12b15cb3dSCy Schubert /* 22b15cb3dSCy Schubert * Copyright (c) 2009-2012 Niels Provos and Nick Mathewson 32b15cb3dSCy Schubert * 42b15cb3dSCy Schubert * Redistribution and use in source and binary forms, with or without 52b15cb3dSCy Schubert * modification, are permitted provided that the following conditions 62b15cb3dSCy Schubert * are met: 72b15cb3dSCy Schubert * 1. Redistributions of source code must retain the above copyright 82b15cb3dSCy Schubert * notice, this list of conditions and the following disclaimer. 92b15cb3dSCy Schubert * 2. Redistributions in binary form must reproduce the above copyright 102b15cb3dSCy Schubert * notice, this list of conditions and the following disclaimer in the 112b15cb3dSCy Schubert * documentation and/or other materials provided with the distribution. 122b15cb3dSCy Schubert * 3. The name of the author may not be used to endorse or promote products 132b15cb3dSCy Schubert * derived from this software without specific prior written permission. 142b15cb3dSCy Schubert * 152b15cb3dSCy Schubert * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 162b15cb3dSCy Schubert * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 172b15cb3dSCy Schubert * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 182b15cb3dSCy Schubert * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 192b15cb3dSCy Schubert * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 202b15cb3dSCy Schubert * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 212b15cb3dSCy Schubert * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 222b15cb3dSCy Schubert * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 232b15cb3dSCy Schubert * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 242b15cb3dSCy Schubert * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 252b15cb3dSCy Schubert */ 262b15cb3dSCy Schubert 272b15cb3dSCy Schubert // Get rid of OSX 10.7 and greater deprecation warnings. 282b15cb3dSCy Schubert #if defined(__APPLE__) && defined(__clang__) 292b15cb3dSCy Schubert #pragma clang diagnostic ignored "-Wdeprecated-declarations" 302b15cb3dSCy Schubert #endif 312b15cb3dSCy Schubert 322b15cb3dSCy Schubert #ifdef _WIN32 332b15cb3dSCy Schubert #include <winsock2.h> 342b15cb3dSCy Schubert #include <windows.h> 352b15cb3dSCy Schubert #endif 362b15cb3dSCy Schubert 372b15cb3dSCy Schubert #ifndef _WIN32 382b15cb3dSCy Schubert #include <sys/types.h> 392b15cb3dSCy Schubert #include <sys/socket.h> 402b15cb3dSCy Schubert #include <netinet/in.h> 412b15cb3dSCy Schubert #endif 422b15cb3dSCy Schubert 432b15cb3dSCy Schubert #include "event2/util.h" 442b15cb3dSCy Schubert #include "event2/event.h" 452b15cb3dSCy Schubert #include "event2/bufferevent_ssl.h" 462b15cb3dSCy Schubert #include "event2/buffer.h" 472b15cb3dSCy Schubert #include "event2/listener.h" 482b15cb3dSCy Schubert 492b15cb3dSCy Schubert #include "regress.h" 502b15cb3dSCy Schubert #include "tinytest.h" 512b15cb3dSCy Schubert #include "tinytest_macros.h" 522b15cb3dSCy Schubert 532b15cb3dSCy Schubert #include <openssl/ssl.h> 542b15cb3dSCy Schubert #include <openssl/bio.h> 552b15cb3dSCy Schubert #include <openssl/err.h> 562b15cb3dSCy Schubert #include <openssl/pem.h> 572b15cb3dSCy Schubert 582b15cb3dSCy Schubert #include <string.h> 592b15cb3dSCy Schubert 602b15cb3dSCy Schubert /* A short pre-generated key, to save the cost of doing an RSA key generation 612b15cb3dSCy Schubert * step during the unit tests. It's only 512 bits long, and it is published 622b15cb3dSCy Schubert * in this file, so you would have to be very foolish to consider using it in 632b15cb3dSCy Schubert * your own code. */ 642b15cb3dSCy Schubert static const char KEY[] = 652b15cb3dSCy Schubert "-----BEGIN RSA PRIVATE KEY-----\n" 662b15cb3dSCy Schubert "MIIBOgIBAAJBAKibTEzXjj+sqpipePX1lEk5BNFuL/dDBbw8QCXgaJWikOiKHeJq\n" 672b15cb3dSCy Schubert "3FQ0OmCnmpkdsPFE4x3ojYmmdgE2i0dJwq0CAwEAAQJAZ08gpUS+qE1IClps/2gG\n" 682b15cb3dSCy Schubert "AAer6Bc31K2AaiIQvCSQcH440cp062QtWMC3V5sEoWmdLsbAHFH26/9ZHn5zAflp\n" 692b15cb3dSCy Schubert "gQIhANWOx/UYeR8HD0WREU5kcuSzgzNLwUErHLzxP7U6aojpAiEAyh2H35CjN/P7\n" 702b15cb3dSCy Schubert "NhcZ4QYw3PeUWpqgJnaE/4i80BSYkSUCIQDLHFhLYLJZ80HwHTADif/ISn9/Ow6b\n" 712b15cb3dSCy Schubert "p6BWh3DbMar/eQIgBPS6azH5vpp983KXkNv9AL4VZi9ac/b+BeINdzC6GP0CIDmB\n" 722b15cb3dSCy Schubert "U6GFEQTZ3IfuiVabG5pummdC4DNbcdI+WKrSFNmQ\n" 732b15cb3dSCy Schubert "-----END RSA PRIVATE KEY-----\n"; 742b15cb3dSCy Schubert 752b15cb3dSCy Schubert static EVP_PKEY * 762b15cb3dSCy Schubert getkey(void) 772b15cb3dSCy Schubert { 782b15cb3dSCy Schubert EVP_PKEY *key; 792b15cb3dSCy Schubert BIO *bio; 802b15cb3dSCy Schubert 812b15cb3dSCy Schubert /* new read-only BIO backed by KEY. */ 822b15cb3dSCy Schubert bio = BIO_new_mem_buf((char*)KEY, -1); 832b15cb3dSCy Schubert tt_assert(bio); 842b15cb3dSCy Schubert 852b15cb3dSCy Schubert key = PEM_read_bio_PrivateKey(bio,NULL,NULL,NULL); 862b15cb3dSCy Schubert BIO_free(bio); 872b15cb3dSCy Schubert tt_assert(key); 882b15cb3dSCy Schubert 892b15cb3dSCy Schubert return key; 902b15cb3dSCy Schubert end: 912b15cb3dSCy Schubert return NULL; 922b15cb3dSCy Schubert } 932b15cb3dSCy Schubert 942b15cb3dSCy Schubert static X509 * 952b15cb3dSCy Schubert getcert(void) 962b15cb3dSCy Schubert { 972b15cb3dSCy Schubert /* Dummy code to make a quick-and-dirty valid certificate with 982b15cb3dSCy Schubert OpenSSL. Don't copy this code into your own program! It does a 992b15cb3dSCy Schubert number of things in a stupid and insecure way. */ 1002b15cb3dSCy Schubert X509 *x509 = NULL; 1012b15cb3dSCy Schubert X509_NAME *name = NULL; 1022b15cb3dSCy Schubert EVP_PKEY *key = getkey(); 1032b15cb3dSCy Schubert int nid; 1042b15cb3dSCy Schubert time_t now = time(NULL); 1052b15cb3dSCy Schubert 1062b15cb3dSCy Schubert tt_assert(key); 1072b15cb3dSCy Schubert 1082b15cb3dSCy Schubert x509 = X509_new(); 1092b15cb3dSCy Schubert tt_assert(x509); 1102b15cb3dSCy Schubert tt_assert(0 != X509_set_version(x509, 2)); 1112b15cb3dSCy Schubert tt_assert(0 != ASN1_INTEGER_set(X509_get_serialNumber(x509), 1122b15cb3dSCy Schubert (long)now)); 