1 /*
2 * Copyright (c) 2009-2012 Niels Provos and Nick Mathewson
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 * 1. Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * 2. Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution.
12 * 3. The name of the author may not be used to endorse or promote products
13 * derived from this software without specific prior written permission.
14 *
15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
16 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
17 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
18 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
19 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
20 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
21 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
22 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
23 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
24 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
25 */
26
27 // Get rid of OSX 10.7 and greater deprecation warnings.
28 #if defined(__APPLE__) && defined(__clang__)
29 #pragma clang diagnostic ignored "-Wdeprecated-declarations"
30 #endif
31
32 #ifdef _WIN32
33 #include <winsock2.h>
34 #include <windows.h>
35 #endif
36
37 #include "util-internal.h"
38
39 #ifndef _WIN32
40 #include <sys/types.h>
41 #include <sys/socket.h>
42 #include <netinet/in.h>
43 #endif
44
45 #include "event2/util.h"
46 #include "event2/event.h"
47 #include "event2/bufferevent_ssl.h"
48 #include "event2/bufferevent_struct.h"
49 #include "event2/buffer.h"
50 #include "event2/listener.h"
51
52 #include "regress.h"
53 #include "tinytest.h"
54 #include "tinytest_macros.h"
55
56 #include <openssl/err.h>
57 #include <openssl/pem.h>
58 #include "openssl-compat.h"
59
60 #include <string.h>
61 #ifdef _WIN32
62 #include <io.h>
63 #define read _read
64 #define write _write
65 #else
66 #include <unistd.h>
67 #endif
68
69 /* A pre-generated key, to save the cost of doing an RSA key generation step
70 * during the unit tests. It is published in this file, so you would have to
71 * be very foolish to consider using it in your own code. */
72 static const char KEY[] =
73 "-----BEGIN RSA PRIVATE KEY-----\n"
74 "MIIEogIBAAKCAQEAtK07Ili0dkJb79m/sFmHoVJTWyLoveXex2yX/BtUzzcvZEOu\n"
75 "QLon/++5YOA48kzZm5K9mIwZkZhui1ZgJ5Bjq0LGAWTZGIn+NXjLFshPYvTKpOCW\n"
76 "uzL0Ir0LXMsBLYJQ5A4FomLNxs4I3H/dhDSGy/rSiJB1B4w2xNiwPK08/VL3zZqk\n"
77 "V+GsSvGIIkzhTMbqPJy9K8pqyjwOU2pgORS794yXciTGxWYjTDzJPgQ35YMDATaG\n"
78 "jr4HHo1zxU/Lj0pndSUK5rKLYxYQ3Uc8B3AVYDl9CP/GbOoQ4LBzS68JjcAUyp6i\n"
79 "6NfXlc2D9S9XgqVqwI+JqgJs0eW/+zPY2UEDWwIDAQABAoIBAD2HzV66FOM9YDAD\n"
80 "2RtGskEHV2nvLpIVadRCsFPkPvK+2X3s6rgSbbLkwh4y3lHuSCGKTNVZyQ9jeSos\n"
81 "xVxT+Q2HFQW+gYyw2gj91TQyDY8mzKhv8AVaqff2p5r3a7RC8CdqexK9UVUGL9Bg\n"
82 "H2F5vfpTtkVZ5PEoGDLblNFlMiMW/t1SobUeBVx+Msco/xqk9lFv1A9nnepGy0Gi\n"
83 "D+i6YNGTBsX22YhoCZl/ICxCL8lgqPei4FvBr9dBVh/jQgjuUBm2jz55p2r7+7Aw\n"
84 "khmXHReejoVokQ2+htgSgZNKlKuDy710ZpBqnDi8ynQi82Y2qCpyg/p/xcER54B6\n"
85 "hSftaiECgYEA2RkSoxU+nWk+BClQEUZRi88QK5W/M8oo1DvUs36hvPFkw3Jk/gz0\n"
86 "fgd5bnA+MXj0Fc0QHvbddPjIkyoI/evq9GPV+JYIuH5zabrlI3Jvya8q9QpAcEDO\n"
87 "KkL/O09qXVEW52S6l05nh4PLejyI7aTyTIN5nbVLac/+M8MY/qOjZksCgYEA1Q1o\n"
88 "L8kjSavU2xhQmSgZb9W62Do60sa3e73ljrDPoiyvbExldpSdziFYxHBD/Rep0ePf\n"
89 "eVSGS3VSwevt9/jSGo2Oa83TYYns9agBm03oR/Go/DukESdI792NsEM+PRFypVNy\n"
90 "AohWRLj0UU6DV+zLKp0VBavtx0ATeLFX0eN17TECgYBI2O/3Bz7uhQ0JSm+SjFz6\n"
91 "o+2SInp5P2G57aWu4VQWWY3tQ2p+EQzNaWam10UXRrXoxtmc+ktPX9e2AgnoYoyB\n"
92 "myqGcpnUhqHlnZAb999o9r1cYidDQ4uqhLauSTSwwXAFDzjJYsa8o03Y440y6QFh\n"
93 "CVD6yYXXqLJs3g96CqDexwKBgAHxq1+0QCQt8zVElYewO/svQhMzBNJjic0RQIT6\n"
94 "zAo4yij80XgxhvcYiszQEW6/xobpw2JCCS+rFGQ8mOFIXfJsFD6blDAxp/3d2JXo\n"
95 "MhRl+hrDGI4ng5zcsqxHEMxR2m/zwPiQ8eiSn3gWdVBaEsiCwmxY00ScKxFQ3PJH\n"
96 "Vw4hAoGAdZLd8KfjjG6lg7hfpVqavstqVi9LOgkHeCfdjn7JP+76kYrgLk/XdkrP\n"
97 "N/BHhtFVFjOi/mTQfQ5YfZImkm/1ePBy7437DT8BDkOxspa50kK4HPggHnU64h1w\n"
98 "lhdEOj7mAgHwGwwVZWOgs9Lq6vfztnSuhqjha1daESY6kDscPIQ=\n"
99 "-----END RSA PRIVATE KEY-----\n";
100
101 EVP_PKEY *
ssl_getkey(void)102 ssl_getkey(void)
103 {
104 EVP_PKEY *key;
