Reorganize SSL test structures
Move custom server and client options from the test dictionary to an
"extra" section of each server/client. Rename test expectations to say
"Expected".
This is a big but straightforward change. Primarily, this allows us to
specify multiple server and client contexts without redefining the
custom options for each of them. For example, instead of
"ServerNPNProtocols", "Server2NPNProtocols", "ResumeServerNPNProtocols",
we now have, "NPNProtocols".
This simplifies writing resumption and SNI tests. The first application
will be resumption tests for NPN and ALPN.
Regrouping the options also makes it clearer which options apply to the
server, which apply to the client, which configure the test, and which
are test expectations.
Reviewed-by: Richard Levitte <levitte@openssl.org>
diff --git a/test/handshake_helper.c b/test/handshake_helper.c
index c7023fe..0da8c54 100644
--- a/test/handshake_helper.c
+++ b/test/handshake_helper.c
@@ -269,7 +269,7 @@
*/
static void configure_handshake_ctx(SSL_CTX *server_ctx, SSL_CTX *server2_ctx,
SSL_CTX *client_ctx,
- const SSL_TEST_CTX *test_ctx,
+ const SSL_TEST_EXTRA_CONF *extra,
CTX_DATA *server_ctx_data,
CTX_DATA *server2_ctx_data,
CTX_DATA *client_ctx_data)
@@ -277,7 +277,7 @@
unsigned char *ticket_keys;
size_t ticket_key_len;
- switch (test_ctx->client_verify_callback) {
+ switch (extra->client.verify_callback) {
case SSL_TEST_VERIFY_ACCEPT_ALL:
SSL_CTX_set_cert_verify_callback(client_ctx, &verify_accept_cb,
NULL);
@@ -291,7 +291,7 @@
}
/* link the two contexts for SNI purposes */
- switch (test_ctx->servername_callback) {
+ switch (extra->server.servername_callback) {
case SSL_TEST_SERVERNAME_IGNORE_MISMATCH:
SSL_CTX_set_tlsext_servername_callback(server_ctx, servername_ignore_cb);
SSL_CTX_set_tlsext_servername_arg(server_ctx, server2_ctx);
@@ -313,49 +313,49 @@
SSL_CTX_set_tlsext_ticket_key_cb(server2_ctx,
do_not_call_session_ticket_cb);
- if (test_ctx->session_ticket_expected == SSL_TEST_SESSION_TICKET_BROKEN) {
+ if (extra->server.broken_session_ticket) {
SSL_CTX_set_tlsext_ticket_key_cb(server_ctx, broken_session_ticket_cb);
}
#ifndef OPENSSL_NO_NEXTPROTONEG
- if (test_ctx->server_npn_protocols != NULL) {
- parse_protos(test_ctx->server_npn_protocols,
+ if (extra->server.npn_protocols != NULL) {
+ parse_protos(extra->server.npn_protocols,
&server_ctx_data->npn_protocols,
&server_ctx_data->npn_protocols_len);
SSL_CTX_set_next_protos_advertised_cb(server_ctx, server_npn_cb,
server_ctx_data);
}
- if (test_ctx->server2_npn_protocols != NULL) {
- parse_protos(test_ctx->server2_npn_protocols,
+ if (extra->server2.npn_protocols != NULL) {
+ parse_protos(extra->server2.npn_protocols,
&server2_ctx_data->npn_protocols,
&server2_ctx_data->npn_protocols_len);
OPENSSL_assert(server2_ctx != NULL);
SSL_CTX_set_next_protos_advertised_cb(server2_ctx, server_npn_cb,
server2_ctx_data);
}
- if (test_ctx->client_npn_protocols != NULL) {
- parse_protos(test_ctx->client_npn_protocols,
+ if (extra->client.npn_protocols != NULL) {
+ parse_protos(extra->client.npn_protocols,
&client_ctx_data->npn_protocols,
&client_ctx_data->npn_protocols_len);
