File 3800-Verify-that-it-works-to-send-before-receiv... of Package erlang

Overview Repositories Revisions Requests Users Attributes Meta

File 3800-Verify-that-it-works-to-send-before-receiver-activat.patch of Package erlang

From afe082810cdbffad48b186ede6c0b3ea9a68c1f8 Mon Sep 17 00:00:00 2001
From: Raimo Niskanen <raimo@erlang.org>
Date: Fri, 23 Sep 2022 16:36:13 +0200
Subject: [PATCH 10/11] Verify that it works to send before receiver activates
 decryption

Also, bug hunting by adding a 10 ms delay after activating
client KTLS before sending first KTLS data.  The first message
otherwise gets lost on PowerPC, it seems...
---
 lib/ssl/test/ssl_dist_SUITE.erl | 48 ++++++++++++++++++++++-----------
 1 file changed, 32 insertions(+), 16 deletions(-)

diff --git a/lib/ssl/test/ssl_dist_SUITE.erl b/lib/ssl/test/ssl_dist_SUITE.erl
index b3a86990d5..eee08ab85d 100644
--- a/lib/ssl/test/ssl_dist_SUITE.erl
+++ b/lib/ssl/test/ssl_dist_SUITE.erl
@@ -222,14 +222,9 @@ ktls_encrypt_decrypt(Client, Server, Test) ->
                 throw({Done, skip, {os,OS}})
         end,
         %%
+        %% Test and verify setup of Client TX encryption
+        %%
         SOL_TCP = 6, TCP_ULP = 31,
-        _ = inet:setopts(Server, [{raw, SOL_TCP, TCP_ULP, <<"tls">>}]),
-        (GetULP =
-             inet:getopts(Server, [{raw, SOL_TCP, TCP_ULP, 4}]))
-            =:= {ok, [{raw, SOL_TCP, TCP_ULP, <<"tls",0>>}]}
-            orelse
-            throw({Done, skip, {get_ulp, GetULP}}),
-        ok = inet:setopts(Client, [{raw, SOL_TCP, TCP_ULP, <<"tls">>}]),
         TLS_VER    = ((3 bsl 8) bor 4),
         TLS_CIPHER = 52,
         TLS_SALT   = <<1,1,1,1>>,
@@ -242,12 +237,24 @@ ktls_encrypt_decrypt(Client, Server, Test) ->
               TLS_IV/binary, TLS_KEY/binary, TLS_SALT/binary,
               0:64/native>>,
         SOL_TLS = 282, TLS_TX = 1, TLS_RX = 2,
+        %%
+        inet:setopts(Client, [{raw, SOL_TCP, TCP_ULP, <<"tls">>}])
+            =:= ok
+            orelse
+            throw({Done, skip, set_ulp}),
+        (GetULP =
+             inet:getopts(Client, [{raw, SOL_TCP, TCP_ULP, 4}]))
+            =:= {ok, [{raw, SOL_TCP, TCP_ULP, <<"tls",0>>}]}
+            orelse
+            throw({Done, skip, {get_ulp, GetULP}}),
+        %%
         RawOptTX = {raw, SOL_TLS, TLS_TX, TLS_crypto_info},
-        (SetoptsResult = inet:setopts(Server, [RawOptTX])) =:= ok
+        RawOptRX = {raw, SOL_TLS, TLS_RX, TLS_crypto_info},
+        (SetoptsResult = inet:setopts(Client, [RawOptTX])) =:= ok
             orelse throw({Done, skip, {setopts_error,SetoptsResult}}),
         (GetCryptoInfo =
              inet:getopts(
-               Server,
+               Client,
                [{raw, SOL_TLS, TLS_TX, byte_size(TLS_crypto_info)}]))
             =:= {ok, [RawOptTX]}
             orelse throw({Done, skip, {get_crypto_info,GetCryptoInfo}}),
@@ -258,21 +265,30 @@ ktls_encrypt_decrypt(Client, Server, Test) ->
         %%
         %%
         %%
+        %% Test to transfer encrypted data,
+        %% and also to not activate RX encryption and transfer data.
+        %%
         Data = "The quick brown fox jumps over a lazy dog 0123456789",
-        %% Send from Server when Client has no decryption parameters
+        %% Send encrypted from Client before Server has activated decryption
+        ok = gen_tcp:send(Client, Data),
+        receive after 500 -> ok end, % Give time for data to arrive
+        %%
+        %% Activate Server TX encryption
+        ok = inet:setopts(Server, [{raw, SOL_TCP, TCP_ULP, <<"tls">>}]),
+        ok = inet:setopts(Server, [RawOptTX]),
+        %% Send encrypted from Server
         ok = gen_tcp:send(Server, Data),
+        %% Receive encrypted data without decryption
         case gen_tcp:recv(Client, 0, 1000) of
             {ok, Data} ->
                 ct:fail(recv_cleartext_data);
-            {ok, _RandomData} ->
+            {ok, RandomData} when length(Data) < length(RandomData) ->
+                %% A TLS block should be longer than Data
                 ok
         end,
-        %% Configure Client -> Server
-        RawOptRX = {raw, SOL_TLS, TLS_RX, TLS_crypto_info},
-        ok = inet:setopts(Client, [RawOptTX]),
+        %% Finally, activate Server decryption
         ok = inet:setopts(Server, [RawOptRX]),
-        %% Send encrypted Client -> Server
-        ok = gen_tcp:send(Client, Data),
+        %% Receive and decrypt the data that was first sent
         {ok, Data} = gen_tcp:recv(Server, 0, 1000),
         ok
     catch
-- 
2.35.3

Places

File 3800-Verify-that-it-works-to-send-before-receiver-activat.patch of Package erlang

Places