mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-12-15 06:01:37 +08:00
Code Issues Packages Projects Releases Wiki Activity

QUIC TEST: STREAM, MAX_DATA and MAX_STREAM_DATA testing

Browse Source 
Fixes https://github.com/openssl/project/issues/76

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
This commit is contained in:
Hugo Landau 2023-07-27 13:50:45 +01:00
parent 6a2b70e21b
commit 1623bf374d
2 changed files with 207 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
ssl/quic/quic_rx_depack.c
View File

@ -270,6 +270,9 @@ static int depack_do_frame_crypto(PACKET *pkt, QUIC_CHANNEL *ch,
return 0;
}
if (f.len == 0)
return 1; /* nothing to do */
rstream = ch->crypto_recv[ackm_data->pkt_space];
if (!ossl_assert(rstream != NULL))
/*
@ -581,8 +584,13 @@ static int depack_do_frame_stream(PACKET *pkt, QUIC_CHANNEL *ch,
* without copying by reffing the OSSL_QRX_PKT. In this case
* ossl_qrx_pkt_release() will be eventually called when the data is no
* longer needed.
*
* It is OK for the peer to send us a zero-length non-FIN STREAM frame,
* which is a no-op, aside from the fact that it ensures the stream exists.
* In this case we have nothing to report to the receive buffer.
*/
if (!ossl_quic_rstream_queue_data(stream->rstream, parent_pkt,
if ((frame_data.len > 0 || frame_data.is_fin)
&& !ossl_quic_rstream_queue_data(stream->rstream, parent_pkt,
frame_data.offset,
frame_data.data,
frame_data.len,
@ -595,9 +603,9 @@ static int depack_do_frame_stream(PACKET *pkt, QUIC_CHANNEL *ch,
* calling ossl_quic_rstream_available() where it is not necessary as it is
* more expensive.
*/
if (stream->recv_state != QUIC_RSTREAM_STATE_SIZE_KNOWN
|| !ossl_quic_rstream_available(stream->rstream, &rs_avail, &rs_fin))
return 0;
if (stream->recv_state == QUIC_RSTREAM_STATE_SIZE_KNOWN)
if (!ossl_quic_rstream_available(stream->rstream, &rs_avail, &rs_fin))
return 0;
if (rs_fin)
ossl_quic_stream_map_notify_totally_received(&ch->qsm, stream);

