mirrors/utls
1
0
Fork 0
mirror of https://github.com/refraction-networking/utls.git synced 2025-04-03 20:17:36 +03:00
Code Issues Projects Releases Packages Wiki Activity

crypto/tls: prevent the test server from sending session tickets

Browse source 
Since they are sent after the handshake in TLS 1.3, the client was not
actually consuming them, as it doesn't make any Read calls. They were
then sitting in the kernel receive buffer when the client would call
Close. The kernel would see that and send a RST, which would race the
closeNotify, causing errors.

Also, we get to trim 600 lines of useless test data.

Fixes #28852

Change-Id: I7517feab77dabab7504bfc111098ba09ea07ae5e
Reviewed-on: https://go-review.googlesource.com/c/151659
Reviewed-by: Ian Lance Taylor <iant@golang.org>
This commit is contained in:
Filippo Valsorda 2018-11-28 22:05:08 -05:00 committed by Filippo Valsorda
parent 97fe6957a4
commit b4c934319a
14 changed files with 1162 additions and 1763 deletions
Download patch file Download diff file Expand all files Collapse all files

239
handshake_client_test.go
View file

@ -135,9 +135,9 @@ type clientTest struct {
// name is a freeform string identifying the test and the file in which
// the expected results will be stored.
name string
// command, if not empty, contains a series of arguments for the
// args, if not empty, contains a series of arguments for the
// command to run for the reference server.
command []string
args []string
// config, if not nil, contains a custom Config to use for this test.
config *Config
// cert, if not empty, contains a DER-encoded certificate for the
@ -168,7 +168,7 @@ type clientTest struct {
sendKeyUpdate bool
}
var defaultServerCommand = []string{"openssl", "s_server"}
var serverCommand = []string{"openssl", "s_server", "-no_ticket", "-num_tickets", "0"}
// connFromCommand starts the reference server process, connects to it and
// returns a recordingConn for the connection. The stdin return value is an
@ -210,11 +210,8 @@ func (test *clientTest) connFromCommand() (conn *recordingConn, child *exec.Cmd,
defer os.Remove(keyPath)
var command []string
if len(test.command) > 0 {
command = append(command, test.command...)
} else {
command = append(command, defaultServerCommand...)
}
command = append(command, serverCommand...)
command = append(command, test.args...)
command = append(command, "-cert", certPath, "-certform", "DER", "-key", keyPath)
// serverPort contains the port that OpenSSL will listen on. OpenSSL
// can't take "0" as an argument here so we have to pick a number and
@ -323,22 +320,16 @@ func (test *clientTest) run(t *testing.T, write bool) {
clientConn, serverConn = localPipe(t)
}
config := test.config
if config == nil {
config = testConfig
}
client := Client(clientConn, config)
doneChan := make(chan bool)
go func() {
defer func() {
// Give time to the send buffer to drain, to avoid the kernel
// sending a RST and cutting off the flow. See Issue 18701.
time.Sleep(10 * time.Millisecond)
client.Close()
clientConn.Close()
doneChan <- true
}()
defer close(doneChan)
config := test.config
if config == nil {
config = testConfig
}
client := Client(clientConn, config)
defer client.Close()
if _, err := client.Write([]byte("hello\n")); err != nil {
t.Errorf("Client.Write failed: %s", err)
@ -451,11 +442,8 @@ func (test *clientTest) run(t *testing.T, write bool) {
// If the server sent us an alert after our last flight, give it a
// chance to arrive.
if write && test.renegotiationExpectedToFail == 0 {
client.SetReadDeadline(time.Now().Add(500 * time.Millisecond))
if _, err := client.Read(make([]byte, 1)); err != nil {
if netErr, ok := err.(net.Error); !ok || !netErr.Timeout() {
t.Errorf("final Read returned an error: %s", err)
}
if err := peekError(client); err != nil {
t.Errorf("final Read returned an error: %s", err)
}
}
}()
@ -475,19 +463,18 @@ func (test *clientTest) run(t *testing.T, write bool) {
serverConn.SetReadDeadline(time.Now().Add(1 * time.Minute))
_, err := io.ReadFull(serverConn, bb)
if err != nil {
t.Fatalf("%s #%d: %s", test.name, i, err)
t.Fatalf("%s, flow %d: %s", test.name, i+1, err)
}
if !bytes.Equal(b, bb) {
t.Fatalf("%s #%d: mismatch on read: got:%x want:%x", test.name, i, bb, b)
t.Fatalf("%s, flow %d: mismatch on read: got:%x want:%x", test.name, i+1, bb, b)
}
}
// Give time to the send buffer to drain, to avoid the kernel
// sending a RST and cutting off the flow. See Issue 18701.