105 BIO *bio;
106
107 /* new read-only BIO backed by KEY. */
108 bio = BIO_new_mem_buf((char*)KEY, -1);
109 tt_assert(bio);
110
111 key = PEM_read_bio_PrivateKey(bio,NULL,NULL,NULL);
112 BIO_free(bio);
113 tt_assert(key);
114
115 return key;
116 end:
117 return NULL;
118 }
119
120 X509 *
ssl_getcert(EVP_PKEY * key)121 ssl_getcert(EVP_PKEY *key)
122 {
123 /* Dummy code to make a quick-and-dirty valid certificate with
124 OpenSSL. Don't copy this code into your own program! It does a
125 number of things in a stupid and insecure way. */
126 X509 *x509 = NULL;
127 X509_NAME *name = NULL;
128 int nid;
129 time_t now = time(NULL);
130
131 tt_assert(key);
132
133 x509 = X509_new();
134 tt_assert(x509);
135 tt_assert(0 != X509_set_version(x509, 2));
136 tt_assert(0 != ASN1_INTEGER_set(X509_get_serialNumber(x509),
137 (long)now));
138
139 name = X509_NAME_new();
140 tt_assert(name);
141 nid = OBJ_txt2nid("commonName");
142 tt_assert(NID_undef != nid);
143 tt_assert(0 != X509_NAME_add_entry_by_NID(
144 name, nid, MBSTRING_ASC, (unsigned char*)"example.com",
145 -1, -1, 0));
146
147 X509_set_subject_name(x509, name);
148 X509_set_issuer_name(x509, name);
149 X509_NAME_free(name);
150
151 X509_time_adj(X509_getm_notBefore(x509), 0, &now);
152 now += 3600;
153 X509_time_adj(X509_getm_notAfter(x509), 0, &now);
154 X509_set_pubkey(x509, key);
155 tt_assert(0 != X509_sign(x509, key, EVP_sha1()));
156
157 return x509;
158 end:
159 X509_free(x509);
160 X509_NAME_free(name);
161 return NULL;
162 }
163
164 static int disable_tls_11_and_12 = 0;
165 static SSL_CTX *the_ssl_ctx = NULL;
166
167 SSL_CTX *
get_ssl_ctx(void)168 get_ssl_ctx(void)
169 {
170 if (the_ssl_ctx)
171 return the_ssl_ctx;
172 the_ssl_ctx = SSL_CTX_new(SSLv23_method());
173 if (!the_ssl_ctx)
174 return NULL;
175 if (disable_tls_11_and_12) {
176 #ifdef SSL_OP_NO_TLSv1_2
177 SSL_CTX_set_options(the_ssl_ctx, SSL_OP_NO_TLSv1_2);
178 #endif
179 #ifdef SSL_OP_NO_TLSv1_1
180 SSL_CTX_set_options(the_ssl_ctx, SSL_OP_NO_TLSv1_1);
181 #endif
182 }
183 return the_ssl_ctx;
184 }
185
186 static int test_is_done;
187 static int n_connected;
188 static int got_close;
189 static int got_error;
190 static int got_timeout;
191 static int renegotiate_at = -1;
192 static int stop_when_connected;
193 static int pending_connect_events;
194 static struct event_base *exit_base;
195 static X509 *the_cert;
196 EVP_PKEY *the_key;
197
198 void
init_ssl(void)199 init_ssl(void)
200 {
201 #if (OPENSSL_VERSION_NUMBER < 0x10100000L) || \
202 (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x20700000L)
203 SSL_library_init();
204 ERR_load_crypto_strings();
205 SSL_load_error_strings();
206 OpenSSL_add_all_algorithms();
207 if (SSLeay() != OPENSSL_VERSION_NUMBER) {
208 TT_DECLARE("WARN",
209 ("Version mismatch for openssl: compiled with %lx but running with %lx",
210 (unsigned long)OPENSSL_VERSION_NUMBER, (unsigned long)SSLeay()));
211 }
212 #endif
213 }
214
215 static void *
ssl_test_setup(const struct testcase_t * testcase)216 ssl_test_setup(const struct testcase_t *testcase)
217 {
218 init_ssl();
219
220 the_key = ssl_getkey();
221 EVUTIL_ASSERT(the_key);
222
223 the_cert = ssl_getcert(the_key);
224 EVUTIL_ASSERT(the_cert);
225
226 disable_tls_11_and_12 = 0;
227
228 return basic_test_setup(testcase);
229 }
230 static int
ssl_test_cleanup(const struct testcase_t * testcase,void * ptr)231 ssl_test_cleanup(const struct testcase_t *testcase, void *ptr)
232 {
233 int ret = basic_test_cleanup(testcase, ptr);
234 if (!ret) {
235 return ret;
236 }
237
238 test_is_done = 0;
239 n_connected = 0;
240 got_close = 0;
241 got_error = 0;
242 got_timeout = 0;
243 renegotiate_at = -1;
244 stop_when_connected = 0;
245 pending_connect_events = 0;
246 exit_base = NULL;
247
248 X509_free(the_cert);
249 EVP_PKEY_free(the_key);
250
251 SSL_CTX_free(the_ssl_ctx);
252 the_ssl_ctx = NULL;
253
254 return 1;
255 }
256 const struct testcase_setup_t ssl_setup = {
257 ssl_test_setup, ssl_test_cleanup
258 };
259
260
261 /* ====================
262 Here's a simple test: we read a number from the input, increment it, and
263 reply, until we get to 1001.