1132b15cb3dSCy Schubert 1142b15cb3dSCy Schubert name = X509_NAME_new(); 1152b15cb3dSCy Schubert tt_assert(name); 1162b15cb3dSCy Schubert nid = OBJ_txt2nid("commonName"); 1172b15cb3dSCy Schubert tt_assert(NID_undef != nid); 1182b15cb3dSCy Schubert tt_assert(0 != X509_NAME_add_entry_by_NID( 1192b15cb3dSCy Schubert name, nid, MBSTRING_ASC, (unsigned char*)"example.com", 1202b15cb3dSCy Schubert -1, -1, 0)); 1212b15cb3dSCy Schubert 1222b15cb3dSCy Schubert X509_set_subject_name(x509, name); 1232b15cb3dSCy Schubert X509_set_issuer_name(x509, name); 1242b15cb3dSCy Schubert 1252b15cb3dSCy Schubert X509_time_adj(X509_get_notBefore(x509), 0, &now); 1262b15cb3dSCy Schubert now += 3600; 1272b15cb3dSCy Schubert X509_time_adj(X509_get_notAfter(x509), 0, &now); 1282b15cb3dSCy Schubert X509_set_pubkey(x509, key); 1292b15cb3dSCy Schubert tt_assert(0 != X509_sign(x509, key, EVP_sha1())); 1302b15cb3dSCy Schubert 1312b15cb3dSCy Schubert return x509; 1322b15cb3dSCy Schubert end: 1332b15cb3dSCy Schubert X509_free(x509); 1342b15cb3dSCy Schubert return NULL; 1352b15cb3dSCy Schubert } 1362b15cb3dSCy Schubert 1372b15cb3dSCy Schubert static int disable_tls_11_and_12 = 0; 1382b15cb3dSCy Schubert static SSL_CTX *the_ssl_ctx = NULL; 1392b15cb3dSCy Schubert 1402b15cb3dSCy Schubert static SSL_CTX * 1412b15cb3dSCy Schubert get_ssl_ctx(void) 1422b15cb3dSCy Schubert { 1432b15cb3dSCy Schubert if (the_ssl_ctx) 1442b15cb3dSCy Schubert return the_ssl_ctx; 1452b15cb3dSCy Schubert the_ssl_ctx = SSL_CTX_new(SSLv23_method()); 1462b15cb3dSCy Schubert if (!the_ssl_ctx) 1472b15cb3dSCy Schubert return NULL; 1482b15cb3dSCy Schubert if (disable_tls_11_and_12) { 1492b15cb3dSCy Schubert #ifdef SSL_OP_NO_TLSv1_2 1502b15cb3dSCy Schubert SSL_CTX_set_options(the_ssl_ctx, SSL_OP_NO_TLSv1_2); 1512b15cb3dSCy Schubert #endif 1522b15cb3dSCy Schubert #ifdef SSL_OP_NO_TLSv1_1 1532b15cb3dSCy Schubert SSL_CTX_set_options(the_ssl_ctx, SSL_OP_NO_TLSv1_1); 1542b15cb3dSCy Schubert #endif 1552b15cb3dSCy Schubert } 1562b15cb3dSCy Schubert return the_ssl_ctx; 1572b15cb3dSCy Schubert } 1582b15cb3dSCy Schubert 1592b15cb3dSCy Schubert static void 1602b15cb3dSCy Schubert init_ssl(void) 1612b15cb3dSCy Schubert { 1622b15cb3dSCy Schubert SSL_library_init(); 1632b15cb3dSCy Schubert ERR_load_crypto_strings(); 1642b15cb3dSCy Schubert SSL_load_error_strings(); 1652b15cb3dSCy Schubert OpenSSL_add_all_algorithms(); 1662b15cb3dSCy Schubert if (SSLeay() != OPENSSL_VERSION_NUMBER) { 1672b15cb3dSCy Schubert TT_DECLARE("WARN", ("Version mismatch for openssl: compiled with %lx but running with %lx", (unsigned long)OPENSSL_VERSION_NUMBER, (unsigned long) SSLeay())); 1682b15cb3dSCy Schubert } 1692b15cb3dSCy Schubert } 1702b15cb3dSCy Schubert 1712b15cb3dSCy Schubert /* ==================== 1722b15cb3dSCy Schubert Here's a simple test: we read a number from the input, increment it, and 1732b15cb3dSCy Schubert reply, until we get to 1001. 