}
void expectProtocol(const std::string& proto) {
+ expectHandshakeSuccess();
EXPECT_NE(client->nextProtoLength, 0);
EXPECT_EQ(client->nextProtoLength, server->nextProtoLength);
EXPECT_EQ(
}
void expectNoProtocol() {
+ expectHandshakeSuccess();
EXPECT_EQ(client->nextProtoLength, 0);
EXPECT_EQ(server->nextProtoLength, 0);
EXPECT_EQ(client->nextProto, nullptr);
}
void expectProtocolType() {
+ expectHandshakeSuccess();
if (GetParam().first == SSLContext::NextProtocolType::ANY &&
GetParam().second == SSLContext::NextProtocolType::ANY) {
EXPECT_EQ(client->protocolType, server->protocolType);
}
void expectProtocolType(NextProtocolTypePair expected) {
+ expectHandshakeSuccess();
EXPECT_EQ(client->protocolType, expected.first);
EXPECT_EQ(server->protocolType, expected.second);
}
+ void expectHandshakeSuccess() {
+ EXPECT_FALSE(client->except.hasValue())
+ << "client handshake error: " << client->except->what();
+ EXPECT_FALSE(server->except.hasValue())
+ << "server handshake error: " << server->except->what();
+ }
+
+ void expectHandshakeError() {
+ EXPECT_TRUE(client->except.hasValue())
+ << "Expected client handshake error!";
+ EXPECT_TRUE(server->except.hasValue())
+ << "Expected server handshake error!";
+ }
+
EventBase eventBase;
std::shared_ptr<SSLContext> clientCtx{std::make_shared<SSLContext>()};
std::shared_ptr<SSLContext> serverCtx{std::make_shared<SSLContext>()};
clientCtx->setAdvertisedNextProtocols({"blub"}, GetParam().first);
serverCtx->setAdvertisedNextProtocols({"foo", "bar", "baz"},
GetParam().second);
-
connect();
if (GetParam().first == SSLContext::NextProtocolType::ALPN ||
GetParam().second == SSLContext::NextProtocolType::ALPN) {
// This is arguably incorrect behavior since RFC7301 states an ALPN protocol
- // mismatch should result in a fatal alert, but this is OpenSSL's current
- // behavior and we want to know if it changes.
+ // mismatch should result in a fatal alert, but this is the current behavior
+ // on all OpenSSL versions/variants, and we want to know if it changes.
expectNoProtocol();
}
-#if defined(OPENSSL_IS_BORINGSSL)
- // BoringSSL also doesn't fatal on mismatch but behaves slightly differently
- // from OpenSSL 1.0.2h+ - it doesn't select a protocol if both ends support
- // NPN *and* ALPN
+#if FOLLY_OPENSSL_IS_110 || defined(OPENSSL_IS_BORINGSSL)
else if (
GetParam().first == SSLContext::NextProtocolType::ANY &&
GetParam().second == SSLContext::NextProtocolType::ANY) {
+# if FOLLY_OPENSSL_IS_110
+ // OpenSSL 1.1.0 sends a fatal alert on mismatch, which is probavbly the
+ // correct behavior per RFC7301
+ expectHandshakeError();
+# else
+ // BoringSSL also doesn't fatal on mismatch but behaves slightly differently
+ // from OpenSSL 1.0.2h+ - it doesn't select a protocol if both ends support
+ // NPN *and* ALPN
expectNoProtocol();
+# endif
}
#endif
- else {
+ else {
expectProtocol("blub");
expectProtocolType(
{SSLContext::NextProtocolType::NPN, SSLContext::NextProtocolType::NPN});
socket->close();
handshakeCallback.waitForHandshake();
+#if FOLLY_OPENSSL_IS_110
+ EXPECT_NE(
+ handshakeCallback.errorString_.find("Network error"), std::string::npos);
+#else
EXPECT_NE(
handshakeCallback.errorString_.find("Connection EOF"), std::string::npos);
- EXPECT_NE(handshakeCallback.errorString_.find("EOF"), std::string::npos);
+#endif
}
TEST(AsyncSSLSocketTest, ConnOpenSSLErrorString) {
EXPECT_NE(
handshakeCallback.errorString_.find("ENCRYPTED_LENGTH_TOO_LONG"),
std::string::npos);
+#elif FOLLY_OPENSSL_IS_110
+ EXPECT_NE(handshakeCallback.errorString_.find("packet length too long"),
+ std::string::npos);
#else
EXPECT_NE(handshakeCallback.errorString_.find("unknown protocol"),
std::string::npos);
const unsigned char* nextProto;
unsigned nextProtoLength;
SSLContext::NextProtocolType protocolType;
+ folly::Optional<AsyncSocketException> except;
private:
void handshakeSuc(AsyncSSLSocket*) noexcept override {
void handshakeErr(
AsyncSSLSocket*,
const AsyncSocketException& ex) noexcept override {
- ADD_FAILURE() << "client handshake error: " << ex.what();
+ except = ex;
}
void writeSuccess() noexcept override {
socket_->close();
const unsigned char* nextProto;
unsigned nextProtoLength;
SSLContext::NextProtocolType protocolType;
+ folly::Optional<AsyncSocketException> except;
private:
void handshakeSuc(AsyncSSLSocket*) noexcept override {
void handshakeErr(
AsyncSSLSocket*,
const AsyncSocketException& ex) noexcept override {
- ADD_FAILURE() << "server handshake error: " << ex.what();
+ except = ex;
}
void getReadBuffer(void** /* bufReturn */, size_t* lenReturn) override {
*lenReturn = 0;
projects / folly.git / commitdiff