github.com/FISCO-BCOS/crypto@v0.0.0-20200202032121-bd8ab0b5d4f1/tls/tls_test.go (about) 1 // Copyright 2012 The Go Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style 3 // license that can be found in the LICENSE file. 4 5 package tls 6 7 import ( 8 "bytes" 9 "github.com/FISCO-BCOS/crypto/x509" 10 "encoding/json" 11 "errors" 12 "fmt" 13 "github.com/FISCO-BCOS/crypto/internal/testenv" 14 "io" 15 "io/ioutil" 16 "math" 17 "net" 18 "os" 19 "reflect" 20 "strings" 21 "sync" 22 "testing" 23 "time" 24 ) 25 26 var rsaCertPEM = `-----BEGIN CERTIFICATE----- 27 MIIB0zCCAX2gAwIBAgIJAI/M7BYjwB+uMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV 28 BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX 29 aWRnaXRzIFB0eSBMdGQwHhcNMTIwOTEyMjE1MjAyWhcNMTUwOTEyMjE1MjAyWjBF 30 MQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50 31 ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANLJ 32 hPHhITqQbPklG3ibCVxwGMRfp/v4XqhfdQHdcVfHap6NQ5Wok/4xIA+ui35/MmNa 33 rtNuC+BdZ1tMuVCPFZcCAwEAAaNQME4wHQYDVR0OBBYEFJvKs8RfJaXTH08W+SGv 34 zQyKn0H8MB8GA1UdIwQYMBaAFJvKs8RfJaXTH08W+SGvzQyKn0H8MAwGA1UdEwQF 35 MAMBAf8wDQYJKoZIhvcNAQEFBQADQQBJlffJHybjDGxRMqaRmDhX0+6v02TUKZsW 36 r5QuVbpQhH6u+0UgcW0jp9QwpxoPTLTWGXEWBBBurxFwiCBhkQ+V 37 -----END CERTIFICATE----- 38 ` 39 40 var rsaKeyPEM = testingKey(`-----BEGIN RSA TESTING KEY----- 41 MIIBOwIBAAJBANLJhPHhITqQbPklG3ibCVxwGMRfp/v4XqhfdQHdcVfHap6NQ5Wo 42 k/4xIA+ui35/MmNartNuC+BdZ1tMuVCPFZcCAwEAAQJAEJ2N+zsR0Xn8/Q6twa4G 43 6OB1M1WO+k+ztnX/1SvNeWu8D6GImtupLTYgjZcHufykj09jiHmjHx8u8ZZB/o1N 44 MQIhAPW+eyZo7ay3lMz1V01WVjNKK9QSn1MJlb06h/LuYv9FAiEA25WPedKgVyCW 45 SmUwbPw8fnTcpqDWE3yTO3vKcebqMSsCIBF3UmVue8YU3jybC3NxuXq3wNm34R8T 46 xVLHwDXh/6NJAiEAl2oHGGLz64BuAfjKrqwz7qMYr9HCLIe/YsoWq/olzScCIQDi 47 D2lWusoe2/nEqfDVVWGWlyJ7yOmqaVm/iNUN9B2N2g== 48 -----END RSA TESTING KEY----- 49 `) 50 51 // keyPEM is the same as rsaKeyPEM, but declares itself as just 52 // "PRIVATE KEY", not "RSA PRIVATE KEY". https://golang.org/issue/4477 53 var keyPEM = testingKey(`-----BEGIN TESTING KEY----- 54 MIIBOwIBAAJBANLJhPHhITqQbPklG3ibCVxwGMRfp/v4XqhfdQHdcVfHap6NQ5Wo 55 k/4xIA+ui35/MmNartNuC+BdZ1tMuVCPFZcCAwEAAQJAEJ2N+zsR0Xn8/Q6twa4G 56 6OB1M1WO+k+ztnX/1SvNeWu8D6GImtupLTYgjZcHufykj09jiHmjHx8u8ZZB/o1N 57 MQIhAPW+eyZo7ay3lMz1V01WVjNKK9QSn1MJlb06h/LuYv9FAiEA25WPedKgVyCW 58 SmUwbPw8fnTcpqDWE3yTO3vKcebqMSsCIBF3UmVue8YU3jybC3NxuXq3wNm34R8T 59 xVLHwDXh/6NJAiEAl2oHGGLz64BuAfjKrqwz7qMYr9HCLIe/YsoWq/olzScCIQDi 60 D2lWusoe2/nEqfDVVWGWlyJ7yOmqaVm/iNUN9B2N2g== 61 -----END TESTING KEY----- 62 `) 63 64 var ecdsaCertPEM = `-----BEGIN CERTIFICATE----- 65 MIIB/jCCAWICCQDscdUxw16XFDAJBgcqhkjOPQQBMEUxCzAJBgNVBAYTAkFVMRMw 66 EQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0 67 eSBMdGQwHhcNMTIxMTE0MTI0MDQ4WhcNMTUxMTE0MTI0MDQ4WjBFMQswCQYDVQQG 68 EwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lk 69 Z2l0cyBQdHkgTHRkMIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBY9+my9OoeSUR 70 lDQdV/x8LsOuLilthhiS1Tz4aGDHIPwC1mlvnf7fg5lecYpMCrLLhauAc1UJXcgl 71 01xoLuzgtAEAgv2P/jgytzRSpUYvgLBt1UA0leLYBy6mQQbrNEuqT3INapKIcUv8 72 XxYP0xMEUksLPq6Ca+CRSqTtrd/23uTnapkwCQYHKoZIzj0EAQOBigAwgYYCQXJo 73 A7Sl2nLVf+4Iu/tAX/IF4MavARKC4PPHK3zfuGfPR3oCCcsAoz3kAzOeijvd0iXb 74 H5jBImIxPL4WxQNiBTexAkF8D1EtpYuWdlVQ80/h/f4pBcGiXPqX5h2PQSQY7hP1 75 +jwM1FGS4fREIOvlBYr/SzzQRtwrvrzGYxDEDbsC0ZGRnA== 76 -----END CERTIFICATE----- 77 ` 78 79 var ecdsaKeyPEM = testingKey(`-----BEGIN EC PARAMETERS----- 80 BgUrgQQAIw== 81 -----END EC PARAMETERS----- 82 -----BEGIN EC TESTING KEY----- 83 MIHcAgEBBEIBrsoKp0oqcv6/JovJJDoDVSGWdirrkgCWxrprGlzB9o0X8fV675X0 84 NwuBenXFfeZvVcwluO7/Q9wkYoPd/t3jGImgBwYFK4EEACOhgYkDgYYABAFj36bL 85 06h5JRGUNB1X/Hwuw64uKW2GGJLVPPhoYMcg/ALWaW+d/t+DmV5xikwKssuFq4Bz 86 VQldyCXTXGgu7OC0AQCC/Y/+ODK3NFKlRi+AsG3VQDSV4tgHLqZBBus0S6pPcg1q 87 kohxS/xfFg/TEwRSSws+roJr4JFKpO2t3/be5OdqmQ== 88 -----END EC TESTING KEY----- 89 `) 90 91 var keyPairTests = []struct { 92 algo string 93 cert string 94 key string 95 }{ 96 {"ECDSA", ecdsaCertPEM, ecdsaKeyPEM}, 97 {"RSA", rsaCertPEM, rsaKeyPEM}, 98 {"RSA-untyped", rsaCertPEM, keyPEM}, // golang.org/issue/4477 99 } 100 101 func TestX509KeyPair(t *testing.T) { 102 t.Parallel() 103 var pem []byte 104 for _, test := range keyPairTests { 105 pem = []byte(test.cert + test.key) 106 if _, err := X509KeyPair(pem, pem); err != nil { 107 t.Errorf("Failed to load %s cert followed by %s key: %s", test.algo, test.algo, err) 108 } 109 pem = []byte(test.key + test.cert) 110 if _, err := X509KeyPair(pem, pem); err != nil { 111 t.Errorf("Failed to load %s key followed by %s cert: %s", test.algo, test.algo, err) 112 } 113 } 114 } 115 116 func TestX509KeyPairErrors(t *testing.T) { 117 _, err := X509KeyPair([]byte(rsaKeyPEM), []byte(rsaCertPEM)) 118 if err == nil { 119 t.Fatalf("X509KeyPair didn't return an error when arguments were switched") 120 } 121 if subStr := "been switched"; !strings.Contains(err.Error(), subStr) { 122 t.Fatalf("Expected %q in the error when switching arguments to X509KeyPair, but the error was %q", subStr, err) 123 } 124 125 _, err = X509KeyPair([]byte(rsaCertPEM), []byte(rsaCertPEM)) 126 if err == nil { 127 t.Fatalf("X509KeyPair didn't return an error when both arguments were certificates") 128 } 129 if subStr := "certificate"; !strings.Contains(err.Error(), subStr) { 130 t.Fatalf("Expected %q in the error when both arguments to X509KeyPair were certificates, but the error was %q", subStr, err) 131 } 132 133 const nonsensePEM = ` 134 -----BEGIN NONSENSE----- 135 Zm9vZm9vZm9v 136 -----END NONSENSE----- 137 ` 138 139 _, err = X509KeyPair([]byte(nonsensePEM), []byte(nonsensePEM)) 140 if err == nil { 141 t.Fatalf("X509KeyPair didn't return an error when both arguments were nonsense") 142 } 143 if subStr := "NONSENSE"; !strings.Contains(err.Error(), subStr) { 144 t.Fatalf("Expected %q in the error when both arguments to X509KeyPair were nonsense, but the error was %q", subStr, err) 145 } 146 } 147 148 func TestX509MixedKeyPair(t *testing.T) { 149 if _, err := X509KeyPair([]byte(rsaCertPEM), []byte(ecdsaKeyPEM)); err == nil { 150 t.Error("Load of RSA certificate succeeded with ECDSA private key") 151 } 152 if _, err := X509KeyPair([]byte(ecdsaCertPEM), []byte(rsaKeyPEM)); err == nil { 153 t.Error("Load of ECDSA certificate succeeded with RSA private key") 154 } 155 } 156 157 func newLocalListener(t testing.TB) net.Listener { 158 ln, err := net.Listen("tcp", "127.0.0.1:0") 159 if err != nil { 160 ln, err = net.Listen("tcp6", "[::1]:0") 161 } 162 if err != nil { 163 t.Fatal(err) 164 } 165 return ln 166 } 167 168 func TestDialTimeout(t *testing.T) { 169 if testing.Short() { 170 t.Skip("skipping in short mode") 171 } 172 listener := newLocalListener(t) 173 174 addr := listener.Addr().String() 175 defer listener.Close() 176 177 complete := make(chan bool) 178 defer close(complete) 179 180 go func() { 181 conn, err := listener.Accept() 182 if err != nil { 183 t.Error(err) 184 return 185 } 186 <-complete 187 conn.Close() 188 }() 189 190 dialer := &net.Dialer{ 191 Timeout: 10 * time.Millisecond, 192 } 193 194 var err error 195 if _, err = DialWithDialer(dialer, "tcp", addr, nil); err == nil { 196 t.Fatal("DialWithTimeout completed successfully") 197 } 198 199 if !isTimeoutError(err) { 200 t.Errorf("resulting error not a timeout: %v\nType %T: %#v", err, err, err) 201 } 202 } 203 204 func isTimeoutError(err error) bool { 205 if ne, ok := err.(net.Error); ok { 206 return ne.Timeout() 207 } 208 return false 209 } 210 211 // tests that Conn.Read returns (non-zero, io.EOF) instead of 212 // (non-zero, nil) when a Close (alertCloseNotify) is sitting right 213 // behind the application data in the buffer. 214 func TestConnReadNonzeroAndEOF(t *testing.T) { 215 // This test is racy: it assumes that after a write to a 216 // localhost TCP connection, the peer TCP connection can 217 // immediately read it. Because it's racy, we skip this test 218 // in short mode, and then retry it several times with an 219 // increasing sleep in between our final write (via srv.Close 220 // below) and the following read. 221 if testing.Short() { 222 t.Skip("skipping in short mode") 223 } 224 var err error 225 for delay := time.Millisecond; delay <= 64*time.Millisecond; delay *= 2 { 226 if err = testConnReadNonzeroAndEOF(t, delay); err == nil { 227 return 228 } 229 } 230 t.Error(err) 231 } 232 233 func testConnReadNonzeroAndEOF(t *testing.T, delay time.Duration) error { 234 ln := newLocalListener(t) 