Cyclic0007/wolfssl
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Regression test fixes

Browse Source 
Mostly combinations of NO_WOLFSSL_CLIENT, NO_WOLFSSL_SERVER and
WOLFSSL_NO_CLIENT_AUTH were failing.
Added configurations to CI loop.

wc_AesGcmDecryptFinal: use WC_AES_BLOCK_SIZE to satisfy compiler.
This commit is contained in:
Sean Parkinson
2026-01-27 17:42:47 +10:00
parent f7b5f00973
commit bc9e37118e
27 changed files with 516 additions and 271 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
tests/api.c
View File

@@ -6878,7 +6878,7 @@ static void test_wolfSSL_CTX_add_session_on_result(WOLFSSL* ssl)
AssertIntEQ(wolfSSL_CTX_up_ref(wolfSSL_get_SSL_CTX(ssl)),
WOLFSSL_SUCCESS);
}
#ifdef SESSION_CERTS
#if defined(SESSION_CERTS) && !defined(WOLFSSL_NO_CLIENT_AUTH)
#ifndef WOLFSSL_TICKET_HAVE_ID
if (wolfSSL_version(ssl) != TLS1_3_VERSION &&
wolfSSL_session_reused(ssl))
@@ -6898,7 +6898,7 @@ static void test_wolfSSL_CTX_add_session_on_result(WOLFSSL* ssl)
AssertNotNull(SSL_SESSION_get0_peer(*sess));
#endif
}
#endif /* SESSION_CERTS */
#endif /* SESSION_CERTS && !WOLFSSL_NO_CLIENT_AUTH */
}
static void test_wolfSSL_CTX_add_session_ssl_ready(WOLFSSL* ssl)
@@ -7281,7 +7281,7 @@ static int twcase_server_sess_ctx_pre_shutdown(WOLFSSL* ssl)
ExpectIntEQ(wolfSSL_CTX_up_ref(wolfSSL_get_SSL_CTX(ssl)),
WOLFSSL_SUCCESS);
}
#ifdef SESSION_CERTS
#if defined(SESSION_CERTS) && !defined(WOLFSSL_NO_CLIENT_AUTH)
#ifndef WOLFSSL_TICKET_HAVE_ID
if (wolfSSL_version(ssl) != TLS1_3_VERSION &&
wolfSSL_session_reused(ssl))
@@ -7316,7 +7316,7 @@ static int twcase_client_sess_ctx_pre_shutdown(WOLFSSL* ssl)
ExpectIntEQ(wolfSSL_session_reused(ssl), 1);
}
#ifdef SESSION_CERTS
#if defined(SESSION_CERTS) && !defined(WOLFSSL_NO_CLIENT_AUTH)
#ifndef WOLFSSL_TICKET_HAVE_ID
if (wolfSSL_version(ssl) != TLS1_3_VERSION &&
wolfSSL_session_reused(ssl))
@@ -9057,10 +9057,9 @@ static int test_wolfSSL_UseMaxFragment(void)
{
EXPECT_DECLS;
#if defined(HAVE_MAX_FRAGMENT) && !defined(NO_CERTS) && \
!defined(NO_FILESYSTEM) && !defined(NO_RSA)
!defined(NO_FILESYSTEM) && !defined(NO_RSA) && !defined(NO_WOLFSSL_CLIENT)
#if !defined(NO_TLS) && \
(!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER))
#if !defined(NO_TLS)
#ifndef NO_WOLFSSL_SERVER
WOLFSSL_CTX* ctx = wolfSSL_CTX_new(wolfSSLv23_server_method());
#else
@@ -9187,6 +9186,7 @@ static int test_wolfSSL_UseTruncatedHMAC(void)
ExpectNotNull(ssl = wolfSSL_new(ctx));
#ifndef NO_WOLFSSL_CLIENT
/* error cases */
ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_UseTruncatedHMAC(NULL));
ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_UseTruncatedHMAC(NULL));
@@ -9194,6 +9194,7 @@ static int test_wolfSSL_UseTruncatedHMAC(void)
/* success case */
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_UseTruncatedHMAC(ctx));
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_UseTruncatedHMAC(ssl));
#endif
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
@@ -10854,7 +10855,8 @@ static int test_wolfSSL_mcast(void)
