[openssl-commits] [openssl] master update
Richard Levitte
levitte at openssl.org
Sat Dec 17 10:47:08 UTC 2016
The branch master has been updated
via ceb6d746941063eccf7655c7709ba56ca117044b (commit)
via a05bed195277f99c9f8e8149ad49edbc59fc4973 (commit)
from 97043e46aa7083c787a1efd72ac31ca97ed41610 (commit)
- Log -----------------------------------------------------------------
commit ceb6d746941063eccf7655c7709ba56ca117044b
Author: Richard Levitte <levitte at openssl.org>
Date: Fri Dec 16 11:18:47 2016 +0100
test/ssl_test: give up if both client and server wait on read
In some cases, both client and server end of the test can end up in
SSL_ERROR_WANT_READ and never get out of it, making the test spin.
Detect it and give up instead of waiting endlessly.
Reviewed-by: Rich Salz <rsalz at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2096)
commit a05bed195277f99c9f8e8149ad49edbc59fc4973
Author: Richard Levitte <levitte at openssl.org>
Date: Fri Dec 16 10:29:43 2016 +0100
Fix no-ct, skip tests recipes that try to test CT
Reviewed-by: Rich Salz <rsalz at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2096)
-----------------------------------------------------------------------
Summary of changes:
test/handshake_helper.c | 13 +++++++-
test/recipes/70-test_sslmessages.t | 68 +++++++++++++++++++++-----------------
2 files changed, 50 insertions(+), 31 deletions(-)
diff --git a/test/handshake_helper.c b/test/handshake_helper.c
index 9004489..24ea26f 100644
--- a/test/handshake_helper.c
+++ b/test/handshake_helper.c
@@ -870,7 +870,7 @@ static HANDSHAKE_RESULT *do_handshake_internal(
HANDSHAKE_EX_DATA server_ex_data, client_ex_data;
CTX_DATA client_ctx_data, server_ctx_data, server2_ctx_data;
HANDSHAKE_RESULT *ret = HANDSHAKE_RESULT_new();
- int client_turn = 1;
+ int client_turn = 1, client_turn_count = 0;
connect_phase_t phase = HANDSHAKE;
handshake_status_t status = HANDSHAKE_RETRY;
const unsigned char* tick = NULL;
@@ -959,6 +959,7 @@ static HANDSHAKE_RESULT *do_handshake_internal(
switch (status) {
case HANDSHAKE_SUCCESS:
+ client_turn_count = 0;
phase = next_phase(test_ctx, phase);
if (phase == CONNECTION_DONE) {
ret->result = SSL_TEST_SUCCESS;
@@ -984,6 +985,16 @@ static HANDSHAKE_RESULT *do_handshake_internal(
ret->result = SSL_TEST_INTERNAL_ERROR;
goto err;
case HANDSHAKE_RETRY:
+ if (client_turn_count++ >= 2000) {
+ /*
+ * At this point, there's been so many PEER_RETRY in a row
+ * that it's likely both sides are stuck waiting for a read.
+ * It's time to give up.
+ */
+ ret->result = SSL_TEST_INTERNAL_ERROR;
+ goto err;
+ }
+
/* Continue. */
client_turn ^= 1;
break;
diff --git a/test/recipes/70-test_sslmessages.t b/test/recipes/70-test_sslmessages.t
index 4e87e53..fb4ec61 100755
--- a/test/recipes/70-test_sslmessages.t
+++ b/test/recipes/70-test_sslmessages.t
@@ -265,19 +265,23 @@ checkhandshake($proxy, checkhandshake::DEFAULT_HANDSHAKE,
| checkhandshake::ALPN_SRV_EXTENSION,
"ALPN handshake test");
-#Test 14: SCT handshake (client request only)
-$proxy->clear();
-#Note: -ct also sends status_request
-$proxy->clientflags("-no_tls1_3 -ct");
-$proxy->serverflags("-status_file "
- .srctop_file("test", "recipes", "ocsp-response.der"));
-$proxy->start();
-checkhandshake($proxy, checkhandshake::OCSP_HANDSHAKE,
- checkhandshake::DEFAULT_EXTENSIONS
- | checkhandshake::SCT_CLI_EXTENSION
- | checkhandshake::STATUS_REQUEST_CLI_EXTENSION
- | checkhandshake::STATUS_REQUEST_SRV_EXTENSION,
- "SCT handshake test (client)");
+SKIP: {
+ skip "No CT support in this OpenSSL build", 1 if disabled("ct");
+
+ #Test 14: SCT handshake (client request only)
+ $proxy->clear();
+ #Note: -ct also sends status_request
+ $proxy->clientflags("-no_tls1_3 -ct");
+ $proxy->serverflags("-status_file "
+ .srctop_file("test", "recipes", "ocsp-response.der"));
+ $proxy->start();
+ checkhandshake($proxy, checkhandshake::OCSP_HANDSHAKE,
+ checkhandshake::DEFAULT_EXTENSIONS
+ | checkhandshake::SCT_CLI_EXTENSION
+ | checkhandshake::STATUS_REQUEST_CLI_EXTENSION
+ | checkhandshake::STATUS_REQUEST_SRV_EXTENSION,
+ "SCT handshake test (client)");
+}
#Test 15: SCT handshake (server support only)
$proxy->clear();
@@ -290,23 +294,27 @@ checkhandshake($proxy, checkhandshake::DEFAULT_HANDSHAKE,
checkhandshake::DEFAULT_EXTENSIONS,
"SCT handshake test (server)");
-#Test 16: SCT handshake (client and server)
-#There is no built-in server side support for this so we are actually also
-#testing custom extensions here
-$proxy->clear();
-#Note: -ct also sends status_request
-$proxy->clientflags("-no_tls1_3 -ct");
-$proxy->serverflags("-status_file "
- .srctop_file("test", "recipes", "ocsp-response.der")
- ." -serverinfo ".srctop_file("test", "serverinfo.pem"));
-$proxy->start();
-checkhandshake($proxy, checkhandshake::OCSP_HANDSHAKE,
- checkhandshake::DEFAULT_EXTENSIONS
- | checkhandshake::SCT_CLI_EXTENSION
- | checkhandshake::SCT_SRV_EXTENSION
- | checkhandshake::STATUS_REQUEST_CLI_EXTENSION
- | checkhandshake::STATUS_REQUEST_SRV_EXTENSION,
- "SCT handshake test");
+SKIP: {
+ skip "No CT support in this OpenSSL build", 1 if disabled("ct");
+
+ #Test 16: SCT handshake (client and server)
+ #There is no built-in server side support for this so we are actually also
+ #testing custom extensions here
+ $proxy->clear();
+ #Note: -ct also sends status_request
+ $proxy->clientflags("-no_tls1_3 -ct");
+ $proxy->serverflags("-status_file "
+ .srctop_file("test", "recipes", "ocsp-response.der")
+ ." -serverinfo ".srctop_file("test", "serverinfo.pem"));
+ $proxy->start();
+ checkhandshake($proxy, checkhandshake::OCSP_HANDSHAKE,
+ checkhandshake::DEFAULT_EXTENSIONS
+ | checkhandshake::SCT_CLI_EXTENSION
+ | checkhandshake::SCT_SRV_EXTENSION
+ | checkhandshake::STATUS_REQUEST_CLI_EXTENSION
+ | checkhandshake::STATUS_REQUEST_SRV_EXTENSION,
+ "SCT handshake test");
+}
#Test 17: NPN handshake (client request only)
More information about the openssl-commits
mailing list