time.Sleep(10 * time.Millisecond)
serverConn.Close()
}
<-doneChan
if !write {
serverConn.Close()
}
if write {
path := test.dataPath()
@ -509,6 +496,20 @@ func (test *clientTest) run(t *testing.T, write bool) {
}
}
// peekError does a read with a short timeout to check if the next read would
// cause an error, for example if there is an alert waiting on the wire.
func peekError(conn net.Conn) error {
conn.SetReadDeadline(time.Now().Add(100 * time.Millisecond))
if n, err := conn.Read(make([]byte, 1)); n != 0 {
return errors.New("unexpectedly read data")
} else if err != nil {
if netErr, ok := err.(net.Error); !ok || !netErr.Timeout() {
return err
}
}
return nil
}
func runClientTestForVersion(t *testing.T, template *clientTest, version, option string) {
t.Run(version, func(t *testing.T) {
// Make a deep copy of the template before going parallel.
@ -522,11 +523,7 @@ func runClientTestForVersion(t *testing.T, template *clientTest, version, option
}
test.name = version + "-" + test.name
if len(test.command) == 0 {
test.command = defaultServerCommand
}
test.command = append([]string(nil), test.command...)
test.command = append(test.command, option)
test.args = append([]string{option}, test.args...)
test.run(t, *update)
})
}
@ -549,8 +546,8 @@ func runClientTestTLS13(t *testing.T, template *clientTest) {
func TestHandshakeClientRSARC4(t *testing.T) {
test := &clientTest{
name: "RSA-RC4",
command: []string{"openssl", "s_server", "-cipher", "RC4-SHA"},
name: "RSA-RC4",
args: []string{"-cipher", "RC4-SHA"},
}
runClientTestTLS10(t, test)
runClientTestTLS11(t, test)
@ -559,24 +556,24 @@ func TestHandshakeClientRSARC4(t *testing.T) {
func TestHandshakeClientRSAAES128GCM(t *testing.T) {
test := &clientTest{
name: "AES128-GCM-SHA256",
command: []string{"openssl", "s_server", "-cipher", "AES128-GCM-SHA256"},
name: "AES128-GCM-SHA256",
args: []string{"-cipher", "AES128-GCM-SHA256"},
}
runClientTestTLS12(t, test)
}
func TestHandshakeClientRSAAES256GCM(t *testing.T) {
test := &clientTest{
name: "AES256-GCM-SHA384",
command: []string{"openssl", "s_server", "-cipher", "AES256-GCM-SHA384"},
name: "AES256-GCM-SHA384",
args: []string{"-cipher", "AES256-GCM-SHA384"},
}
runClientTestTLS12(t, test)
}
func TestHandshakeClientECDHERSAAES(t *testing.T) {
test := &clientTest{
name: "ECDHE-RSA-AES",
command: []string{"openssl", "s_server", "-cipher", "ECDHE-RSA-AES128-SHA"},
name: "ECDHE-RSA-AES",
args: []string{"-cipher", "ECDHE-RSA-AES128-SHA"},
}
runClientTestTLS10(t, test)
runClientTestTLS11(t, test)
@ -585,10 +582,10 @@ func TestHandshakeClientECDHERSAAES(t *testing.T) {
func TestHandshakeClientECDHEECDSAAES(t *testing.T) {
test := &clientTest{
name: "ECDHE-ECDSA-AES",
command: []string{"openssl", "s_server", "-cipher", "ECDHE-ECDSA-AES128-SHA"},
cert: testECDSACertificate,
key: testECDSAPrivateKey,
name: "ECDHE-ECDSA-AES",
args: []string{"-cipher", "ECDHE-ECDSA-AES128-SHA"},
cert: testECDSACertificate,
key: testECDSAPrivateKey,
}
runClientTestTLS10(t, test)
runClientTestTLS11(t, test)
@ -597,46 +594,46 @@ func TestHandshakeClientECDHEECDSAAES(t *testing.T) {
func TestHandshakeClientECDHEECDSAAESGCM(t *testing.T) {
test := &clientTest{
name: "ECDHE-ECDSA-AES-GCM",
command: []string{"openssl", "s_server", "-cipher", "ECDHE-ECDSA-AES128-GCM-SHA256"},
cert: testECDSACertificate,
