int main(int argc, char **argv)
{
struct s2n_connection *conn;
struct s2n_config *config;
s2n_blocked_status blocked;
int status;
pid_t pid;
int server_to_client[2];
int client_to_server[2];
BEGIN_TEST();
EXPECT_SUCCESS(setenv("S2N_ENABLE_CLIENT_MODE", "1", 0));
for (int cert = 0; cert < SUPPORTED_CERTIFICATE_FORMATS; cert++) {
for (int is_dh_key_exchange = 0; is_dh_key_exchange <= 1; is_dh_key_exchange++) {
/* Create a pipe */
EXPECT_SUCCESS(pipe(server_to_client));
EXPECT_SUCCESS(pipe(client_to_server));
/* Create a child process */
pid = fork();
if (pid == 0) {
/* This is the child process, close the read end of the pipe */
EXPECT_SUCCESS(close(client_to_server[0]));
EXPECT_SUCCESS(close(server_to_client[1]));
/* Write the fragmented hello message */
mock_client(client_to_server[1], server_to_client[0]);
}
/* This is the parent */
EXPECT_SUCCESS(close(client_to_server[1]));
EXPECT_SUCCESS(close(server_to_client[0]));
EXPECT_NOT_NULL(conn = s2n_connection_new(S2N_SERVER));
conn->server_protocol_version = S2N_TLS12;
conn->client_protocol_version = S2N_TLS12;
conn->actual_protocol_version = S2N_TLS12;
EXPECT_NOT_NULL(config = s2n_config_new());
EXPECT_SUCCESS(s2n_config_add_cert_chain_and_key(config, certificates[cert], private_keys[cert]));
if (is_dh_key_exchange) {
EXPECT_SUCCESS(s2n_config_add_dhparams(config, dhparams));
}
EXPECT_SUCCESS(s2n_connection_set_config(conn, config));
/* Set up the connection to read from the fd */
EXPECT_SUCCESS(s2n_connection_set_read_fd(conn, client_to_server[0]));
EXPECT_SUCCESS(s2n_connection_set_write_fd(conn, server_to_client[1]));
/* Negotiate the handshake. */
EXPECT_SUCCESS(s2n_negotiate(conn, &blocked));
char buffer[0xffff];
for (int i = 1; i < 0xffff; i += 100) {
char * ptr = buffer;
int size = i;
do {
int bytes_read = 0;
EXPECT_SUCCESS(bytes_read = s2n_recv(conn, ptr, size, &blocked));
size -= bytes_read;
ptr += bytes_read;
} while(size);
for (int j = 0; j < i; j++) {
EXPECT_EQUAL(buffer[j], 33);
}
}
int shutdown_rc = -1;
do {
shutdown_rc = s2n_shutdown(conn, &blocked);
EXPECT_TRUE(shutdown_rc == 0 || (errno == EAGAIN && blocked));
} while(shutdown_rc != 0);
EXPECT_SUCCESS(s2n_connection_free(conn));
EXPECT_SUCCESS(s2n_config_free(config));
/* Clean up */
EXPECT_EQUAL(waitpid(-1, &status, 0), pid);
EXPECT_EQUAL(status, 0);
}
}
END_TEST();
return 0;
}
int main(int argc, char **argv)
{
uint8_t data[10000000];
uint8_t *ptr = data;
struct s2n_connection *conn;
struct s2n_config *config;
s2n_blocked_status blocked;
int status;
pid_t pid;
int server_to_client[2];
int client_to_server[2];
struct s2n_blob blob = {.data = data, .size = sizeof(data)};
BEGIN_TEST();
EXPECT_SUCCESS(setenv("S2N_ENABLE_CLIENT_MODE", "1", 0));
EXPECT_NOT_NULL(config = s2n_config_new());
EXPECT_SUCCESS(s2n_config_add_cert_chain_and_key(config, certificate, private_key));
EXPECT_SUCCESS(s2n_config_add_dhparams(config, dhparams));
/* Get some random data to send/receive */
