}
#endif
+#if OPENSSL_VERSION_NUMBER >= 0x1000200fL && !defined(OPENSSL_NO_TLSEXT)
+int SSLContext::alpnSelectCallback(SSL* ssl,
+ const unsigned char** out,
+ unsigned char* outlen,
+ const unsigned char* in,
+ unsigned int inlen,
+ void* data) {
+ SSLContext* context = (SSLContext*)data;
+ CHECK(context);
+ if (context->advertisedNextProtocols_.empty()) {
+ *out = nullptr;
+ *outlen = 0;
+ } else {
+ auto i = context->pickNextProtocols();
+ const auto& item = context->advertisedNextProtocols_[i];
+ if (SSL_select_next_proto((unsigned char**)out,
+ outlen,
+ item.protocols,
+ item.length,
+ in,
+ inlen) != OPENSSL_NPN_NEGOTIATED) {
+ return SSL_TLSEXT_ERR_NOACK;
+ }
+ }
+ return SSL_TLSEXT_ERR_OK;
+}
+#endif
+
#ifdef OPENSSL_NPN_NEGOTIATED
-bool SSLContext::setAdvertisedNextProtocols(const std::list<std::string>& protocols) {
- return setRandomizedAdvertisedNextProtocols({{1, protocols}});
+
+bool SSLContext::setAdvertisedNextProtocols(
+ const std::list<std::string>& protocols, NextProtocolType protocolType) {
+ return setRandomizedAdvertisedNextProtocols({{1, protocols}}, protocolType);
}
bool SSLContext::setRandomizedAdvertisedNextProtocols(
- const std::list<NextProtocolsItem>& items) {
+ const std::list<NextProtocolsItem>& items, NextProtocolType protocolType) {
unsetNextProtocols();
if (items.size() == 0) {
return false;
for (auto &advertised_item : advertisedNextProtocols_) {
advertised_item.probability /= total_weight;
}
- SSL_CTX_set_next_protos_advertised_cb(
- ctx_, advertisedNextProtocolCallback, this);
- SSL_CTX_set_next_proto_select_cb(
- ctx_, selectNextProtocolCallback, this);
+ if ((uint8_t)protocolType & (uint8_t)NextProtocolType::NPN) {
+ SSL_CTX_set_next_protos_advertised_cb(
+ ctx_, advertisedNextProtocolCallback, this);
+ SSL_CTX_set_next_proto_select_cb(ctx_, selectNextProtocolCallback, this);
+ }
+#if OPENSSL_VERSION_NUMBER >= 0x1000200fL && !defined(OPENSSL_NO_TLSEXT)
+ if ((uint8_t)protocolType & (uint8_t)NextProtocolType::ALPN) {
+ SSL_CTX_set_alpn_select_cb(ctx_, alpnSelectCallback, this);
+ // Client cannot really use randomized alpn
+ SSL_CTX_set_alpn_protos(ctx_,
+ advertisedNextProtocols_[0].protocols,
+ advertisedNextProtocols_[0].length);
+ }
+#endif
return true;
}
deleteNextProtocolsStrings();
SSL_CTX_set_next_protos_advertised_cb(ctx_, nullptr, nullptr);
SSL_CTX_set_next_proto_select_cb(ctx_, nullptr, nullptr);
+#if OPENSSL_VERSION_NUMBER >= 0x1000200fL && !defined(OPENSSL_NO_TLSEXT)
+ SSL_CTX_set_alpn_select_cb(ctx_, nullptr, nullptr);
+ SSL_CTX_set_alpn_protos(ctx_, nullptr, 0);
+#endif
+}
+
+size_t SSLContext::pickNextProtocols() {
+ unsigned char random_byte;
+ RAND_bytes(&random_byte, 1);
+ double random_value = random_byte / 255.0;
+ double sum = 0;
+ for (size_t i = 0; i < advertisedNextProtocols_.size(); ++i) {
+ sum += advertisedNextProtocols_[i].probability;
+ if (sum < random_value && i + 1 < advertisedNextProtocols_.size()) {
+ continue;
+ }
+ return i;
+ }
+ CHECK(false) << "Failed to pickNextProtocols";
}
int SSLContext::advertisedNextProtocolCallback(SSL* ssl,
*out = context->advertisedNextProtocols_[selected_index].protocols;
*outlen = context->advertisedNextProtocols_[selected_index].length;
} else {
- unsigned char random_byte;
- RAND_bytes(&random_byte, 1);
- double random_value = random_byte / 255.0;
- double sum = 0;
- for (size_t i = 0; i < context->advertisedNextProtocols_.size(); ++i) {
- sum += context->advertisedNextProtocols_[i].probability;
