From 2e2b9c18ade862c0cd9c6682dcf13e87c0e33661 Mon Sep 17 00:00:00 2001 From: Nick Banks Date: Thu, 2 Feb 2023 13:43:49 -0500 Subject: [PATCH] Onboard Tests for OpenSSL 3 (#3388) --- .azure/azure-pipelines.ci.yml | 124 +++++++++++++++++++++------- .azure/azure-pipelines.perf.yml | 95 +++++++++++++++++++++ .azure/azure-pipelines.periodic.yml | 33 ++++++++ CMakeLists.txt | 3 +- scripts/DotNetTest.ps1 | 2 +- scripts/RemoteTests.json | 20 ++--- scripts/emulated-performance.ps1 | 2 +- scripts/install-build-artifacts.ps1 | 2 +- scripts/interop.ps1 | 2 +- scripts/merge-coverage.ps1 | 2 +- scripts/package-nuget.ps1 | 2 +- scripts/performance.ps1 | 4 +- scripts/prepare-machine.ps1 | 5 +- scripts/spin.ps1 | 2 +- scripts/test.ps1 | 2 +- scripts/write-versions.ps1 | 2 +- src/inc/msquicp.h | 2 + src/platform/unittest/TlsTest.cpp | 2 +- src/test/bin/quic_gtest.cpp | 4 +- submodules/CMakeLists.txt | 4 +- 20 files changed, 257 insertions(+), 57 deletions(-) diff --git a/.azure/azure-pipelines.ci.yml b/.azure/azure-pipelines.ci.yml index 9307783c11..399f32c8fa 100644 --- a/.azure/azure-pipelines.ci.yml +++ b/.azure/azure-pipelines.ci.yml @@ -130,6 +130,14 @@ stages: extraName: 'xdp' extraPrepareArgs: -InstallXdpSdk extraBuildArgs: -EnableTelemetryAsserts -UseXdp -ExtraArtifactDir xdp + - template: ./templates/build-config-user.yml + parameters: + image: windows-2019 + platform: windows + arch: x64 + tls: openssl3 + config: Release + extraBuildArgs: -EnableTelemetryAsserts - stage: build_windows_debug displayName: Build Windows - Debug @@ -188,6 +196,14 @@ stages: extraName: 'xdp' extraPrepareArgs: -InstallXdpSdk extraBuildArgs: -EnableTelemetryAsserts -UseXdp -ExtraArtifactDir Xdp + - template: ./templates/build-config-user.yml + parameters: + image: windows-2019 + platform: windows + arch: x64 + tls: openssl3 + config: Debug + extraBuildArgs: -EnableTelemetryAsserts - stage: build_windows_nontest displayName: Build Windows - Non Tested @@ -274,7 +290,7 @@ stages: arch: x64 tls: openssl extraName: 'VS2022_OpenSSL' - extraBuildArgs: -EnableTelemetryAsserts -ExtraArtifactDir VS2022_OpenSSL + extraBuildArgs: -EnableTelemetryAsserts -ExtraArtifactDir VS2022_OpenSSL - template: ./templates/build-config-user.yml parameters: image: windows-2022 @@ -282,7 +298,7 @@ stages: arch: x64 tls: schannel extraName: 'VS2022_Schannel' - extraBuildArgs: -EnableTelemetryAsserts -ExtraArtifactDir VS2022_Schannel + extraBuildArgs: -EnableTelemetryAsserts -ExtraArtifactDir VS2022_Schannel - stage: build_linux_release displayName: Build Linux - Release @@ -295,6 +311,13 @@ stages: arch: x64 tls: openssl config: Release + - template: ./templates/build-config-user.yml + parameters: + image: ubuntu-20.04 + platform: linux + arch: x64 + tls: openssl3 + config: Release - stage: build_linux_debug displayName: Build Linux - Debug @@ -325,7 +348,13 @@ stages: config: Debug extraName: 'systemopenssl' extraBuildArgs: -UseSystemOpenSSLCrypto -ExtraArtifactDir SystemCrypto - + - template: ./templates/build-config-user.yml + parameters: + image: ubuntu-22.04 + platform: linux + arch: x64 + tls: openssl3 + config: Debug - template: ./templates/build-config-user.yml parameters: image: ubuntu-22.04 @@ -348,7 +377,6 @@ stages: tls: openssl extraBuildArgs: -OfficialRelease extraName: 'official' - - template: ./templates/build-config-user.yml parameters: image: ubuntu-20.04 @@ -357,7 +385,6 @@ stages: tls: openssl extraBuildArgs: -Clang -ExtraArtifactDir Clang extraName: 'clang' - - template: ./templates/build-config-user.yml parameters: image: ubuntu-20.04 @@ -366,7 +393,6 @@ stages: tls: openssl extraBuildArgs: -DisableLogs extraName: 'android' - - template: ./templates/build-config-user.yml parameters: image: ubuntu-20.04 @@ -375,7 +401,6 @@ stages: tls: openssl extraBuildArgs: -DisableLogs -ToolchainFile cmake/toolchains/aarch64-linux.cmake -OneBranch extraPrepareArgs: -InstallArm64Toolchain - - template: ./templates/build-config-user.yml parameters: image: ubuntu-20.04 @@ -384,7 +409,6 @@ stages: tls: openssl extraBuildArgs: -DisableLogs extraName: 'android' - - template: ./templates/build-config-user.yml parameters: image: ubuntu-20.04 @@ -404,7 +428,6 @@ stages: config: Release extraName: 'systemopenssl' extraBuildArgs: -UseSystemOpenSSLCrypto -ExtraArtifactDir SystemCrypto - - template: ./templates/build-config-user.yml parameters: image: ubuntu-20.04 @@ -413,14 +436,12 @@ stages: tls: openssl extraName: 'static' extraBuildArgs: -Static -ExtraArtifactDir Static - - template: ./templates/build-config-user.yml parameters: image: ubuntu-22.04 platform: linux arch: x64 tls: openssl - - template: ./templates/build-config-user.yml parameters: image: ubuntu-22.04 @@ -465,7 +486,6 @@ stages: platform: macos arch: arm64 tls: openssl - - template: ./templates/build-config-user.yml parameters: image: macOS-12 @@ -474,7 +494,6 @@ stages: tls: openssl extraName: 'stdout' extraBuildArgs: -LoggingType stdout - - template: ./templates/build-config-user.yml parameters: image: macOS-12 @@ -483,7 +502,6 @@ stages: tls: openssl extraName: 'static' extraBuildArgs: -Static -ExtraArtifactDir Static - - template: ./templates/build-config-user.yml parameters: image: macOS-12 @@ -492,14 +510,12 @@ stages: tls: openssl extraName: 'static' extraBuildArgs: -Static -ExtraArtifactDir Static - - template: ./templates/build-config-user.yml parameters: image: macOS-12 platform: ios arch: arm64 tls: openssl - - template: ./templates/build-config-user.yml parameters: image: macOS-12 @@ -559,7 +575,13 @@ stages: platform: linux tls: openssl config: Release - extraTestArgs: -Filter -*CredValidation*:TlsTest.InProc* + - template: ./templates/run-bvt.yml + parameters: + image: ubuntu-latest + platform: linux + tls: openssl3 + config: Release + extraTestArgs: -Filter -*LoadBalanced*:*ResumeRejection*:*Reject0Rtt* - stage: test_bvt_winkernel_release displayName: BVT Windows Kernel Release @@ -602,7 +624,7 @@ stages: platform: windows tls: schannel logProfile: Full.Light - extraTestArgs: -Kernel -EnableSystemVerifier -Filter -*ValidateConfiguration:*ValidAlpnLengths:*ResumeRejection*:*ClientCertificate*:*LoadBalanced*:*NthAllocFail* + extraTestArgs: -Kernel -EnableSystemVerifier -Filter -*ValidateConfiguration:*ValidAlpnLengths:*ResumeRejection*:*ClientCertificate*:*LoadBalanced* kernel: true - template: ./templates/run-bvt.yml parameters: @@ -654,41 +676,52 @@ stages: platform: windows tls: openssl logProfile: Full.Light - extraTestArgs: -Filter -*Unreachable/0:CredValidation*:*NthAllocFail*:TlsTest.InProc* + extraTestArgs: -Filter -*Unreachable/0 - template: ./templates/run-bvt.yml parameters: image: windows-2022 platform: windows tls: openssl logProfile: Full.Light - extraTestArgs: -Filter -*CredValidation*:*NthAllocFail*:TlsTest.InProc* + - template: ./templates/run-bvt.yml + parameters: + image: windows-2022 + platform: windows + tls: openssl3 + logProfile: Full.Light + extraTestArgs: -Filter -*LoadBalanced*:*ResumeRejection*:*Reject0Rtt* - template: ./templates/run-bvt.yml parameters: image: ubuntu-latest platform: linux tls: openssl - extraTestArgs: -Filter -*CredValidation*:TlsTest.InProc* - template: ./templates/run-bvt.yml parameters: image: ubuntu-latest platform: linux tls: openssl extraArtifactDir: '_Sanitize' - extraTestArgs: -Filter -*CredValidation*:TlsTest.InProc* -ExtraArtifactDir Sanitize + extraTestArgs: -ExtraArtifactDir Sanitize - template: ./templates/run-bvt.yml parameters: - image: macOS-12 - platform: macos + image: ubuntu-latest + platform: linux tls: openssl - logProfile: None - extraTestArgs: -Filter -*CredValidation*:TlsTest.InProc* -ErrorsAsWarnings + extraArtifactDir: '_SystemCrypto' + extraTestArgs: -ExtraArtifactDir SystemCrypto - template: ./templates/run-bvt.yml parameters: image: ubuntu-latest platform: linux + tls: openssl3 + extraTestArgs: -Filter -*LoadBalanced*:*ResumeRejection*:*Reject0Rtt* + - template: ./templates/run-bvt.yml + parameters: + image: macOS-12 + platform: macos tls: openssl - extraArtifactDir: '_SystemCrypto' - extraTestArgs: -Filter -*CredValidation*:TlsTest.InProc* -ExtraArtifactDir SystemCrypto + logProfile: None + extraTestArgs: -ErrorsAsWarnings # # SpinQuic Tests @@ -736,6 +769,18 @@ stages: platform: windows allocFail: 100 tls: openssl + - template: ./templates/run-spinquic.yml + parameters: + image: windows-2022 + platform: windows + allocFail: 100 + tls: openssl3 + - template: ./templates/run-spinquic.yml + parameters: + image: ubuntu-latest + platform: linux + tls: openssl + allocFail: 100 - template: ./templates/run-spinquic.yml parameters: image: ubuntu-latest @@ -748,7 +793,7 @@ stages: parameters: image: ubuntu-latest platform: linux - tls: openssl + tls: openssl3 allocFail: 100 - template: ./templates/run-spinquic.yml parameters: @@ -772,11 +817,21 @@ stages: image: windows-latest platform: windows tls: openssl + - template: ./templates/run-dotnet.yml + parameters: + image: windows-latest + platform: windows + tls: openssl3 - template: ./templates/run-dotnet.yml parameters: image: ubuntu-latest platform: linux tls: openssl + - template: ./templates/run-dotnet.yml + parameters: + image: ubuntu-latest + platform: linux + tls: openssl3 - template: ./templates/run-dotnet.yml parameters: image: macOS-12 @@ -784,7 +839,6 @@ stages: arch: universal tls: openssl - # # Code Coverage # @@ -838,11 +892,21 @@ stages: image: windows-2019 platform: windows tls: openssl + - template: ./templates/run-quicinterop.yml + parameters: + image: windows-2019 + platform: windows + tls: openssl3 - template: ./templates/run-quicinterop.yml parameters: image: ubuntu-latest platform: linux tls: openssl + - template: ./templates/run-quicinterop.yml + parameters: + image: ubuntu-latest + platform: linux + tls: openssl3 - template: ./templates/run-quicinterop.yml parameters: image: macOS-12 diff --git a/.azure/azure-pipelines.perf.yml b/.azure/azure-pipelines.perf.yml index 911f88d543..35bea8c0a3 100644 --- a/.azure/azure-pipelines.perf.yml +++ b/.azure/azure-pipelines.perf.yml @@ -60,10 +60,18 @@ parameters: type: boolean displayName: Windows (OpenSSL) default: true +- name: winuser_openssl3 + type: boolean + displayName: Windows (OpenSSL3) + default: true - name: linux_openssl type: boolean displayName: Linux (OpenSSL) default: true +- name: linux_openssl3 + type: boolean + displayName: Linux (OpenSSL3) + default: true - name: arch type: string displayName: Architecture @@ -206,6 +214,26 @@ stages: ${{ if eq(parameters.pgo_mode, true) }}: extraBuildArgs: -DisableTest -DisableTools -PGO +- ${{ if eq(parameters.winuser_openssl3, true) }}: + - stage: build_winuser_openssl3 + displayName: Build Windows (OpenSSL3) + dependsOn: [] + variables: + runCodesignValidationInjection: false + jobs: + - template: ./templates/build-config-user.yml + parameters: + image: windows-latest + platform: windows + arch: ${{ parameters.arch }} + tls: openssl3 + config: Release + extraPrepareArgs: -DisableTest + ${{ if eq(parameters.pgo_mode, false) }}: + extraBuildArgs: -DisableTest -DisableTools + ${{ if eq(parameters.pgo_mode, true) }}: + extraBuildArgs: -DisableTest -DisableTools -PGO + - ${{ if eq(parameters.linux_openssl, true) }}: - stage: build_linux_openssl displayName: Build Linux (OpenSSL) @@ -223,6 +251,23 @@ stages: extraPrepareArgs: -DisableTest extraBuildArgs: -DisableTest -DisableTools +- ${{ if eq(parameters.linux_openssl, true) }}: + - stage: build_linux_openssl3 + displayName: Build Linux (OpenSSL3) + dependsOn: [] + variables: + runCodesignValidationInjection: false + jobs: + - template: ./templates/build-config-user.yml + parameters: + image: ubuntu-20.04 + platform: linux + arch: ${{ parameters.arch }} + tls: openssl3 + config: Release + extraPrepareArgs: -DisableTest + extraBuildArgs: -DisableTest -DisableTools + # # Tests # @@ -330,6 +375,30 @@ stages: extraArgs: -PGO failOnRegression: 0 +- ${{ if eq(parameters.winuser_openssl3, true) }}: + - stage: perf_winuser_openssl3 + displayName: Performance Testing Windows (OpenSSL3) + dependsOn: + - build_winuser_openssl3 + jobs: + - template: ./templates/run-performance.yml + parameters: + pool: MsQuic-Win-Perf + platform: windows + localTls: openssl3 + remoteTls: openssl3 + iterations: ${{ parameters.iterations }} + arch: ${{ parameters.arch }} + protocol: ${{ parameters.protocol }} + logProfile: ${{ parameters.logging }} + timeout: ${{ parameters.timeout }} + ${{ if ne(parameters.testToRun, 'all') }}: + testToRun: ${{ parameters.testToRun }} + testTypes: ${{ parameters.testTypes }} + ${{ if eq(parameters.pgo_mode, true) }}: + extraArgs: -PGO + failOnRegression: 0 + - ${{ if eq(parameters.linux_openssl, true) }}: - stage: perf_linux_openssl displayName: Performance Testing Linux (OpenSSL) @@ -354,6 +423,30 @@ stages: extraArgs: -PGO failOnRegression: 0 +- ${{ if eq(parameters.linux_openssl3, true) }}: + - stage: perf_linux_openssl3 + displayName: Performance Testing Linux (OpenSSL3) + dependsOn: + - build_linux_openssl3 + jobs: + - template: ./templates/run-performance.yml + parameters: + pool: MsQuic-Linux-Perf + platform: linux + localTls: openssl3 + remoteTls: openssl3 + iterations: ${{ parameters.iterations }} + arch: ${{ parameters.arch }} + protocol: ${{ parameters.protocol }} + logProfile: ${{ parameters.logging }} + timeout: ${{ parameters.timeout }} + ${{ if ne(parameters.testToRun, 'all') }}: + testToRun: ${{ parameters.testToRun }} + testTypes: ${{ parameters.testTypes }} + ${{ if eq(parameters.pgo_mode, true) }}: + extraArgs: -PGO + failOnRegression: 0 + - ${{ if in(variables['Build.Reason'], 'IndividualCI', 'BatchedCI') }}: - stage: perf_post_process displayName: Perf Post Processing @@ -363,6 +456,8 @@ stages: - perf_winuser_schannel - perf_winuser_xdp - perf_winuser_openssl + - perf_winuser_openssl3 - perf_linux_openssl + - perf_linux_openssl3 jobs: - template: ./templates/post-process-performance.yml diff --git a/.azure/azure-pipelines.periodic.yml b/.azure/azure-pipelines.periodic.yml index 7532604e08..b7586d7f9d 100644 --- a/.azure/azure-pipelines.periodic.yml +++ b/.azure/azure-pipelines.periodic.yml @@ -53,6 +53,22 @@ stages: extraPrepareArgs: -DisableTest extraBuildArgs: -DisableTest -DisableTools -PGO +- stage: build_winuser_openssl3 + displayName: Build Windows (OpenSSL3) + dependsOn: [] + variables: + runCodesignValidationInjection: false + jobs: + - template: ./templates/build-config-user.yml + parameters: + image: windows-latest + platform: windows + arch: x64 + tls: openssl3 + config: Release + extraPrepareArgs: -DisableTest + extraBuildArgs: -DisableTest -DisableTools -PGO + - stage: build_winuser_xdp displayName: Build Windows (XDP) dependsOn: [] @@ -106,6 +122,22 @@ stages: extraArgs: -PGO failOnRegression: 0 +- stage: perf_winuser_openssl3 + displayName: Performance Testing Windows (OpenSSL3) + dependsOn: + - build_winuser_openssl3 + jobs: + - template: ./templates/run-performance.yml + parameters: + pool: MsQuic-Win-Perf + platform: windows + localTls: openssl3 + remoteTls: openssl3 + arch: x64 + testTypes: Remote + extraArgs: -PGO + failOnRegression: 0 + - stage: perf_winuser_xdp displayName: Performance Testing Windows (XDP) dependsOn: @@ -129,6 +161,7 @@ stages: dependsOn: - perf_winuser_schannel - perf_winuser_openssl + - perf_winuser_openssl3 - perf_winuser_xdp jobs: - template: ./templates/make-pgo-pr.yml diff --git a/CMakeLists.txt b/CMakeLists.txt index 6643fb8ba6..b300007cfd 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -356,10 +356,11 @@ if(QUIC_TLS STREQUAL "schannel") list(APPEND QUIC_COMMON_DEFINES QUIC_ENABLE_ANON_CLIENT_AUTH_TESTS) endif() -if(QUIC_TLS