EXPECT_SUCCESS(s2n_get_urandom_data(&blob));
/* Create a pipe */
EXPECT_SUCCESS(pipe(server_to_client));
EXPECT_SUCCESS(pipe(client_to_server));
/* Create a child process */
pid = fork();
if (pid == 0) {
/* This is the child process, close the read end of the pipe */
EXPECT_SUCCESS(close(client_to_server[0]));
EXPECT_SUCCESS(close(server_to_client[1]));
/* Run the client */
mock_client(client_to_server[1], server_to_client[0], data, sizeof(data));
}
/* This is the parent */
EXPECT_SUCCESS(close(client_to_server[1]));
EXPECT_SUCCESS(close(server_to_client[0]));
EXPECT_NOT_NULL(conn = s2n_connection_new(S2N_SERVER));
EXPECT_SUCCESS(s2n_connection_set_config(conn, config));
/* Set up the connection to read from the fd */
EXPECT_SUCCESS(s2n_connection_set_read_fd(conn, client_to_server[0]));
EXPECT_SUCCESS(s2n_connection_set_write_fd(conn, server_to_client[1]));
/* Negotiate the handshake. */
EXPECT_SUCCESS(s2n_negotiate(conn, &blocked));
/* Pause the child process by sending it SIGSTP */
EXPECT_SUCCESS(kill(pid, SIGSTOP));
/* Make our pipes non-blocking */
EXPECT_NOT_EQUAL(fcntl(client_to_server[0], F_SETFL, fcntl(client_to_server[0], F_GETFL) | O_NONBLOCK), -1);
EXPECT_NOT_EQUAL(fcntl(server_to_client[1], F_SETFL, fcntl(server_to_client[1], F_GETFL) | O_NONBLOCK), -1);
/* Try to all 10MB of data, should be enough to fill PIPEBUF, so
we'll get blocked at some point */
uint32_t remaining = sizeof(data);
while (remaining) {
int r = s2n_send(conn, ptr, remaining, &blocked);
if (r < 0) {
if (blocked) {
/* We reached a blocked state */
break;
}
continue;
}
remaining -= r;
ptr += r;
}
/* Remaining shouldn't have progressed at all */
EXPECT_EQUAL(remaining, sizeof(data));
/* Wake the child process by sending it SIGCONT */
EXPECT_SUCCESS(kill(pid, SIGCONT));
/* Make our sockets blocking again */
EXPECT_NOT_EQUAL(fcntl(client_to_server[0], F_SETFL, fcntl(client_to_server[0], F_GETFL) ^ O_NONBLOCK), -1);
EXPECT_NOT_EQUAL(fcntl(server_to_client[1], F_SETFL, fcntl(server_to_client[1], F_GETFL) ^ O_NONBLOCK), -1);
/* Actually send the remaining data */
while (remaining) {
int r = s2n_send(conn, ptr, remaining, &blocked);
if (r < 0) {
continue;
}
remaining -= r;
ptr += r;
}
EXPECT_SUCCESS(s2n_shutdown(conn, &blocked));
EXPECT_SUCCESS(s2n_connection_free(conn));
/* Clean up */
EXPECT_EQUAL(waitpid(-1, &status, 0), pid);
EXPECT_EQUAL(status, 0);
EXPECT_SUCCESS(s2n_config_free(config));
END_TEST();
return 0;
}
int main(int argc, char **argv)
{
struct s2n_connection *conn;
struct s2n_config *config;
int status;
pid_t pid;
int server_to_client[2];
int client_to_server[2];
BEGIN_TEST();
EXPECT_SUCCESS(setenv("S2N_ENABLE_CLIENT_MODE", "1", 0));
/* Create a pipe */
EXPECT_SUCCESS(s2n_init());
for (int is_dh_key_exchange = 0; is_dh_key_exchange <= 1; is_dh_key_exchange++) {
EXPECT_SUCCESS(pipe(server_to_client));
EXPECT_SUCCESS(pipe(client_to_server));
/* Create a child process */
pid = fork();
if (pid == 0) {