key: testECDSAPrivateKey,
name: "ECDHE-ECDSA-AES-GCM",
args: []string{"-cipher", "ECDHE-ECDSA-AES128-GCM-SHA256"},
cert: testECDSACertificate,
key: testECDSAPrivateKey,
}
runClientTestTLS12(t, test)
}
func TestHandshakeClientAES256GCMSHA384(t *testing.T) {
test := &clientTest{
name: "ECDHE-ECDSA-AES256-GCM-SHA384",
command: []string{"openssl", "s_server", "-cipher", "ECDHE-ECDSA-AES256-GCM-SHA384"},
cert: testECDSACertificate,
key: testECDSAPrivateKey,
name: "ECDHE-ECDSA-AES256-GCM-SHA384",
args: []string{"-cipher", "ECDHE-ECDSA-AES256-GCM-SHA384"},
cert: testECDSACertificate,
key: testECDSAPrivateKey,
}
runClientTestTLS12(t, test)
}
func TestHandshakeClientAES128CBCSHA256(t *testing.T) {
test := &clientTest{
name: "AES128-SHA256",
command: []string{"openssl", "s_server", "-cipher", "AES128-SHA256"},
name: "AES128-SHA256",
args: []string{"-cipher", "AES128-SHA256"},
}
runClientTestTLS12(t, test)
}
func TestHandshakeClientECDHERSAAES128CBCSHA256(t *testing.T) {
test := &clientTest{
name: "ECDHE-RSA-AES128-SHA256",
command: []string{"openssl", "s_server", "-cipher", "ECDHE-RSA-AES128-SHA256"},
name: "ECDHE-RSA-AES128-SHA256",
args: []string{"-cipher", "ECDHE-RSA-AES128-SHA256"},
}
runClientTestTLS12(t, test)
}
func TestHandshakeClientECDHEECDSAAES128CBCSHA256(t *testing.T) {
test := &clientTest{
name: "ECDHE-ECDSA-AES128-SHA256",
command: []string{"openssl", "s_server", "-cipher", "ECDHE-ECDSA-AES128-SHA256"},
cert: testECDSACertificate,
key: testECDSAPrivateKey,
name: "ECDHE-ECDSA-AES128-SHA256",
args: []string{"-cipher", "ECDHE-ECDSA-AES128-SHA256"},
cert: testECDSACertificate,
key: testECDSAPrivateKey,
}
runClientTestTLS12(t, test)
}
@ -646,9 +643,9 @@ func TestHandshakeClientX25519(t *testing.T) {
config.CurvePreferences = []CurveID{X25519}
test := &clientTest{
name: "X25519-ECDHE",
command: []string{"openssl", "s_server", "-cipher", "ECDHE-RSA-AES128-GCM-SHA256", "-curves", "X25519"},
config: config,
name: "X25519-ECDHE",
args: []string{"-cipher", "ECDHE-RSA-AES128-GCM-SHA256", "-curves", "X25519"},
config: config,
}
runClientTestTLS12(t, test)
@ -660,9 +657,9 @@ func TestHandshakeClientP256(t *testing.T) {
config.CurvePreferences = []CurveID{CurveP256}
test := &clientTest{
name: "P256-ECDHE",
command: []string{"openssl", "s_server", "-cipher", "ECDHE-RSA-AES128-GCM-SHA256", "-curves", "P-256"},
config: config,
name: "P256-ECDHE",
args: []string{"-cipher", "ECDHE-RSA-AES128-GCM-SHA256", "-curves", "P-256"},
config: config,
}
runClientTestTLS12(t, test)
@ -674,9 +671,9 @@ func TestHandshakeClientHelloRetryRequest(t *testing.T) {
config.CurvePreferences = []CurveID{X25519, CurveP256}
test := &clientTest{
name: "HelloRetryRequest",
command: []string{"openssl", "s_server", "-cipher", "ECDHE-RSA-AES128-GCM-SHA256", "-curves", "P-256"},
config: config,
name: "HelloRetryRequest",
args: []string{"-cipher", "ECDHE-RSA-AES128-GCM-SHA256", "-curves", "P-256"},
config: config,
}
runClientTestTLS13(t, test)
@ -687,9 +684,9 @@ func TestHandshakeClientECDHERSAChaCha20(t *testing.T) {
config.CipherSuites = []uint16{TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305}
test := &clientTest{
name: "ECDHE-RSA-CHACHA20-POLY1305",
command: []string{"openssl", "s_server", "-cipher", "ECDHE-RSA-CHACHA20-POLY1305"},
config: config,
name: "ECDHE-RSA-CHACHA20-POLY1305",