{
EXPECT_DECLS;
#if defined(WOLFSSL_DTLS) && defined(WOLFSSL_MULTICAST) && \
(defined(WOLFSSL_TLS13) || defined(WOLFSSL_SNIFFER))
(defined(WOLFSSL_TLS13) || defined(WOLFSSL_SNIFFER)) && \
!defined(NO_WOLFSSL_CLIENT)
WOLFSSL_CTX* ctx = NULL;
WOLFSSL* ssl = NULL;
byte preMasterSecret[512];
@@ -17572,7 +17574,8 @@ static int test_wolfSSL_verify_mode(void)
EXPECT_DECLS;
#if !defined(NO_RSA) && !defined(NO_TLS) && (defined(OPENSSL_ALL) || \
defined(HAVE_STUNNEL) || defined(WOLFSSL_MYSQL_COMPATIBLE) || \
defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY))
defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)) && \
!defined(NO_WOLFSSL_CLIENT)
WOLFSSL* ssl = NULL;
WOLFSSL_CTX* ctx = NULL;
@@ -17849,7 +17852,7 @@ static int test_wolfSSL_OPENSSL_hexstr2buf(void)
static int test_wolfSSL_sk_CIPHER_description(void)
{
EXPECT_DECLS;
#if !defined(NO_RSA) && !defined(NO_TLS)
#if !defined(NO_RSA) && !defined(NO_TLS) && !defined(NO_WOLFSSL_CLIENT)
const long flags = SSL_OP_NO_SSLv2 | SSL_OP_NO_COMPRESSION;
int i;
int numCiphers = 0;
@@ -17911,7 +17914,7 @@ static int test_wolfSSL_sk_CIPHER_description(void)
static int test_wolfSSL_get_ciphers_compat(void)
{
EXPECT_DECLS;
#if !defined(NO_RSA) && !defined(NO_TLS)
#if !defined(NO_RSA) && !defined(NO_TLS) && !defined(NO_WOLFSSL_CLIENT)
const SSL_METHOD *method = NULL;
const char certPath[] = "./certs/client-cert.pem";
STACK_OF(SSL_CIPHER) *supportedCiphers = NULL;
@@ -27744,7 +27747,7 @@ static int test_override_alt_cert_chain(void)
static int test_rpk_set_xxx_cert_type(void)
{
EXPECT_DECLS;
#if defined(HAVE_RPK) && !defined(NO_TLS)
#if defined(HAVE_RPK) && !defined(NO_TLS) && !defined(NO_WOLFSSL_CLIENT)
char ctype[MAX_CLIENT_CERT_TYPE_CNT + 1]; /* prepare bigger buffer */
WOLFSSL_CTX* ctx = NULL;
@@ -30120,6 +30123,7 @@ static int test_dtls13_missing_finished_server(void)
}
#if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER)
#ifdef HAVE_CERTIFICATE_STATUS_REQUEST
static int test_self_signed_stapling_client_v1_ctx_ready(WOLFSSL_CTX* ctx)
{
@@ -30160,12 +30164,14 @@ static int test_self_signed_stapling_server_ctx_ready(WOLFSSL_CTX* ctx)
return EXPECT_RESULT();
}
#endif
#endif
static int test_self_signed_stapling(void)
{
EXPECT_DECLS;
#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
|| defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
#if (defined(HAVE_CERTIFICATE_STATUS_REQUEST) || \
defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)) && \
!defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER)
test_ssl_cbf client_cbf;
test_ssl_cbf server_cbf;
size_t i;
@@ -31840,7 +31846,8 @@ TEST_CASE testCases[] = {
#if defined(WOLFSSL_TICKET_NONCE_MALLOC) && defined(HAVE_SESSION_TICKET) \
&& defined(WOLFSSL_TLS13) && \
(!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
(!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))\
&& defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES)
TEST_DECL(test_ticket_nonce_malloc),
#endif
TEST_DECL(test_ticket_ret_create),