/* This is the child process, close the read end of the pipe */
EXPECT_SUCCESS(close(client_to_server[0]));
EXPECT_SUCCESS(close(server_to_client[1]));
/* Write the fragmented hello message */
mock_client(client_to_server[1], server_to_client[0]);
}
/* This is the parent */
EXPECT_SUCCESS(close(client_to_server[1]));
EXPECT_SUCCESS(close(server_to_client[0]));
EXPECT_NOT_NULL(conn = s2n_connection_new(S2N_SERVER));
EXPECT_NOT_NULL(config = s2n_config_new());
EXPECT_SUCCESS(s2n_config_add_cert_chain_and_key(config, certificate, private_key));
if (is_dh_key_exchange) {
EXPECT_SUCCESS(s2n_config_add_dhparams(config, dhparams));
}
EXPECT_SUCCESS(s2n_connection_set_config(conn, config));
/* Set up the connection to read from the fd */
EXPECT_SUCCESS(s2n_connection_set_read_fd(conn, client_to_server[0]));
EXPECT_SUCCESS(s2n_connection_set_write_fd(conn, server_to_client[1]));
/* Negotiate the handshake. */
EXPECT_SUCCESS(s2n_negotiate(conn, &status));
char buffer[0xffff];
for (int i = 1; i < 0xffff; i += 100) {
char * ptr = buffer;
int bytes_read = 0;
int size = i;
do {
EXPECT_SUCCESS(bytes_read = s2n_recv(conn, ptr, size, &status));
size -= bytes_read;
ptr += bytes_read;
} while(size);
for (int j = 0; j < i; j++) {
EXPECT_EQUAL(buffer[j], 33);
}
}
/* Verify that read() returns EOF */
EXPECT_SUCCESS(s2n_recv(conn, buffer, 1, &status));
EXPECT_SUCCESS(s2n_shutdown(conn, &status));
EXPECT_SUCCESS(s2n_connection_free(conn));
EXPECT_SUCCESS(s2n_config_free(config));
/* Clean up */
EXPECT_EQUAL(waitpid(-1, &status, 0), pid);
EXPECT_EQUAL(status, 0);
}
END_TEST();
return 0;
}
int main(int argc, char **argv)
{
char buffer[0xffff];
struct s2n_connection *conn;
struct s2n_config *config;
s2n_blocked_status blocked;
int status;
pid_t pid;
int server_to_client[2];
int client_to_server[2];
const char *protocols[] = { "http/1.1", "spdy/3.1" };
const char *mismatch_protocols[] = { "spdy/2" };
BEGIN_TEST();
EXPECT_SUCCESS(setenv("S2N_ENABLE_CLIENT_MODE", "1", 0));
EXPECT_NOT_NULL(config = s2n_config_new());
EXPECT_SUCCESS(s2n_config_set_protocol_preferences(config, protocols, 2));
EXPECT_SUCCESS(s2n_config_add_cert_chain_and_key(config, certificate, private_key));
EXPECT_SUCCESS(s2n_config_add_dhparams(config, dhparams));
/** Test no client ALPN request */
/* Create a pipe */
EXPECT_SUCCESS(pipe(server_to_client));
EXPECT_SUCCESS(pipe(client_to_server));
/* Create a child process */
pid = fork();
if (pid == 0) {
/* This is the child process, close the read end of the pipe */
EXPECT_SUCCESS(close(client_to_server[0]));
EXPECT_SUCCESS(close(server_to_client[1]));
/* Send the client hello with no ALPN extensions, and validate we didn't
* negotiate an application protocol */
mock_client(client_to_server[1], server_to_client[0], NULL, 0, NULL);
}
/* This is the parent */
EXPECT_SUCCESS(close(client_to_server[1]));
EXPECT_SUCCESS(close(server_to_client[0]));
EXPECT_NOT_NULL(conn = s2n_connection_new(S2N_SERVER));