- if (sum < random_value &&
- i + 1 < context->advertisedNextProtocols_.size()) {
- continue;
- }
- uintptr_t selected = i + 1;
- SSL_set_ex_data(ssl, sNextProtocolsExDataIndex_, (void *)selected);
- *out = context->advertisedNextProtocols_[i].protocols;
- *outlen = context->advertisedNextProtocols_[i].length;
- break;
- }
+ auto i = context->pickNextProtocols();
+ uintptr_t selected = i + 1;
+ SSL_set_ex_data(ssl, sNextProtocolsExDataIndex_, (void*)selected);
+ *out = context->advertisedNextProtocols_[i].protocols;
+ *outlen = context->advertisedNextProtocols_[i].length;
}
}
return SSL_TLSEXT_ERR_OK;
*/
void setOptions(long options);
+ enum class NextProtocolType : uint8_t {
+ NPN = 0x1,
+ ALPN = 0x2,
+ ANY = NPN | ALPN
+ };
+
#ifdef OPENSSL_NPN_NEGOTIATED
/**
* Set the list of protocols that this SSL context supports. In server
* mode, this is the list of protocols that will be advertised for Next
- * Protocol Negotiation (NPN). In client mode, the first protocol
- * advertised by the server that is also on this list is
- * chosen. Invoking this function with a list of length zero causes NPN
- * to be disabled.
+ * Protocol Negotiation (NPN) or Application Layer Protocol Negotiation
+ * (ALPN). In client mode, the first protocol advertised by the server
+ * that is also on this list is chosen. Invoking this function with a list
+ * of length zero causes NPN to be disabled.
*
* @param protocols List of protocol names. This method makes a copy,
* so the caller needn't keep the list in scope after
* the call completes. The list must have at least
* one element to enable NPN. Each element must have
* a string length < 256.
- * @return true if NPN has been activated. False if NPN is disabled.
+ * @param protocolType What type of protocol negotiation to support.
+ * @return true if NPN/ALPN has been activated. False if NPN/ALPN is disabled.
*/
- bool setAdvertisedNextProtocols(const std::list<std::string>& protocols);
+ bool setAdvertisedNextProtocols(
+ const std::list<std::string>& protocols,
+ NextProtocolType protocolType = NextProtocolType::ANY);
/**
* Set weighted list of lists of protocols that this SSL context supports.
* In server mode, each element of the list contains a list of protocols that
- * could be advertised for Next Protocol Negotiation (NPN). The list of
- * protocols that will be advertised to a client is selected randomly, based
- * on weights of elements. Client mode doesn't support randomized NPN, so
- * this list should contain only 1 element. The first protocol advertised
- * by the server that is also on the list of protocols of this element is
- * chosen. Invoking this function with a list of length zero causes NPN
- * to be disabled.
+ * could be advertised for Next Protocol Negotiation (NPN) or Application
+ * Layer Protocol Negotiation (ALPN). The list of protocols that will be
+ * advertised to a client is selected randomly, based on weights of elements.
+ * Client mode doesn't support randomized NPN/ALPN, so this list should
+ * contain only 1 element. The first protocol advertised by the server that
+ * is also on the list of protocols of this element is chosen. Invoking this
+ * function with a list of length zero causes NPN/ALPN to be disabled.
*
* @param items List of NextProtocolsItems, Each item contains a list of
* protocol names and weight. After the call of this fucntion
* completes. The list must have at least one element with
* non-zero weight and non-empty protocols list to enable NPN.
