m4/ax_atomic.m4: fixes for C++ compatibility.

wolfssl/wolfcrypt/wc_port.h: add WOLFSSL_API attribute to wolfSSL_Atomic_Int_Init, wolfSSL_Atomic_Int_FetchAdd, and wolfSSL_Atomic_Int_FetchAdd, and add fallback definitions for them, allowing elimination of SINGLE_THREADED implementations of wolfSSL_Ref*(), and allowing ungated use of wolfSSL_Atomic_* calls in api.c. wolfcrypt/src/dh.c: in wc_DhAgree_ct(), remove frivolous XMEMSET() and stray semicolon. wolfcrypt/benchmark/benchmark.c: fix bench_rsaKeyGen() to skip tests of key sizes below RSA_MIN_SIZE, and add 4096 bit benchmark if RSA_MAX_SIZE is big enough. tests/unit.h: * adopt definitions of TEST_FAIL, TEST_SUCCESS, and TEST_SKIPPED from unit.c, remap TEST_SKIPPED from -7777 to 3, and add TEST_SUCCESS_NO_MSGS, TEST_SKIPPED_NO_MSGS, EXPECT_DECLS_NO_MSGS(), and EXPECT_FAILURE_CODEPOINT_ID, to support existing and future expected-particular-failure test cases without log noise. * rename outer gate from CyaSSL_UNIT_H to TESTS_UNIT_H. tests/api.c: * use EXPECT_DECLS_NO_MSGS() in test_ssl_memio_setup(), test_ssl_memio_read_write(), and test_wolfSSL_client_server_nofail_memio(), and globally update affected expected error codes to correspond. * use atomics for {client,server}SessRemCount{Malloc,free} to fix races in SessRemCtxCb() and SessRemSslSetupCb().
wolfSSL · Sep 18, 2024 · 3258a9c · 3258a9c
1 parent ef6f156
commit 3258a9c
Show file tree

Hide file tree

Showing 6 changed files with 136 additions and 90 deletions.
diff --git a/m4/ax_atomic.m4 b/m4/ax_atomic.m4
@@ -9,18 +9,20 @@ AC_DEFUN([AC_C___ATOMIC],
  [[int
  main (int argc, char **argv)
  {
- volatile unsigned long ul1 = 1, ul2 = 0, ul3 = 2;
+ volatile unsigned long ul1 = 1;
+ unsigned long ul2 = 0, ul3 = 2;
  __atomic_load_n(&ul1, __ATOMIC_SEQ_CST);
  __atomic_compare_exchange(&ul1, &ul2, &ul3, 1, __ATOMIC_SEQ_CST, __ATOMIC_SEQ_CST);
  __atomic_fetch_add(&ul1, 1, __ATOMIC_SEQ_CST);
- __atomic_fetch_sub(&ul3, 1, __ATOMIC_SEQ_CST);
+ __atomic_fetch_sub(&ul1, 1, __ATOMIC_SEQ_CST);
  __atomic_or_fetch(&ul1, ul2, __ATOMIC_SEQ_CST);
  __atomic_and_fetch(&ul1, ul2, __ATOMIC_SEQ_CST);
- volatile unsigned long long ull1 = 1, ull2 = 0, ull3 = 2;
+ volatile unsigned long long ull1 = 1;
+ unsigned long long ull2 = 0, ull3 = 2;
  __atomic_load_n(&ull1, __ATOMIC_SEQ_CST);
  __atomic_compare_exchange(&ull1, &ull2, &ull3, 1, __ATOMIC_SEQ_CST, __ATOMIC_SEQ_CST);
  __atomic_fetch_add(&ull1, 1, __ATOMIC_SEQ_CST);
- __atomic_fetch_sub(&ull3, 1, __ATOMIC_SEQ_CST);
+ __atomic_fetch_sub(&ull1, 1, __ATOMIC_SEQ_CST);
  __atomic_or_fetch(&ull1, ull2, __ATOMIC_SEQ_CST);
  __atomic_and_fetch(&ull1, ull2, __ATOMIC_SEQ_CST);
  return 0;

diff --git a/tests/api.c b/tests/api.c
@@ -532,15 +532,6 @@ int tmpDirNameSet = 0;
  | Constants
  *----------------------------------------------------------------------------*/
 