264 */
265
266 enum regress_openssl_type
267 {
268 REGRESS_OPENSSL_SOCKETPAIR = 1,
269 REGRESS_OPENSSL_FILTER = 2,
270 REGRESS_OPENSSL_RENEGOTIATE = 4,
271 REGRESS_OPENSSL_OPEN = 8,
272 REGRESS_OPENSSL_DIRTY_SHUTDOWN = 16,
273 REGRESS_OPENSSL_FD = 32,
274
275 REGRESS_OPENSSL_CLIENT = 64,
276 REGRESS_OPENSSL_SERVER = 128,
277
278 REGRESS_OPENSSL_FREED = 256,
279 REGRESS_OPENSSL_TIMEOUT = 512,
280 REGRESS_OPENSSL_SLEEP = 1024,
281
282 REGRESS_OPENSSL_CLIENT_WRITE = 2048,
283
284 REGRESS_DEFERRED_CALLBACKS = 4096,
285 };
286
287 static void
bufferevent_openssl_check_fd(struct bufferevent * bev,int filter)288 bufferevent_openssl_check_fd(struct bufferevent *bev, int filter)
289 {
290 tt_fd_op(bufferevent_getfd(bev), !=, EVUTIL_INVALID_SOCKET);
291 tt_fd_op(bufferevent_setfd(bev, EVUTIL_INVALID_SOCKET), ==, 0);
292 if (filter) {
293 tt_fd_op(bufferevent_getfd(bev), !=, EVUTIL_INVALID_SOCKET);
294 } else {
295 tt_fd_op(bufferevent_getfd(bev), ==, EVUTIL_INVALID_SOCKET);
296 }
297
298 end:
299 ;
300 }
301 static void
bufferevent_openssl_check_freed(struct bufferevent * bev)302 bufferevent_openssl_check_freed(struct bufferevent *bev)
303 {
304 tt_int_op(event_pending(&bev->ev_read, EVLIST_ALL, NULL), ==, 0);
305 tt_int_op(event_pending(&bev->ev_write, EVLIST_ALL, NULL), ==, 0);
306
307 end:
308 ;
309 }
310
311 static void
free_on_cb(struct bufferevent * bev,void * ctx)312 free_on_cb(struct bufferevent *bev, void *ctx)
313 {
314 TT_BLATHER(("free_on_cb: %p", bev));
315 bufferevent_free(bev);
316 }
317
318 static void
respond_to_number(struct bufferevent * bev,void * ctx)319 respond_to_number(struct bufferevent *bev, void *ctx)
320 {
321 struct evbuffer *b = bufferevent_get_input(bev);
322 char *line;
323 int n;
324
325 enum regress_openssl_type type;
326 type = (enum regress_openssl_type)ctx;
327
328 line = evbuffer_readln(b, NULL, EVBUFFER_EOL_LF);
329 if (! line)
330 return;
331 n = atoi(line);
332 if (n <= 0)
333 TT_FAIL(("Bad number: %s", line));
334 free(line);
335 TT_BLATHER(("The number was %d", n));
336 if (n == 1001) {
337 ++test_is_done;
338 bufferevent_free(bev); /* Should trigger close on other side. */
339 return;
340 }
341 if ((type & REGRESS_OPENSSL_CLIENT) && n == renegotiate_at) {
342 SSL_renegotiate(bufferevent_openssl_get_ssl(bev));
343 }
344 ++n;
345 evbuffer_add_printf(bufferevent_get_output(bev),
346 "%d\n", n);
347 TT_BLATHER(("Done reading; now writing."));
348 bufferevent_enable(bev, EV_WRITE);
349 bufferevent_disable(bev, EV_READ);
350 }
351
352 static void
done_writing_cb(struct bufferevent * bev,void * ctx)353 done_writing_cb(struct bufferevent *bev, void *ctx)
354 {
355 struct evbuffer *b = bufferevent_get_output(bev);
356 if (evbuffer_get_length(b))
357 return;
358 TT_BLATHER(("Done writing."));
359 bufferevent_disable(bev, EV_WRITE);
360 bufferevent_enable(bev, EV_READ);
361 }
362
363 static void
eventcb(struct bufferevent * bev,short what,void * ctx)364 eventcb(struct bufferevent *bev, short what, void *ctx)
365 {
366 X509 *peer_cert = NULL;
367 enum regress_openssl_type type;
368
369 type = (enum regress_openssl_type)ctx;
370
371 TT_BLATHER(("Got event %d", (int)what));
372 if (what & BEV_EVENT_CONNECTED) {
373 SSL *ssl;
374 ++n_connected;
375 ssl = bufferevent_openssl_get_ssl(bev);
376 tt_assert(ssl);
377 peer_cert = SSL_get_peer_certificate(ssl);
378 if (type & REGRESS_OPENSSL_SERVER) {
379 tt_assert(peer_cert == NULL);
380 } else {
381 tt_assert(peer_cert != NULL);
382 }
383 if (stop_when_connected) {
384 if (--pending_connect_events == 0)
385 event_base_loopexit(exit_base, NULL);
386 }
387
388 if ((type & REGRESS_OPENSSL_CLIENT_WRITE) && (type & REGRESS_OPENSSL_CLIENT))
389 evbuffer_add_printf(bufferevent_get_output(bev), "1\n");
390 } else if (what & BEV_EVENT_EOF) {
391 TT_BLATHER(("Got a good EOF"));
392 ++got_close;
393 if (type & REGRESS_OPENSSL_FD) {
394 bufferevent_openssl_check_fd(bev, type & REGRESS_OPENSSL_FILTER);
395 }
396 if (type & REGRESS_OPENSSL_FREED) {
397 bufferevent_openssl_check_freed(bev);
398 }
399 bufferevent_free(bev);
400 } else if (what & BEV_EVENT_ERROR) {
401 TT_BLATHER(("Got an error."));
402 ++got_error;
403 if (type & REGRESS_OPENSSL_FD) {
404 bufferevent_openssl_check_fd(bev, type & REGRESS_OPENSSL_FILTER);
405 }
406 if (type & REGRESS_OPENSSL_FREED) {
407 bufferevent_openssl_check_freed(bev);
408 }
409 bufferevent_free(bev);
410 } else if (what & BEV_EVENT_TIMEOUT) {
411 TT_BLATHER(("Got timeout."));
412 ++got_timeout;