1742b15cb3dSCy Schubert */ 1752b15cb3dSCy Schubert 1762b15cb3dSCy Schubert static int test_is_done = 0; 1772b15cb3dSCy Schubert static int n_connected = 0; 1782b15cb3dSCy Schubert static int got_close = 0; 1792b15cb3dSCy Schubert static int got_error = 0; 1802b15cb3dSCy Schubert static int renegotiate_at = -1; 1812b15cb3dSCy Schubert static int stop_when_connected = 0; 1822b15cb3dSCy Schubert static int pending_connect_events = 0; 1832b15cb3dSCy Schubert static struct event_base *exit_base = NULL; 1842b15cb3dSCy Schubert 1852b15cb3dSCy Schubert static void 1862b15cb3dSCy Schubert respond_to_number(struct bufferevent *bev, void *ctx) 1872b15cb3dSCy Schubert { 1882b15cb3dSCy Schubert struct evbuffer *b = bufferevent_get_input(bev); 1892b15cb3dSCy Schubert char *line; 1902b15cb3dSCy Schubert int n; 1912b15cb3dSCy Schubert line = evbuffer_readln(b, NULL, EVBUFFER_EOL_LF); 1922b15cb3dSCy Schubert if (! line) 1932b15cb3dSCy Schubert return; 1942b15cb3dSCy Schubert n = atoi(line); 1952b15cb3dSCy Schubert if (n <= 0) 1962b15cb3dSCy Schubert TT_FAIL(("Bad number: %s", line)); 197*a25439b6SCy Schubert free(line); 1982b15cb3dSCy Schubert TT_BLATHER(("The number was %d", n)); 1992b15cb3dSCy Schubert if (n == 1001) { 2002b15cb3dSCy Schubert ++test_is_done; 2012b15cb3dSCy Schubert bufferevent_free(bev); /* Should trigger close on other side. */ 2022b15cb3dSCy Schubert return; 2032b15cb3dSCy Schubert } 2042b15cb3dSCy Schubert if (!strcmp(ctx, "client") && n == renegotiate_at) { 2052b15cb3dSCy Schubert SSL_renegotiate(bufferevent_openssl_get_ssl(bev)); 2062b15cb3dSCy Schubert } 2072b15cb3dSCy Schubert ++n; 2082b15cb3dSCy Schubert evbuffer_add_printf(bufferevent_get_output(bev), 2092b15cb3dSCy Schubert "%d\n", n); 2102b15cb3dSCy Schubert TT_BLATHER(("Done reading; now writing.")); 2112b15cb3dSCy Schubert bufferevent_enable(bev, EV_WRITE); 2122b15cb3dSCy Schubert bufferevent_disable(bev, EV_READ); 2132b15cb3dSCy Schubert } 2142b15cb3dSCy Schubert 2152b15cb3dSCy Schubert static void 2162b15cb3dSCy Schubert done_writing_cb(struct bufferevent *bev, void *ctx) 2172b15cb3dSCy Schubert { 2182b15cb3dSCy Schubert struct evbuffer *b = bufferevent_get_output(bev); 2192b15cb3dSCy Schubert if (evbuffer_get_length(b)) 2202b15cb3dSCy Schubert return; 2212b15cb3dSCy Schubert TT_BLATHER(("Done writing.")); 2222b15cb3dSCy Schubert bufferevent_disable(bev, EV_WRITE); 2232b15cb3dSCy Schubert bufferevent_enable(bev, EV_READ); 2242b15cb3dSCy Schubert } 2252b15cb3dSCy Schubert 2262b15cb3dSCy Schubert static void 2272b15cb3dSCy Schubert eventcb(struct bufferevent *bev, short what, void *ctx) 2282b15cb3dSCy Schubert { 2292b15cb3dSCy Schubert TT_BLATHER(("Got event %d", (int)what)); 2302b15cb3dSCy Schubert if (what & BEV_EVENT_CONNECTED) { 2312b15cb3dSCy Schubert SSL *ssl; 2322b15cb3dSCy Schubert X509 *peer_cert; 2332b15cb3dSCy Schubert ++n_connected; 2342b15cb3dSCy Schubert ssl = bufferevent_openssl_get_ssl(bev); 2352b15cb3dSCy Schubert tt_assert(ssl); 2362b15cb3dSCy Schubert peer_cert = SSL_get_peer_certificate(ssl); 2372b15cb3dSCy Schubert if (0==strcmp(ctx, "server")) { 2382b15cb3dSCy Schubert tt_assert(peer_cert == NULL); 