235 defer ln.Close() 236 237 srvCh := make(chan *Conn, 1) 238 var serr error 239 go func() { 240 sconn, err := ln.Accept() 241 if err != nil { 242 serr = err 243 srvCh <- nil 244 return 245 } 246 serverConfig := testConfig.Clone() 247 srv := Server(sconn, serverConfig) 248 if err := srv.Handshake(); err != nil { 249 serr = fmt.Errorf("handshake: %v", err) 250 srvCh <- nil 251 return 252 } 253 srvCh <- srv 254 }() 255 256 clientConfig := testConfig.Clone() 257 // In TLS 1.3, alerts are encrypted and disguised as application data, so 258 // the opportunistic peek won't work. 259 clientConfig.MaxVersion = VersionTLS12 260 conn, err := Dial("tcp", ln.Addr().String(), clientConfig) 261 if err != nil { 262 t.Fatal(err) 263 } 264 defer conn.Close() 265 266 srv := <-srvCh 267 if srv == nil { 268 return serr 269 } 270 271 buf := make([]byte, 6) 272 273 srv.Write([]byte("foobar")) 274 n, err := conn.Read(buf) 275 if n != 6 || err != nil || string(buf) != "foobar" { 276 return fmt.Errorf("Read = %d, %v, data %q; want 6, nil, foobar", n, err, buf) 277 } 278 279 srv.Write([]byte("abcdef")) 280 srv.Close() 281 time.Sleep(delay) 282 n, err = conn.Read(buf) 283 if n != 6 || string(buf) != "abcdef" { 284 return fmt.Errorf("Read = %d, buf= %q; want 6, abcdef", n, buf) 285 } 286 if err != io.EOF { 287 return fmt.Errorf("Second Read error = %v; want io.EOF", err) 288 } 289 return nil 290 } 291 292 func TestTLSUniqueMatches(t *testing.T) { 293 ln := newLocalListener(t) 294 defer ln.Close() 295 296 serverTLSUniques := make(chan []byte) 297 go func() { 298 for i := 0; i < 2; i++ { 299 sconn, err := ln.Accept() 300 if err != nil { 301 t.Error(err) 302 return 303 } 304 serverConfig := testConfig.Clone() 305 serverConfig.MaxVersion = VersionTLS12 // TLSUnique is not defined in TLS 1.3 306 srv := Server(sconn, serverConfig) 307 if err := srv.Handshake(); err != nil { 308 t.Error(err) 309 return 310 } 311 serverTLSUniques <- srv.ConnectionState().TLSUnique 312 } 313 }() 314 315 clientConfig := testConfig.Clone() 316 clientConfig.ClientSessionCache = NewLRUClientSessionCache(1) 317 conn, err := Dial("tcp", ln.Addr().String(), clientConfig) 318 if err != nil { 319 t.Fatal(err) 320 } 321 if !bytes.Equal(conn.ConnectionState().TLSUnique, <-serverTLSUniques) { 322 t.Error("client and server channel bindings differ") 323 } 324 conn.Close() 325 326 conn, err = Dial("tcp", ln.Addr().String(), clientConfig) 327 if err != nil { 328 t.Fatal(err) 329 } 330 defer conn.Close() 331 if !conn.ConnectionState().DidResume { 332 t.Error("second session did not use resumption") 333 } 334 if !bytes.Equal(conn.ConnectionState().TLSUnique, <-serverTLSUniques) { 335 t.Error("client and server channel bindings differ when session resumption is used") 336 } 337 } 338 339 func TestVerifyHostname(t *testing.T) { 340 testenv.MustHaveExternalNetwork(t) 341 342 c, err := Dial("tcp", "www.google.com:https", nil) 343 if err != nil { 344 t.Fatal(err) 345 } 346 if err := c.VerifyHostname("www.google.com"); err != nil { 347 t.Fatalf("verify www.google.com: %v", err) 348 } 349 if err := c.VerifyHostname("www.yahoo.com"); err == nil { 350 t.Fatalf("verify www.yahoo.com succeeded") 351 } 352 353 c, err = Dial("tcp", "www.google.com:https", &Config{InsecureSkipVerify: true}) 354 if err != nil { 355 t.Fatal(err) 356 } 357 if err := c.VerifyHostname("www.google.com"); err == nil { 358 t.Fatalf("verify www.google.com succeeded with InsecureSkipVerify=true") 359 } 360 } 361 362 func TestConnCloseBreakingWrite(t *testing.T) { 363 ln := newLocalListener(t) 364 defer ln.Close() 365 366 srvCh := make(chan *Conn, 1) 367 var serr error 368 var sconn net.Conn 369 go func() { 370 var err error 371 sconn, err = ln.Accept() 372 if err != nil { 373 serr = err 374 srvCh <- nil 375 return 376 } 377 serverConfig := testConfig.Clone() 378 srv := Server(sconn, serverConfig) 379 if err := srv.Handshake(); err != nil { 380 serr = fmt.Errorf("handshake: %v", err) 381 srvCh <- nil 382 return 383 } 384 srvCh <- srv 385 }() 386 387 cconn, err := net.Dial("tcp", ln.Addr().String()) 388 if err != nil { 389 t.Fatal(err) 390 } 391 defer cconn.Close() 392 393 conn := &changeImplConn{ 394 Conn: cconn, 395 } 396 397 