413 if (type & REGRESS_OPENSSL_FD) {
414 bufferevent_openssl_check_fd(bev, type & REGRESS_OPENSSL_FILTER);
415 }
416 if (type & REGRESS_OPENSSL_FREED) {
417 bufferevent_openssl_check_freed(bev);
418 }
419 bufferevent_free(bev);
420 }
421
422 end:
423 if (peer_cert)
424 X509_free(peer_cert);
425 }
426
427 static void
open_ssl_bufevs(struct bufferevent ** bev1_out,struct bufferevent ** bev2_out,struct event_base * base,int is_open,int flags,SSL * ssl1,SSL * ssl2,evutil_socket_t * fd_pair,struct bufferevent ** underlying_pair,enum regress_openssl_type type)428 open_ssl_bufevs(struct bufferevent **bev1_out, struct bufferevent **bev2_out,
429 struct event_base *base, int is_open, int flags, SSL *ssl1, SSL *ssl2,
430 evutil_socket_t *fd_pair, struct bufferevent **underlying_pair,
431 enum regress_openssl_type type)
432 {
433 int state1 = is_open ? BUFFEREVENT_SSL_OPEN :BUFFEREVENT_SSL_CONNECTING;
434 int state2 = is_open ? BUFFEREVENT_SSL_OPEN :BUFFEREVENT_SSL_ACCEPTING;
435 int dirty_shutdown = type & REGRESS_OPENSSL_DIRTY_SHUTDOWN;
436 if (fd_pair) {
437 *bev1_out = bufferevent_openssl_socket_new(
438 base, fd_pair[0], ssl1, state1, flags);
439 *bev2_out = bufferevent_openssl_socket_new(
440 base, fd_pair[1], ssl2, state2, flags);
441 } else {
442 *bev1_out = bufferevent_openssl_filter_new(
443 base, underlying_pair[0], ssl1, state1, flags);
444 *bev2_out = bufferevent_openssl_filter_new(
445 base, underlying_pair[1], ssl2, state2, flags);
446
447 }
448 bufferevent_setcb(*bev1_out, respond_to_number, done_writing_cb,
449 eventcb, (void*)(REGRESS_OPENSSL_CLIENT | (long)type));
450 bufferevent_setcb(*bev2_out, respond_to_number, done_writing_cb,
451 eventcb, (void*)(REGRESS_OPENSSL_SERVER | (long)type));
452
453 bufferevent_openssl_set_allow_dirty_shutdown(*bev1_out, dirty_shutdown);
454 bufferevent_openssl_set_allow_dirty_shutdown(*bev2_out, dirty_shutdown);
455 }
456
457 static void
regress_bufferevent_openssl(void * arg)458 regress_bufferevent_openssl(void *arg)
459 {
460 struct basic_test_data *data = arg;
461
462 struct bufferevent *bev1, *bev2;
463 SSL *ssl1, *ssl2;
464 int flags = BEV_OPT_DEFER_CALLBACKS;
465 struct bufferevent *bev_ll[2] = { NULL, NULL };
466 evutil_socket_t *fd_pair = NULL;
467
468 enum regress_openssl_type type;
469 type = (enum regress_openssl_type)data->setup_data;
470
471 if (type & REGRESS_OPENSSL_RENEGOTIATE) {
472 if (OPENSSL_VERSION_NUMBER >= 0x10001000 &&
473 OPENSSL_VERSION_NUMBER < 0x1000104f) {
474 /* 1.0.1 up to 1.0.1c has a bug where TLS1.1 and 1.2
475 * can't renegotiate with themselves. Disable. */
476 disable_tls_11_and_12 = 1;
477 }
478 renegotiate_at = 600;
479 }
480
481 ssl1 = SSL_new(get_ssl_ctx());
482 ssl2 = SSL_new(get_ssl_ctx());
483
484 SSL_use_certificate(ssl2, the_cert);
485 SSL_use_PrivateKey(ssl2, the_key);
486
487 if (!(type & REGRESS_OPENSSL_OPEN))
488 flags |= BEV_OPT_CLOSE_ON_FREE;
489
490 if (!(type & REGRESS_OPENSSL_FILTER)) {
491 tt_assert(type & REGRESS_OPENSSL_SOCKETPAIR);
492 fd_pair = data->pair;
493 } else {
494 bev_ll[0] = bufferevent_socket_new(data->base, data->pair[0],
495 BEV_OPT_CLOSE_ON_FREE);
496 bev_ll[1] = bufferevent_socket_new(data->base, data->pair[1],
497 BEV_OPT_CLOSE_ON_FREE);
498 }
499
500 open_ssl_bufevs(&bev1, &bev2, data->base, 0, flags, ssl1, ssl2,
501 fd_pair, bev_ll, type);
502
503 if (!(type & REGRESS_OPENSSL_FILTER)) {
504 tt_fd_op(bufferevent_getfd(bev1), ==, data->pair[0]);
505 } else {
506 tt_ptr_op(bufferevent_get_underlying(bev1), ==, bev_ll[0]);
507 }
508
509 if (type & REGRESS_OPENSSL_OPEN) {
510 pending_connect_events = 2;
511 stop_when_connected = 1;
512 exit_base = data->base;
513 event_base_dispatch(data->base);
514 /* Okay, now the renegotiation is done. Make new
515 * bufferevents to test opening in BUFFEREVENT_SSL_OPEN */
516 flags |= BEV_OPT_CLOSE_ON_FREE;
517 bufferevent_free(bev1);
518 bufferevent_free(bev2);
519 bev1 = bev2 = NULL;
520 open_ssl_bufevs(&bev1, &bev2, data->base, 1, flags, ssl1, ssl2,
521 fd_pair, bev_ll, type);
522 }
523
524 if (!(type & REGRESS_OPENSSL_TIMEOUT)) {
525 bufferevent_enable(bev1, EV_READ|EV_WRITE);
526 bufferevent_enable(bev2, EV_READ|EV_WRITE);
527
528 if (!(type & REGRESS_OPENSSL_CLIENT_WRITE))
529 evbuffer_add_printf(bufferevent_get_output(bev1), "1\n");
530
531 event_base_dispatch(data->base);
532
533 tt_assert(test_is_done == 1);
534 tt_assert(n_connected == 2);
535
536 /* We don't handle shutdown properly yet */
537 if (type & REGRESS_OPENSSL_DIRTY_SHUTDOWN) {