args: []string{"-cipher", "ECDHE-RSA-CHACHA20-POLY1305"},
config: config,
}
runClientTestTLS12(t, test)
@ -700,11 +697,11 @@ func TestHandshakeClientECDHEECDSAChaCha20(t *testing.T) {
config.CipherSuites = []uint16{TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305}
test := &clientTest{
name: "ECDHE-ECDSA-CHACHA20-POLY1305",
command: []string{"openssl", "s_server", "-cipher", "ECDHE-ECDSA-CHACHA20-POLY1305"},
config: config,
cert: testECDSACertificate,
key: testECDSAPrivateKey,
name: "ECDHE-ECDSA-CHACHA20-POLY1305",
args: []string{"-cipher", "ECDHE-ECDSA-CHACHA20-POLY1305"},
config: config,
cert: testECDSACertificate,
key: testECDSAPrivateKey,
}
runClientTestTLS12(t, test)
@ -712,22 +709,22 @@ func TestHandshakeClientECDHEECDSAChaCha20(t *testing.T) {
func TestHandshakeClientAES128SHA256(t *testing.T) {
test := &clientTest{
name: "AES128-SHA256",
command: []string{"openssl", "s_server", "-ciphersuites", "TLS_AES_128_GCM_SHA256"},
name: "AES128-SHA256",
args: []string{"-ciphersuites", "TLS_AES_128_GCM_SHA256"},
}
runClientTestTLS13(t, test)
}
func TestHandshakeClientAES256SHA384(t *testing.T) {
test := &clientTest{
name: "AES256-SHA384",
command: []string{"openssl", "s_server", "-ciphersuites", "TLS_AES_256_GCM_SHA384"},
name: "AES256-SHA384",
args: []string{"-ciphersuites", "TLS_AES_256_GCM_SHA384"},
}
runClientTestTLS13(t, test)
}
func TestHandshakeClientCHACHA20SHA256(t *testing.T) {
test := &clientTest{
name: "CHACHA20-SHA256",
command: []string{"openssl", "s_server", "-ciphersuites", "TLS_CHACHA20_POLY1305_SHA256"},
name: "CHACHA20-SHA256",
args: []string{"-ciphersuites", "TLS_CHACHA20_POLY1305_SHA256"},
}
runClientTestTLS13(t, test)
}
@ -747,20 +744,20 @@ func TestHandshakeClientCertRSA(t *testing.T) {
config.Certificates = []Certificate{cert}
test := &clientTest{
name: "ClientCert-RSA-RSA",
command: []string{"openssl", "s_server", "-cipher", "AES128", "-verify", "1"},
config: config,
name: "ClientCert-RSA-RSA",
args: []string{"-cipher", "AES128", "-verify", "1"},
config: config,
}
runClientTestTLS10(t, test)
runClientTestTLS12(t, test)
test = &clientTest{
name: "ClientCert-RSA-ECDSA",
command: []string{"openssl", "s_server", "-cipher", "ECDHE-ECDSA-AES128-SHA", "-verify", "1"},
config: config,
cert: testECDSACertificate,
key: testECDSAPrivateKey,
name: "ClientCert-RSA-ECDSA",
args: []string{"-cipher", "ECDHE-ECDSA-AES128-SHA", "-verify", "1"},
config: config,
cert: testECDSACertificate,
key: testECDSAPrivateKey,
}
runClientTestTLS10(t, test)
@ -768,11 +765,11 @@ func TestHandshakeClientCertRSA(t *testing.T) {
runClientTestTLS13(t, test)
test = &clientTest{
name: "ClientCert-RSA-AES256-GCM-SHA384",
command: []string{"openssl", "s_server", "-cipher", "ECDHE-RSA-AES256-GCM-SHA384", "-verify", "1"},
config: config,
cert: testRSACertificate,
key: testRSAPrivateKey,
name: "ClientCert-RSA-AES256-GCM-SHA384",
args: []string{"-cipher", "ECDHE-RSA-AES256-GCM-SHA384", "-verify", "1"},
config: config,
cert: testRSACertificate,
key: testRSAPrivateKey,
}
runClientTestTLS12(t, test)
@ -784,9 +781,9 @@ func TestHandshakeClientCertECDSA(t *testing.T) {
config.Certificates = []Certificate{cert}
test := &clientTest{
name: "ClientCert-ECDSA-RSA",
command: []string{"openssl", "s_server", "-cipher", "AES128", "-verify", "1"},
config: config,
name: "ClientCert-ECDSA-RSA",
