Ensure we feed all data to the SSLEngine during handshaking in our tests (#10373)

Motivation:

Due a bug in our test we may dropped data on the floor which are generated during handshaking (or slightly after). This could lead to corrupt state in the engine itself and so fail tests. This is especially true for TLS1.3 which generates the sessions on the server after the "actual handshake" is done.

Modifications:

Contine with wrap / unwrap until all data was consumed

Result:

Correctly feed all data to the engine during testing
This commit is contained in:
Norman Maurer 2020-06-25 14:55:35 +02:00 committed by GitHub
parent f3356c2989
commit bd577ef52f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -1483,6 +1483,9 @@ public abstract class SSLEngineTest {
boolean clientHandshakeFinished = false; boolean clientHandshakeFinished = false;
boolean serverHandshakeFinished = false; boolean serverHandshakeFinished = false;
boolean cTOsHasRemaining;
boolean sTOcHasRemaining;
do { do {
int cTOsPos = cTOs.position(); int cTOsPos = cTOs.position();
int sTOcPos = sTOc.position(); int sTOcPos = sTOc.position();
@ -1547,9 +1550,16 @@ public abstract class SSLEngineTest {
assertFalse(cTOs.hasRemaining()); assertFalse(cTOs.hasRemaining());
} }
cTOsHasRemaining = cTOs.hasRemaining();
sTOcHasRemaining = sTOc.hasRemaining();
sTOc.compact(); sTOc.compact();
cTOs.compact(); cTOs.compact();
} while (!clientHandshakeFinished || !serverHandshakeFinished); } while (!clientHandshakeFinished || !serverHandshakeFinished ||
// We need to ensure we feed all the data to the engine to not end up with a corrupted state.
// This is especially important with TLS1.3 which may produce sessions after the "main handshake" is
// done
cTOsHasRemaining || sTOcHasRemaining);
} }
private static boolean isHandshakeFinished(SSLEngineResult result) { private static boolean isHandshakeFinished(SSLEngineResult result) {