* Each name of the protocol must have a string length < 256.
- * @return true if NPN has been activated. False if NPN is disabled.
+ * @param protocolType What type of protocol negotiation to support.
+ * @return true if NPN/ALPN has been activated. False if NPN/ALPN is disabled.
*/
bool setRandomizedAdvertisedNextProtocols(
- const std::list<NextProtocolsItem>& items);
+ const std::list<NextProtocolsItem>& items,
+ NextProtocolType protocolType = NextProtocolType::ANY);
void setClientProtocolFilterCallback(ClientProtocolFilterCallback cb) {
clientProtoFilter_ = cb;
SSL* ssl, unsigned char **out, unsigned char *outlen,
const unsigned char *server, unsigned int server_len, void *args);
+#if OPENSSL_VERSION_NUMBER >= 0x1000200fL && !defined(OPENSSL_NO_TLSEXT)
+ static int alpnSelectCallback(SSL* ssl,
+ const unsigned char** out,
+ unsigned char* outlen,
+ const unsigned char* in,
+ unsigned int inlen,
+ void* data);
+#endif
+ size_t pickNextProtocols();
+
#if defined(SSL_MODE_HANDSHAKE_CUTTHROUGH) && \
FOLLY_SSLCONTEXT_USE_TLS_FALSE_START
// This class contains all allowed ciphers for SSL false start. Call its
cerr << "SocketWithDelay test completed" << endl;
}
-TEST(AsyncSSLSocketTest, NpnTestOverlap) {
- EventBase eventBase;
- std::shared_ptr<SSLContext> clientCtx(new SSLContext);
- std::shared_ptr<SSLContext> serverCtx(new SSLContext);;
- int fds[2];
- getfds(fds);
- getctx(clientCtx, serverCtx);
+using NextProtocolTypePair =
+ std::pair<SSLContext::NextProtocolType, SSLContext::NextProtocolType>;
- clientCtx->setAdvertisedNextProtocols({"blub","baz"});
- serverCtx->setAdvertisedNextProtocols({"foo","bar","baz"});
+class NextProtocolTest : public testing::TestWithParam<NextProtocolTypePair> {
+ // For matching protos
+ public:
+ void SetUp() override { getctx(clientCtx, serverCtx); }
- AsyncSSLSocket::UniquePtr clientSock(
- new AsyncSSLSocket(clientCtx, &eventBase, fds[0], false));
- AsyncSSLSocket::UniquePtr serverSock(
- new AsyncSSLSocket(serverCtx, &eventBase, fds[1], true));
- NpnClient client(std::move(clientSock));
- NpnServer server(std::move(serverSock));
+ void connect(bool unset = false) {
+ getfds(fds);
- eventBase.loop();
+ if (unset) {
+ // unsetting NPN for any of [client, server] is enough to make NPN not
+ // work
+ clientCtx->unsetNextProtocols();
+ }
- EXPECT_TRUE(client.nextProtoLength != 0);
- EXPECT_EQ(client.nextProtoLength, server.nextProtoLength);
- EXPECT_EQ(memcmp(client.nextProto, server.nextProto,
- server.nextProtoLength), 0);
- string selected((const char*)client.nextProto, client.nextProtoLength);
- EXPECT_EQ(selected.compare("baz"), 0);
-}
+ AsyncSSLSocket::UniquePtr clientSock(
+ new AsyncSSLSocket(clientCtx, &eventBase, fds[0], false));
+ AsyncSSLSocket::UniquePtr serverSock(
+ new AsyncSSLSocket(serverCtx, &eventBase, fds[1], true));
+ client = folly::make_unique<NpnClient>(std::move(clientSock));
+ server = folly::make_unique<NpnServer>(std::move(serverSock));
+
+ eventBase.loop();
+ }
+
+ void expectProtocol(const std::string& proto) {
+ EXPECT_NE(client->nextProtoLength, 0);
+ EXPECT_EQ(client->nextProtoLength, server->nextProtoLength);
