summaryrefslogtreecommitdiffstats
path: root/src/ssl/ssl_test.cc
diff options
context:
space:
mode:
Diffstat (limited to 'src/ssl/ssl_test.cc')
-rw-r--r--src/ssl/ssl_test.cc35
1 files changed, 28 insertions, 7 deletions
diff --git a/src/ssl/ssl_test.cc b/src/ssl/ssl_test.cc
index 1c6e24a..9f2ddb9 100644
--- a/src/ssl/ssl_test.cc
+++ b/src/ssl/ssl_test.cc
@@ -359,6 +359,18 @@ static const char kBadSessionVersion[] =
"q+Topyzvx9USFgRvyuoxn0Hgb+R0A3j6SLRuyOdAi4gv7Y5oliynrSIEIAYGBgYG"
"BgYGBgYGBgYGBgYGBgYGBgYGBgYGBgYGBgYGrgMEAQevAwQBBLADBAEF";
+// kBadSessionTrailingData is a custom serialized SSL_SESSION with trailing data
+// appended.
+static const char kBadSessionTrailingData[] =
+ "MIIBdgIBAQICAwMEAsAvBCAG5Q1ndq4Yfmbeo1zwLkNRKmCXGdNgWvGT3cskV0yQ"
+ "kAQwJlrlzkAWBOWiLj/jJ76D7l+UXoizP2KI2C7I2FccqMmIfFmmkUy32nIJ0mZH"
+ "IWoJoQYCBFRDO46iBAICASykAwQBAqUDAgEUphAEDnd3dy5nb29nbGUuY29tqAcE"
+ "BXdvcmxkqQUCAwGJwKqBpwSBpBwUQvoeOk0Kg36SYTcLEkXqKwOBfF9vE4KX0Nxe"
+ "LwjcDTpsuh3qXEaZ992r1N38VDcyS6P7I6HBYN9BsNHM362zZnY27GpTw+Kwd751"
+ "CLoXFPoaMOe57dbBpXoro6Pd3BTbf/Tzr88K06yEOTDKPNj3+inbMaVigtK4PLyP"
+ "q+Topyzvx9USFgRvyuoxn0Hgb+R0A3j6SLRuyOdAi4gv7Y5oliynrSIEIAYGBgYG"
+ "BgYGBgYGBgYGBgYGBgYGBgYGBgYGBgYGBgYGrgMEAQevAwQBBLADBAEFAAAA";
+
static bool DecodeBase64(std::vector<uint8_t> *out, const char *in) {
size_t len;
if (!EVP_DecodedLength(&len, strlen(in))) {
@@ -387,10 +399,10 @@ static bool TestSSL_SESSIONEncoding(const char *input_b64) {
}
// Verify the SSL_SESSION decodes.
- cptr = bssl::vector_data(&input);
- ScopedSSL_SESSION session(d2i_SSL_SESSION(NULL, &cptr, input.size()));
- if (!session || cptr != bssl::vector_data(&input) + input.size()) {
- fprintf(stderr, "d2i_SSL_SESSION failed\n");
+ ScopedSSL_SESSION session(SSL_SESSION_from_bytes(bssl::vector_data(&input),
+ input.size()));
+ if (!session) {
+ fprintf(stderr, "SSL_SESSION_from_bytes failed\n");
return false;
}
@@ -409,6 +421,14 @@ static bool TestSSL_SESSIONEncoding(const char *input_b64) {
return false;
}
+ // Verify the SSL_SESSION also decodes with the legacy API.
+ cptr = bssl::vector_data(&input);
+ session.reset(d2i_SSL_SESSION(NULL, &cptr, input.size()));
+ if (!session || cptr != bssl::vector_data(&input) + input.size()) {
+ fprintf(stderr, "d2i_SSL_SESSION failed\n");
+ return false;
+ }
+
// Verify the SSL_SESSION encoding round-trips via the legacy API.
int len = i2d_SSL_SESSION(session.get(), NULL);
if (len < 0 || (size_t)len != input.size()) {
@@ -447,10 +467,10 @@ static bool TestBadSSL_SESSIONEncoding(const char *input_b64) {
}
// Verify that the SSL_SESSION fails to decode.
- const uint8_t *ptr = bssl::vector_data(&input);
- ScopedSSL_SESSION session(d2i_SSL_SESSION(NULL, &ptr, input.size()));
+ ScopedSSL_SESSION session(SSL_SESSION_from_bytes(bssl::vector_data(&input),
+ input.size()));
if (session) {
- fprintf(stderr, "d2i_SSL_SESSION unexpectedly succeeded\n");
+ fprintf(stderr, "SSL_SESSION_from_bytes unexpectedly succeeded\n");
return false;
}
ERR_clear_error();
@@ -537,6 +557,7 @@ int main(void) {
!TestSSL_SESSIONEncoding(kCustomSession) ||
!TestBadSSL_SESSIONEncoding(kBadSessionExtraField) ||
!TestBadSSL_SESSIONEncoding(kBadSessionVersion) ||
+ !TestBadSSL_SESSIONEncoding(kBadSessionTrailingData) ||
!TestDefaultVersion(0, &TLS_method) ||
!TestDefaultVersion(SSL3_VERSION, &SSLv3_method) ||
!TestDefaultVersion(TLS1_VERSION, &TLSv1_method) ||