1*8fb009dcSAndroid Build Coastguard Worker /* Copyright (c) 2018, Google Inc.
2*8fb009dcSAndroid Build Coastguard Worker *
3*8fb009dcSAndroid Build Coastguard Worker * Permission to use, copy, modify, and/or distribute this software for any
4*8fb009dcSAndroid Build Coastguard Worker * purpose with or without fee is hereby granted, provided that the above
5*8fb009dcSAndroid Build Coastguard Worker * copyright notice and this permission notice appear in all copies.
6*8fb009dcSAndroid Build Coastguard Worker *
7*8fb009dcSAndroid Build Coastguard Worker * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
8*8fb009dcSAndroid Build Coastguard Worker * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
9*8fb009dcSAndroid Build Coastguard Worker * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
10*8fb009dcSAndroid Build Coastguard Worker * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
11*8fb009dcSAndroid Build Coastguard Worker * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
12*8fb009dcSAndroid Build Coastguard Worker * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
13*8fb009dcSAndroid Build Coastguard Worker * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
14*8fb009dcSAndroid Build Coastguard Worker
15*8fb009dcSAndroid Build Coastguard Worker #include <assert.h>
16*8fb009dcSAndroid Build Coastguard Worker #include <errno.h>
17*8fb009dcSAndroid Build Coastguard Worker #include <fcntl.h>
18*8fb009dcSAndroid Build Coastguard Worker #include <signal.h>
19*8fb009dcSAndroid Build Coastguard Worker #include <unistd.h>
20*8fb009dcSAndroid Build Coastguard Worker
21*8fb009dcSAndroid Build Coastguard Worker #include <memory>
22*8fb009dcSAndroid Build Coastguard Worker
23*8fb009dcSAndroid Build Coastguard Worker #include <openssl/bytestring.h>
24*8fb009dcSAndroid Build Coastguard Worker #include <openssl/rand.h>
25*8fb009dcSAndroid Build Coastguard Worker #include <openssl/ssl.h>
26*8fb009dcSAndroid Build Coastguard Worker
27*8fb009dcSAndroid Build Coastguard Worker #include "handshake_util.h"
28*8fb009dcSAndroid Build Coastguard Worker #include "test_config.h"
29*8fb009dcSAndroid Build Coastguard Worker #include "test_state.h"
30*8fb009dcSAndroid Build Coastguard Worker
31*8fb009dcSAndroid Build Coastguard Worker using namespace bssl;
32*8fb009dcSAndroid Build Coastguard Worker
33*8fb009dcSAndroid Build Coastguard Worker namespace {
34*8fb009dcSAndroid Build Coastguard Worker
read_eintr(int fd,void * out,size_t len)35*8fb009dcSAndroid Build Coastguard Worker ssize_t read_eintr(int fd, void *out, size_t len) {
36*8fb009dcSAndroid Build Coastguard Worker ssize_t ret;
37*8fb009dcSAndroid Build Coastguard Worker do {
38*8fb009dcSAndroid Build Coastguard Worker ret = read(fd, out, len);
39*8fb009dcSAndroid Build Coastguard Worker } while (ret < 0 && errno == EINTR);
40*8fb009dcSAndroid Build Coastguard Worker return ret;
41*8fb009dcSAndroid Build Coastguard Worker }
42*8fb009dcSAndroid Build Coastguard Worker
write_eintr(int fd,const void * in,size_t len)43*8fb009dcSAndroid Build Coastguard Worker ssize_t write_eintr(int fd, const void *in, size_t len) {
44*8fb009dcSAndroid Build Coastguard Worker ssize_t ret;
45*8fb009dcSAndroid Build Coastguard Worker do {
46*8fb009dcSAndroid Build Coastguard Worker ret = write(fd, in, len);
47*8fb009dcSAndroid Build Coastguard Worker } while (ret < 0 && errno == EINTR);
48*8fb009dcSAndroid Build Coastguard Worker return ret;
49*8fb009dcSAndroid Build Coastguard Worker }
50*8fb009dcSAndroid Build Coastguard Worker
HandbackReady(SSL * ssl,int ret)51*8fb009dcSAndroid Build Coastguard Worker bool HandbackReady(SSL *ssl, int ret) {