clientConfig := testConfig.Clone() 398 tconn := Client(conn, clientConfig) 399 if err := tconn.Handshake(); err != nil { 400 t.Fatal(err) 401 } 402 403 srv := <-srvCh 404 if srv == nil { 405 t.Fatal(serr) 406 } 407 defer sconn.Close() 408 409 connClosed := make(chan struct{}) 410 conn.closeFunc = func() error { 411 close(connClosed) 412 return nil 413 } 414 415 inWrite := make(chan bool, 1) 416 var errConnClosed = errors.New("conn closed for test") 417 conn.writeFunc = func(p []byte) (n int, err error) { 418 inWrite <- true 419 <-connClosed 420 return 0, errConnClosed 421 } 422 423 closeReturned := make(chan bool, 1) 424 go func() { 425 <-inWrite 426 tconn.Close() // test that this doesn't block forever. 427 closeReturned <- true 428 }() 429 430 _, err = tconn.Write([]byte("foo")) 431 if err != errConnClosed { 432 t.Errorf("Write error = %v; want errConnClosed", err) 433 } 434 435 <-closeReturned 436 if err := tconn.Close(); err != errClosed { 437 t.Errorf("Close error = %v; want errClosed", err) 438 } 439 } 440 441 func TestConnCloseWrite(t *testing.T) { 442 ln := newLocalListener(t) 443 defer ln.Close() 444 445 clientDoneChan := make(chan struct{}) 446 447 serverCloseWrite := func() error { 448 sconn, err := ln.Accept() 449 if err != nil { 450 return fmt.Errorf("accept: %v", err) 451 } 452 defer sconn.Close() 453 454 serverConfig := testConfig.Clone() 455 srv := Server(sconn, serverConfig) 456 if err := srv.Handshake(); err != nil { 457 return fmt.Errorf("handshake: %v", err) 458 } 459 defer srv.Close() 460 461 data, err := ioutil.ReadAll(srv) 462 if err != nil { 463 return err 464 } 465 if len(data) > 0 { 466 return fmt.Errorf("Read data = %q; want nothing", data) 467 } 468 469 if err := srv.CloseWrite(); err != nil { 470 return fmt.Errorf("server CloseWrite: %v", err) 471 } 472 473 // Wait for clientCloseWrite to finish, so we know we 474 // tested the CloseWrite before we defer the 475 // sconn.Close above, which would also cause the 476 // client to unblock like CloseWrite. 477 <-clientDoneChan 478 return nil 479 } 480 481 clientCloseWrite := func() error { 482 defer close(clientDoneChan) 483 484 clientConfig := testConfig.Clone() 485 conn, err := Dial("tcp", ln.Addr().String(), clientConfig) 486 if err != nil { 487 return err 488 } 489 if err := conn.Handshake(); err != nil { 490 return err 491 } 492 defer conn.Close() 493 494 if err := conn.CloseWrite(); err != nil { 495 return fmt.Errorf("client CloseWrite: %v", err) 496 } 497 498 if _, err := conn.Write([]byte{0}); err != errShutdown { 499 return fmt.Errorf("CloseWrite error = %v; want errShutdown", err) 500 } 501 502 data, err := ioutil.ReadAll(conn) 503 if err != nil { 504 return err 505 } 506 if len(data) > 0 { 507 return fmt.Errorf("Read data = %q; want nothing", data) 508 } 509 return nil 510 } 511 512 errChan := make(chan error, 2) 513 514 go func() { errChan <- serverCloseWrite() }() 515 go func() { errChan <- clientCloseWrite() }() 516 517 for i := 0; i < 2; i++ { 518 select { 519 case err := <-errChan: 520 if err != nil { 521 t.Fatal(err) 522 } 523 case <-time.After(10 * time.Second): 524 t.Fatal("deadlock") 525 } 526 } 527 528 // Also test CloseWrite being called before the handshake is 529 // finished: 530 { 531 ln2 := newLocalListener(t) 532 defer ln2.Close() 533 534 netConn, err := net.Dial("tcp", ln2.Addr().String()) 535 if err != nil { 536 t.Fatal(err) 537 } 538 defer netConn.Close() 539 conn := Client(netConn, testConfig.Clone()) 540 541 if err := conn.CloseWrite(); err != errEarlyCloseWrite { 542 t.Errorf("CloseWrite error = %v; want errEarlyCloseWrite", err) 543 } 544 } 545 } 546 547 func TestWarningAlertFlood(t *testing.T) { 548 ln := newLocalListener(t) 549 defer ln.Close() 550 551 server := func() error { 552 sconn, err := ln.Accept() 553 if err != nil { 554 return fmt.Errorf("accept: %v", err) 555 } 556 defer sconn.Close() 557 558 serverConfig := testConfig.Clone() 559 srv := Server(sconn, serverConfig) 560 if err := srv.Handshake(); err != nil { 561 return fmt.Errorf("handshake: %v", err) 562 } 563 defer srv.Close() 564 565 _, err = ioutil.ReadAll(srv) 566 if err == nil { 567 return errors.New("unexpected lack of error from server") 568 } 569 const