args: []string{"-cipher", "AES128", "-verify", "1"},
config: config,
}
runClientTestTLS10(t, test)
@ -794,11 +791,11 @@ func TestHandshakeClientCertECDSA(t *testing.T) {
runClientTestTLS13(t, test)
test = &clientTest{
name: "ClientCert-ECDSA-ECDSA",
command: []string{"openssl", "s_server", "-cipher", "ECDHE-ECDSA-AES128-SHA", "-verify", "1"},
config: config,
cert: testECDSACertificate,
key: testECDSAPrivateKey,
name: "ClientCert-ECDSA-ECDSA",
args: []string{"-cipher", "ECDHE-ECDSA-AES128-SHA", "-verify", "1"},
config: config,
cert: testECDSACertificate,
key: testECDSAPrivateKey,
}
runClientTestTLS10(t, test)
@ -825,8 +822,8 @@ func TestHandshakeClientCertRSAPSS(t *testing.T) {
test := &clientTest{
name: "ClientCert-RSA-RSAPSS",
command: []string{"openssl", "s_server", "-cipher", "AES128", "-verify", "1",
"-client_sigalgs", "rsa_pss_rsae_sha256", "-sigalgs", "rsa_pss_rsae_sha256"},
args: []string{"-cipher", "AES128", "-verify", "1", "-client_sigalgs",
"rsa_pss_rsae_sha256", "-sigalgs", "rsa_pss_rsae_sha256"},
config: config,
cert: testRSAPSSCertificate,
key: testRSAPrivateKey,
@ -843,8 +840,8 @@ func TestHandshakeClientCertRSAPKCS1v15(t *testing.T) {
test := &clientTest{
name: "ClientCert-RSA-RSAPKCS1v15",
command: []string{"openssl", "s_server", "-cipher", "AES128", "-verify", "1",
"-client_sigalgs", "rsa_pkcs1_sha256", "-sigalgs", "rsa_pkcs1_sha256"},
args: []string{"-cipher", "AES128", "-verify", "1", "-client_sigalgs",
"rsa_pkcs1_sha256", "-sigalgs", "rsa_pkcs1_sha256"},
config: config,
}
@ -854,7 +851,7 @@ func TestHandshakeClientCertRSAPKCS1v15(t *testing.T) {
func TestClientKeyUpdate(t *testing.T) {
test := &clientTest{
name: "KeyUpdate",
command: []string{"openssl", "s_server", "-state"},
args: []string{"-state"},
sendKeyUpdate: true,
}
runClientTestTLS13(t, test)
@ -1148,8 +1145,8 @@ func TestHandshakeClientALPNMatch(t *testing.T) {
name: "ALPN",
// Note that this needs OpenSSL 1.0.2 because that is the first
// version that supports the -alpn flag.
command: []string{"openssl", "s_server", "-alpn", "proto1,proto2"},
config: config,
args: []string{"-alpn", "proto1,proto2"},
config: config,
validate: func(state ConnectionState) error {
// The server's preferences should override the client.
if state.NegotiatedProtocol != "proto1" {
@ -1206,7 +1203,7 @@ func TestRenegotiationRejected(t *testing.T) {
config := testConfig.Clone()
test := &clientTest{
name: "RenegotiationRejected",
command: []string{"openssl", "s_server", "-state"},
args: []string{"-state"},
config: config,
numRenegotiations: 1,
renegotiationExpectedToFail: 1,
@ -1229,7 +1226,7 @@ func TestRenegotiateOnce(t *testing.T) {
test := &clientTest{
name: "RenegotiateOnce",
command: []string{"openssl", "s_server", "-state"},
args: []string{"-state"},
config: config,
numRenegotiations: 1,
}
@ -1243,7 +1240,7 @@ func TestRenegotiateTwice(t *testing.T) {
test := &clientTest{
name: "RenegotiateTwice",
command: []string{"openssl", "s_server", "-state"},
args: []string{"-state"},
config: config,
numRenegotiations: 2,
}
@ -1257,7 +1254,7 @@ func TestRenegotiateTwiceRejected(t *testing.T) {
test := &clientTest{
name: "RenegotiateTwiceRejected",
command: []string{"openssl", "s_server", "-state"},
args: []string{"-state"},
config: config,
numRenegotiations: 2,
renegotiationExpectedToFail: 2,