52*8fb009dcSAndroid Build Coastguard Worker return ret < 0 && SSL_get_error(ssl, ret) == SSL_ERROR_HANDBACK;
53*8fb009dcSAndroid Build Coastguard Worker }
54*8fb009dcSAndroid Build Coastguard Worker
Handshaker(const TestConfig * config,int rfd,int wfd,Span<const uint8_t> input,int control)55*8fb009dcSAndroid Build Coastguard Worker bool Handshaker(const TestConfig *config, int rfd, int wfd,
56*8fb009dcSAndroid Build Coastguard Worker Span<const uint8_t> input, int control) {
57*8fb009dcSAndroid Build Coastguard Worker UniquePtr<SSL_CTX> ctx = config->SetupCtx(/*old_ctx=*/nullptr);
58*8fb009dcSAndroid Build Coastguard Worker if (!ctx) {
59*8fb009dcSAndroid Build Coastguard Worker return false;
60*8fb009dcSAndroid Build Coastguard Worker }
61*8fb009dcSAndroid Build Coastguard Worker UniquePtr<SSL> ssl =
62*8fb009dcSAndroid Build Coastguard Worker config->NewSSL(ctx.get(), /*session=*/nullptr, /*test_state=*/nullptr);
63*8fb009dcSAndroid Build Coastguard Worker if (!ssl) {
64*8fb009dcSAndroid Build Coastguard Worker fprintf(stderr, "Error creating SSL object in handshaker.\n");
65*8fb009dcSAndroid Build Coastguard Worker ERR_print_errors_fp(stderr);
66*8fb009dcSAndroid Build Coastguard Worker return false;
67*8fb009dcSAndroid Build Coastguard Worker }
68*8fb009dcSAndroid Build Coastguard Worker
69*8fb009dcSAndroid Build Coastguard Worker // Set |O_NONBLOCK| in order to break out of the loop when we hit
70*8fb009dcSAndroid Build Coastguard Worker // |SSL_ERROR_WANT_READ|, so that we can send |kControlMsgWantRead| to the
71*8fb009dcSAndroid Build Coastguard Worker // proxy.
72*8fb009dcSAndroid Build Coastguard Worker if (fcntl(rfd, F_SETFL, O_NONBLOCK) != 0) {
73*8fb009dcSAndroid Build Coastguard Worker perror("fcntl");
74*8fb009dcSAndroid Build Coastguard Worker return false;
75*8fb009dcSAndroid Build Coastguard Worker }
76*8fb009dcSAndroid Build Coastguard Worker SSL_set_rfd(ssl.get(), rfd);
77*8fb009dcSAndroid Build Coastguard Worker SSL_set_wfd(ssl.get(), wfd);
78*8fb009dcSAndroid Build Coastguard Worker
79*8fb009dcSAndroid Build Coastguard Worker CBS cbs, handoff;
80*8fb009dcSAndroid Build Coastguard Worker CBS_init(&cbs, input.data(), input.size());
81*8fb009dcSAndroid Build Coastguard Worker if (!CBS_get_asn1_element(&cbs, &handoff, CBS_ASN1_SEQUENCE) ||
82*8fb009dcSAndroid Build Coastguard Worker !DeserializeContextState(&cbs, ctx.get()) ||
83*8fb009dcSAndroid Build Coastguard Worker !SetTestState(ssl.get(), TestState::Deserialize(&cbs, ctx.get())) ||
84*8fb009dcSAndroid Build Coastguard Worker !GetTestState(ssl.get()) ||
85*8fb009dcSAndroid Build Coastguard Worker !SSL_apply_handoff(ssl.get(), handoff)) {
86*8fb009dcSAndroid Build Coastguard Worker fprintf(stderr, "Handoff application failed.\n");
87*8fb009dcSAndroid Build Coastguard Worker return false;
88*8fb009dcSAndroid Build Coastguard Worker }
89*8fb009dcSAndroid Build Coastguard Worker
90*8fb009dcSAndroid Build Coastguard Worker int ret = 0;
91*8fb009dcSAndroid Build Coastguard Worker for (;;) {
92*8fb009dcSAndroid Build Coastguard Worker ret = CheckIdempotentError(
93*8fb009dcSAndroid Build Coastguard Worker "SSL_do_handshake", ssl.get(),
94*8fb009dcSAndroid Build Coastguard Worker [&]() -> int { return SSL_do_handshake(ssl.get()); });
95*8fb009dcSAndroid Build Coastguard Worker if (SSL_get_error(ssl.get(), ret) == SSL_ERROR_WANT_READ) {
96*8fb009dcSAndroid Build Coastguard Worker // Synchronize with the proxy, i.e. don't let the handshake continue until
97*8fb009dcSAndroid Build Coastguard Worker // the proxy has sent more data.