2392b15cb3dSCy Schubert } else { 2402b15cb3dSCy Schubert tt_assert(peer_cert != NULL); 2412b15cb3dSCy Schubert } 2422b15cb3dSCy Schubert if (stop_when_connected) { 2432b15cb3dSCy Schubert if (--pending_connect_events == 0) 2442b15cb3dSCy Schubert event_base_loopexit(exit_base, NULL); 2452b15cb3dSCy Schubert } 2462b15cb3dSCy Schubert } else if (what & BEV_EVENT_EOF) { 2472b15cb3dSCy Schubert TT_BLATHER(("Got a good EOF")); 2482b15cb3dSCy Schubert ++got_close; 2492b15cb3dSCy Schubert bufferevent_free(bev); 2502b15cb3dSCy Schubert } else if (what & BEV_EVENT_ERROR) { 2512b15cb3dSCy Schubert TT_BLATHER(("Got an error.")); 2522b15cb3dSCy Schubert ++got_error; 2532b15cb3dSCy Schubert bufferevent_free(bev); 2542b15cb3dSCy Schubert } 2552b15cb3dSCy Schubert end: 2562b15cb3dSCy Schubert ; 2572b15cb3dSCy Schubert } 2582b15cb3dSCy Schubert 2592b15cb3dSCy Schubert static void 2602b15cb3dSCy Schubert open_ssl_bufevs(struct bufferevent **bev1_out, struct bufferevent **bev2_out, 2612b15cb3dSCy Schubert struct event_base *base, int is_open, int flags, SSL *ssl1, SSL *ssl2, 2622b15cb3dSCy Schubert evutil_socket_t *fd_pair, struct bufferevent **underlying_pair) 2632b15cb3dSCy Schubert { 2642b15cb3dSCy Schubert int state1 = is_open ? BUFFEREVENT_SSL_OPEN :BUFFEREVENT_SSL_CONNECTING; 2652b15cb3dSCy Schubert int state2 = is_open ? BUFFEREVENT_SSL_OPEN :BUFFEREVENT_SSL_ACCEPTING; 2662b15cb3dSCy Schubert if (fd_pair) { 2672b15cb3dSCy Schubert *bev1_out = bufferevent_openssl_socket_new( 2682b15cb3dSCy Schubert base, fd_pair[0], ssl1, state1, flags); 2692b15cb3dSCy Schubert *bev2_out = bufferevent_openssl_socket_new( 2702b15cb3dSCy Schubert base, fd_pair[1], ssl2, state2, flags); 2712b15cb3dSCy Schubert } else { 2722b15cb3dSCy Schubert *bev1_out = bufferevent_openssl_filter_new( 2732b15cb3dSCy Schubert base, underlying_pair[0], ssl1, state1, flags); 2742b15cb3dSCy Schubert *bev2_out = bufferevent_openssl_filter_new( 2752b15cb3dSCy Schubert base, underlying_pair[1], ssl2, state2, flags); 2762b15cb3dSCy Schubert 2772b15cb3dSCy Schubert } 2782b15cb3dSCy Schubert bufferevent_setcb(*bev1_out, respond_to_number, done_writing_cb, 2792b15cb3dSCy Schubert eventcb, (void*)"client"); 2802b15cb3dSCy Schubert bufferevent_setcb(*bev2_out, respond_to_number, done_writing_cb, 2812b15cb3dSCy Schubert eventcb, (void*)"server"); 2822b15cb3dSCy Schubert } 2832b15cb3dSCy Schubert 2842b15cb3dSCy Schubert static void 2852b15cb3dSCy Schubert regress_bufferevent_openssl(void *arg) 2862b15cb3dSCy Schubert { 2872b15cb3dSCy Schubert struct basic_test_data *data = arg; 2882b15cb3dSCy Schubert 2892b15cb3dSCy Schubert struct bufferevent *bev1, *bev2; 2902b15cb3dSCy Schubert SSL *ssl1, *ssl2; 2912b15cb3dSCy Schubert X509 *cert = getcert(); 2922b15cb3dSCy Schubert EVP_PKEY *key = getkey(); 2932b15cb3dSCy Schubert const int start_open = strstr((char*)data->setup_data, "open")!=NULL; 2942b15cb3dSCy Schubert const int filter = strstr((char*)data->setup_data, "filter")!