+ EXPECT_EQ(
+ memcmp(client->nextProto, server->nextProto, server->nextProtoLength),
+ 0);
+ string selected((const char*)client->nextProto, client->nextProtoLength);
+ EXPECT_EQ(proto, selected);
+ }
+
+ void expectNoProtocol() {
+ EXPECT_EQ(client->nextProtoLength, 0);
+ EXPECT_EQ(server->nextProtoLength, 0);
+ EXPECT_EQ(client->nextProto, nullptr);
+ EXPECT_EQ(server->nextProto, nullptr);
+ }
+
+ void expectProtocolType() {
+ if (GetParam().first == SSLContext::NextProtocolType::ANY &&
+ GetParam().second == SSLContext::NextProtocolType::ANY) {
+ EXPECT_EQ(client->protocolType, server->protocolType);
+ } else if (GetParam().first == SSLContext::NextProtocolType::ANY ||
+ GetParam().second == SSLContext::NextProtocolType::ANY) {
+ // Well not much we can say
+ } else {
+ expectProtocolType(GetParam());
+ }
+ }
+
+ void expectProtocolType(NextProtocolTypePair expected) {
+ EXPECT_EQ(client->protocolType, expected.first);
+ EXPECT_EQ(server->protocolType, expected.second);
+ }
-TEST(AsyncSSLSocketTest, NpnTestUnset) {
- // Identical to above test, except that we want unset NPN before
- // looping.
EventBase eventBase;
- std::shared_ptr<SSLContext> clientCtx(new SSLContext);
- std::shared_ptr<SSLContext> serverCtx(new SSLContext);;
+ std::shared_ptr<SSLContext> clientCtx{std::make_shared<SSLContext>()};
+ std::shared_ptr<SSLContext> serverCtx{std::make_shared<SSLContext>()};
int fds[2];
- getfds(fds);
- getctx(clientCtx, serverCtx);
-
- clientCtx->setAdvertisedNextProtocols({"blub","baz"});
- serverCtx->setAdvertisedNextProtocols({"foo","bar","baz"});
+ std::unique_ptr<NpnClient> client;
+ std::unique_ptr<NpnServer> server;
+};
- AsyncSSLSocket::UniquePtr clientSock(
- new AsyncSSLSocket(clientCtx, &eventBase, fds[0], false));
- AsyncSSLSocket::UniquePtr serverSock(
- new AsyncSSLSocket(serverCtx, &eventBase, fds[1], true));
+class NextProtocolNPNOnlyTest : public NextProtocolTest {
+ // For mismatching protos
+};
- // unsetting NPN for any of [client, server] is enought to make NPN not
- // work
- clientCtx->unsetNextProtocols();
+class NextProtocolMismatchTest : public NextProtocolTest {
+ // For mismatching protos
+};
- NpnClient client(std::move(clientSock));
- NpnServer server(std::move(serverSock));
+TEST_P(NextProtocolTest, NpnTestOverlap) {
+ clientCtx->setAdvertisedNextProtocols({"blub", "baz"}, GetParam().first);
+ serverCtx->setAdvertisedNextProtocols({"foo", "bar", "baz"},
+ GetParam().second);
- eventBase.loop();
+ connect();
- EXPECT_TRUE(client.nextProtoLength == 0);
- EXPECT_TRUE(server.nextProtoLength == 0);
- EXPECT_TRUE(client.nextProto == nullptr);
- EXPECT_TRUE(server.nextProto == nullptr);
+ expectProtocol("baz");
+ expectProtocolType();
}
-TEST(AsyncSSLSocketTest, NpnTestNoOverlap) {
- EventBase eventBase;
- std::shared_ptr<SSLContext> clientCtx(new SSLContext);
- std::shared_ptr<SSLContext> serverCtx(new SSLContext);;
- int fds[2];
- getfds(fds);
- getctx(clientCtx, serverCtx);
+TEST_P(NextProtocolTest, NpnTestUnset) {
+ // Identical to above test, except that we want unset NPN before
+ // looping.