98*8fb009dcSAndroid Build Coastguard Worker char msg = kControlMsgWantRead;
99*8fb009dcSAndroid Build Coastguard Worker if (write_eintr(control, &msg, 1) != 1 ||
100*8fb009dcSAndroid Build Coastguard Worker read_eintr(control, &msg, 1) != 1 ||
101*8fb009dcSAndroid Build Coastguard Worker msg != kControlMsgWriteCompleted) {
102*8fb009dcSAndroid Build Coastguard Worker fprintf(stderr, "read via proxy failed\n");
103*8fb009dcSAndroid Build Coastguard Worker return false;
104*8fb009dcSAndroid Build Coastguard Worker }
105*8fb009dcSAndroid Build Coastguard Worker continue;
106*8fb009dcSAndroid Build Coastguard Worker }
107*8fb009dcSAndroid Build Coastguard Worker if (!RetryAsync(ssl.get(), ret)) {
108*8fb009dcSAndroid Build Coastguard Worker break;
109*8fb009dcSAndroid Build Coastguard Worker }
110*8fb009dcSAndroid Build Coastguard Worker }
111*8fb009dcSAndroid Build Coastguard Worker if (!HandbackReady(ssl.get(), ret)) {
112*8fb009dcSAndroid Build Coastguard Worker fprintf(stderr, "Handshaker: %s\n",
113*8fb009dcSAndroid Build Coastguard Worker SSL_error_description(SSL_get_error(ssl.get(), ret)));
114*8fb009dcSAndroid Build Coastguard Worker ERR_print_errors_fp(stderr);
115*8fb009dcSAndroid Build Coastguard Worker return false;
116*8fb009dcSAndroid Build Coastguard Worker }
117*8fb009dcSAndroid Build Coastguard Worker
118*8fb009dcSAndroid Build Coastguard Worker ScopedCBB output;
119*8fb009dcSAndroid Build Coastguard Worker CBB handback;
120*8fb009dcSAndroid Build Coastguard Worker if (!CBB_init(output.get(), 1024) ||
121*8fb009dcSAndroid Build Coastguard Worker !CBB_add_u24_length_prefixed(output.get(), &handback) ||
122*8fb009dcSAndroid Build Coastguard Worker !SSL_serialize_handback(ssl.get(), &handback) ||
123*8fb009dcSAndroid Build Coastguard Worker !SerializeContextState(ctx.get(), output.get()) ||
124*8fb009dcSAndroid Build Coastguard Worker !GetTestState(ssl.get())->Serialize(output.get())) {
125*8fb009dcSAndroid Build Coastguard Worker fprintf(stderr, "Handback serialisation failed.\n");
126*8fb009dcSAndroid Build Coastguard Worker return false;
127*8fb009dcSAndroid Build Coastguard Worker }
128*8fb009dcSAndroid Build Coastguard Worker
129*8fb009dcSAndroid Build Coastguard Worker char msg = kControlMsgDone;
130*8fb009dcSAndroid Build Coastguard Worker if (write_eintr(control, &msg, 1) == -1 ||
131*8fb009dcSAndroid Build Coastguard Worker write_eintr(control, CBB_data(output.get()), CBB_len(output.get())) ==
132*8fb009dcSAndroid Build Coastguard Worker -1) {
133*8fb009dcSAndroid Build Coastguard Worker perror("write");
134*8fb009dcSAndroid Build Coastguard Worker return false;
135*8fb009dcSAndroid Build Coastguard Worker }
136*8fb009dcSAndroid Build Coastguard Worker return true;
137*8fb009dcSAndroid Build Coastguard Worker }
138*8fb009dcSAndroid Build Coastguard Worker
GenerateHandshakeHint(const TestConfig * config,bssl::Span<const uint8_t> request,int control)139*8fb009dcSAndroid Build Coastguard Worker bool GenerateHandshakeHint(const TestConfig *config,
140*8fb009dcSAndroid Build Coastguard Worker bssl::Span<const uint8_t> request, int control) {
141*8fb009dcSAndroid Build Coastguard Worker // The handshake hint contains the ClientHello and the capabilities string.