=NULL; 2952b15cb3dSCy Schubert int flags = BEV_OPT_DEFER_CALLBACKS; 2962b15cb3dSCy Schubert struct bufferevent *bev_ll[2] = { NULL, NULL }; 2972b15cb3dSCy Schubert evutil_socket_t *fd_pair = NULL; 2982b15cb3dSCy Schubert 2992b15cb3dSCy Schubert tt_assert(cert); 3002b15cb3dSCy Schubert tt_assert(key); 3012b15cb3dSCy Schubert 3022b15cb3dSCy Schubert init_ssl(); 3032b15cb3dSCy Schubert 3042b15cb3dSCy Schubert if (strstr((char*)data->setup_data, "renegotiate")) { 3052b15cb3dSCy Schubert if (SSLeay() >= 0x10001000 && 3062b15cb3dSCy Schubert SSLeay() < 0x1000104f) { 3072b15cb3dSCy Schubert /* 1.0.1 up to 1.0.1c has a bug where TLS1.1 and 1.2 3082b15cb3dSCy Schubert * can't renegotiate with themselves. Disable. */ 3092b15cb3dSCy Schubert disable_tls_11_and_12 = 1; 3102b15cb3dSCy Schubert } 3112b15cb3dSCy Schubert renegotiate_at = 600; 3122b15cb3dSCy Schubert } 3132b15cb3dSCy Schubert 3142b15cb3dSCy Schubert ssl1 = SSL_new(get_ssl_ctx()); 3152b15cb3dSCy Schubert ssl2 = SSL_new(get_ssl_ctx()); 3162b15cb3dSCy Schubert 3172b15cb3dSCy Schubert SSL_use_certificate(ssl2, cert); 3182b15cb3dSCy Schubert SSL_use_PrivateKey(ssl2, key); 3192b15cb3dSCy Schubert 3202b15cb3dSCy Schubert if (! start_open) 3212b15cb3dSCy Schubert flags |= BEV_OPT_CLOSE_ON_FREE; 3222b15cb3dSCy Schubert 3232b15cb3dSCy Schubert if (!filter) { 3242b15cb3dSCy Schubert tt_assert(strstr((char*)data->setup_data, "socketpair")); 3252b15cb3dSCy Schubert fd_pair = data->pair; 3262b15cb3dSCy Schubert } else { 3272b15cb3dSCy Schubert bev_ll[0] = bufferevent_socket_new(data->base, data->pair[0], 3282b15cb3dSCy Schubert BEV_OPT_CLOSE_ON_FREE); 3292b15cb3dSCy Schubert bev_ll[1] = bufferevent_socket_new(data->base, data->pair[1], 3302b15cb3dSCy Schubert BEV_OPT_CLOSE_ON_FREE); 3312b15cb3dSCy Schubert } 3322b15cb3dSCy Schubert 3332b15cb3dSCy Schubert open_ssl_bufevs(&bev1, &bev2, data->base, 0, flags, ssl1, ssl2, 3342b15cb3dSCy Schubert fd_pair, bev_ll); 3352b15cb3dSCy Schubert 3362b15cb3dSCy Schubert if (!filter) { 3372b15cb3dSCy Schubert tt_int_op(bufferevent_getfd(bev1), ==, data->pair[0]); 3382b15cb3dSCy Schubert } else { 3392b15cb3dSCy Schubert tt_ptr_op(bufferevent_get_underlying(bev1), ==, bev_ll[0]); 3402b15cb3dSCy Schubert } 3412b15cb3dSCy Schubert 3422b15cb3dSCy Schubert if (start_open) { 3432b15cb3dSCy Schubert pending_connect_events = 2; 3442b15cb3dSCy Schubert stop_when_connected = 1; 3452b15cb3dSCy Schubert exit_base = data->base; 3462b15cb3dSCy Schubert event_base_dispatch(data->base); 3472b15cb3dSCy Schubert /* Okay, now the renegotiation is done. Make new 3482b15cb3dSCy Schubert * bufferevents to test opening in BUFFEREVENT_SSL_OPEN */ 3492b15cb3dSCy Schubert flags |= BEV_OPT_CLOSE_ON_FREE; 3502b15cb3dSCy Schubert bufferevent_free(bev1); 3512b15cb3dSCy Schubert bufferevent_free(bev2); 3522b15cb3dSCy Schubert bev1 = bev2 = NULL; 3532b15cb3dSCy Schubert open_ssl_bufevs(&bev1, &bev2, data->base, 1, flags, ssl1, ssl2, 3542b15cb3dSCy Schubert fd_pair, bev_ll); 3552b15cb3dSCy Schubert } 3562b15cb3dSCy Schubert 3572b15cb3dSCy Schubert bufferevent_enable(bev1, EV_READ|EV_WRITE); 