expected = "too many ignored" 570 if str := err.Error(); !strings.Contains(str, expected) { 571 return fmt.Errorf("expected error containing %q, but saw: %s", expected, str) 572 } 573 574 return nil 575 } 576 577 errChan := make(chan error, 1) 578 go func() { errChan <- server() }() 579 580 clientConfig := testConfig.Clone() 581 clientConfig.MaxVersion = VersionTLS12 // there are no warning alerts in TLS 1.3 582 conn, err := Dial("tcp", ln.Addr().String(), clientConfig) 583 if err != nil { 584 t.Fatal(err) 585 } 586 defer conn.Close() 587 if err := conn.Handshake(); err != nil { 588 t.Fatal(err) 589 } 590 591 for i := 0; i < maxUselessRecords+1; i++ { 592 conn.sendAlert(alertNoRenegotiation) 593 } 594 595 if err := <-errChan; err != nil { 596 t.Fatal(err) 597 } 598 } 599 600 func TestCloneFuncFields(t *testing.T) { 601 const expectedCount = 5 602 called := 0 603 604 c1 := Config{ 605 Time: func() time.Time { 606 called |= 1 << 0 607 return time.Time{} 608 }, 609 GetCertificate: func(*ClientHelloInfo) (*Certificate, error) { 610 called |= 1 << 1 611 return nil, nil 612 }, 613 GetClientCertificate: func(*CertificateRequestInfo) (*Certificate, error) { 614 called |= 1 << 2 615 return nil, nil 616 }, 617 GetConfigForClient: func(*ClientHelloInfo) (*Config, error) { 618 called |= 1 << 3 619 return nil, nil 620 }, 621 VerifyPeerCertificate: func(rawCerts [][]byte, verifiedChains [][]*x509.Certificate) error { 622 called |= 1 << 4 623 return nil 624 }, 625 } 626 627 c2 := c1.Clone() 628 629 c2.Time() 630 c2.GetCertificate(nil) 631 c2.GetClientCertificate(nil) 632 c2.GetConfigForClient(nil) 633 c2.VerifyPeerCertificate(nil, nil) 634 635 if called != (1<<expectedCount)-1 { 636 t.Fatalf("expected %d calls but saw calls %b", expectedCount, called) 637 } 638 } 639 640 func TestCloneNonFuncFields(t *testing.T) { 641 var c1 Config 642 v := reflect.ValueOf(&c1).Elem() 643 644 typ := v.Type() 645 for i := 0; i < typ.NumField(); i++ { 646 f := v.Field(i) 647 if !f.CanSet() { 648 // unexported field; not cloned. 649 continue 650 } 651 652 // testing/quick can't handle functions or interfaces and so 653 // isn't used here. 654 switch fn := typ.Field(i).Name; fn { 655 case "Rand": 656 f.Set(reflect.ValueOf(io.Reader(os.Stdin))) 657 case "Time", "GetCertificate", "GetConfigForClient", "VerifyPeerCertificate", "GetClientCertificate": 658 // DeepEqual can't compare functions. If you add a 659 // function field to this list, you must also change 660 // TestCloneFuncFields to ensure that the func field is 661 // cloned. 662 case "Certificates": 663 f.Set(reflect.ValueOf([]Certificate{ 664 {Certificate: [][]byte{{'b'}}}, 665 })) 666 case "NameToCertificate": 667 f.Set(reflect.ValueOf(map[string]*Certificate{"a": nil})) 668 case "RootCAs", "ClientCAs": 669 f.Set(reflect.ValueOf(x509.NewCertPool())) 670 case "ClientSessionCache": 671 f.Set(reflect.ValueOf(NewLRUClientSessionCache(10))) 672 case "KeyLogWriter": 673 f.Set(reflect.ValueOf(io.Writer(os.Stdout))) 674 case "NextProtos": 675 f.Set(reflect.ValueOf([]string{"a", "b"})) 676 case "ServerName": 677 f.Set(reflect.ValueOf("b")) 678 case "ClientAuth": 679 f.Set(reflect.ValueOf(VerifyClientCertIfGiven)) 680 case "InsecureSkipVerify", "SessionTicketsDisabled", "DynamicRecordSizingDisabled", "PreferServerCipherSuites": 681 f.Set(reflect.ValueOf(true)) 682 case "MinVersion", "MaxVersion": 683 f.Set(reflect.ValueOf(uint16(VersionTLS12))) 684 case "SessionTicketKey": 685 f.Set(reflect.ValueOf([32]byte{})) 686 case "CipherSuites": 687 f.Set(reflect.ValueOf([]uint16{1, 2})) 688 case "CurvePreferences": 689 f.Set(reflect.ValueOf([]CurveID{CurveP256})) 690 case "Renegotiation": 691 f.Set(reflect.ValueOf(RenegotiateOnceAsClient)) 692 default: 693 t.Errorf("all fields must be accounted for, but saw unknown field %q", fn) 694 } 695 } 696 697 c2 := c1.Clone() 698 // DeepEqual also compares unexported fields, thus c2 needs to have run 699 // serverInit in order to be DeepEqual to c1. Cloning it and discarding 700 // the result is sufficient. 701 c2.Clone() 702 703 if !reflect.DeepEqual(&c1, c2) { 704 t.Errorf("clone failed to copy a field") 705 } 706 } 707 708 // changeImplConn is a net.Conn which can change its Write and Close 709 // methods. 