142*8fb009dcSAndroid Build Coastguard Worker CBS cbs = request;
143*8fb009dcSAndroid Build Coastguard Worker CBS client_hello, capabilities;
144*8fb009dcSAndroid Build Coastguard Worker if (!CBS_get_u24_length_prefixed(&cbs, &client_hello) ||
145*8fb009dcSAndroid Build Coastguard Worker !CBS_get_u24_length_prefixed(&cbs, &capabilities) || //
146*8fb009dcSAndroid Build Coastguard Worker CBS_len(&cbs) != 0) {
147*8fb009dcSAndroid Build Coastguard Worker fprintf(stderr, "Handshaker: Could not parse hint request\n");
148*8fb009dcSAndroid Build Coastguard Worker return false;
149*8fb009dcSAndroid Build Coastguard Worker }
150*8fb009dcSAndroid Build Coastguard Worker
151*8fb009dcSAndroid Build Coastguard Worker UniquePtr<SSL_CTX> ctx = config->SetupCtx(/*old_ctx=*/nullptr);
152*8fb009dcSAndroid Build Coastguard Worker if (!ctx) {
153*8fb009dcSAndroid Build Coastguard Worker return false;
154*8fb009dcSAndroid Build Coastguard Worker }
155*8fb009dcSAndroid Build Coastguard Worker
156*8fb009dcSAndroid Build Coastguard Worker UniquePtr<SSL> ssl = config->NewSSL(ctx.get(), /*session=*/nullptr,
157*8fb009dcSAndroid Build Coastguard Worker std::make_unique<TestState>());
158*8fb009dcSAndroid Build Coastguard Worker if (!ssl) {
159*8fb009dcSAndroid Build Coastguard Worker fprintf(stderr, "Error creating SSL object in handshaker.\n");
160*8fb009dcSAndroid Build Coastguard Worker ERR_print_errors_fp(stderr);
161*8fb009dcSAndroid Build Coastguard Worker return false;
162*8fb009dcSAndroid Build Coastguard Worker }
163*8fb009dcSAndroid Build Coastguard Worker
164*8fb009dcSAndroid Build Coastguard Worker // TODO(davidben): When split handshakes is replaced, move this into |NewSSL|.
165*8fb009dcSAndroid Build Coastguard Worker assert(config->is_server);
166*8fb009dcSAndroid Build Coastguard Worker SSL_set_accept_state(ssl.get());
167*8fb009dcSAndroid Build Coastguard Worker
168*8fb009dcSAndroid Build Coastguard Worker if (!SSL_request_handshake_hints(
169*8fb009dcSAndroid Build Coastguard Worker ssl.get(), CBS_data(&client_hello), CBS_len(&client_hello),
170*8fb009dcSAndroid Build Coastguard Worker CBS_data(&capabilities), CBS_len(&capabilities))) {
171*8fb009dcSAndroid Build Coastguard Worker fprintf(stderr, "Handshaker: SSL_request_handshake_hints failed\n");
172*8fb009dcSAndroid Build Coastguard Worker return false;
173*8fb009dcSAndroid Build Coastguard Worker }
174*8fb009dcSAndroid Build Coastguard Worker
175*8fb009dcSAndroid Build Coastguard Worker int ret = 0;
176*8fb009dcSAndroid Build Coastguard Worker do {
177*8fb009dcSAndroid Build Coastguard Worker ret = CheckIdempotentError("SSL_do_handshake", ssl.get(),
178*8fb009dcSAndroid Build Coastguard Worker [&] { return SSL_do_handshake(ssl.get()); });
179*8fb009dcSAndroid Build Coastguard Worker } while (RetryAsync(ssl.get(), ret));
180*8fb009dcSAndroid Build Coastguard Worker
181*8fb009dcSAndroid Build Coastguard Worker if (ret > 0) {
182*8fb009dcSAndroid Build Coastguard Worker fprintf(stderr, "Handshaker: handshake unexpectedly succeeded.\n");
183*8fb009dcSAndroid Build Coastguard Worker return false;
184*8fb009dcSAndroid Build Coastguard Worker }