+ clientCtx->setAdvertisedNextProtocols({"blub", "baz"}, GetParam().first);
+ serverCtx->setAdvertisedNextProtocols({"foo", "bar", "baz"},
+ GetParam().second);
- clientCtx->setAdvertisedNextProtocols({"blub"});
- serverCtx->setAdvertisedNextProtocols({"foo","bar","baz"});
+ connect(true /* unset */);
- AsyncSSLSocket::UniquePtr clientSock(
- new AsyncSSLSocket(clientCtx, &eventBase, fds[0], false));
- AsyncSSLSocket::UniquePtr serverSock(
- new AsyncSSLSocket(serverCtx, &eventBase, fds[1], true));
- NpnClient client(std::move(clientSock));
- NpnServer server(std::move(serverSock));
+ // if alpn negotiation fails, type will appear as npn
+ expectNoProtocol();
+ EXPECT_EQ(client->protocolType, server->protocolType);
+}
- eventBase.loop();
+TEST_P(NextProtocolMismatchTest, NpnAlpnTestNoOverlap) {
+ clientCtx->setAdvertisedNextProtocols({"foo"}, GetParam().first);
+ serverCtx->setAdvertisedNextProtocols({"foo", "bar", "baz"},
+ GetParam().second);
- EXPECT_TRUE(client.nextProtoLength != 0);
- EXPECT_EQ(client.nextProtoLength, server.nextProtoLength);
- EXPECT_EQ(memcmp(client.nextProto, server.nextProto,
- server.nextProtoLength), 0);
- string selected((const char*)client.nextProto, client.nextProtoLength);
- EXPECT_EQ(selected.compare("blub"), 0);
+ connect();
+
+ expectNoProtocol();
+ expectProtocolType(
+ {SSLContext::NextProtocolType::NPN, SSLContext::NextProtocolType::NPN});
}
-TEST(AsyncSSLSocketTest, NpnTestClientProtoFilterHit) {
- EventBase eventBase;
- auto clientCtx = std::make_shared<SSLContext>();
- auto serverCtx = std::make_shared<SSLContext>();
- int fds[2];
- getfds(fds);
- getctx(clientCtx, serverCtx);
+TEST_P(NextProtocolNPNOnlyTest, NpnTestNoOverlap) {
+ clientCtx->setAdvertisedNextProtocols({"blub"}, GetParam().first);
+ serverCtx->setAdvertisedNextProtocols({"foo", "bar", "baz"},
+ GetParam().second);
- clientCtx->setAdvertisedNextProtocols({"blub"});
- clientCtx->setClientProtocolFilterCallback(clientProtoFilterPickPony);
- serverCtx->setAdvertisedNextProtocols({"foo","bar","baz"});
+ connect();
- AsyncSSLSocket::UniquePtr clientSock(
- new AsyncSSLSocket(clientCtx, &eventBase, fds[0], false));
- AsyncSSLSocket::UniquePtr serverSock(
- new AsyncSSLSocket(serverCtx, &eventBase, fds[1], true));
- NpnClient client(std::move(clientSock));
- NpnServer server(std::move(serverSock));
+ expectProtocol("blub");
+ expectProtocolType();
+}
- eventBase.loop();
+TEST_P(NextProtocolNPNOnlyTest, NpnTestClientProtoFilterHit) {
+ clientCtx->setAdvertisedNextProtocols({"blub"}, GetParam().first);
+ clientCtx->setClientProtocolFilterCallback(clientProtoFilterPickPony);
+ serverCtx->setAdvertisedNextProtocols({"foo", "bar", "baz"},
+ GetParam().second);
- EXPECT_TRUE(client.nextProtoLength != 0);
- EXPECT_EQ(client.nextProtoLength, server.nextProtoLength);
- EXPECT_EQ(memcmp(client.nextProto, server.nextProto,
- server.nextProtoLength), 0);
- string selected((const char*)client.nextProto, client.nextProtoLength);
- EXPECT_EQ(selected.compare("ponies"), 0);
-}
+ connect();
-TEST(AsyncSSLSocketTest, NpnTestClientProtoFilterMiss) {
- EventBase eventBase;