SSL_CTX_set_next_proto_select_cb(client_ctx, client_npn_cb,
client_ctx_data);
}
- if (test_ctx->server_alpn_protocols != NULL) {
- parse_protos(test_ctx->server_alpn_protocols,
+ if (extra->server.alpn_protocols != NULL) {
+ parse_protos(extra->server.alpn_protocols,
&server_ctx_data->alpn_protocols,
&server_ctx_data->alpn_protocols_len);
SSL_CTX_set_alpn_select_cb(server_ctx, server_alpn_cb, server_ctx_data);
}
- if (test_ctx->server2_alpn_protocols != NULL) {
+ if (extra->server2.alpn_protocols != NULL) {
OPENSSL_assert(server2_ctx != NULL);
- parse_protos(test_ctx->server2_alpn_protocols,
+ parse_protos(extra->server2.alpn_protocols,
&server2_ctx_data->alpn_protocols,
&server2_ctx_data->alpn_protocols_len);
SSL_CTX_set_alpn_select_cb(server2_ctx, server_alpn_cb, server2_ctx_data);
}
- if (test_ctx->client_alpn_protocols != NULL) {
+ if (extra->client.alpn_protocols != NULL) {
unsigned char *alpn_protos = NULL;
size_t alpn_protos_len;
- parse_protos(test_ctx->client_alpn_protocols,
+ parse_protos(extra->client.alpn_protocols,
&alpn_protos, &alpn_protos_len);
/* Reversed return value convention... */
OPENSSL_assert(SSL_CTX_set_alpn_protos(client_ctx, alpn_protos,
@@ -377,11 +377,11 @@
/* Configure per-SSL callbacks and other properties. */
static void configure_handshake_ssl(SSL *server, SSL *client,
- const SSL_TEST_CTX *test_ctx)
+ const SSL_TEST_EXTRA_CONF *extra)
{
- if (test_ctx->servername != SSL_TEST_SERVERNAME_NONE)
+ if (extra->client.servername != SSL_TEST_SERVERNAME_NONE)
SSL_set_tlsext_host_name(client,
- ssl_servername_name(test_ctx->servername));
+ ssl_servername_name(extra->client.servername));
}
@@ -518,7 +518,7 @@
static HANDSHAKE_RESULT *do_handshake_internal(
SSL_CTX *server_ctx, SSL_CTX *server2_ctx, SSL_CTX *client_ctx,
- const SSL_TEST_CTX *test_ctx, SSL_SESSION *session_in,
+ const SSL_TEST_EXTRA_CONF *extra, SSL_SESSION *session_in,
SSL_SESSION **session_out)
{
SSL *server, *client;
@@ -542,14 +542,14 @@
memset(&server2_ctx_data, 0, sizeof(server2_ctx_data));
memset(&client_ctx_data, 0, sizeof(client_ctx_data));
- configure_handshake_ctx(server_ctx, server2_ctx, client_ctx, test_ctx,
+ configure_handshake_ctx(server_ctx, server2_ctx, client_ctx, extra,
&server_ctx_data, &server2_ctx_data, &client_ctx_data);
server = SSL_new(server_ctx);
client = SSL_new(client_ctx);
OPENSSL_assert(server != NULL && client != NULL);
- configure_handshake_ssl(server, client, test_ctx);
+ configure_handshake_ssl(server, client, extra);
if (session_in != NULL) {
/* In case we're testing resumption without tickets. */
OPENSSL_assert(SSL_CTX_add_session(server_ctx, session_in));
@@ -689,7 +689,7 @@
SSL_SESSION *session = NULL;
result = do_handshake_internal(server_ctx, server2_ctx, client_ctx,
- test_ctx, NULL, &session);
+ &test_ctx->extra, NULL, &session);
if (test_ctx->handshake_mode == SSL_TEST_HANDSHAKE_SIMPLE)
goto end;
@@ -703,7 +703,7 @@
HANDSHAKE_RESULT_free(result);
/* We don't support SNI on second handshake yet, so server2_ctx is NULL. */
result = do_handshake_internal(resume_server_ctx, NULL, resume_client_ctx,
- test_ctx, session, NULL);
+ &test_ctx->resume_extra, session, NULL);
end:
SSL_SESSION_free(session);
return result;
