Mirror of BoringSSL (grpc依赖) https://boringssl.googlesource.com/boringssl
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

182 lines
5.8 KiB

/* Copyright (c) 2018, Google Inc.
*
* Permission to use, copy, modify, and/or distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
* SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
* OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
* CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
#include "test_state.h"
#include <openssl/ssl.h>
#include "../../crypto/internal.h"
#include "../internal.h"
using namespace bssl;
static CRYPTO_once_t g_once = CRYPTO_ONCE_INIT;
static int g_state_index = 0;
// Some code treats the zero time special, so initialize the clock to a
// non-zero time.
static timeval g_clock = { 1234, 1234 };
static void TestStateExFree(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
int index, long argl, void *argp) {
delete ((TestState *)ptr);
}
static void init_once() {
g_state_index = SSL_get_ex_new_index(0, NULL, NULL, NULL, TestStateExFree);
if (g_state_index < 0) {
abort();
}
}
struct timeval *GetClock() {
CRYPTO_once(&g_once, init_once);
return &g_clock;
}
void AdvanceClock(unsigned seconds) {
CRYPTO_once(&g_once, init_once);
g_clock.tv_sec += seconds;
}
bool SetTestState(SSL *ssl, std::unique_ptr<TestState> state) {
CRYPTO_once(&g_once, init_once);
// |SSL_set_ex_data| takes ownership of |state| only on success.
if (SSL_set_ex_data(ssl, g_state_index, state.get()) == 1) {
state.release();
return true;
}
return false;
}
TestState *GetTestState(const SSL *ssl) {
CRYPTO_once(&g_once, init_once);
return (TestState *)SSL_get_ex_data(ssl, g_state_index);
}
static void ssl_ctx_add_session(SSL_SESSION *session, void *void_param) {
SSL_CTX *ctx = reinterpret_cast<SSL_CTX *>(void_param);
UniquePtr<SSL_SESSION> new_session = SSL_SESSION_dup(
session, SSL_SESSION_INCLUDE_NONAUTH | SSL_SESSION_INCLUDE_TICKET);
if (new_session != nullptr) {
SSL_CTX_add_session(ctx, new_session.get());
}
}
void CopySessions(SSL_CTX *dst, const SSL_CTX *src) {
lh_SSL_SESSION_doall_arg(src->sessions, ssl_ctx_add_session, dst);
}
static void push_session(SSL_SESSION *session, void *arg) {
auto s = reinterpret_cast<std::vector<SSL_SESSION *> *>(arg);
s->push_back(session);
}
bool SerializeContextState(SSL_CTX *ctx, CBB *cbb) {
CBB out, ctx_sessions, ticket_keys;
uint8_t keys[48];
if (!CBB_add_u24_length_prefixed(cbb, &out) ||
!CBB_add_u16(&out, 0 /* version */) ||
!SSL_CTX_get_tlsext_ticket_keys(ctx, &keys, sizeof(keys)) ||
!CBB_add_u8_length_prefixed(&out, &ticket_keys) ||
!CBB_add_bytes(&ticket_keys, keys, sizeof(keys)) ||
!CBB_add_asn1(&out, &ctx_sessions, CBS_ASN1_SEQUENCE)) {
return false;
}
std::vector<SSL_SESSION *> sessions;
lh_SSL_SESSION_doall_arg(ctx->sessions, push_session, &sessions);
for (const auto &sess : sessions) {
if (!ssl_session_serialize(sess, &ctx_sessions)) {
return false;
}
}
return CBB_flush(cbb);
}
bool DeserializeContextState(CBS *cbs, SSL_CTX *ctx) {
CBS in, sessions, ticket_keys;
uint16_t version;
constexpr uint16_t kVersion = 0;
if (!CBS_get_u24_length_prefixed(cbs, &in) ||
!CBS_get_u16(&in, &version) ||
version > kVersion ||
!CBS_get_u8_length_prefixed(&in, &ticket_keys) ||
!SSL_CTX_set_tlsext_ticket_keys(ctx, CBS_data(&ticket_keys),
CBS_len(&ticket_keys)) ||
!CBS_get_asn1(&in, &sessions, CBS_ASN1_SEQUENCE)) {
return false;
}
while (CBS_len(&sessions)) {
UniquePtr<SSL_SESSION> session =
SSL_SESSION_parse(&sessions, ctx->x509_method, ctx->pool);
if (!session) {
return false;
}
SSL_CTX_add_session(ctx, session.get());
}
return true;
}
bool TestState::Serialize(CBB *cbb) const {
CBB out, pending, text;
if (!CBB_add_u24_length_prefixed(cbb, &out) ||
!CBB_add_u16(&out, 0 /* version */) ||
!CBB_add_u24_length_prefixed(&out, &pending) ||
(pending_session &&
!ssl_session_serialize(pending_session.get(), &pending)) ||
!CBB_add_u16_length_prefixed(&out, &text) ||
!CBB_add_bytes(
&text, reinterpret_cast<const uint8_t *>(msg_callback_text.data()),
msg_callback_text.length()) ||
!CBB_add_asn1_uint64(&out, g_clock.tv_sec) ||
!CBB_add_asn1_uint64(&out, g_clock.tv_usec) ||
!CBB_flush(cbb)) {
return false;
}
return true;
}
std::unique_ptr<TestState> TestState::Deserialize(CBS *cbs, SSL_CTX *ctx) {
CBS in, pending_session, text;
std::unique_ptr<TestState> out_state(new TestState());
uint16_t version;
constexpr uint16_t kVersion = 0;
uint64_t sec, usec;
if (!CBS_get_u24_length_prefixed(cbs, &in) ||
!CBS_get_u16(&in, &version) ||
version > kVersion ||
!CBS_get_u24_length_prefixed(&in, &pending_session) ||
!CBS_get_u16_length_prefixed(&in, &text)) {
return nullptr;
}
if (CBS_len(&pending_session)) {
out_state->pending_session = SSL_SESSION_parse(
&pending_session, ctx->x509_method, ctx->pool);
if (!out_state->pending_session) {
return nullptr;
}
}
out_state->msg_callback_text = std::string(
reinterpret_cast<const char *>(CBS_data(&text)), CBS_len(&text));
// TODO(2020-05-01): Make this unconditional & merge into above.
if (CBS_len(&in) > 0) {
if (!CBS_get_asn1_uint64(&in, &sec) ||
!CBS_get_asn1_uint64(&in, &usec)) {
return nullptr;
}
g_clock.tv_sec = sec;
g_clock.tv_usec = usec;
}
return out_state;
}