3582b15cb3dSCy Schubert bufferevent_enable(bev2, EV_READ|EV_WRITE); 3592b15cb3dSCy Schubert 3602b15cb3dSCy Schubert evbuffer_add_printf(bufferevent_get_output(bev1), "1\n"); 3612b15cb3dSCy Schubert 3622b15cb3dSCy Schubert event_base_dispatch(data->base); 3632b15cb3dSCy Schubert 3642b15cb3dSCy Schubert tt_assert(test_is_done == 1); 3652b15cb3dSCy Schubert tt_assert(n_connected == 2); 3662b15cb3dSCy Schubert 3672b15cb3dSCy Schubert /* We don't handle shutdown properly yet. 3682b15cb3dSCy Schubert tt_int_op(got_close, ==, 1); 3692b15cb3dSCy Schubert tt_int_op(got_error, ==, 0); 3702b15cb3dSCy Schubert */ 3712b15cb3dSCy Schubert end: 3722b15cb3dSCy Schubert return; 3732b15cb3dSCy Schubert } 3742b15cb3dSCy Schubert 3752b15cb3dSCy Schubert static void 3762b15cb3dSCy Schubert acceptcb(struct evconnlistener *listener, evutil_socket_t fd, 3772b15cb3dSCy Schubert struct sockaddr *addr, int socklen, void *arg) 3782b15cb3dSCy Schubert { 3792b15cb3dSCy Schubert struct basic_test_data *data = arg; 3802b15cb3dSCy Schubert struct bufferevent *bev; 3812b15cb3dSCy Schubert SSL *ssl = SSL_new(get_ssl_ctx()); 3822b15cb3dSCy Schubert 3832b15cb3dSCy Schubert SSL_use_certificate(ssl, getcert()); 3842b15cb3dSCy Schubert SSL_use_PrivateKey(ssl, getkey()); 3852b15cb3dSCy Schubert 3862b15cb3dSCy Schubert bev = bufferevent_openssl_socket_new( 3872b15cb3dSCy Schubert data->base, 3882b15cb3dSCy Schubert fd, 3892b15cb3dSCy Schubert ssl, 3902b15cb3dSCy Schubert BUFFEREVENT_SSL_ACCEPTING, 3912b15cb3dSCy Schubert BEV_OPT_CLOSE_ON_FREE|BEV_OPT_DEFER_CALLBACKS); 3922b15cb3dSCy Schubert 3932b15cb3dSCy Schubert bufferevent_setcb(bev, respond_to_number, NULL, eventcb, 3942b15cb3dSCy Schubert (void*)"server"); 3952b15cb3dSCy Schubert 3962b15cb3dSCy Schubert bufferevent_enable(bev, EV_READ|EV_WRITE); 3972b15cb3dSCy Schubert 3982b15cb3dSCy Schubert /* Only accept once, then disable ourself. */ 3992b15cb3dSCy Schubert evconnlistener_disable(listener); 4002b15cb3dSCy Schubert } 4012b15cb3dSCy Schubert 4022b15cb3dSCy Schubert static void 4032b15cb3dSCy Schubert regress_bufferevent_openssl_connect(void *arg) 4042b15cb3dSCy Schubert { 4052b15cb3dSCy Schubert struct basic_test_data *data = arg; 4062b15cb3dSCy Schubert 4072b15cb3dSCy Schubert struct event_base *base = data->base; 4082b15cb3dSCy Schubert 4092b15cb3dSCy Schubert struct evconnlistener *listener; 4102b15cb3dSCy Schubert struct bufferevent *bev; 4112b15cb3dSCy Schubert struct sockaddr_in sin; 4122b15cb3dSCy Schubert struct sockaddr_storage ss; 4132b15cb3dSCy Schubert ev_socklen_t slen; 4142b15cb3dSCy Schubert 4152b15cb3dSCy Schubert init_ssl(); 4162b15cb3dSCy Schubert 4172b15cb3dSCy Schubert memset(&sin, 0, sizeof(sin)); 4182b15cb3dSCy Schubert sin.sin_family = AF_INET; 4192b15cb3dSCy Schubert sin.sin_addr.s_addr = htonl(0x7f000001); 4202b15cb3dSCy Schubert 4212b15cb3dSCy Schubert memset(&ss, 0, sizeof(ss)); 4222b15cb3dSCy Schubert slen = sizeof(ss); 4232b15cb3dSCy Schubert 4242b15cb3dSCy Schubert listener = evconnlistener_new_bind(base, acceptcb, data, 4252b15cb3dSCy