185*8fb009dcSAndroid Build Coastguard Worker
186*8fb009dcSAndroid Build Coastguard Worker if (SSL_get_error(ssl.get(), ret) != SSL_ERROR_HANDSHAKE_HINTS_READY) {
187*8fb009dcSAndroid Build Coastguard Worker // Errors here may be expected if the test is testing a failing case. The
188*8fb009dcSAndroid Build Coastguard Worker // shim should continue executing without a hint, so we report an error
189*8fb009dcSAndroid Build Coastguard Worker // "successfully". This allows the shim to distinguish this from the other
190*8fb009dcSAndroid Build Coastguard Worker // unexpected error cases.
191*8fb009dcSAndroid Build Coastguard Worker //
192*8fb009dcSAndroid Build Coastguard Worker // We intentionally avoid printing the error in this case, to avoid mixing
193*8fb009dcSAndroid Build Coastguard Worker // up test expectations with errors from the shim.
194*8fb009dcSAndroid Build Coastguard Worker char msg = kControlMsgError;
195*8fb009dcSAndroid Build Coastguard Worker if (write_eintr(control, &msg, 1) == -1) {
196*8fb009dcSAndroid Build Coastguard Worker return false;
197*8fb009dcSAndroid Build Coastguard Worker }
198*8fb009dcSAndroid Build Coastguard Worker return true;
199*8fb009dcSAndroid Build Coastguard Worker }
200*8fb009dcSAndroid Build Coastguard Worker
201*8fb009dcSAndroid Build Coastguard Worker bssl::ScopedCBB hints;
202*8fb009dcSAndroid Build Coastguard Worker if (!CBB_init(hints.get(), 256) ||
203*8fb009dcSAndroid Build Coastguard Worker !SSL_serialize_handshake_hints(ssl.get(), hints.get())) {
204*8fb009dcSAndroid Build Coastguard Worker fprintf(stderr, "Handshaker: failed to serialize handshake hints\n");
205*8fb009dcSAndroid Build Coastguard Worker return false;
206*8fb009dcSAndroid Build Coastguard Worker }
207*8fb009dcSAndroid Build Coastguard Worker
208*8fb009dcSAndroid Build Coastguard Worker char msg = kControlMsgDone;
209*8fb009dcSAndroid Build Coastguard Worker if (write_eintr(control, &msg, 1) == -1 ||
210*8fb009dcSAndroid Build Coastguard Worker write_eintr(control, CBB_data(hints.get()), CBB_len(hints.get())) == -1) {
211*8fb009dcSAndroid Build Coastguard Worker perror("write");
212*8fb009dcSAndroid Build Coastguard Worker return false;
213*8fb009dcSAndroid Build Coastguard Worker }
214*8fb009dcSAndroid Build Coastguard Worker
215*8fb009dcSAndroid Build Coastguard Worker return true;
216*8fb009dcSAndroid Build Coastguard Worker }
217*8fb009dcSAndroid Build Coastguard Worker
SignalError()218*8fb009dcSAndroid Build Coastguard Worker int SignalError() {
219*8fb009dcSAndroid Build Coastguard Worker const char msg = kControlMsgError;
220*8fb009dcSAndroid Build Coastguard Worker if (write_eintr(kFdControl, &msg, 1) != 1) {
221*8fb009dcSAndroid Build Coastguard Worker return 2;
222*8fb009dcSAndroid Build Coastguard Worker }
223*8fb009dcSAndroid Build Coastguard Worker return 1;
224*8fb009dcSAndroid Build Coastguard Worker }
225*8fb009dcSAndroid Build Coastguard Worker
226*8fb009dcSAndroid Build Coastguard Worker } // namespace
227*8fb009dcSAndroid Build Coastguard Worker
main(int argc,char ** argv)228*8fb009dcSAndroid Build Coastguard Worker int main(int argc, char **argv) {