538 tt_int_op(got_close, ==, 1);
539 tt_int_op(got_error, ==, 0);
540 } else {
541 tt_int_op(got_error, ==, 1);
542 }
543 tt_int_op(got_timeout, ==, 0);
544 } else {
545 struct timeval t = { 2, 0 };
546
547 bufferevent_enable(bev1, EV_READ|EV_WRITE);
548 bufferevent_disable(bev2, EV_READ|EV_WRITE);
549
550 bufferevent_set_timeouts(bev1, &t, &t);
551
552 if (!(type & REGRESS_OPENSSL_CLIENT_WRITE))
553 evbuffer_add_printf(bufferevent_get_output(bev1), "1\n");
554
555 event_base_dispatch(data->base);
556
557 tt_assert(test_is_done == 0);
558 tt_assert(n_connected == 0);
559
560 tt_int_op(got_close, ==, 0);
561 tt_int_op(got_error, ==, 0);
562 tt_int_op(got_timeout, ==, 1);
563
564 bufferevent_free(bev2);
565 }
566
567 end:
568 return;
569 }
570
571 static void
acceptcb_deferred(evutil_socket_t fd,short events,void * arg)572 acceptcb_deferred(evutil_socket_t fd, short events, void *arg)
573 {
574 struct bufferevent *bev = arg;
575 bufferevent_enable(bev, EV_READ|EV_WRITE);
576 }
577 static void
acceptcb(struct evconnlistener * listener,evutil_socket_t fd,struct sockaddr * addr,int socklen,void * arg)578 acceptcb(struct evconnlistener *listener, evutil_socket_t fd,
579 struct sockaddr *addr, int socklen, void *arg)
580 {
581 struct basic_test_data *data = arg;
582 struct bufferevent *bev;
583 enum regress_openssl_type type;
584 SSL *ssl = SSL_new(get_ssl_ctx());
585
586 type = (enum regress_openssl_type)data->setup_data;
587
588 SSL_use_certificate(ssl, the_cert);
589 SSL_use_PrivateKey(ssl, the_key);
590
591 bev = bufferevent_openssl_socket_new(
592 data->base, fd, ssl, BUFFEREVENT_SSL_ACCEPTING,
593 BEV_OPT_CLOSE_ON_FREE|BEV_OPT_DEFER_CALLBACKS);
594 tt_assert(bev);
595
596 bufferevent_setcb(bev, respond_to_number, NULL, eventcb,
597 (void*)(REGRESS_OPENSSL_SERVER));
598
599 if (type & REGRESS_OPENSSL_SLEEP) {
600 struct timeval when = { 1, 0 };
601 event_base_once(data->base, -1, EV_TIMEOUT,
602 acceptcb_deferred, bev, &when);
603 bufferevent_disable(bev, EV_READ|EV_WRITE);
604 } else {
605 bufferevent_enable(bev, EV_READ|EV_WRITE);
606 }
607
608 /* Only accept once, then disable ourself. */
609 evconnlistener_disable(listener);
610
611 end:
612 ;
613 }
614
615 struct rwcount
616 {
617 evutil_socket_t fd;
618 size_t read;
619 size_t write;
620 };
621 static int
bio_rwcount_new(BIO * b)622 bio_rwcount_new(BIO *b)
623 {
624 BIO_set_init(b, 0);
625 BIO_set_data(b, NULL);
626 return 1;
627 }
628 static int
bio_rwcount_free(BIO * b)629 bio_rwcount_free(BIO *b)
630 {
631 TT_BLATHER(("bio_rwcount_free: %p", b));
632 if (!b)
633 return 0;
634 if (BIO_get_shutdown(b)) {
635 BIO_set_init(b, 0);
636 BIO_set_data(b, NULL);
637 }
638 return 1;
639 }
640 static int
bio_rwcount_read(BIO * b,char * out,int outlen)641 bio_rwcount_read(BIO *b, char *out, int outlen)
642 {
643 struct rwcount *rw = BIO_get_data(b);
644 ev_ssize_t ret = recv(rw->fd, out, outlen, 0);
645 ++rw->read;
646 if (ret == -1 && EVUTIL_ERR_RW_RETRIABLE(EVUTIL_SOCKET_ERROR())) {
647 BIO_set_retry_read(b);
648 }
649 return ret;
650 }
651 static int
bio_rwcount_write(BIO * b,const char * in,int inlen)652 bio_rwcount_write(BIO *b, const char *in, int inlen)
653 {
654 struct rwcount *rw = BIO_get_data(b);
655 ev_ssize_t ret = send(rw->fd, in, inlen, 0);
656 ++rw->write;
657 if (ret == -1 && EVUTIL_ERR_RW_RETRIABLE(EVUTIL_SOCKET_ERROR())) {
658 BIO_set_retry_write(b);
659 }
660 return ret;
661 }
662 static long
bio_rwcount_ctrl(BIO * b,int cmd,long num,void * ptr)663 bio_rwcount_ctrl(BIO *b, int cmd, long num, void *ptr)
664 {
665 struct rwcount *rw = BIO_get_data(b);
666 long ret = 0;
667 switch (cmd) {
668 case BIO_C_GET_FD:
669 ret = rw->fd;
670 break;
671 case BIO_CTRL_GET_CLOSE:
672 ret = BIO_get_shutdown(b);
673 break;
674 case BIO_CTRL_SET_CLOSE:
675 BIO_set_shutdown(b, (int)num);
676 break;
677 case BIO_CTRL_PENDING:
678 ret = 0;
679 break;
680 case BIO_CTRL_WPENDING:
681 ret = 0;
682 break;
683 case BIO_CTRL_DUP:
684 case BIO_CTRL_FLUSH:
685 ret = 1;
686 break;
687 }
688 return ret;
689 }
690 static int
bio_rwcount_puts(BIO * b,const char * s)691 bio_rwcount_puts(BIO *b, const char *s)
692 {
693 return bio_rwcount_write(b, s, strlen(s));
694 }
695 #define BIO_TYPE_LIBEVENT_RWCOUNT 0xff1
696 static BIO_METHOD *methods_rwcount;
697
698 static BIO_METHOD *
BIO_s_rwcount(void)699 BIO_s_rwcount(void)
700 {
701 if (methods_rwcount == NULL) {
702 methods_rwcount = BIO_meth_new(BIO_TYPE_LIBEVENT_RWCOUNT, "rwcount");
703 if (methods_rwcount == NULL)