30
tests/api/test_certman.c
View File

@@ -497,20 +497,29 @@ int test_wolfSSL_CertManagerLoadCABufferType(void)
(sword32)ca_cert_sz, CERT_FILETYPE, 0,
WOLFSSL_LOAD_VERIFY_DEFAULT_FLAGS, WOLFSSL_USER_CA),
WOLFSSL_SUCCESS);
#if (!defined(NO_WOLFSSL_CLIENT) || !defined(WOLFSSL_NO_CLIENT_AUTH)) || \
defined(OPENSSL_EXTRA)
ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, int1_cert_buf,
int1_cert_sz, CERT_FILETYPE), WOLFSSL_SUCCESS);
#endif
ExpectIntEQ(wolfSSL_CertManagerLoadCABufferType(cm, int1_cert_buf,
(sword32)int1_cert_sz, CERT_FILETYPE, 0,
WOLFSSL_LOAD_VERIFY_DEFAULT_FLAGS, WOLFSSL_USER_INTER),
WOLFSSL_SUCCESS);
#if (!defined(NO_WOLFSSL_CLIENT) || !defined(WOLFSSL_NO_CLIENT_AUTH)) || \
defined(OPENSSL_EXTRA)
ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, int2_cert_buf,
int2_cert_sz, CERT_FILETYPE), WOLFSSL_SUCCESS);
#endif
ExpectIntEQ(wolfSSL_CertManagerLoadCABufferType(cm, int2_cert_buf,
(sword32)int2_cert_sz, CERT_FILETYPE, 0,
WOLFSSL_LOAD_VERIFY_DEFAULT_FLAGS, WOLFSSL_USER_INTER),
WOLFSSL_SUCCESS);
#if (!defined(NO_WOLFSSL_CLIENT) || !defined(WOLFSSL_NO_CLIENT_AUTH)) || \
defined(OPENSSL_EXTRA)
ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, client_cert_buf,
client_cert_sz, CERT_FILETYPE), WOLFSSL_SUCCESS);
#endif
ExpectIntEQ(wolfSSL_CertManagerLoadCABufferType(cm, client_cert_buf,
(sword32)client_cert_sz, CERT_FILETYPE, 0,
WOLFSSL_LOAD_VERIFY_DEFAULT_FLAGS, WOLFSSL_USER_INTER),
@@ -521,25 +530,34 @@ int test_wolfSSL_CertManagerLoadCABufferType(void)
/* Intermediate certs have been unloaded, but CA cert is still
loaded. Expect first level intermediate to verify, rest to fail. */
#if (!defined(NO_WOLFSSL_CLIENT) || !defined(WOLFSSL_NO_CLIENT_AUTH)) || \
defined(OPENSSL_EXTRA)
ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, int1_cert_buf,
int1_cert_sz, CERT_FILETYPE), WOLFSSL_SUCCESS);
ExpectIntNE(wolfSSL_CertManagerVerifyBuffer(cm, int2_cert_buf,
int2_cert_sz, CERT_FILETYPE), WOLFSSL_SUCCESS);
ExpectIntNE(wolfSSL_CertManagerVerifyBuffer(cm, client_cert_buf,
client_cert_sz, CERT_FILETYPE), WOLFSSL_SUCCESS);
#endif
ExpectIntEQ(wolfSSL_CertManagerLoadCABufferType(cm, int1_cert_buf,
(sword32)int1_cert_sz, CERT_FILETYPE, 0,
WOLFSSL_LOAD_VERIFY_DEFAULT_FLAGS, WOLFSSL_TEMP_CA),
WOLFSSL_SUCCESS);
#if (!defined(NO_WOLFSSL_CLIENT) || !defined(WOLFSSL_NO_CLIENT_AUTH)) || \
defined(OPENSSL_EXTRA)
ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, int2_cert_buf,
int2_cert_sz, CERT_FILETYPE), WOLFSSL_SUCCESS);
#endif
ExpectIntEQ(wolfSSL_CertManagerLoadCABufferType(cm, int2_cert_buf,
(sword32)int2_cert_sz, CERT_FILETYPE, 0,
WOLFSSL_LOAD_VERIFY_DEFAULT_FLAGS, WOLFSSL_CHAIN_CA),