229*8fb009dcSAndroid Build Coastguard Worker TestConfig initial_config, resume_config, retry_config;
230*8fb009dcSAndroid Build Coastguard Worker if (!ParseConfig(argc - 1, argv + 1, /*is_shim=*/false, &initial_config,
231*8fb009dcSAndroid Build Coastguard Worker &resume_config, &retry_config)) {
232*8fb009dcSAndroid Build Coastguard Worker return SignalError();
233*8fb009dcSAndroid Build Coastguard Worker }
234*8fb009dcSAndroid Build Coastguard Worker const TestConfig *config =
235*8fb009dcSAndroid Build Coastguard Worker initial_config.handshaker_resume ? &resume_config : &initial_config;
236*8fb009dcSAndroid Build Coastguard Worker #if defined(BORINGSSL_UNSAFE_DETERMINISTIC_MODE)
237*8fb009dcSAndroid Build Coastguard Worker if (initial_config.handshaker_resume) {
238*8fb009dcSAndroid Build Coastguard Worker // If the PRNG returns exactly the same values when trying to resume then a
239*8fb009dcSAndroid Build Coastguard Worker // "random" session ID will happen to exactly match the session ID
240*8fb009dcSAndroid Build Coastguard Worker // "randomly" generated on the initial connection. The client will thus
241*8fb009dcSAndroid Build Coastguard Worker // incorrectly believe that the server is resuming.
242*8fb009dcSAndroid Build Coastguard Worker uint8_t byte;
243*8fb009dcSAndroid Build Coastguard Worker RAND_bytes(&byte, 1);
244*8fb009dcSAndroid Build Coastguard Worker }
245*8fb009dcSAndroid Build Coastguard Worker #endif // BORINGSSL_UNSAFE_DETERMINISTIC_MODE
246*8fb009dcSAndroid Build Coastguard Worker
247*8fb009dcSAndroid Build Coastguard Worker // read() will return the entire message in one go, because it's a datagram
248*8fb009dcSAndroid Build Coastguard Worker // socket.
249*8fb009dcSAndroid Build Coastguard Worker constexpr size_t kBufSize = 1024 * 1024;
250*8fb009dcSAndroid Build Coastguard Worker std::vector<uint8_t> request(kBufSize);
251*8fb009dcSAndroid Build Coastguard Worker ssize_t len = read_eintr(kFdControl, request.data(), request.size());
252*8fb009dcSAndroid Build Coastguard Worker if (len == -1) {
253*8fb009dcSAndroid Build Coastguard Worker perror("read");
254*8fb009dcSAndroid Build Coastguard Worker return 2;
255*8fb009dcSAndroid Build Coastguard Worker }
256*8fb009dcSAndroid Build Coastguard Worker request.resize(static_cast<size_t>(len));
257*8fb009dcSAndroid Build Coastguard Worker
258*8fb009dcSAndroid Build Coastguard Worker if (config->handshake_hints) {
259*8fb009dcSAndroid Build Coastguard Worker if (!GenerateHandshakeHint(config, request, kFdControl)) {
260*8fb009dcSAndroid Build Coastguard Worker return SignalError();
261*8fb009dcSAndroid Build Coastguard Worker }
262*8fb009dcSAndroid Build Coastguard Worker } else {
263*8fb009dcSAndroid Build Coastguard Worker if (!Handshaker(config, kFdProxyToHandshaker, kFdHandshakerToProxy,
264*8fb009dcSAndroid Build Coastguard Worker request, kFdControl)) {
265*8fb009dcSAndroid Build Coastguard Worker return SignalError();
266*8fb009dcSAndroid Build Coastguard Worker }
267*8fb009dcSAndroid Build Coastguard Worker }
268*8fb009dcSAndroid Build Coastguard Worker return 0;
269*8fb009dcSAndroid Build Coastguard Worker }
270