710 type changeImplConn struct { 711 net.Conn 712 writeFunc func([]byte) (int, error) 713 closeFunc func() error 714 } 715 716 func (w *changeImplConn) Write(p []byte) (n int, err error) { 717 if w.writeFunc != nil { 718 return w.writeFunc(p) 719 } 720 return w.Conn.Write(p) 721 } 722 723 func (w *changeImplConn) Close() error { 724 if w.closeFunc != nil { 725 return w.closeFunc() 726 } 727 return w.Conn.Close() 728 } 729 730 func throughput(b *testing.B, version uint16, totalBytes int64, dynamicRecordSizingDisabled bool) { 731 ln := newLocalListener(b) 732 defer ln.Close() 733 734 N := b.N 735 736 // Less than 64KB because Windows appears to use a TCP rwin < 64KB. 737 // See Issue #15899. 738 const bufsize = 32 << 10 739 740 go func() { 741 buf := make([]byte, bufsize) 742 for i := 0; i < N; i++ { 743 sconn, err := ln.Accept() 744 if err != nil { 745 // panic rather than synchronize to avoid benchmark overhead 746 // (cannot call b.Fatal in goroutine) 747 panic(fmt.Errorf("accept: %v", err)) 748 } 749 serverConfig := testConfig.Clone() 750 serverConfig.CipherSuites = nil // the defaults may prefer faster ciphers 751 serverConfig.DynamicRecordSizingDisabled = dynamicRecordSizingDisabled 752 srv := Server(sconn, serverConfig) 753 if err := srv.Handshake(); err != nil { 754 panic(fmt.Errorf("handshake: %v", err)) 755 } 756 if _, err := io.CopyBuffer(srv, srv, buf); err != nil { 757 panic(fmt.Errorf("copy buffer: %v", err)) 758 } 759 } 760 }() 761 762 b.SetBytes(totalBytes) 763 clientConfig := testConfig.Clone() 764 clientConfig.CipherSuites = nil // the defaults may prefer faster ciphers 765 clientConfig.DynamicRecordSizingDisabled = dynamicRecordSizingDisabled 766 clientConfig.MaxVersion = version 767 768 buf := make([]byte, bufsize) 769 chunks := int(math.Ceil(float64(totalBytes) / float64(len(buf)))) 770 for i := 0; i < N; i++ { 771 conn, err := Dial("tcp", ln.Addr().String(), clientConfig) 772 if err != nil { 773 b.Fatal(err) 774 } 775 for j := 0; j < chunks; j++ { 776 _, err := conn.Write(buf) 777 if err != nil { 778 b.Fatal(err) 779 } 780 _, err = io.ReadFull(conn, buf) 781 if err != nil { 782 b.Fatal(err) 783 } 784 } 785 conn.Close() 786 } 787 } 788 789 func BenchmarkThroughput(b *testing.B) { 790 for _, mode := range []string{"Max", "Dynamic"} { 791 for size := 1; size <= 64; size <<= 1 { 792 name := fmt.Sprintf("%sPacket/%dMB", mode, size) 793 b.Run(name, func(b *testing.B) { 794 b.Run("TLSv12", func(b *testing.B) { 795 throughput(b, VersionTLS12, int64(size<<20), mode == "Max") 796 }) 797 b.Run("TLSv13", func(b *testing.B) { 798 throughput(b, VersionTLS13, int64(size<<20), mode == "Max") 799 }) 800 }) 801 } 802 } 803 } 804 805 type slowConn struct { 806 net.Conn 807 bps int 808 } 809 810 func (c *slowConn) Write(p []byte) (int, error) { 811 if c.bps == 0 { 812 panic("too slow") 813 } 814 t0 := time.Now() 815 wrote := 0 816 for wrote < len(p) { 817 time.Sleep(100 * time.Microsecond) 818 allowed := int(time.Since(t0).Seconds()*float64(c.bps)) / 8 819 if allowed > len(p) { 820 allowed = len(p) 821 } 822 if wrote < allowed { 823 n, err := c.Conn.Write(p[wrote:allowed]) 824 wrote += n 825 if err != nil { 826 return wrote, err 827 } 828 } 829 } 830 return len(p), nil 831 } 832 833 func latency(b *testing.B, version uint16, bps int, dynamicRecordSizingDisabled bool) { 834 ln := newLocalListener(b) 835 defer ln.Close() 836 837 N := b.N 838 839 go func() { 840 for i := 0; i < N; i++ { 841 sconn, err := ln.Accept() 842 if err != nil { 843 // panic rather than synchronize to avoid benchmark overhead 844 // (cannot call b.Fatal in goroutine) 845 panic(fmt.Errorf("accept: %v", err)) 846 } 847 serverConfig := testConfig.Clone() 848 serverConfig.DynamicRecordSizingDisabled = dynamicRecordSizingDisabled 849 srv := Server(&slowConn{sconn, bps}, serverConfig) 850 if err := srv.Handshake(); err != nil { 851 panic(fmt.Errorf("handshake: %v", err)) 852 } 853 io.Copy(srv, srv) 854 } 855 }() 856 857 clientConfig := testConfig.Clone() 858 clientConfig.DynamicRecordSizingDisabled = dynamicRecordSizingDisabled 859 clientConfig.MaxVersion = version 860 861 buf := make([]byte, 16384) 862 peek := make([]byte, 1) 863 