mirrors/utls
1
0
Fork 0
mirror of https://github.com/refraction-networking/utls.git synced 2025-04-04 20:47:36 +03:00
Code Issues Projects Releases Packages Wiki Activity

crypto/tls: add support for additional alpn flags to bogo_shim_test

Browse source 
The existing implementation of bogo_shim_test does not support tests
that use the -expect-advertised-alpn flag or the -select-alpn flag. This
change allows bogo_shim_test to receive and enforce these flags.

Support for these flags is added in the same change because these flags are set together.

Updates #51434

Change-Id: Ia37f9e7403d4a43e6da68c16039a4bcb56ebd032
Reviewed-on: https://go-review.googlesource.com/c/go/+/595655
Auto-Submit: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Carlos Amedee <carlos@golang.org>
Reviewed-by: Russell Webb <russell.webb@protonmail.com>
Reviewed-by: Clide Stefani <cstefani.sites@gmail.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Roland Shoemaker <roland@golang.org>
Reviewed-by: Roland Shoemaker <roland@golang.org>
This commit is contained in:
Clide Stefani 2024-06-25 15:52:32 -04:00 committed by Gopher Robot
parent 309a3593cd
commit 478fdf1977
1 changed files with 40 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

36
bogo_shim_test.go
View file

@ -17,9 +17,12 @@ import (
"os/exec" "os/exec"
"path/filepath" "path/filepath"
"runtime" "runtime"
"slices"
"strconv" "strconv"
"strings" "strings"
"testing" "testing"
"golang.org/x/crypto/cryptobyte"
) )
var ( var (
@ -81,6 +84,8 @@ var (
expectALPN = flag.String("expect-alpn", "", "") expectALPN = flag.String("expect-alpn", "", "")
rejectALPN = flag.Bool("reject-alpn", false, "") rejectALPN = flag.Bool("reject-alpn", false, "")
declineALPN = flag.Bool("decline-alpn", false, "") declineALPN = flag.Bool("decline-alpn", false, "")
expectAdvertisedALPN = flag.String("expect-advertised-alpn", "", "")
selectALPN = flag.String("select-alpn", "", "")
hostName = flag.String("host-name", "", "") hostName = flag.String("host-name", "", "")
@ -118,6 +123,29 @@ func bogoShim() {
MaxVersion: uint16(*maxVersion), MaxVersion: uint16(*maxVersion),
ClientSessionCache: NewLRUClientSessionCache(0), ClientSessionCache: NewLRUClientSessionCache(0),
GetConfigForClient: func(chi *ClientHelloInfo) (*Config, error) {
if *expectAdvertisedALPN != "" {
s := cryptobyte.String(*expectAdvertisedALPN)
var expectedALPNs []string
for !s.Empty() {
var alpn cryptobyte.String
if !s.ReadUint8LengthPrefixed(&alpn) {
return nil, fmt.Errorf("unexpected error while parsing arguments for -expect-advertised-alpn")
}
expectedALPNs = append(expectedALPNs, string(alpn))
}
if !slices.Equal(chi.SupportedProtos, expectedALPNs) {
return nil, fmt.Errorf("unexpected ALPN: got %q, want %q", chi.SupportedProtos, expectedALPNs)
}
}
return nil, nil
},
} }
if *noTLS1 { if *noTLS1 {
@ -160,6 +188,9 @@ func bogoShim() {
if *declineALPN { if *declineALPN {
cfg.NextProtos = []string{} cfg.NextProtos = []string{}
} }
if *selectALPN != "" {
cfg.NextProtos = []string{*selectALPN}
}
if *hostName != "" { if *hostName != "" {
cfg.ServerName = *hostName cfg.ServerName = *hostName
@ -288,6 +319,11 @@ func bogoShim() {
if *expectALPN != "" && cs.NegotiatedProtocol != *expectALPN { if *expectALPN != "" && cs.NegotiatedProtocol != *expectALPN {
log.Fatalf("unexpected protocol negotiated: want %q, got %q", *expectALPN, cs.NegotiatedProtocol) log.Fatalf("unexpected protocol negotiated: want %q, got %q", *expectALPN, cs.NegotiatedProtocol)
} }
if *selectALPN != "" && cs.NegotiatedProtocol != *selectALPN {
log.Fatalf("unexpected protocol negotiated: want %q, got %q", *selectALPN, cs.NegotiatedProtocol)
}
if *expectVersion != 0 && cs.Version != uint16(*expectVersion) { if *expectVersion != 0 && cs.Version != uint16(*expectVersion) {
log.Fatalf("expected ssl version %q, got %q", uint16(*expectVersion), cs.Version) log.Fatalf("expected ssl version %q, got %q", uint16(*expectVersion), cs.Version)
} }