Schubert LEV_OPT_CLOSE_ON_FREE|LEV_OPT_REUSEABLE, 4262b15cb3dSCy Schubert -1, (struct sockaddr *)&sin, sizeof(sin)); 4272b15cb3dSCy Schubert 4282b15cb3dSCy Schubert tt_assert(listener); 4292b15cb3dSCy Schubert tt_assert(evconnlistener_get_fd(listener) >= 0); 4302b15cb3dSCy Schubert 4312b15cb3dSCy Schubert bev = bufferevent_openssl_socket_new( 4322b15cb3dSCy Schubert data->base, -1, SSL_new(get_ssl_ctx()), 4332b15cb3dSCy Schubert BUFFEREVENT_SSL_CONNECTING, 4342b15cb3dSCy Schubert BEV_OPT_CLOSE_ON_FREE|BEV_OPT_DEFER_CALLBACKS); 4352b15cb3dSCy Schubert tt_assert(bev); 4362b15cb3dSCy Schubert 4372b15cb3dSCy Schubert bufferevent_setcb(bev, respond_to_number, NULL, eventcb, 4382b15cb3dSCy Schubert (void*)"client"); 4392b15cb3dSCy Schubert 4402b15cb3dSCy Schubert tt_assert(getsockname(evconnlistener_get_fd(listener), 4412b15cb3dSCy Schubert (struct sockaddr*)&ss, &slen) == 0); 4422b15cb3dSCy Schubert tt_assert(slen == sizeof(struct sockaddr_in)); 4432b15cb3dSCy Schubert tt_int_op(((struct sockaddr*)&ss)->sa_family, ==, AF_INET); 4442b15cb3dSCy Schubert tt_int_op(((struct sockaddr*)&ss)->sa_family, ==, AF_INET); 4452b15cb3dSCy Schubert 4462b15cb3dSCy Schubert tt_assert(0 == 4472b15cb3dSCy Schubert bufferevent_socket_connect(bev, (struct sockaddr*)&ss, slen)); 4482b15cb3dSCy Schubert evbuffer_add_printf(bufferevent_get_output(bev), "1\n"); 4492b15cb3dSCy Schubert bufferevent_enable(bev, EV_READ|EV_WRITE); 4502b15cb3dSCy Schubert 4512b15cb3dSCy Schubert event_base_dispatch(base); 4522b15cb3dSCy Schubert end: 4532b15cb3dSCy Schubert ; 4542b15cb3dSCy Schubert } 4552b15cb3dSCy Schubert 4562b15cb3dSCy Schubert struct testcase_t ssl_testcases[] = { 4572b15cb3dSCy Schubert 4582b15cb3dSCy Schubert { "bufferevent_socketpair", regress_bufferevent_openssl, TT_ISOLATED, 4592b15cb3dSCy Schubert &basic_setup, (void*)"socketpair" }, 4602b15cb3dSCy Schubert { "bufferevent_filter", regress_bufferevent_openssl, 4612b15cb3dSCy Schubert TT_ISOLATED, 4622b15cb3dSCy Schubert &basic_setup, (void*)"filter" }, 4632b15cb3dSCy Schubert { "bufferevent_renegotiate_socketpair", regress_bufferevent_openssl, 4642b15cb3dSCy Schubert TT_ISOLATED, 4652b15cb3dSCy Schubert &basic_setup, (void*)"socketpair renegotiate" }, 4662b15cb3dSCy Schubert { "bufferevent_renegotiate_filter", regress_bufferevent_openssl, 4672b15cb3dSCy Schubert TT_ISOLATED, 4682b15cb3dSCy Schubert &basic_setup, (void*)"filter renegotiate" }, 4692b15cb3dSCy Schubert { "bufferevent_socketpair_startopen", regress_bufferevent_openssl, 4702b15cb3dSCy Schubert TT_ISOLATED, &basic_setup, (void*)"socketpair open" }, 4712b15cb3dSCy Schubert { "bufferevent_filter_startopen", regress_bufferevent_openssl, 4722b15cb3dSCy Schubert TT_ISOLATED, &basic_setup, (void*)"filter open" }, 4732b15cb3dSCy Schubert 4742b15cb3dSCy Schubert { "bufferevent_connect", regress_bufferevent_openssl_connect, 4752b15cb3dSCy Schubert TT_FORK|TT_NEED_BASE, &basic_setup, NULL }, 4762b15cb3dSCy Schubert 4772b15cb3dSCy Schubert END_OF_TESTCASES, 4782b15cb3dSCy Schubert }; 479