WOLFSSL_SUCCESS);
#if (!defined(NO_WOLFSSL_CLIENT) || !defined(WOLFSSL_NO_CLIENT_AUTH)) || \
defined(OPENSSL_EXTRA)
ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, client_cert_buf,
client_cert_sz, CERT_FILETYPE), WOLFSSL_SUCCESS);
#endif
ExpectIntEQ(wolfSSL_CertManagerLoadCABufferType(cm, client_cert_buf,
(sword32)client_cert_sz, CERT_FILETYPE, 0,
WOLFSSL_LOAD_VERIFY_DEFAULT_FLAGS, WOLFSSL_USER_INTER),
@@ -547,39 +565,51 @@ int test_wolfSSL_CertManagerLoadCABufferType(void)
ExpectIntEQ(wolfSSL_CertManagerUnloadTypeCerts(cm, WOLFSSL_USER_INTER),
WOLFSSL_SUCCESS);
#if (!defined(NO_WOLFSSL_CLIENT) || !defined(WOLFSSL_NO_CLIENT_AUTH)) || \
defined(OPENSSL_EXTRA)
ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, int1_cert_buf,
int1_cert_sz, CERT_FILETYPE), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, int2_cert_buf,
int2_cert_sz, CERT_FILETYPE), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, client_cert_buf,
client_cert_sz, CERT_FILETYPE), WOLFSSL_SUCCESS);
#endif
ExpectIntEQ(wolfSSL_CertManagerUnloadTypeCerts(cm, WOLFSSL_CHAIN_CA),
WOLFSSL_SUCCESS);
#if (!defined(NO_WOLFSSL_CLIENT) || !defined(WOLFSSL_NO_CLIENT_AUTH)) || \
defined(OPENSSL_EXTRA)
ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, int1_cert_buf,
int1_cert_sz, CERT_FILETYPE), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, int2_cert_buf,
int2_cert_sz, CERT_FILETYPE), WOLFSSL_SUCCESS);
ExpectIntNE(wolfSSL_CertManagerVerifyBuffer(cm, client_cert_buf,
client_cert_sz, CERT_FILETYPE), WOLFSSL_SUCCESS);
#endif
ExpectIntEQ(wolfSSL_CertManagerUnloadTypeCerts(cm, WOLFSSL_TEMP_CA),
WOLFSSL_SUCCESS);
#if (!defined(NO_WOLFSSL_CLIENT) || !defined(WOLFSSL_NO_CLIENT_AUTH)) || \
defined(OPENSSL_EXTRA)
ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, int1_cert_buf,
int1_cert_sz, CERT_FILETYPE), WOLFSSL_SUCCESS);
ExpectIntNE(wolfSSL_CertManagerVerifyBuffer(cm, int2_cert_buf,
int2_cert_sz, CERT_FILETYPE), WOLFSSL_SUCCESS);
ExpectIntNE(wolfSSL_CertManagerVerifyBuffer(cm, client_cert_buf,
client_cert_sz, CERT_FILETYPE), WOLFSSL_SUCCESS);
#endif
ExpectIntEQ(wolfSSL_CertManagerUnloadTypeCerts(cm, WOLFSSL_USER_CA),
WOLFSSL_SUCCESS);
#if (!defined(NO_WOLFSSL_CLIENT) || !defined(WOLFSSL_NO_CLIENT_AUTH)) || \
defined(OPENSSL_EXTRA)
ExpectIntNE(wolfSSL_CertManagerVerifyBuffer(cm, int1_cert_buf,
int1_cert_sz, CERT_FILETYPE), WOLFSSL_SUCCESS);
ExpectIntNE(wolfSSL_CertManagerVerifyBuffer(cm, int2_cert_buf,
int2_cert_sz, CERT_FILETYPE), WOLFSSL_SUCCESS);
ExpectIntNE(wolfSSL_CertManagerVerifyBuffer(cm, client_cert_buf,
client_cert_sz, CERT_FILETYPE), WOLFSSL_SUCCESS);
#endif
if (cm)
wolfSSL_CertManagerFree(cm);