EXPECT_SUCCESS(s2n_connection_set_config(conn, config));
/* Set up the connection to read from the fd */
EXPECT_SUCCESS(s2n_connection_set_read_fd(conn, client_to_server[0]));
EXPECT_SUCCESS(s2n_connection_set_write_fd(conn, server_to_client[1]));
/* Negotiate the handshake. */
EXPECT_SUCCESS(s2n_negotiate(conn, &blocked));
/* Expect NULL negotiated protocol */
EXPECT_EQUAL(s2n_get_application_protocol(conn), NULL);
for (int i = 1; i < 0xffff; i += 100) {
char * ptr = buffer;
int bytes_read = 0;
int size = i;
do {
EXPECT_SUCCESS(bytes_read = s2n_recv(conn, ptr, size, &blocked));
size -= bytes_read;
ptr += bytes_read;
} while(size);
for (int j = 0; j < i; j++) {
EXPECT_EQUAL(buffer[j], 33);
}
}
EXPECT_SUCCESS(s2n_shutdown(conn, &blocked));
EXPECT_SUCCESS(s2n_connection_free(conn));
/* Clean up */
EXPECT_EQUAL(waitpid(-1, &status, 0), pid);
EXPECT_EQUAL(status, 0);
/* Test a matching ALPN request */
/* Create a pipe */
EXPECT_SUCCESS(pipe(server_to_client));
EXPECT_SUCCESS(pipe(client_to_server));
/* Create a child process */
pid = fork();
if (pid == 0) {
/* This is the child process, close the read end of the pipe */
EXPECT_SUCCESS(close(client_to_server[0]));
EXPECT_SUCCESS(close(server_to_client[1]));
/* Clients ALPN preferences match our preferences, so we pick the
* most preffered server one */
mock_client(client_to_server[1], server_to_client[0], protocols, 2, protocols[0]);
}
/* This is the parent */
EXPECT_SUCCESS(close(client_to_server[1]));
EXPECT_SUCCESS(close(server_to_client[0]));
EXPECT_NOT_NULL(conn = s2n_connection_new(S2N_SERVER));
EXPECT_SUCCESS(s2n_connection_set_config(conn, config));
/* Set up the connection to read from the fd */
EXPECT_SUCCESS(s2n_connection_set_read_fd(conn, client_to_server[0]));
EXPECT_SUCCESS(s2n_connection_set_write_fd(conn, server_to_client[1]));
/* Negotiate the handshake. */
EXPECT_SUCCESS(s2n_negotiate(conn, &blocked));
/* Expect our most prefered negotiated protocol */
EXPECT_STRING_EQUAL(s2n_get_application_protocol(conn), protocols[0]);
for (int i = 1; i < 0xffff; i += 100) {
char * ptr = buffer;
int bytes_read = 0;
int size = i;
do {
EXPECT_SUCCESS(bytes_read = s2n_recv(conn, ptr, size, &blocked));
size -= bytes_read;
ptr += bytes_read;
} while(size);
for (int j = 0; j < i; j++) {
EXPECT_EQUAL(buffer[j], 33);
}
}
EXPECT_SUCCESS(s2n_shutdown(conn, &blocked));
EXPECT_SUCCESS(s2n_connection_free(conn));
/* Clean up */
EXPECT_EQUAL(waitpid(-1, &status, 0), pid);
EXPECT_EQUAL(status, 0);
/* Test a lower prefered matching ALPN request */
/* Create a pipe */
EXPECT_SUCCESS(pipe(server_to_client));
EXPECT_SUCCESS(pipe(client_to_server));
/* Create a child process */
pid = fork();
if (pid == 0) {
/* This is the child process, close the read end of the pipe */
EXPECT_SUCCESS(close(client_to_server[0]));
EXPECT_SUCCESS(close(server_to_client[1]));
/* Client only advertises our second choice, so we should negotiate it */