704 return NULL;
705 BIO_meth_set_write(methods_rwcount, bio_rwcount_write);
706 BIO_meth_set_read(methods_rwcount, bio_rwcount_read);
707 BIO_meth_set_puts(methods_rwcount, bio_rwcount_puts);
708 BIO_meth_set_ctrl(methods_rwcount, bio_rwcount_ctrl);
709 BIO_meth_set_create(methods_rwcount, bio_rwcount_new);
710 BIO_meth_set_destroy(methods_rwcount, bio_rwcount_free);
711 }
712 return methods_rwcount;
713 }
714 static BIO *
BIO_new_rwcount(int close_flag)715 BIO_new_rwcount(int close_flag)
716 {
717 BIO *result;
718 if (!(result = BIO_new(BIO_s_rwcount())))
719 return NULL;
720 BIO_set_init(result, 1);
721 BIO_set_data(result, NULL);
722 BIO_set_shutdown(result, !!close_flag);
723 return result;
724 }
725
726 static void
regress_bufferevent_openssl_connect(void * arg)727 regress_bufferevent_openssl_connect(void *arg)
728 {
729 struct basic_test_data *data = arg;
730
731 struct event_base *base = data->base;
732
733 struct evconnlistener *listener;
734 struct bufferevent *bev;
735 struct sockaddr_in sin;
736 struct sockaddr_storage ss;
737 ev_socklen_t slen;
738 SSL *ssl;
739 struct rwcount rw = { -1, 0, 0 };
740 enum regress_openssl_type type;
741
742 type = (enum regress_openssl_type)data->setup_data;
743
744 memset(&sin, 0, sizeof(sin));
745 sin.sin_family = AF_INET;
746 sin.sin_addr.s_addr = htonl(0x7f000001);
747
748 memset(&ss, 0, sizeof(ss));
749 slen = sizeof(ss);
750
751 listener = evconnlistener_new_bind(base, acceptcb, data,
752 LEV_OPT_CLOSE_ON_FREE|LEV_OPT_REUSEABLE,
753 -1, (struct sockaddr *)&sin, sizeof(sin));
754
755 tt_assert(listener);
756 tt_assert(evconnlistener_get_fd(listener) >= 0);
757
758 ssl = SSL_new(get_ssl_ctx());
759 tt_assert(ssl);
760
761 bev = bufferevent_openssl_socket_new(
762 data->base, -1, ssl,
763 BUFFEREVENT_SSL_CONNECTING,
764 BEV_OPT_CLOSE_ON_FREE|BEV_OPT_DEFER_CALLBACKS);
765 tt_assert(bev);
766
767 bufferevent_setcb(bev, respond_to_number, free_on_cb, eventcb,
768 (void*)(REGRESS_OPENSSL_CLIENT));
769
770 tt_assert(getsockname(evconnlistener_get_fd(listener),
771 (struct sockaddr*)&ss, &slen) == 0);
772 tt_assert(slen == sizeof(struct sockaddr_in));
773 tt_int_op(((struct sockaddr*)&ss)->sa_family, ==, AF_INET);
774
775 tt_assert(0 ==
776 bufferevent_socket_connect(bev, (struct sockaddr*)&ss, slen));
777 /* Possible only when we have fd, since be_openssl can and will overwrite
778 * bio otherwise before */
779 if (type & REGRESS_OPENSSL_SLEEP) {
780 BIO *bio;
781
782 rw.fd = bufferevent_getfd(bev);
783 bio = BIO_new_rwcount(0);
784 tt_assert(bio);
785 BIO_set_data(bio, &rw);
786 SSL_set_bio(ssl, bio, bio);
787 }
788 evbuffer_add_printf(bufferevent_get_output(bev), "1\n");
789 bufferevent_enable(bev, EV_READ|EV_WRITE);
790
791 event_base_dispatch(base);
792
793 tt_int_op(rw.read, <=, 100);
794 tt_int_op(rw.write, <=, 100);
795 end:
796 evconnlistener_free(listener);
797 }
798
799 struct wm_context
800 {
801 int server;
802 int flags;
803 struct evbuffer *data;
804 size_t to_read;
805 size_t wm_high;
806 size_t limit;
807 size_t get;
808 struct bufferevent *bev;
809 struct wm_context *neighbour;
810 };
811 static void
wm_transfer(struct bufferevent * bev,void * arg)812 wm_transfer(struct bufferevent *bev, void *arg)
813 {
814 struct wm_context *ctx = arg;
815 struct evbuffer *in = bufferevent_get_input(bev);
816 struct evbuffer *out = bufferevent_get_output(bev);
817 size_t len = evbuffer_get_length(in);
818 size_t drain = len < ctx->to_read ? len : ctx->to_read;
819
820 if (ctx->get >= ctx->limit) {
821 TT_BLATHER(("wm_transfer-%s(%p): break",
822 ctx->server ? "server" : "client", bev));
823 bufferevent_setcb(bev, NULL, NULL, NULL, NULL);
824 bufferevent_disable(bev, EV_READ);
825 if (ctx->neighbour->get >= ctx->neighbour->limit) {
826 event_base_loopbreak(bufferevent_get_base(bev));
827 }
828 } else {
829 ctx->get += drain;
830 evbuffer_drain(in, drain);
831 }
832
833 TT_BLATHER(("wm_transfer-%s(%p): "
834 "in: " EV_SIZE_FMT ", "
835 "out: " EV_SIZE_FMT ", "
836 "got: " EV_SIZE_FMT "",
837 ctx->server ? "server" : "client", bev,
838 evbuffer_get_length(in),
839 evbuffer_get_length(out),
840 ctx->get));
841
842 evbuffer_add_buffer_reference(out, ctx->data);
843 }
844 static void
wm_eventcb(struct bufferevent * bev,short what,void * arg)845 wm_eventcb(struct bufferevent *bev, short what, void *arg)
846 {
847 struct wm_context *ctx = arg;
848 TT_BLATHER(("wm_eventcb-%s(%p): %i",
849 ctx->server ? "server" : "client", bev, what));