864 for i := 0; i < N; i++ { 865 conn, err := Dial("tcp", ln.Addr().String(), clientConfig) 866 if err != nil { 867 b.Fatal(err) 868 } 869 // make sure we're connected and previous connection has stopped 870 if _, err := conn.Write(buf[:1]); err != nil { 871 b.Fatal(err) 872 } 873 if _, err := io.ReadFull(conn, peek); err != nil { 874 b.Fatal(err) 875 } 876 if _, err := conn.Write(buf); err != nil { 877 b.Fatal(err) 878 } 879 if _, err = io.ReadFull(conn, peek); err != nil { 880 b.Fatal(err) 881 } 882 conn.Close() 883 } 884 } 885 886 func BenchmarkLatency(b *testing.B) { 887 for _, mode := range []string{"Max", "Dynamic"} { 888 for _, kbps := range []int{200, 500, 1000, 2000, 5000} { 889 name := fmt.Sprintf("%sPacket/%dkbps", mode, kbps) 890 b.Run(name, func(b *testing.B) { 891 b.Run("TLSv12", func(b *testing.B) { 892 latency(b, VersionTLS12, kbps*1000, mode == "Max") 893 }) 894 b.Run("TLSv13", func(b *testing.B) { 895 latency(b, VersionTLS13, kbps*1000, mode == "Max") 896 }) 897 }) 898 } 899 } 900 } 901 902 func TestConnectionStateMarshal(t *testing.T) { 903 cs := &ConnectionState{} 904 _, err := json.Marshal(cs) 905 if err != nil { 906 t.Errorf("json.Marshal failed on ConnectionState: %v", err) 907 } 908 } 909 910 func TestConnectionState(t *testing.T) { 911 issuer, err := x509.ParseCertificate(testRSACertificateIssuer) 912 if err != nil { 913 panic(err) 914 } 915 rootCAs := x509.NewCertPool() 916 rootCAs.AddCert(issuer) 917 918 now := func() time.Time { return time.Unix(1476984729, 0) } 919 920 const alpnProtocol = "golang" 921 const serverName = "example.golang" 922 var scts = [][]byte{[]byte("dummy sct 1"), []byte("dummy sct 2")} 923 var ocsp = []byte("dummy ocsp") 924 925 for _, v := range []uint16{VersionTLS12, VersionTLS13} { 926 var name string 927 switch v { 928 case VersionTLS12: 929 name = "TLSv12" 930 case VersionTLS13: 931 name = "TLSv13" 932 } 933 t.Run(name, func(t *testing.T) { 934 config := &Config{ 935 Time: now, 936 Rand: zeroSource{}, 937 Certificates: make([]Certificate, 1), 938 MaxVersion: v, 939 RootCAs: rootCAs, 940 ClientCAs: rootCAs, 941 ClientAuth: RequireAndVerifyClientCert, 942 NextProtos: []string{alpnProtocol}, 943 ServerName: serverName, 944 } 945 config.Certificates[0].Certificate = [][]byte{testRSACertificate} 946 config.Certificates[0].PrivateKey = testRSAPrivateKey 947 config.Certificates[0].SignedCertificateTimestamps = scts 948 config.Certificates[0].OCSPStaple = ocsp 949 950 ss, cs, err := testHandshake(t, config, config) 951 if err != nil { 952 t.Fatalf("Handshake failed: %v", err) 953 } 954 955 if ss.Version != v || cs.Version != v { 956 t.Errorf("Got versions %x (server) and %x (client), expected %x", ss.Version, cs.Version, v) 957 } 958 959 if !ss.HandshakeComplete || !cs.HandshakeComplete { 960 t.Errorf("Got HandshakeComplete %v (server) and %v (client), expected true", ss.HandshakeComplete, cs.HandshakeComplete) 961 } 962 963 if ss.DidResume || cs.DidResume { 964 t.Errorf("Got DidResume %v (server) and %v (client), expected false", ss.DidResume, cs.DidResume) 965 } 966 967 if ss.CipherSuite == 0 || cs.CipherSuite == 0 { 968 t.Errorf("Got invalid cipher suite: %v (server) and %v (client)", ss.CipherSuite, cs.CipherSuite) 969 } 970 971 if ss.NegotiatedProtocol != alpnProtocol || cs.NegotiatedProtocol != alpnProtocol { 972 t.Errorf("Got negotiated protocol %q (server) and %q (client), expected %q", ss.NegotiatedProtocol, cs.NegotiatedProtocol, alpnProtocol) 973 } 974 975 if !cs.NegotiatedProtocolIsMutual { 976 t.Errorf("Got false NegotiatedProtocolIsMutual on the client side") 977 } 978 // NegotiatedProtocolIsMutual on the server side is unspecified. 