-/* Test result constants and macros. */
-
-/* Test succeeded. */
-#define TEST_SUCCESS (1)
-/* Test failed. */
-#define TEST_FAIL (0)
-/* Test skipped - not run. */
-#define TEST_SKIPPED (-7777)
-
 /* Returns the result based on whether check is true.
  *
  * @param [in] check Condition for success.
@@ -7049,7 +7040,7 @@ static WC_INLINE int test_ssl_memio_read_cb(WOLFSSL *ssl, char *data, int sz,
 
 static WC_INLINE int test_ssl_memio_setup(test_ssl_memio_ctx *ctx)
 {
- EXPECT_DECLS;
+ EXPECT_DECLS_NO_MSGS(-2000);
 #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE)
  int c_sharedCtx = 0;
  int s_sharedCtx = 0;
@@ -7322,7 +7313,7 @@ static int test_ssl_memio_do_handshake(test_ssl_memio_ctx* ctx, int max_rounds,
 
 static int test_ssl_memio_read_write(test_ssl_memio_ctx* ctx)
 {
- EXPECT_DECLS;
+ EXPECT_DECLS_NO_MSGS(-3000);
  char input[1024];
  int idx = 0;
  const char* msg_c = "hello wolfssl!";
@@ -7411,7 +7402,14 @@ static void test_ssl_memio_cleanup(test_ssl_memio_ctx* ctx)
 int test_wolfSSL_client_server_nofail_memio(test_ssl_cbf* client_cb,
  test_ssl_cbf* server_cb, cbType client_on_handshake)
 {
- EXPECT_DECLS;
+ /* We use EXPECT_DECLS_NO_MSGS() here because this helper routine is used
+ * for numerous but varied expected-to-fail scenarios that should not emit
+ * error messages on the expected failures. Instead, we return a distinct
+ * code for each failure point, allowing the caller to assert on a
+ * particular mode of expected failure. On success, the usual TEST_SUCCESS
+ * is returned.
+ */
+ EXPECT_DECLS_NO_MSGS(-1000);
  struct test_ssl_memio_ctx test_ctx;
 #ifdef WOLFSSL_HAVE_TLS_UNIQUE
  size_t msg_len;
@@ -7423,8 +7421,8 @@ int test_wolfSSL_client_server_nofail_memio(test_ssl_cbf* client_cb,
 
  test_ctx.c_ctx = client_cb->ctx;
  test_ctx.s_ctx = server_cb->ctx;
- test_ctx.c_cb.return_code = TEST_FAIL;
- test_ctx.s_cb.return_code = TEST_FAIL;
+ test_ctx.c_cb.return_code = EXPECT_FAILURE_CODEPOINT_ID;
+ test_ctx.s_cb.return_code = EXPECT_FAILURE_CODEPOINT_ID;
 
  ExpectIntEQ(test_ssl_memio_setup(&test_ctx), TEST_SUCCESS);
  ExpectIntEQ(test_ssl_memio_do_handshake(&test_ctx, 10, NULL), TEST_SUCCESS);
@@ -9333,10 +9331,10 @@ static int test_wolfSSL_CTX_verifyDepth_ServerClient_3(void)
  * therefore, handshake becomes failure.
  */
  ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cbf,
- &server_cbf, NULL), TEST_FAIL);
+ &server_cbf, NULL), -1001);
 
- ExpectIntEQ(client_cbf.return_code, TEST_FAIL);
- ExpectIntEQ(server_cbf.return_code, TEST_FAIL);
+ ExpectIntEQ(client_cbf.return_code, -1000);
+ ExpectIntEQ(server_cbf.return_code, -1000);
  ExpectIntEQ(client_cbf.last_err, WC_NO_ERR_TRACE(MAX_CHAIN_ERROR));
  ExpectIntEQ(server_cbf.last_err, WC_NO_ERR_TRACE(FATAL_ERROR));
 #endif /* OPENSSL_EXTRA && HAVE_SSL_MEMIO_TESTS_DEPENDENCIES */
@@ -13878,7 +13876,7 @@ static int test_wolfSSL_X509_TLS_version_test_1(void)
 
 #ifndef OPENSSL_COMPATIBLE_DEFAULTS
  ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&func_cb_client,
- &func_cb_server, NULL), TEST_FAIL);
+ &func_cb_server, NULL), -1001);
 #else
  ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&func_cb_client,
  &func_cb_server, NULL), TEST_SUCCESS);
@@ -61619,7 +61617,7 @@ static int test_wolfSSL_curves_mismatch(void)
  func_cb_server.method = test_params[i].server_meth;
 
  ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&func_cb_client,
- &func_cb_server, NULL), TEST_FAIL);
+ &func_cb_server, NULL), -1001);
  ExpectIntEQ(func_cb_client.last_err, test_params[i].client_last_err);
  ExpectIntEQ(func_cb_server.last_err, test_params[i].server_last_err);
 
@@ -69414,10 +69412,16 @@ static int test_wolfSSL_SESSION_expire_downgrade(void)
 
 #if defined(OPENSSL_EXTRA) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && \
  defined(HAVE_EX_DATA) && !defined(NO_SESSION_CACHE)
-static int clientSessRemCountMalloc = 0;
-static int serverSessRemCountMalloc = 0;
-static int clientSessRemCountFree = 0;
-static int serverSessRemCountFree = 0;
+#ifdef WOLFSSL_ATOMIC_OPS
+ typedef wolfSSL_Atomic_Int SessRemCounter_t;
+#else
+ typedef int SessRemCounter_t;
+#endif
+static SessRemCounter_t clientSessRemCountMalloc;
+static SessRemCounter_t serverSessRemCountMalloc;
+static SessRemCounter_t clientSessRemCountFree;
+static SessRemCounter_t serverSessRemCountFree;
+
 static WOLFSSL_CTX* serverSessCtx = NULL;
 static WOLFSSL_SESSION* serverSess = NULL;
 #if (defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET)) || \
@@ -69438,9 +69442,9 @@ static void SessRemCtxCb(WOLFSSL_CTX *ctx, WOLFSSL_SESSION *sess)
  side = (int*)SSL_SESSION_get_ex_data(sess, serverSessRemIdx);
  if (side != NULL) {
  if (*side == WOLFSSL_CLIENT_END)
- clientSessRemCountFree++;
+ (void)wolfSSL_Atomic_Int_FetchAdd(&clientSessRemCountFree, 1);
  else
- serverSessRemCountFree++;
+ (void)wolfSSL_Atomic_Int_FetchAdd(&serverSessRemCountFree, 1);
 
  SSL_SESSION_set_ex_data(sess, serverSessRemIdx, NULL);
  }
@@ -69477,14 +69481,14 @@ static int SessRemSslSetupCb(WOLFSSL* ssl)
 
  if (SSL_is_server(ssl)) {
  side = &sessRemCtx_Server;
- serverSessRemCountMalloc++;
+ (void)wolfSSL_Atomic_Int_FetchAdd(&serverSessRemCountMalloc, 1);
  ExpectNotNull(serverSess = SSL_get1_session(ssl));
  ExpectIntEQ(SSL_CTX_up_ref(serverSessCtx = SSL_get_SSL_CTX(ssl)),
  SSL_SUCCESS);
  }
  else {
  side = &sessRemCtx_Client;
- clientSessRemCountMalloc++;
+ (void)wolfSSL_Atomic_Int_FetchAdd(&clientSessRemCountMalloc, 1);
  #if (defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET)) || \
  !defined(NO_SESSION_CACHE_REF)
  ExpectNotNull(clientSess = SSL_get1_session(ssl));
@@ -69508,6 +69512,11 @@ static int test_wolfSSL_CTX_sess_set_remove_cb(void)
  * session object */
  test_ssl_cbf func_cb;
 
+ wolfSSL_Atomic_Int_Init(&clientSessRemCountMalloc, 0);
+ wolfSSL_Atomic_Int_Init(&serverSessRemCountMalloc, 0);
+ wolfSSL_Atomic_Int_Init(&clientSessRemCountFree, 0);
+ wolfSSL_Atomic_Int_Init(&serverSessRemCountFree, 0);
+
  XMEMSET(&func_cb, 0, sizeof(func_cb));
  func_cb.ctx_ready = SessRemCtxSetupCb;
  func_cb.on_result = SessRemSslSetupCb;
@@ -78373,7 +78382,7 @@ static int test_DhCallbacks(void)
  func_cb_server.method = wolfTLSv1_2_server_method;
 
  ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&func_cb_client,
- &func_cb_server, NULL), TEST_FAIL);
+ &func_cb_server, NULL), -1001);
 #endif
  return EXPECT_RESULT();
 }
@@ -85550,7 +85559,7 @@ static int test_multiple_crls_same_issuer(void)
  client_cbs.ctx_ready = test_multiple_crls_same_issuer_ctx_ready;
 
  ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cbs,
- &server_cbs, NULL), TEST_FAIL);
+ &server_cbs, NULL), -1001);
  }
 #endif
  return EXPECT_RESULT();
@@ -90097,7 +90106,7 @@ static int test_wolfSSL_CRL_CERT_REVOKED_alert(void)
  server_cbs.on_cleanup = test_wolfSSL_CRL_CERT_REVOKED_alert_on_cleanup;
 
  ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cbs,
- &server_cbs, NULL), TEST_FAIL);
+ &server_cbs, NULL), -1001);
 
  return EXPECT_RESULT();
 }
@@ -90904,7 +90913,7 @@ static int test_override_alt_cert_chain(void)
  {test_override_alt_cert_chain_client_ctx_ready,
  test_override_alt_cert_chain_server_ctx_ready, TEST_SUCCESS},
  {test_override_alt_cert_chain_client_ctx_ready2,
- test_override_alt_cert_chain_server_ctx_ready, TEST_FAIL},
+ test_override_alt_cert_chain_server_ctx_ready, -1001},
  };
 
  for (i = 0; i < sizeof(params)/sizeof(*params); i++) {
@@ -90920,8 +90929,10 @@ static int test_override_alt_cert_chain(void)
  ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cbs,
  &server_cbs, NULL), params[i].result);
 
- ExpectIntEQ(client_cbs.return_code, params[i].result);
- ExpectIntEQ(server_cbs.return_code, params[i].result);
+ ExpectIntEQ(client_cbs.return_code,
+ params[i].result <= 0 ? -1000 : TEST_SUCCESS);
+ ExpectIntEQ(server_cbs.return_code,
+ params[i].result <= 0 ? -1000 : TEST_SUCCESS);
  }
 
  return EXPECT_RESULT();
@@ -93488,7 +93499,7 @@ static int test_revoked_loaded_int_cert(void)
  client_cbf.ctx_ready = test_params[i].client_ctx_ready;
 
  ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cbf,
- &server_cbf, NULL), TEST_FAIL);
+ &server_cbf, NULL), -1001);
  ExpectIntEQ(client_cbf.last_err, WC_NO_ERR_TRACE(CRL_CERT_REVOKED));
  ExpectIntEQ(server_cbf.last_err, WC_NO_ERR_TRACE(FATAL_ERROR));
 

diff --git a/tests/unit.h b/tests/unit.h
@@ -20,8 +20,8 @@
  */
 
 
-#ifndef CyaSSL_UNIT_H
-#define CyaSSL_UNIT_H
+#ifndef TESTS_UNIT_H
+#define TESTS_UNIT_H
 
 #include <wolfssl/ssl.h>
 #include <wolfssl/test.h> /* thread and tcp stuff */
@@ -121,42 +121,70 @@
 #define AssertPtrGE(x, y) AssertPtr(x, y, >=, <)
 #define AssertPtrLE(x, y) AssertPtr(x, y, <=, >)
 
+#define TEST_FAIL 0
+#define TEST_SUCCESS 1
+#define TEST_SUCCESS_NO_MSGS 2
+#define TEST_SKIPPED 3 /* Test skipped - not run. */
+#define TEST_SKIPPED_NO_MSGS 4 /* Test skipped - not run. */
 