850 if (what & BEV_EVENT_CONNECTED) {
851 } else {
852 ctx->get = 0;
853 }
854 }
855 static void
wm_acceptcb(struct evconnlistener * listener,evutil_socket_t fd,struct sockaddr * addr,int socklen,void * arg)856 wm_acceptcb(struct evconnlistener *listener, evutil_socket_t fd,
857 struct sockaddr *addr, int socklen, void *arg)
858 {
859 struct wm_context *ctx = arg;
860 struct bufferevent *bev;
861 struct event_base *base = evconnlistener_get_base(listener);
862 SSL *ssl = SSL_new(get_ssl_ctx());
863
864 SSL_use_certificate(ssl, the_cert);
865 SSL_use_PrivateKey(ssl, the_key);
866
867 bev = bufferevent_openssl_socket_new(
868 base, fd, ssl, BUFFEREVENT_SSL_ACCEPTING, ctx->flags);
869
870 TT_BLATHER(("wm_transfer-%s(%p): accept",
871 ctx->server ? "server" : "client", bev));
872
873 bufferevent_setwatermark(bev, EV_READ, 0, ctx->wm_high);
874 bufferevent_setcb(bev, wm_transfer, NULL, wm_eventcb, ctx);
875 bufferevent_enable(bev, EV_READ|EV_WRITE);
876 ctx->bev = bev;
877
878 /* Only accept once, then disable ourself. */
879 evconnlistener_disable(listener);
880 }
881 static void
regress_bufferevent_openssl_wm(void * arg)882 regress_bufferevent_openssl_wm(void *arg)
883 {
884 struct basic_test_data *data = arg;
885 struct event_base *base = data->base;
886
887 struct evconnlistener *listener;
888 struct bufferevent *bev;
889 struct sockaddr_in sin;
890 struct sockaddr_storage ss;
891 enum regress_openssl_type type =
892 (enum regress_openssl_type)data->setup_data;
893 int bev_flags = BEV_OPT_CLOSE_ON_FREE;
894 ev_socklen_t slen;
895 SSL *ssl;
896 struct wm_context client, server;
897 char *payload;
898 size_t payload_len = 1<<10;
899 size_t wm_high = 5<<10;
900
901 memset(&sin, 0, sizeof(sin));
902 sin.sin_family = AF_INET;
903 sin.sin_addr.s_addr = htonl(0x7f000001);
904
905 memset(&ss, 0, sizeof(ss));
906 slen = sizeof(ss);
907
908 if (type & REGRESS_DEFERRED_CALLBACKS)
909 bev_flags |= BEV_OPT_DEFER_CALLBACKS;
910
911 memset(&client, 0, sizeof(client));
912 memset(&server, 0, sizeof(server));
913 client.server = 0;
914 server.server = 1;
915 client.flags = server.flags = bev_flags;
916 client.data = evbuffer_new();
917 server.data = evbuffer_new();
918 payload = calloc(1, payload_len);
919 memset(payload, 'A', payload_len);
920 evbuffer_add(server.data, payload, payload_len);
921 evbuffer_add(client.data, payload, payload_len);
922 client.wm_high = server.wm_high = wm_high;
923 client.limit = server.limit = wm_high<<3;
924 client.to_read = server.to_read = payload_len>>1;
925
926 TT_BLATHER(("openssl_wm: "
927 "payload_len = " EV_SIZE_FMT ", "
928 "wm_high = " EV_SIZE_FMT ", "
929 "limit = " EV_SIZE_FMT ", "
930 "to_read: " EV_SIZE_FMT "",
931 payload_len,
932 wm_high,
933 server.limit,
934 server.to_read));
935
936 listener = evconnlistener_new_bind(base, wm_acceptcb, &server,
937 LEV_OPT_CLOSE_ON_FREE|LEV_OPT_REUSEABLE,
938 -1, (struct sockaddr *)&sin, sizeof(sin));
939
940 tt_assert(listener);
941 tt_assert(evconnlistener_get_fd(listener) >= 0);
942
943 ssl = SSL_new(get_ssl_ctx());
944 tt_assert(ssl);
945
946 if (type & REGRESS_OPENSSL_FILTER) {
947 bev = bufferevent_socket_new(data->base, -1, client.flags);
948 tt_assert(bev);
949 bev = bufferevent_openssl_filter_new(
950 base, bev, ssl, BUFFEREVENT_SSL_CONNECTING, client.flags);
951 } else {
952 bev = bufferevent_openssl_socket_new(
953 data->base, -1, ssl,
954 BUFFEREVENT_SSL_CONNECTING,
955 client.flags);
956 }
957 tt_assert(bev);
958 client.bev = bev;
959
960 server.neighbour = &client;
961 client.neighbour = &server;
962
963 bufferevent_setwatermark(bev, EV_READ, 0, client.wm_high);
964 bufferevent_setcb(bev, wm_transfer, NULL, wm_eventcb, &client);
965
966 tt_assert(getsockname(evconnlistener_get_fd(listener),
967 (struct sockaddr*)&ss, &slen) == 0);
968
969 tt_assert(!bufferevent_socket_connect(bev, (struct sockaddr*)&ss, slen));
970 tt_assert(!evbuffer_add_buffer_reference(bufferevent_get_output(bev), client.data));
971 tt_assert(!bufferevent_enable(bev, EV_READ|EV_WRITE));
972
973 event_base_dispatch(base);
974
975 tt_int_op(client.get, ==, client.limit);
976 tt_int_op(server.get, ==, server.limit);
977
978 end:
979 free(payload);
980 evbuffer_free(client.data);
981 evbuffer_free(server.data);
982 evconnlistener_free(listener);
983 bufferevent_free(client.bev);
984 bufferevent_free(server.bev);
985
986 /* XXX: by some reason otherise there is a leak */
987 if (!(type & REGRESS_OPENSSL_FILTER))
988 event_base_loop(base, EVLOOP_ONCE);
989 }