4
tests/api/test_tls.c
View File

@@ -346,7 +346,7 @@ int test_tls_certreq_order(void)
}
#if !defined(WOLFSSL_NO_TLS12) && !defined(NO_RSA) && defined(HAVE_ECC) && \
!defined(NO_WOLFSSL_SERVER)
!defined(NO_WOLFSSL_SERVER) && !defined(WOLFSSL_NO_CLIENT_AUTH)
/* Called when writing. */
static int CsSend(WOLFSSL* ssl, char* buf, int sz, void* ctx)
{
@@ -382,7 +382,7 @@ int test_tls12_bad_cv_sig_alg(void)
{
EXPECT_DECLS;
#if !defined(WOLFSSL_NO_TLS12) && !defined(NO_RSA) && defined(HAVE_ECC) && \
!defined(NO_WOLFSSL_SERVER)
!defined(NO_WOLFSSL_SERVER) && !defined(WOLFSSL_NO_CLIENT_AUTH)
byte clientMsgs[] = {
/* Client Hello */
0x16, 0x03, 0x03, 0x00, 0xe7,

21
tests/api/test_tls13.c
View File

@@ -1118,7 +1118,8 @@ int test_tls13_bad_psk_binder(void)
}
#if defined(HAVE_RPK) && !defined(NO_TLS)
#if defined(HAVE_RPK) && !defined(NO_TLS) && !defined(NO_WOLFSSL_CLIENT) && \
!defined(NO_WOLFSSL_SERVER)
#define svrRpkCertFile "./certs/rpk/server-cert-rpk.der"
#define clntRpkCertFile "./certs/rpk/client-cert-rpk.der"
@@ -1225,13 +1226,15 @@ static WC_INLINE int test_rpk_memio_setup(
return 0;
}
#endif /* HAVE_RPK && !NO_TLS */
#endif /* HAVE_RPK && !NO_TLS && !NO_WOLFSSL_CLIENT && !NO_WOLFSSL_SERVER */
int test_tls13_rpk_handshake(void)
{
EXPECT_DECLS;
#if defined(HAVE_RPK) && (!defined(WOLFSSL_NO_TLS12) || defined(WOLFSSL_TLS13))
#if defined(HAVE_RPK) && \
(!defined(WOLFSSL_NO_TLS12) || defined(WOLFSSL_TLS13)) && \
!defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER)
#ifdef WOLFSSL_TLS13
int ret = 0;
#endif
@@ -2081,9 +2084,15 @@ static int test_tls13_mock_wantwrite_cb(WOLFSSL* ssl, char* data, int sz,
void* ctx)
{
struct test_tls13_wwrite_ctx *wwctx = (struct test_tls13_wwrite_ctx *)ctx;
wwctx->want_write = !wwctx->want_write;
if (wwctx->want_write) {
return WOLFSSL_CBIO_ERR_WANT_WRITE;
#ifdef WOLFSSL_TLS13_MIDDLEBOX_COMPAT
/* Write ChangeCipherSpec message. */
if (data[0] != 0x14)
#endif
{
wwctx->want_write = !wwctx->want_write;
if (wwctx->want_write) {
return WOLFSSL_CBIO_ERR_WANT_WRITE;
}
}
return test_memio_write_cb(ssl, data, sz, wwctx->test_ctx);
}