- auto clientCtx = std::make_shared<SSLContext>();
- auto serverCtx = std::make_shared<SSLContext>();
- int fds[2];
- getfds(fds);
- getctx(clientCtx, serverCtx);
+ expectProtocol("ponies");
+ expectProtocolType();
+}
- clientCtx->setAdvertisedNextProtocols({"blub"});
+TEST_P(NextProtocolNPNOnlyTest, NpnTestClientProtoFilterMiss) {
+ clientCtx->setAdvertisedNextProtocols({"blub"}, GetParam().first);
clientCtx->setClientProtocolFilterCallback(clientProtoFilterPickNone);
- serverCtx->setAdvertisedNextProtocols({"foo","bar","baz"});
-
- AsyncSSLSocket::UniquePtr clientSock(
- new AsyncSSLSocket(clientCtx, &eventBase, fds[0], false));
- AsyncSSLSocket::UniquePtr serverSock(
- new AsyncSSLSocket(serverCtx, &eventBase, fds[1], true));
- NpnClient client(std::move(clientSock));
- NpnServer server(std::move(serverSock));
+ serverCtx->setAdvertisedNextProtocols({"foo", "bar", "baz"},
+ GetParam().second);
- eventBase.loop();
+ connect();
- EXPECT_TRUE(client.nextProtoLength != 0);
- EXPECT_EQ(client.nextProtoLength, server.nextProtoLength);
- EXPECT_EQ(memcmp(client.nextProto, server.nextProto,
- server.nextProtoLength), 0);
- string selected((const char*)client.nextProto, client.nextProtoLength);
- EXPECT_EQ(selected.compare("blub"), 0);
+ expectProtocol("blub");
+ expectProtocolType();
}
-TEST(AsyncSSLSocketTest, RandomizedNpnTest) {
+TEST_P(NextProtocolTest, RandomizedNpnTest) {
// Probability that this test will fail is 2^-64, which could be considered
// as negligible.
const int kTries = 64;
+ clientCtx->setAdvertisedNextProtocols({"foo", "bar", "baz"},
+ GetParam().first);
+ serverCtx->setRandomizedAdvertisedNextProtocols({{1, {"foo"}}, {1, {"bar"}}},
+ GetParam().second);
+
std::set<string> selectedProtocols;
for (int i = 0; i < kTries; ++i) {
- EventBase eventBase;
- std::shared_ptr<SSLContext> clientCtx = std::make_shared<SSLContext>();
- std::shared_ptr<SSLContext> serverCtx = std::make_shared<SSLContext>();
- int fds[2];
- getfds(fds);
- getctx(clientCtx, serverCtx);
-
- clientCtx->setAdvertisedNextProtocols({"foo", "bar", "baz"});
- serverCtx->setRandomizedAdvertisedNextProtocols({{1, {"foo"}},
- {1, {"bar"}}});
-
-
- AsyncSSLSocket::UniquePtr clientSock(
- new AsyncSSLSocket(clientCtx, &eventBase, fds[0], false));
- AsyncSSLSocket::UniquePtr serverSock(
- new AsyncSSLSocket(serverCtx, &eventBase, fds[1], true));
- NpnClient client(std::move(clientSock));
- NpnServer server(std::move(serverSock));
-
- eventBase.loop();
-
- EXPECT_TRUE(client.nextProtoLength != 0);
- EXPECT_EQ(client.nextProtoLength, server.nextProtoLength);
- EXPECT_EQ(memcmp(client.nextProto, server.nextProto,
- server.nextProtoLength), 0);
- string selected((const char*)client.nextProto, client.nextProtoLength);
+ connect();
+
+ EXPECT_NE(client->nextProtoLength, 0);
+ EXPECT_EQ(client->nextProtoLength, server->nextProtoLength);
+ EXPECT_EQ(
+ memcmp(client->nextProto, server->nextProto, server->nextProtoLength),
+ 0);
+ string selected((const char*)client->nextProto, client->nextProtoLength);
selectedProtocols.insert(selected);
+ expectProtocolType();
}