 #define EXPECT_DECLS \
- int _ret = TEST_SKIPPED
+ int _ret = TEST_SKIPPED, _fail_codepoint_id = TEST_FAIL
+#define EXPECT_DECLS_NO_MSGS(fail_codepoint_offset) \
+ int _ret = TEST_SKIPPED_NO_MSGS, \
+ _fail_codepoint_id = (fail_codepoint_offset)
+#define EXPECT_FAILURE_CODEPOINT_ID _fail_codepoint_id
 #define EXPECT_RESULT() \
- _ret
+ ((void)_fail_codepoint_id, \
+ _ret == TEST_SUCCESS_NO_MSGS ? TEST_SUCCESS : \
+ _ret == TEST_SKIPPED_NO_MSGS ? TEST_SKIPPED : \
+ _ret)
 #define EXPECT_SUCCESS() \
- ((_ret == TEST_SUCCESS) || (_ret == TEST_SKIPPED))
+ ((_ret == TEST_SUCCESS) || \
+ (_ret == TEST_SKIPPED) || \
+ (_ret == TEST_SUCCESS_NO_MSGS) || \
+ (_ret == TEST_SKIPPED_NO_MSGS))
 #define EXPECT_FAIL() \
- (_ret == TEST_FAIL)
-
-#define ExpFail(description, result) do { \
- printf("\nERROR - %s line %d failed with:", __FILE__, __LINE__); \
- fputs("\n expected: ", stdout); printf description; \
- fputs("\n result: ", stdout); printf result; fputs("\n\n", stdout); \
- fflush(stdout); \
- _ret = TEST_FAIL; \
+ (! EXPECT_SUCCESS())
+
+#define ExpFail(description, result) do { \
+ if ((_ret == TEST_SUCCESS_NO_MSGS) || (_ret == TEST_SKIPPED_NO_MSGS)) \
+ _ret = _fail_codepoint_id; \
+ else { \
+ printf("\nERROR - %s line %d failed with:", __FILE__, __LINE__); \
+ fputs("\n expected: ", stdout); printf description; \
+ fputs("\n result: ", stdout); printf result; \
+ fputs("\n\n", stdout); \
+ fflush(stdout); \
+ _ret = TEST_FAIL; \
+ } \
 } while (0)
 
-#define Expect(test, description, result) do { \
- if (_ret != TEST_FAIL) { if (!(test)) ExpFail(description, result); \
- else _ret = TEST_SUCCESS; } \
+#define Expect(test, description, result) do { \
+ if (EXPECT_SUCCESS()) { \
+ if (!(test)) \
+ ExpFail(description, result); \
+ else if (_ret == TEST_SKIPPED_NO_MSGS) \
+ _ret = TEST_SUCCESS_NO_MSGS; \
+ else \
+ _ret = TEST_SUCCESS; \
+ } \
+ if (_ret == TEST_SUCCESS_NO_MSGS) \
+ --_fail_codepoint_id; \
 } while (0)
 
 #define ExpectTrue(x) Expect( (x), ("%s is true", #x), (#x " => FALSE"))
 #define ExpectFalse(x) Expect(!(x), ("%s is false", #x), (#x " => TRUE"))
 #define ExpectNotNull(x) Expect( (x), ("%s is not null", #x), (#x " => NULL"))
 
 #define ExpectNull(x) do { \
- if (_ret != TEST_FAIL) { \
+ if (EXPECT_SUCCESS()) {  \
  PEDANTIC_EXTENSION void* _x = (void*)(x); \
  Expect(!_x, ("%s is null", #x), (#x " => %p", _x)); \
  } \
 } while(0)
 
 #define ExpectInt(x, y, op, er) do { \
- if (_ret != TEST_FAIL) { \
+ if (EXPECT_SUCCESS()) {  \
  int _x = (int)(x); \
  int _y = (int)(y); \
  Expect(_x op _y, ("%s " #op " %s", #x, #y), ("%d " #er " %d", _x, _y));\
@@ -171,7 +199,7 @@
 #define ExpectIntLE(x, y) ExpectInt(x, y, <=, >)
 
 #define ExpectStr(x, y, op, er) do { \
- if (_ret != TEST_FAIL) { \
+ if (EXPECT_SUCCESS()) {  \
  const char* _x = (const char*)(x); \
  const char* _y = (const char*)(y); \
  int _z = (_x && _y) ? XSTRCMP(_x, _y) : -1; \
@@ -188,7 +216,7 @@
 #define ExpectStrLE(x, y) ExpectStr(x, y, <=, >)
 
 #define ExpectPtr(x, y, op, er) do { \
- if (_ret != TEST_FAIL) { \
+ if (EXPECT_SUCCESS()) {  \
  PRAGMA_DIAG_PUSH \
  /* remarkably, without this inhibition, */ \
  /* the _Pragma()s make the declarations warn. */ \
@@ -211,7 +239,7 @@
 #define ExpectPtrLE(x, y) ExpectPtr(x, y, <=, >)
 
 #define ExpectBuf(x, y, z, op, er) do { \
- if (_ret != TEST_FAIL) { \
+ if (EXPECT_SUCCESS()) {  \
  const byte* _x = (const byte*)(x); \
  const byte* _y = (const byte*)(y); \
  int _z = (int)(z); \
@@ -306,4 +334,4 @@ int w64wrapper_test(void);
 int QuicTest(void);
 
 
-#endif /* CyaSSL_UNIT_H */
+#endif /* TESTS_UNIT_H */