mock_client(client_to_server[1], server_to_client[0], &protocols[1], 1, protocols[1]);
}
/* This is the parent */
EXPECT_SUCCESS(close(client_to_server[1]));
EXPECT_SUCCESS(close(server_to_client[0]));
EXPECT_NOT_NULL(conn = s2n_connection_new(S2N_SERVER));
EXPECT_SUCCESS(s2n_connection_set_config(conn, config));
/* Set up the connection to read from the fd */
EXPECT_SUCCESS(s2n_connection_set_read_fd(conn, client_to_server[0]));
EXPECT_SUCCESS(s2n_connection_set_write_fd(conn, server_to_client[1]));
/* Negotiate the handshake. */
EXPECT_SUCCESS(s2n_negotiate(conn, &blocked));
for (int i = 1; i < 0xffff; i += 100) {
char * ptr = buffer;
int bytes_read = 0;
int size = i;
do {
EXPECT_SUCCESS(bytes_read = s2n_recv(conn, ptr, size, &blocked));
size -= bytes_read;
ptr += bytes_read;
} while(size);
for (int j = 0; j < i; j++) {
EXPECT_EQUAL(buffer[j], 33);
}
}
/* Expect our least prefered negotiated protocol */
EXPECT_STRING_EQUAL(s2n_get_application_protocol(conn), protocols[1]);
EXPECT_SUCCESS(s2n_shutdown(conn, &blocked));
EXPECT_SUCCESS(s2n_connection_free(conn));
/* Clean up */
EXPECT_EQUAL(waitpid(-1, &status, 0), pid);
EXPECT_EQUAL(status, 0);
/* Test a non-matching ALPN request */
/* Create a pipe */
EXPECT_SUCCESS(pipe(server_to_client));
EXPECT_SUCCESS(pipe(client_to_server));
/* Create a child process */
pid = fork();
if (pid == 0) {
/* This is the child process, close the read end of the pipe */
EXPECT_SUCCESS(close(client_to_server[0]));
EXPECT_SUCCESS(close(server_to_client[1]));
/* Client doesn't support any of our protocols, so we shouldn't complete
* the handshake */
mock_client(client_to_server[1], server_to_client[0], mismatch_protocols, 1, NULL);
}
/* This is the parent */
EXPECT_SUCCESS(close(client_to_server[1]));
EXPECT_SUCCESS(close(server_to_client[0]));
EXPECT_NOT_NULL(conn = s2n_connection_new(S2N_SERVER));
EXPECT_SUCCESS(s2n_connection_set_config(conn, config));
/* Set up the connection to read from the fd */
EXPECT_SUCCESS(s2n_connection_set_read_fd(conn, client_to_server[0]));
EXPECT_SUCCESS(s2n_connection_set_write_fd(conn, server_to_client[1]));
/* s2n_negotiate will fail, which ordinarily would delay with a sleep.
* Remove the sleep and fake the delay with a mock time routine */
EXPECT_SUCCESS(s2n_connection_set_blinding(conn, S2N_SELF_SERVICE_BLINDING));
EXPECT_SUCCESS(s2n_config_set_nanoseconds_since_epoch_callback(config, mock_nanoseconds_since_epoch, NULL));
/* Negotiate the handshake. */
EXPECT_FAILURE(s2n_negotiate(conn, &blocked));
/* Expect NULL negotiated protocol */
EXPECT_EQUAL(s2n_get_application_protocol(conn), NULL);
EXPECT_SUCCESS(s2n_shutdown(conn, &blocked));
EXPECT_SUCCESS(s2n_connection_free(conn));
/* Close the pipes */
EXPECT_SUCCESS(close(client_to_server[0]));
EXPECT_SUCCESS(close(server_to_client[1]));
/* Clean up */
EXPECT_EQUAL(waitpid(-1, &status, 0), pid);
EXPECT_NOT_EQUAL(status, 0);
EXPECT_SUCCESS(s2n_config_free(config));
END_TEST();
return 0;
}