envoy-openssl/bssl-compat/source/test/test_err.cc at 3536dfde2ebf1559d6e4fe6cb9145e1e34461d3d · envoyproxy/envoy-openssl · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
#include <gtest/gtest.h>
#include <openssl/err.h>
#include <openssl/ssl.h>
#include <limits>
#include <cstring>
#include <cerrno>


TEST(ErrTest, test_ERR_func_error_string) {
  ASSERT_STREQ("OPENSSL_internal", ERR_func_error_string(0));
  ASSERT_STREQ("OPENSSL_internal", ERR_func_error_string(42));
}


TEST(ErrTest, test_ERR_LIB_SSL_ERR_R_MALLOC_FAILURE) {
  char buf[256]{};

  ERR_clear_error();

  ERR_put_error(ERR_LIB_SSL, 0, ERR_R_MALLOC_FAILURE, __FILE__, __LINE__);

  uint32_t e = ERR_get_error();

  EXPECT_EQ(0x10000041, e);
  EXPECT_STREQ("SSL routines", ERR_lib_error_string(e));
  EXPECT_STREQ("malloc failure", ERR_reason_error_string(e));
  EXPECT_STREQ("error:10000041:SSL routines:OPENSSL_internal:malloc failure", ERR_error_string_n(e, buf, sizeof(buf)));
}


/**
 * This covers a fix for test IpVersionsClientVersions/SslCertficateIntegrationTest.ServerEcdsaClientRsaOnlyWithAccessLog/IPv4_TLSv1_3
 * which fails because of an error string mismatch between BoringSSL's string and OpenSSL's string:
 *
 * Expected: "DOWNSTREAM_TRANSPORT_FAILURE_REASON=TLS_error:_268435709:SSL_routines:OPENSSL_internal:NO_COMMON_SIGNATURE_ALGORITHMS"
 * Actual:   "DOWNSTREAM_TRANSPORT_FAILURE_REASON=TLS_error:_167772278:SSL_routines:OPENSSL_internal:no_suitable_signature_algorithm FILTER_CHAIN_NAME=-"
 */
TEST(ErrTest, test_SSL_R_NO_SUITABLE_SIGNATURE_ALGORITHM) {
  char buf[256]{};
  ERR_clear_error();

#ifdef BSSL_COMPAT
  ERR_put_error(ERR_LIB_SSL, 0, ossl_SSL_R_NO_SUITABLE_SIGNATURE_ALGORITHM, __FILE__, __LINE__);
#else // BoringSSL
  ERR_put_error(ERR_LIB_SSL, 0, SSL_R_NO_COMMON_SIGNATURE_ALGORITHMS, __FILE__, __LINE__);
#endif

  uint32_t e = ERR_get_error();

  EXPECT_EQ(268435709, e);
  EXPECT_STREQ("SSL routines", ERR_lib_error_string(e));
  EXPECT_STREQ("NO_COMMON_SIGNATURE_ALGORITHMS", ERR_reason_error_string(e));
  EXPECT_STREQ("error:100000fd:SSL routines:OPENSSL_internal:NO_COMMON_SIGNATURE_ALGORITHMS", ERR_error_string_n(e, buf, sizeof(buf)));
}


TEST(ErrTest, test_system_error_ECONNRESET) {
  uint32_t err = 0x80000068;

  EXPECT_EQ(ERR_LIB_SYS, ERR_GET_LIB(err));
  EXPECT_EQ(104, ERR_GET_REASON(err));

  const char *lib = ERR_lib_error_string(err);
  ASSERT_NE(nullptr, lib);
  EXPECT_STREQ("system library", lib);

  const char *reason = ERR_reason_error_string(err);
  ASSERT_NE(nullptr, reason);
  EXPECT_STREQ(strerror(104), reason);
}


TEST(ErrTest, test_system_error_EPIPE) {
  uint32_t err = 0x80000020;

  EXPECT_EQ(ERR_LIB_SYS, ERR_GET_LIB(err));
  EXPECT_EQ(32, ERR_GET_REASON(err));

  const char *lib = ERR_lib_error_string(err);
  ASSERT_NE(nullptr, lib);
  EXPECT_STREQ("system library", lib);

  const char *reason = ERR_reason_error_string(err);
  ASSERT_NE(nullptr, reason);
  EXPECT_STREQ(strerror(32), reason);
}


TEST(ErrTest, test_system_error_ETIMEDOUT) {
  uint32_t err = 0x8000006E;

  EXPECT_EQ(ERR_LIB_SYS, ERR_GET_LIB(err));
  EXPECT_EQ(110, ERR_GET_REASON(err));

  const char *lib = ERR_lib_error_string(err);
  ASSERT_NE(nullptr, lib);
  EXPECT_STREQ("system library", lib);

  const char *reason = ERR_reason_error_string(err);
  ASSERT_NE(nullptr, reason);
  EXPECT_STREQ(strerror(110), reason);
}


TEST(ErrTest, test_system_error_invalid_errno) {
  uint32_t err = 0x80000FFF;

  EXPECT_EQ(ERR_LIB_SYS, ERR_GET_LIB(err));

  const char *lib = ERR_lib_error_string(err);
  ASSERT_NE(nullptr, lib);
  EXPECT_STREQ("system library", lib);

  const char *reason = ERR_reason_error_string(err);
  ASSERT_NE(nullptr, reason);
  EXPECT_STREQ("unknown error", reason);
}