979 980 if ss.ServerName != serverName { 981 t.Errorf("Got server name %q, expected %q", ss.ServerName, serverName) 982 } 983 if cs.ServerName != "" { 984 t.Errorf("Got unexpected server name on the client side") 985 } 986 987 if len(ss.PeerCertificates) != 1 || len(cs.PeerCertificates) != 1 { 988 t.Errorf("Got %d (server) and %d (client) peer certificates, expected %d", len(ss.PeerCertificates), len(cs.PeerCertificates), 1) 989 } 990 991 if len(ss.VerifiedChains) != 1 || len(cs.VerifiedChains) != 1 { 992 t.Errorf("Got %d (server) and %d (client) verified chains, expected %d", len(ss.VerifiedChains), len(cs.VerifiedChains), 1) 993 } else if len(ss.VerifiedChains[0]) != 2 || len(cs.VerifiedChains[0]) != 2 { 994 t.Errorf("Got %d (server) and %d (client) long verified chain, expected %d", len(ss.VerifiedChains[0]), len(cs.VerifiedChains[0]), 2) 995 } 996 997 if len(cs.SignedCertificateTimestamps) != 2 { 998 t.Errorf("Got %d SCTs, expected %d", len(cs.SignedCertificateTimestamps), 2) 999 } 1000 if !bytes.Equal(cs.OCSPResponse, ocsp) { 1001 t.Errorf("Got OCSPs %x, expected %x", cs.OCSPResponse, ocsp) 1002 } 1003 // Only TLS 1.3 supports OCSP and SCTs on client certs. 1004 if v == VersionTLS13 { 1005 if len(ss.SignedCertificateTimestamps) != 2 { 1006 t.Errorf("Got %d client SCTs, expected %d", len(ss.SignedCertificateTimestamps), 2) 1007 } 1008 if !bytes.Equal(ss.OCSPResponse, ocsp) { 1009 t.Errorf("Got client OCSPs %x, expected %x", ss.OCSPResponse, ocsp) 1010 } 1011 } 1012 1013 if v == VersionTLS13 { 1014 if ss.TLSUnique != nil || cs.TLSUnique != nil { 1015 t.Errorf("Got TLSUnique %x (server) and %x (client), expected nil in TLS 1.3", ss.TLSUnique, cs.TLSUnique) 1016 } 1017 } else { 1018 if ss.TLSUnique == nil || cs.TLSUnique == nil { 1019 t.Errorf("Got TLSUnique %x (server) and %x (client), expected non-nil", ss.TLSUnique, cs.TLSUnique) 1020 } 1021 } 1022 }) 1023 } 1024 } 1025 1026 // TestEscapeRoute tests that the library will still work if support for TLS 1.3 1027 // is dropped later in the Go 1.12 cycle. 1028 func TestEscapeRoute(t *testing.T) { 1029 defer func(savedSupportedVersions []uint16) { 1030 supportedVersions = savedSupportedVersions 1031 }(supportedVersions) 1032 supportedVersions = []uint16{ 1033 VersionTLS12, 1034 VersionTLS11, 1035 VersionTLS10, 1036 VersionSSL30, 1037 } 1038 1039 expectVersion(t, testConfig, testConfig, VersionTLS12) 1040 } 1041 1042 func expectVersion(t *testing.T, clientConfig, serverConfig *Config, v uint16) { 1043 ss, cs, err := testHandshake(t, clientConfig, serverConfig) 1044 if err != nil { 1045 t.Fatalf("Handshake failed: %v", err) 1046 } 1047 if ss.Version != v { 1048 t.Errorf("Server negotiated version %x, expected %x", cs.Version, v) 1049 } 1050 if cs.Version != v { 1051 t.Errorf("Client negotiated version %x, expected %x", cs.Version, v) 1052 } 1053 } 1054 1055 // TestTLS13Switch checks the behavior of GODEBUG=tls13=[0|1]. See Issue 30055. 1056 func TestTLS13Switch(t *testing.T) { 1057 defer func(savedGODEBUG string) { 1058 os.Setenv("GODEBUG", savedGODEBUG) 1059 }(os.Getenv("GODEBUG")) 1060 1061 os.Setenv("GODEBUG", "tls13=0") 1062 tls13Support.Once = sync.Once{} // reset the cache 1063 1064 tls12Config := testConfig.Clone() 1065 tls12Config.MaxVersion = VersionTLS12 1066 expectVersion(t, testConfig, testConfig, VersionTLS12) 1067 expectVersion(t, tls12Config, testConfig, VersionTLS12) 1068 expectVersion(t, testConfig, tls12Config, VersionTLS12) 1069 expectVersion(t, tls12Config, tls12Config, VersionTLS12) 1070 1071 os.Setenv("GODEBUG", "tls13=1") 1072 tls13Support.Once = sync.Once{} // reset the cache 1073 1074 expectVersion(t, testConfig, testConfig, VersionTLS13) 1075 expectVersion(t, tls12Config, testConfig, VersionTLS12) 1076 expectVersion(t, testConfig, tls12Config, VersionTLS12) 1077 expectVersion(t, tls12Config, tls12Config, VersionTLS12) 1078 } 1079 1080 // Issue 28744: Ensure that we don't modify memory 1081 // that Config doesn't own such as Certificates. 1082 func TestBuildNameToCertificate_doesntModifyCertificates(t *testing.T) { 1083 c0 := Certificate{ 1084 Certificate: [][]byte{testRSACertificate}, 1085 PrivateKey: testRSAPrivateKey, 1086 } 1087 c1 := Certificate{ 1088 Certificate: [][]byte{testSNICertificate}, 1089 PrivateKey: testRSAPrivateKey, 1090 } 1091 config := testConfig.Clone() 1092 config.Certificates = []Certificate{c0, c1} 1093 1094 config.BuildNameToCertificate() 1095 got := config.Certificates 1096 want := []Certificate{c0, c1} 1097 if !reflect.DeepEqual(got, want) { 1098 t.Fatalf("Certificates were mutated by BuildNameToCertificate\nGot: %#v\nWant: %#v\n", got, want) 1099 } 1100 } 1101 1102 func testingKey(s string) string { return strings.ReplaceAll(s, "TESTING KEY", "PRIVATE KEY") }