mirror of
https://github.com/openssl/openssl.git
synced 2025-02-23 14:42:15 +08:00
464175692f
The write BIO for handshake messages is bufferred so that we only write out to the network when we have a complete flight. There was some complexity in the buffering logic so that we switched buffering on and off at various points through out the handshake. The only real reason to do this was historically it complicated the state machine when you wanted to flush because you had to traverse through the "flush" state (in order to cope with NBIO). Where we knew up front that there was only going to be one message in the flight we switched off buffering to avoid that. In the new state machine there is no longer a need for a flush state so it is simpler just to have buffering on for the whole handshake. This also gives us the added benefit that we can simply call flush after every flight even if it only has one message in it. This means that BIO authors can implement their own buffering strategies and not have to be aware of the state of the SSL object (previously they would have to switch off their own buffering during the handshake because they could not rely on a flush being received when they really needed to write data out). This last point addresses GitHub Issue #322. Reviewed-by: Andy Polyakov <appro@openssl.org> |
||
|---|---|---|
| .. | ||
| certs | ||
| ct | ||
| d2i-tests | ||
| ocsp-tests | ||
| recipes | ||
| smime-certs | ||
| ssl-tests | ||
| testlib/OpenSSL | ||
| aborttest.c | ||
| afalgtest.c | ||
| asynctest.c | ||
| bftest.c | ||
| bntest.c | ||
| build.info | ||
| CAss.cnf | ||
| CAssdh.cnf | ||
| CAssdsa.cnf | ||
| CAssrsa.cnf | ||
| casttest.c | ||
| CAtsa.cnf | ||
| cipherlist_test.c | ||
| clienthellotest.c | ||
| cms-examples.pl | ||
| constant_time_test.c | ||
| ct_test.c | ||
| d2i_test.c | ||
| danetest.c | ||
| danetest.in | ||
| danetest.pem | ||
| destest.c | ||
| dhtest.c | ||
| dsatest.c | ||
| dtlsv1listentest.c | ||
| ecdhtest_cavs.h | ||
| ecdhtest.c | ||
| ecdsatest.c | ||
| ectest.c | ||
| enginetest.c | ||
| evp_extra_test.c | ||
| evp_test.c | ||
| evptests.txt | ||
| exdatatest.c | ||
| exptest.c | ||
| generate_ssl_tests.pl | ||
| gmdifftest.c | ||
| handshake_helper.c | ||
| handshake_helper.h | ||
| heartbeat_test.c | ||
| hmactest.c | ||
| ideatest.c | ||
| igetest.c | ||
| md2test.c | ||
| md4test.c | ||
| md5test.c | ||
| mdc2test.c | ||
| memleaktest.c | ||
| methtest.c | ||
| nptest.c | ||
| p5_crpt2_test.c | ||
| P1ss.cnf | ||
| P2ss.cnf | ||
| packettest.c | ||
| pbelutest.c | ||
| pkcs7-1.pem | ||
| pkcs7.pem | ||
| pkits-test.pl | ||
| r160test.c | ||
| randtest.c | ||
| rc2test.c | ||
| rc4test.c | ||
| rc5test.c | ||
| README | ||
| README.ssltest.md | ||
| rmdtest.c | ||
| rsa_test.c | ||
| run_tests.pl | ||
| secmemtest.c | ||
| serverinfo.pem | ||
| sha1test.c | ||
| sha256t.c | ||
| sha512t.c | ||
| smcont.txt | ||
| srptest.c | ||
| ssl_test_ctx_test.c | ||
| ssl_test_ctx_test.conf | ||
| ssl_test_ctx.c | ||
| ssl_test_ctx.h | ||
| ssl_test.c | ||
| ssl_test.tmpl | ||
| ssltest_old.c | ||
| Sssdsa.cnf | ||
| Sssrsa.cnf | ||
| test_aesni | ||
| test_padlock | ||
| test_t4 | ||
| test.cnf | ||
| testcrl.pem | ||
| testdsa.pem | ||
| testdsapub.pem | ||
| testec-p256.pem | ||
| testecpub-p256.pem | ||
| testp7.pem | ||
| testreq2.pem | ||
| testrsa.pem | ||
| testrsapub.pem | ||
| testsid.pem | ||
| testutil.c | ||
| testutil.h | ||
| testx509.pem | ||
| threadstest.c | ||
| times | ||
| Uss.cnf | ||
| v3-cert1.pem | ||
| v3-cert2.pem | ||
| v3nametest.c | ||
| verify_extra_test.c | ||
| wp_test.c | ||
| x509aux.c | ||
How to add recipes
==================
For any test that you want to perform, you write a script located in
test/recipes/, named {nn}-test_{name}.t, where {nn} is a two digit number and
{name} is a unique name of your choice.
Please note that if a test involves a new testing executable, you will need to
do some additions in test/Makefile. More on this later.
Naming convetions
=================
A test executable is named test/{name}test.c
A test recipe is named test/recipes/{nn}-test_{name}.t, where {nn} is a two
digit number and {name} is a unique name of your choice.
The number {nn} is (somewhat loosely) grouped as follows:
05 individual symmetric cipher algorithms
10 math (bignum)
15 individual asymmetric cipher algorithms
20 openssl enc
25 certificate forms, generation and verification
30 engine and evp
70 PACKET layer
80 "larger" protocols (CA, CMS, OCSP, SSL, TSA)
90 misc
A recipe that just runs a test executable
=========================================
A script that just runs a program looks like this:
#! /usr/bin/perl
use OpenSSL::Test::Simple;
simple_test("test_{name}", "{name}test", "{name}");
{name} is the unique name you have chosen for your test.
The second argument to `simple_test' is the test executable, and `simple_test'
expects it to be located in test/
For documentation on OpenSSL::Test::Simple, do
`perldoc test/testlib/OpenSSL/Test/Simple.pm'.
A recipe that runs a more complex test
======================================
For more complex tests, you will need to read up on Test::More and
OpenSSL::Test. Test::More is normally preinstalled, do `man Test::More' for
documentation. For OpenSSL::Test, do `perldoc test/testlib/OpenSSL/Test.pm'.
A script to start from could be this:
#! /usr/bin/perl
use strict;
use warnings;
use OpenSSL::Test;
setup("test_{name}");
plan tests => 2; # The number of tests being performed
ok(test1, "test1");
ok(test2, "test1");
sub test1
{
# test feature 1
}
sub test2
{
# test feature 2
}
Changes to test/Makefile
========================
Whenever a new test involves a new test executable you need to do the
following (at all times, replace {NAME} and {name} with the name of your
test):
* among the variables for test executables at the beginning, add a line like
this:
{NAME}TEST= {name}test
* add `$({NAME}TEST)$(EXE_EXT)' to the assignment of EXE:
* add `$({NAME}TEST).o' to the assignment of OBJ:
* add `$({NAME}TEST).c' to the assignment of SRC:
* add the following lines for building the executable:
$({NAME}TEST)$(EXE_EXT): $({NAME}TEST).o $(DLIBCRYPTO)
@target=$({NAME}TEST); $(BUILD_CMD)