198
test/quic_multistream_test.c
View File

@ -2656,15 +2656,19 @@ static int script_32_inject_plain(struct helper *h, QUIC_PKT_HDR *hdr,
return 1;
case 1:
offset = 0;
flen = 0;
flen = 0;
break;
case 2:
offset = (((uint64_t)1)<<62) - 1;
flen = 5;
flen = 5;
break;
case 3:
offset = 1 * 1024 * 1024 * 1024; /* 1G */
flen = 5;
flen = 5;
break;
case 4:
offset = 0;
flen = 1;
break;
}
@ -3958,6 +3962,189 @@ static const struct script_op script_62[] = {
OP_END
};
/* 63. Fault injection - STREAM frame exceeding stream limit */
static const struct script_op script_63[] = {
OP_S_SET_INJECT_PLAIN (script_32_inject_plain)
OP_C_SET_ALPN ("ossltest")
OP_C_CONNECT_WAIT ()
OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
OP_C_WRITE (a, "apple", 5)
OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
OP_S_READ_EXPECT (a, "apple", 5)
OP_SET_INJECT_WORD (S_BIDI_ID(5000) + 1, 4)
OP_S_WRITE (a, "orange", 6)
OP_C_EXPECT_CONN_CLOSE_INFO(QUIC_ERR_STREAM_LIMIT_ERROR,0,0)
OP_END
};
/* 64. Fault injection - STREAM - zero-length no-FIN is accepted */
static const struct script_op script_64[] = {
OP_S_SET_INJECT_PLAIN (script_32_inject_plain)
OP_C_SET_ALPN ("ossltest")
OP_C_CONNECT_WAIT ()
OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
OP_S_NEW_STREAM_UNI (a, S_UNI_ID(0))
OP_S_WRITE (a, "apple", 5)
OP_C_ACCEPT_STREAM_WAIT (a)
OP_C_READ_EXPECT (a, "apple", 5)
OP_SET_INJECT_WORD (S_BIDI_ID(20) + 1, 1)
OP_S_WRITE (a, "orange", 6)
OP_C_READ_EXPECT (a, "orange", 6)
OP_END
};
/* 65. Fault injection - CRYPTO - zero-length is accepted */
static int script_65_inject_plain(struct helper *h, QUIC_PKT_HDR *hdr,
unsigned char *buf, size_t len)
{
int ok = 0;
unsigned char frame_buf[64];
size_t written;
WPACKET wpkt;
if (h->inject_word0 == 0)
return 1;
--h->inject_word0;
if (!TEST_true(WPACKET_init_static_len(&wpkt, frame_buf,
sizeof(frame_buf), 0)))
return 0;
if (!TEST_true(WPACKET_quic_write_vlint(&wpkt, OSSL_QUIC_FRAME_TYPE_CRYPTO))
|| !TEST_true(WPACKET_quic_write_vlint(&wpkt, 0))
|| !TEST_true(WPACKET_quic_write_vlint(&wpkt, 0)))
goto err;
if (!TEST_true(WPACKET_get_total_written(&wpkt, &written)))
goto err;
if (!qtest_fault_prepend_frame(h->qtf, frame_buf, written))
goto err;
ok = 1;
err:
if (ok)
WPACKET_finish(&wpkt);
else
WPACKET_cleanup(&wpkt);
return ok;
}
static const struct script_op script_65[] = {
OP_S_SET_INJECT_PLAIN (script_65_inject_plain)
OP_C_SET_ALPN ("ossltest")
OP_C_CONNECT_WAIT ()
OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
OP_C_NEW_STREAM_BIDI (a, C_BIDI_ID(0))
OP_C_WRITE (a, "apple", 5)
OP_S_BIND_STREAM_ID (a, C_BIDI_ID(0))
OP_S_READ_EXPECT (a, "apple", 5)
OP_SET_INJECT_WORD (1, 0)
OP_S_WRITE (a, "orange", 6)
OP_C_READ_EXPECT (a, "orange", 6)
OP_END
};
/* 66. Fault injection - large MAX_STREAM_DATA */
static int script_66_inject_plain(struct helper *h, QUIC_PKT_HDR *hdr,
unsigned char *buf, size_t len)
{
int ok = 0;
WPACKET wpkt;
unsigned char frame_buf[64];
size_t written;
if (h->inject_word0 == 0)
return 1;
if (!TEST_true(WPACKET_init_static_len(&wpkt, frame_buf,
sizeof(frame_buf), 0)))
return 0;
if (!TEST_true(WPACKET_quic_write_vlint(&wpkt, h->inject_word1)))
goto err;
if (h->inject_word1 == OSSL_QUIC_FRAME_TYPE_MAX_STREAM_DATA)
if (!TEST_true(WPACKET_quic_write_vlint(&wpkt, /* stream ID */
h->inject_word0 - 1)))
goto err;
if (!TEST_true(WPACKET_quic_write_vlint(&wpkt, OSSL_QUIC_VLINT_MAX)))
goto err;
if (!TEST_true(WPACKET_get_total_written(&wpkt, &written)))
goto err;
if (!qtest_fault_prepend_frame(h->qtf, frame_buf, written))
goto err;
ok = 1;
err:
if (ok)
WPACKET_finish(&wpkt);
else
WPACKET_cleanup(&wpkt);
return ok;
}
static const struct script_op script_66[] = {
OP_S_SET_INJECT_PLAIN (script_66_inject_plain)
OP_C_SET_ALPN ("ossltest")
OP_C_CONNECT_WAIT ()
OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
OP_S_NEW_STREAM_BIDI (a, S_BIDI_ID(0))
OP_S_WRITE (a, "apple", 5)
OP_C_ACCEPT_STREAM_WAIT (a)
OP_C_READ_EXPECT (a, "apple", 5)
OP_SET_INJECT_WORD (S_BIDI_ID(0) + 1, OSSL_QUIC_FRAME_TYPE_MAX_STREAM_DATA)
OP_S_WRITE (a, "orange", 6)
OP_C_READ_EXPECT (a, "orange", 6)
OP_C_WRITE (a, "Strawberry", 10)
OP_S_READ_EXPECT (a, "Strawberry", 10)
OP_END
};
/* 67. Fault injection - large MAX_DATA */
static const struct script_op script_67[] = {
OP_S_SET_INJECT_PLAIN (script_66_inject_plain)
OP_C_SET_ALPN ("ossltest")
OP_C_CONNECT_WAIT ()
OP_C_SET_DEFAULT_STREAM_MODE(SSL_DEFAULT_STREAM_MODE_NONE)
OP_S_NEW_STREAM_BIDI (a, S_BIDI_ID(0))
OP_S_WRITE (a, "apple", 5)
OP_C_ACCEPT_STREAM_WAIT (a)
OP_C_READ_EXPECT (a, "apple", 5)
OP_SET_INJECT_WORD (1, OSSL_QUIC_FRAME_TYPE_MAX_DATA)
OP_S_WRITE (a, "orange", 6)
OP_C_READ_EXPECT (a, "orange", 6)
OP_C_WRITE (a, "Strawberry", 10)
OP_S_READ_EXPECT (a, "Strawberry", 10)
OP_END
};
static const struct script_op *const scripts[] = {
script_1,
script_2,
@ -4021,6 +4208,11 @@ static const struct script_op *const scripts[] = {
script_60,
script_61,
script_62,
script_63,
script_64,
script_65,
script_66,
script_67,
};
static int test_script(int idx)