990
991 struct testcase_t ssl_testcases[] = {
992 #define T(a) ((void *)(a))
993 { "bufferevent_socketpair", regress_bufferevent_openssl,
994 TT_ISOLATED, &ssl_setup, T(REGRESS_OPENSSL_SOCKETPAIR) },
995 { "bufferevent_socketpair_write_after_connect", regress_bufferevent_openssl,
996 TT_ISOLATED, &ssl_setup,
997 T(REGRESS_OPENSSL_SOCKETPAIR|REGRESS_OPENSSL_CLIENT_WRITE) },
998 { "bufferevent_filter", regress_bufferevent_openssl,
999 TT_ISOLATED, &ssl_setup, T(REGRESS_OPENSSL_FILTER) },
1000 { "bufferevent_filter_write_after_connect", regress_bufferevent_openssl,
1001 TT_ISOLATED, &ssl_setup,
1002 T(REGRESS_OPENSSL_FILTER|REGRESS_OPENSSL_CLIENT_WRITE) },
1003 { "bufferevent_renegotiate_socketpair", regress_bufferevent_openssl,
1004 TT_ISOLATED, &ssl_setup,
1005 T(REGRESS_OPENSSL_SOCKETPAIR | REGRESS_OPENSSL_RENEGOTIATE) },
1006 { "bufferevent_renegotiate_filter", regress_bufferevent_openssl,
1007 TT_ISOLATED, &ssl_setup,
1008 T(REGRESS_OPENSSL_FILTER | REGRESS_OPENSSL_RENEGOTIATE) },
1009 { "bufferevent_socketpair_startopen", regress_bufferevent_openssl,
1010 TT_ISOLATED, &ssl_setup,
1011 T(REGRESS_OPENSSL_SOCKETPAIR | REGRESS_OPENSSL_OPEN) },
1012 { "bufferevent_filter_startopen", regress_bufferevent_openssl,
1013 TT_ISOLATED, &ssl_setup,
1014 T(REGRESS_OPENSSL_FILTER | REGRESS_OPENSSL_OPEN) },
1015
1016 { "bufferevent_socketpair_dirty_shutdown", regress_bufferevent_openssl,
1017 TT_ISOLATED, &ssl_setup,
1018 T(REGRESS_OPENSSL_SOCKETPAIR | REGRESS_OPENSSL_DIRTY_SHUTDOWN) },
1019 { "bufferevent_filter_dirty_shutdown", regress_bufferevent_openssl,
1020 TT_ISOLATED, &ssl_setup,
1021 T(REGRESS_OPENSSL_FILTER | REGRESS_OPENSSL_DIRTY_SHUTDOWN) },
1022 { "bufferevent_renegotiate_socketpair_dirty_shutdown",
1023 regress_bufferevent_openssl,
1024 TT_ISOLATED,
1025 &ssl_setup,
1026 T(REGRESS_OPENSSL_SOCKETPAIR | REGRESS_OPENSSL_RENEGOTIATE | REGRESS_OPENSSL_DIRTY_SHUTDOWN) },
1027 { "bufferevent_renegotiate_filter_dirty_shutdown",
1028 regress_bufferevent_openssl,
1029 TT_ISOLATED,
1030 &ssl_setup,
1031 T(REGRESS_OPENSSL_FILTER | REGRESS_OPENSSL_RENEGOTIATE | REGRESS_OPENSSL_DIRTY_SHUTDOWN) },
1032 { "bufferevent_socketpair_startopen_dirty_shutdown",
1033 regress_bufferevent_openssl,
1034 TT_ISOLATED, &ssl_setup,
1035 T(REGRESS_OPENSSL_SOCKETPAIR | REGRESS_OPENSSL_OPEN | REGRESS_OPENSSL_DIRTY_SHUTDOWN) },
1036 { "bufferevent_filter_startopen_dirty_shutdown",
1037 regress_bufferevent_openssl,
1038 TT_ISOLATED, &ssl_setup,
1039 T(REGRESS_OPENSSL_FILTER | REGRESS_OPENSSL_OPEN | REGRESS_OPENSSL_DIRTY_SHUTDOWN) },
1040
1041 { "bufferevent_socketpair_fd", regress_bufferevent_openssl,
1042 TT_ISOLATED, &ssl_setup,
1043 T(REGRESS_OPENSSL_SOCKETPAIR | REGRESS_OPENSSL_FD) },
1044 { "bufferevent_socketpair_freed", regress_bufferevent_openssl,
1045 TT_ISOLATED, &ssl_setup,
1046 T(REGRESS_OPENSSL_SOCKETPAIR | REGRESS_OPENSSL_FREED) },
1047 { "bufferevent_socketpair_freed_fd", regress_bufferevent_openssl,
1048 TT_ISOLATED, &ssl_setup,
1049 T(REGRESS_OPENSSL_SOCKETPAIR | REGRESS_OPENSSL_FREED | REGRESS_OPENSSL_FD) },
1050 { "bufferevent_filter_freed_fd", regress_bufferevent_openssl,
1051 TT_ISOLATED, &ssl_setup,
1052 T(REGRESS_OPENSSL_FILTER | REGRESS_OPENSSL_FREED | REGRESS_OPENSSL_FD) },
1053
1054 { "bufferevent_socketpair_timeout", regress_bufferevent_openssl,
1055 TT_ISOLATED, &ssl_setup,
1056 T(REGRESS_OPENSSL_SOCKETPAIR | REGRESS_OPENSSL_TIMEOUT) },
1057 { "bufferevent_socketpair_timeout_freed_fd", regress_bufferevent_openssl,
1058 TT_ISOLATED, &ssl_setup,
1059 T(REGRESS_OPENSSL_SOCKETPAIR | REGRESS_OPENSSL_TIMEOUT | REGRESS_OPENSSL_FREED | REGRESS_OPENSSL_FD) },
1060
1061 { "bufferevent_connect", regress_bufferevent_openssl_connect,
1062 TT_FORK|TT_NEED_BASE, &ssl_setup, NULL },
1063 { "bufferevent_connect_sleep", regress_bufferevent_openssl_connect,
1064 TT_FORK|TT_NEED_BASE, &ssl_setup, T(REGRESS_OPENSSL_SLEEP) },
1065
1066 { "bufferevent_wm", regress_bufferevent_openssl_wm,
1067 TT_FORK|TT_NEED_BASE, &ssl_setup, NULL },
1068 { "bufferevent_wm_filter", regress_bufferevent_openssl_wm,
1069 TT_FORK|TT_NEED_BASE, &ssl_setup, T(REGRESS_OPENSSL_FILTER) },
1070 { "bufferevent_wm_defer", regress_bufferevent_openssl_wm,
1071 TT_FORK|TT_NEED_BASE, &ssl_setup, T(REGRESS_DEFERRED_CALLBACKS) },
1072 { "bufferevent_wm_filter_defer", regress_bufferevent_openssl_wm,
1073 TT_FORK|TT_NEED_BASE, &ssl_setup, T(REGRESS_OPENSSL_FILTER|REGRESS_DEFERRED_CALLBACKS) },
1074
1075 #undef T
1076
1077 END_OF_TESTCASES,
1078 };
1079