64
tests/quic.c
View File

@@ -64,6 +64,7 @@ static int dummy_set_encryption_secrets(WOLFSSL *ssl,
return 1;
}
#if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER)
static int dummy_set_encryption_secrets_fail(WOLFSSL *ssl,
WOLFSSL_ENCRYPTION_LEVEL level,
const uint8_t *read_secret,
@@ -76,6 +77,7 @@ static int dummy_set_encryption_secrets_fail(WOLFSSL *ssl,
write_secret? "yes" : "no");
return 0;
}
#endif
static int dummy_add_handshake_data(WOLFSSL *ssl,
WOLFSSL_ENCRYPTION_LEVEL level,
@@ -115,20 +117,32 @@ static WOLFSSL_QUIC_METHOD null_method = {
static ctx_setups valids[] = {
#ifdef WOLFSSL_TLS13
#ifndef NO_WOLFSSL_SERVER
{ "TLSv1.3 server", wolfTLSv1_3_server_method, 1},
#endif
#ifndef NO_WOLFSSL_CLIENT
{ "TLSv1.3 client", wolfTLSv1_3_client_method, 0},
#endif
#endif
{ NULL, NULL, 0}
};
static ctx_setups invalids[] = {
#ifndef WOLFSSL_NO_TLS12
#ifndef NO_WOLFSSL_SERVER
{ "TLSv1.2 server", wolfTLSv1_2_server_method, 1},
#endif
#ifndef NO_WOLFSSL_CLIENT
{ "TLSv1.2 client", wolfTLSv1_2_client_method, 0},
#endif
#endif
#ifndef NO_OLD_TLS
#ifndef NO_WOLFSSL_SERVER
{ "TLSv1.1 server", wolfTLSv1_1_server_method, 1},
#endif
#ifndef NO_WOLFSSL_CLIENT
{ "TLSv1.1 client", wolfTLSv1_1_client_method, 0},
#endif
#endif
{ NULL, NULL, 0}
};
@@ -244,20 +258,7 @@ static int test_set_quic_method(void) {
return EXPECT_RESULT();
}
static size_t fake_record(byte rtype, word32 rlen, uint8_t *rec)
{
rec[0] = (uint8_t)rtype;
c32to24(rlen, rec+1);
return rlen + 4;
}
static size_t shift_record(uint8_t *rec, size_t len, size_t written)
{
len -= written;
XMEMMOVE(rec, rec+written, len);
return len;
}
#if !defined(NO_WOLFSSL_CLIENT)
static void dump_buffer(const char *name, const byte *p, size_t len, int indent)
{
size_t i = 0;
@@ -276,6 +277,22 @@ static void dump_buffer(const char *name, const byte *p, size_t len, int indent)
}
printf("\n%*s};\n", indent, " ");
}
#endif
#ifndef NO_WOLFSSL_CLIENT
static size_t fake_record(byte rtype, word32 rlen, uint8_t *rec)
{
rec[0] = (uint8_t)rtype;
c32to24(rlen, rec+1);
return rlen + 4;
}
static size_t shift_record(uint8_t *rec, size_t len, size_t written)
{
len -= written;
XMEMMOVE(rec, rec+written, len);
return len;
}
static void dump_ssl_buffers(WOLFSSL *ssl, FILE *fp)
{
@@ -505,12 +522,14 @@ static WOLFSSL_QUIC_METHOD ctx_method = {
ctx_send_alert,
};
#if !defined(NO_WOLFSSL_SERVER)
static WOLFSSL_QUIC_METHOD ctx_method_fail = {
dummy_set_encryption_secrets_fail,
ctx_add_handshake_data,
ctx_flush_flight,
ctx_send_alert,
};
#endif
static void QuicTestContext_init(QuicTestContext *tctx, WOLFSSL_CTX *ctx,
const char *name, int verbose)
@@ -542,6 +561,7 @@ static void QuicTestContext_init(QuicTestContext *tctx, WOLFSSL_CTX *ctx,
(void)ctx_method;
}
#if !defined(NO_WOLFSSL_SERVER)
static void QuicTestContext_init_fail_cb(QuicTestContext *tctx, WOLFSSL_CTX *ctx,
const char *name, int verbose)
{
@@ -571,6 +591,7 @@ static void QuicTestContext_init_fail_cb(QuicTestContext *tctx, WOLFSSL_CTX *ctx
}
(void)ctx_method;
}
#endif
static void QuicTestContext_free(QuicTestContext *tctx)
{
@@ -703,6 +724,7 @@ static void check_handshake_record(const byte *data, size_t data_len,