EXPECT_EQ(selectedProtocols.size(), 2);
}
+INSTANTIATE_TEST_CASE_P(
+ AsyncSSLSocketTest,
+ NextProtocolTest,
+ ::testing::Values(NextProtocolTypePair(SSLContext::NextProtocolType::NPN,
+ SSLContext::NextProtocolType::NPN),
+#if OPENSSL_VERSION_NUMBER >= 0x1000200fL && !defined(OPENSSL_NO_TLSEXT)
+ NextProtocolTypePair(SSLContext::NextProtocolType::ALPN,
+ SSLContext::NextProtocolType::ALPN),
+#endif
+ NextProtocolTypePair(SSLContext::NextProtocolType::NPN,
+ SSLContext::NextProtocolType::ANY),
+#if OPENSSL_VERSION_NUMBER >= 0x1000200fL && !defined(OPENSSL_NO_TLSEXT)
+ NextProtocolTypePair(SSLContext::NextProtocolType::ALPN,
+ SSLContext::NextProtocolType::ANY),
+#endif
+ NextProtocolTypePair(SSLContext::NextProtocolType::ANY,
+ SSLContext::NextProtocolType::ANY)));
+
+INSTANTIATE_TEST_CASE_P(
+ AsyncSSLSocketTest,
+ NextProtocolNPNOnlyTest,
+ ::testing::Values(NextProtocolTypePair(SSLContext::NextProtocolType::NPN,
+ SSLContext::NextProtocolType::NPN)));
+
+#if OPENSSL_VERSION_NUMBER >= 0x1000200fL && !defined(OPENSSL_NO_TLSEXT)
+INSTANTIATE_TEST_CASE_P(
+ AsyncSSLSocketTest,
+ NextProtocolMismatchTest,
+ ::testing::Values(NextProtocolTypePair(SSLContext::NextProtocolType::NPN,
+ SSLContext::NextProtocolType::ALPN),
+ NextProtocolTypePair(SSLContext::NextProtocolType::ALPN,
+ SSLContext::NextProtocolType::NPN)));
+#endif
#ifndef OPENSSL_NO_TLSEXT
/**
// Set up SSL client
EventBase eventBase;
- std::shared_ptr<SSLClient> client(new SSLClient(&eventBase, server.getAddress(),
- 1));
+ auto client = std::make_shared<SSLClient>(&eventBase, server.getAddress(), 1);
client->connect();
EventBaseAborter eba(&eventBase, 3000);
// Set up SSL client
EventBase eventBase;
- std::shared_ptr<SSLClient> client(new SSLClient(&eventBase, server.getAddress(),
- 10));
+ auto client =
+ std::make_shared<SSLClient>(&eventBase, server.getAddress(), 10);
client->connect();
EventBaseAborter eba(&eventBase, 3000);
// Set up SSL client
EventBase eventBase;
- std::shared_ptr<SSLClient> client(new SSLClient(&eventBase, server.getAddress(),
- 1, 10));
+ auto client =
+ std::make_shared<SSLClient>(&eventBase, server.getAddress(), 1, 10);
client->connect(true /* write before connect completes */);
EventBaseAborter eba(&eventBase, 3000);
eventBase.loop();
// Set up SSL client
EventBase eventBase;
- std::shared_ptr<SSLClient> client(new SSLClient(&eventBase, server.getAddress(),
- 10, 500));
+ auto client =
+ std::make_shared<SSLClient>(&eventBase, server.getAddress(), 10, 500);
client->connect();
EventBaseAborter eba(&eventBase, 3000);
// Set up SSL client
EventBase eventBase;
- std::shared_ptr<SSLClient> client(new SSLClient(&eventBase, server.getAddress(),
- 2));
+ auto client = std::make_shared<SSLClient>(&eventBase, server.getAddress(), 2);
client->connect();
EventBaseAborter eba(&eventBase, 3000);
// Set up SSL client
EventBase eventBase;
- std::shared_ptr<SSLClient> client(new SSLClient(&eventBase, server.getAddress(),
- 2, 100));
+ auto client =
+ std::make_shared<SSLClient>(&eventBase, server.getAddress(), 2, 100);
client->connect();
EventBaseAborter eba(&eventBase, 3000);