;
  178. testresult = 1;
  179. err:
  180. qtest_fault_free(fault);
  181. SSL_free(cssl);
  182. ossl_quic_tserver_free(qtserv);
  183. SSL_CTX_free(cctx);
  184. return testresult;
  185. }
  186. /*
  187. * Test that corrupted packets/datagrams are dropped and retransmitted
  188. */
  189. static int docorrupt = 0;
  190. static int on_packet_cipher_cb(QTEST_FAULT *fault, QUIC_PKT_HDR *hdr,
  191. unsigned char *buf, size_t len, void *cbarg)
  192. {
  193. if (!docorrupt || len == 0)
  194. return 1;
  195. buf[(size_t)test_random() % len] ^= 0xff;
  196. docorrupt = 0;
  197. return 1;
  198. }
  199. static int on_datagram_cb(QTEST_FAULT *fault, BIO_MSG *m, size_t stride,
  200. void *cbarg)
  201. {
  202. if (!docorrupt || m->data_len == 0)
  203. return 1;
  204. if (!qtest_fault_resize_datagram(fault, m->data_len - 1))
  205. return 1;
  206. docorrupt = 0;
  207. return 1;
  208. }
  209. /*
  210. * Test 1: Corrupt by flipping bits in an encrypted packet
  211. * Test 2: Corrupt by truncating an entire datagram
  212. */
  213. static int test_corrupted_data(int idx)
  214. {
  215. QTEST_FAULT *fault = NULL;
  216. int testresult = 0;
  217. SSL_CTX *cctx = SSL_CTX_new(OSSL_QUIC_client_method());
  218. QUIC_TSERVER *qtserv = NULL;
  219. SSL *cssl = NULL;
  220. char *msg = "Hello World!";
  221. size_t msglen = strlen(msg);
  222. unsigned char buf[80];
  223. size_t bytesread, byteswritten;
  224. uint64_t sid = UINT64_MAX;
  225. if (!TEST_ptr(cctx))
  226. goto err;
  227. if (!TEST_true(qtest_create_quic_objects(NULL, cctx, NULL, cert, privkey,
  228. QTEST_FLAG_FAKE_TIME, &qtserv,
  229. &cssl, &fault, NULL)))
  230. goto err;
  231. if (idx == 0) {
  232. /* Listen for encrypted packets being sent */
  233. if (!TEST_true(qtest_fault_set_packet_cipher_listener(fault,
  234. on_packet_cipher_cb,
  235. NULL)))
  236. goto err;
  237. } else {
  238. /* Listen for datagrams being sent */
  239. if (!TEST_true(qtest_fault_set_datagram_listener(fault,
  240. on_datagram_cb,
  241. NULL)))
  242. goto err;
  243. }
  244. if (!TEST_true(qtest_create_quic_connection(qtserv, cssl)))
  245. goto err;
  246. /* Corrupt the next server packet*/
  247. docorrupt = 1;
  248. if (!TEST_true(ossl_quic_tserver_stream_new(qtserv, /*is_uni=*/0, &sid))
  249. || !TEST_uint64_t_eq(sid, 1))
  250. goto err;
  251. /*
  252. * Send first 5 bytes of message. This will get corrupted and is treated as
  253. * "lost"
  254. */
  255. if (!TEST_true(ossl_quic_tserver_write(qtserv, sid, (unsigned char *)msg, 5,
  256. &byteswritten)))
  257. goto err;
  258. if (!TEST_size_t_eq(byteswritten, 5))
  259. goto err;
  260. /*
  261. * Introduce a small delay so that the above packet has time to be detected
  262. * as lost. Loss detection times are based on RTT which should be very
  263. * fast for us since there isn't really a network. The loss delay timer is
  264. * always at least 1ms though. We skip forward 100ms
  265. */
  266. qtest_add_time(100);
  267. /* Send rest of message */
  268. if (!TEST_true(ossl_quic_tserver_write(qtserv, sid, (unsigned char *)msg + 5,
  269. msglen - 5, &byteswritten)))
  270. goto err;
  271. if (!TEST_size_t_eq(byteswritten, msglen - 5))
  272. goto err;
  273. /*
  274. * Receive the corrupted packet. This should get dropped and is effectively
  275. * "lost". We also process the second packet which should be decrypted
  276. * successfully. Therefore we ack the frames in it
  277. */
  278. if (!TEST_true(SSL_handle_events(cssl)))
  279. goto err;
  280. /*
  281. * Process the ack. Detect that the first part of the message must have
  282. * been lost due to the time elapsed since it was sent and resend it
  283. */
  284. ossl_quic_tserver_tick(qtserv);
  285. /* Receive and process the newly arrived message data resend */
  286. if (!TEST_true(SSL_handle_events(cssl)))
  287. goto err;
  288. /* The whole message should now have arrived */
  289. if (!TEST_true(SSL_read_ex(cssl, buf, sizeof(buf), &bytesread)))
  290. goto err;
  291. if (!TEST_mem_eq(msg, msglen, buf, bytesread))
  292. goto err;
  293. /*
  294. * If the test was successful then we corrupted exactly one packet and
  295. * docorrupt was reset
  296. */
  297. if (!TEST_false(docorrupt))
  298. goto err;
  299. testresult = 1;
  300. err:
  301. qtest_fault_free(fault);
  302. SSL_free(cssl);
  303. ossl_quic_tserver_free(qtserv);
  304. SSL_CTX_free(cctx);
  305. return testresult;
  306. }
  307. OPT_TEST_DECLARE_USAGE("certsdir\n")
  308. int setup_tests(void)
  309. {
  310. char *certsdir = NULL;
  311. if (!test_skip_common_options()) {
  312. TEST_error("Error parsing test options\n");
  313. return 0;
  314. }
  315. if (!TEST_ptr(certsdir = test_get_argument(0)))
  316. return 0;
  317. cert = test_mk_file_path(certsdir, "servercert.pem");
  318. if (cert == NULL)
  319. goto err;
  320. privkey = test_mk_file_path(certsdir, "serverkey.pem");
  321. if (privkey == NULL)
  322. goto err;
  323. ADD_TEST(test_basic);
  324. ADD_TEST(test_unknown_frame);
  325. ADD_ALL_TESTS(test_drop_extensions, 2);
  326. ADD_ALL_TESTS(test_corrupted_data, 2);
  327. return 1;
  328. err:
  329. OPENSSL_free(cert);
  330. OPENSSL_free(privkey);
  331. return 0;
  332. }
  333. void cleanup_tests(void)
  334. {
  335. OPENSSL_free(cert);
  336. OPENSSL_free(privkey);
  337. }