*prlen = rlen + HANDSHAKE_HEADER_SZ;
}
#if !defined(NO_WOLFSSL_SERVER)
static void ext_dump(const byte *data, size_t data_len, int indent)
{
size_t idx = 0;
@@ -720,6 +742,7 @@ static void ext_dump(const byte *data, size_t data_len, int indent)
idx += 2 + 2 + len16;
}
}
#endif
static const byte *ext_find(const byte *data, size_t data_len, int ext_type)
{
@@ -742,6 +765,7 @@ static int ext_has(const byte *data, size_t data_len, int ext_type)
return ext_find(data, data_len,ext_type) != NULL;
}
#if !defined(NO_WOLFSSL_SERVER)
static void ext_equals(const byte *data, size_t data_len, int ext_type,
const byte *exp_data, size_t exp_len)
{
@@ -800,6 +824,7 @@ static void check_quic_client_hello(const byte *data, size_t data_len,
dump_buffer("", data, data_len, indent);
}
}
#endif
static void check_quic_client_hello_tp(OutputBuffer *out, int tp_v1,
int tp_draft)
@@ -829,6 +854,7 @@ static void check_quic_client_hello_tp(OutputBuffer *out, int tp_v1,
AssertTrue(!ext_has(exts, exts_len, TLSX_KEY_QUIC_TP_PARAMS_DRAFT) == !tp_draft);
}
#if !defined(NO_WOLFSSL_SERVER)
static void check_secrets(QuicTestContext *ctx, WOLFSSL_ENCRYPTION_LEVEL level,
size_t rx_len, size_t tx_len)
{
@@ -1195,6 +1221,7 @@ static void QuicConversation_fail(QuicConversation *conv)
}
#endif /* HAVE_SESSION_TICKET */
#endif
static int test_quic_client_hello(int verbose) {
EXPECT_DECLS;
@@ -1252,7 +1279,9 @@ static int test_quic_client_hello(int verbose) {
return EXPECT_RESULT();
}
#endif /* !NO_WOLFSSL_CLIENT */
#if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER)
static int test_quic_server_hello(int verbose) {
EXPECT_DECLS;
WOLFSSL_CTX * ctx_c = NULL;
@@ -1883,6 +1912,7 @@ static int test_quic_session_export(int verbose)
return EXPECT_RESULT();
}
#endif /* WOLFSSL_SESSION_EXPORT */
#endif /* !NO_WOLFSSL_CLIENT && !NO_WOLFSSL_SERVER */
#endif /* WOLFSSL_QUIC */
@@ -1891,7 +1921,9 @@ int QuicTest(void)
{
int ret = 0;
#ifdef WOLFSSL_QUIC
#ifndef NO_WOLFSSL_CLIENT
int verbose = 0;
#endif
if (wolfSSL_Init() != WOLFSSL_SUCCESS) {
printf("wolfSSL_Init() failed in QuicTest().");
@@ -1901,9 +1933,12 @@ int QuicTest(void)
printf(" Begin QUIC Tests\n");
if ((ret = test_set_quic_method()) != TEST_SUCCESS) goto leave;
#ifndef NO_WOLFSSL_CLIENT
if ((ret = test_provide_quic_data()) != TEST_SUCCESS) goto leave;
if ((ret = test_quic_crypt()) != TEST_SUCCESS) goto leave;
if ((ret = test_quic_client_hello(verbose)) != TEST_SUCCESS) goto leave;
#endif
#if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER)
if ((ret = test_quic_server_hello(verbose)) != TEST_SUCCESS) goto leave;
if ((ret = test_quic_server_hello_fail(verbose)) != TEST_SUCCESS) goto leave;
#ifdef REALLY_HAVE_ALPN_AND_SNI
@@ -1917,6 +1952,7 @@ int QuicTest(void)
#endif /* WOLFSSL_EARLY_DATA */
if ((ret = test_quic_session_export(verbose)) != TEST_SUCCESS) goto leave;
#endif /* HAVE_SESSION_TICKET */
#endif
leave:
if (ret != TEST_SUCCESS) {

1
tests/test-fails.conf
View File

@@ -183,6 +183,7 @@
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
-A ./certs/client-cert.pem
-H verifyFail
-H exitWithRet
# client