From 7a2a51a3a1ea6ece8bab492f9f494dece207eaf7 Mon Sep 17 00:00:00 2001
From: Nick Mathewson <nickm@torproject.org>
Date: Thu, 30 Jul 2009 20:41:21 +0000
Subject: [PATCH] Add unit tests for SSL session renegotiation.

This tickles the write-blocked-on-read code, and in this case turned
up a bug in it.

svn:r1397
---
 bufferevent_openssl.c |  6 ++++--
 test/regress_ssl.c    | 14 ++++++++++++++
 2 files changed, 18 insertions(+), 2 deletions(-)

diff --git a/bufferevent_openssl.c b/bufferevent_openssl.c
index 4aa01dab..7983a067 100644
--- a/bufferevent_openssl.c
+++ b/bufferevent_openssl.c
@@ -414,7 +414,8 @@ stop_writing(struct bufferevent_openssl *bev_ssl)
 static void
 set_rbow(struct bufferevent_openssl *bev_ssl)
 {
-	stop_reading(bev_ssl);
+	if (!bev_ssl->underlying)
+		stop_reading(bev_ssl);
 	bev_ssl->read_blocked_on_write = 1;
 	start_writing(bev_ssl);
 }
@@ -422,7 +423,8 @@ set_rbow(struct bufferevent_openssl *bev_ssl)
 static void
 set_wbor(struct bufferevent_openssl *bev_ssl)
 {
-	stop_writing(bev_ssl);
+	if (!bev_ssl->underlying)
+		stop_writing(bev_ssl);
 	bev_ssl->write_blocked_on_read = 1;
 	start_reading(bev_ssl);
 }
diff --git a/test/regress_ssl.c b/test/regress_ssl.c
index d48bf2f1..140e1e9e 100644
--- a/test/regress_ssl.c
+++ b/test/regress_ssl.c
@@ -148,6 +148,7 @@ static int test_is_done = 0;
 static int n_connected = 0;
 static int got_close = 0;
 static int got_error = 0;
+static int renegotiate_at = -1;
 
 static void
 respond_to_number(struct bufferevent *bev, void *ctx)
@@ -167,6 +168,9 @@ respond_to_number(struct bufferevent *bev, void *ctx)
 		bufferevent_free(bev); /* Should trigger close on other side. */
 		return;
 	}
+	if (!strcmp(ctx, "client") && n == renegotiate_at) {
+		SSL_renegotiate(bufferevent_openssl_get_ssl(bev));
+	}
 	++n;
 	evbuffer_add_printf(bufferevent_get_output(bev),
 	    "%d\n", n);
@@ -221,6 +225,9 @@ regress_bufferevent_openssl(void *arg)
 	SSL_use_certificate(ssl2, cert);
 	SSL_use_PrivateKey(ssl2, key);
 
+	if (strstr((char*)data->setup_data, "renegotiate"))
+		renegotiate_at = 600;
+
 	if (strstr((char*)data->setup_data, "socketpair")) {
 		bev1 = bufferevent_openssl_socket_new(
 			data->base,
@@ -272,6 +279,7 @@ regress_bufferevent_openssl(void *arg)
 
 	tt_assert(test_is_done == 1);
 	tt_assert(n_connected == 2);
+
 	/* We don't handle shutdown properly yet.
 	   tt_int_op(got_close, ==, 1);
 	   tt_int_op(got_error, ==, 0);
@@ -287,6 +295,12 @@ struct testcase_t ssl_testcases[] = {
 	{ "bufferevent_filter", regress_bufferevent_openssl,
 	  TT_ISOLATED,
 	  &basic_setup, (void*)"filter" },
+	{ "bufferevent_renegotiate_socketpair", regress_bufferevent_openssl,
+	  TT_ISOLATED,
+	  &basic_setup, (void*)"socketpair renegotiate" },
+	{ "bufferevent_renegotiate_filterfilter", regress_bufferevent_openssl,
+	  TT_ISOLATED,
+	  &basic_setup, (void*)"filter renegotiate" },
 
         END_OF_TESTCASES,
 };
-- 
2.50.1