STREQUAL "openssl") +if(QUIC_TLS STREQUAL "openssl" OR QUIC_TLS STREQUAL "openssl3") message(STATUS "Enabling OpenSsl configuration tests") list(APPEND QUIC_COMMON_DEFINES QUIC_TEST_OPENSSL_FLAGS=1) if (NOT WIN32) + message(STATUS "Enabling CA file tests") list(APPEND QUIC_COMMON_DEFINES QUIC_ENABLE_CA_CERTIFICATE_FILE_TESTS) endif() endif() diff --git a/scripts/DotNetTest.ps1 b/scripts/DotNetTest.ps1 index bb34d86840..46f132503a 100644 --- a/scripts/DotNetTest.ps1 +++ b/scripts/DotNetTest.ps1 @@ -15,7 +15,7 @@ param ( [string]$Arch = "", [Parameter(Mandatory = $false)] - [ValidateSet("schannel", "openssl")] + [ValidateSet("schannel", "openssl", "openssl3")] [string]$Tls = "", [Parameter(Mandatory = $false)] diff --git a/scripts/RemoteTests.json b/scripts/RemoteTests.json index e5a2a34591..586dc25a7f 100644 --- a/scripts/RemoteTests.json +++ b/scripts/RemoteTests.json @@ -9,7 +9,7 @@ "TestName": "ThroughputUp", "Local": { "Platform": "Windows", - "Tls": ["schannel", "openssl"], + "Tls": ["schannel", "openssl", "openssl3"], "Arch": ["x64", "x86", "arm", "arm64"], "Exe": "secnetperf", "Arguments": "-exec:maxtput -test:Throughput -target:$RemoteAddress -bind:$LocalAddress:4434 -ip:4 -uni:1 -timed:1 -upload:12000 -stats:1 -sstats:1" @@ -43,7 +43,7 @@ "TestName": "TcpThroughputUp", "Local": { "Platform": "Windows", - "Tls": ["schannel", "openssl"], + "Tls": ["schannel", "openssl", "openssl3"], "Arch": ["x64", "x86", "arm", "arm64"], "Exe": "secnetperf", "Arguments": "-exec:maxtput -test:Throughput -target:$RemoteAddress -bind:$LocalAddress:4434 -ip:4 -uni:1 -timed:1 -upload:12000 -tcp:1" @@ -63,7 +63,7 @@ "TestName": "ThroughputUp", "Local" : { "Platform": "linux", - "Tls": ["openssl"], + "Tls": ["openssl", "openssl3"], "Arch": ["x64", "arm"], "Exe": "secnetperf", "Arguments": "-exec:maxtput -test:Throughput -target:$RemoteAddress -uni:1 -timed:1 -upload:12000 -stats:1 -sstats:1" @@ -97,7 +97,7 @@ "TestName": "ThroughputDown", "Local": { "Platform": "Windows", - "Tls": ["schannel", "openssl"], + "Tls": ["schannel", "openssl", "openssl3"], "Arch": ["x64", "x86", "arm", "arm64"], "Exe": "secnetperf", "Arguments": "-exec:maxtput -test:Throughput -target:$RemoteAddress -bind:$LocalAddress:4434 -ip:4 -uni:1 -timed:1 -download:12000 -stats:1" @@ -123,7 +123,7 @@ "TestName": "TcpThroughputDown", "Local": { "Platform": "Windows", - "Tls": ["schannel", "openssl"], + "Tls": ["schannel", "openssl", "openssl3"], "Arch": ["x64", "x86", "arm", "arm64"], "Exe": "secnetperf", "Arguments": "-exec:maxtput -test:Throughput -target:$RemoteAddress -bind:$LocalAddress:4434 -ip:4 -uni:1 -timed:1 -download:12000 -tcp:1" @@ -143,7 +143,7 @@ "TestName": "ThroughputDown", "Local" : { "Platform": "linux", - "Tls": ["openssl"], + "Tls": ["openssl", "openssl3"], "Arch": ["x64", "arm"], "Exe": "secnetperf", "Arguments": "-exec:maxtput -test:Throughput -target:$RemoteAddress -uni:1 -timed:1 -download:12000 -stats:1" @@ -169,7 +169,7 @@ "TestName": "RPS", "Local": { "Platform": "Windows", - "Tls": ["schannel", "openssl"], + "Tls": ["schannel", "openssl", "openssl3"], "Arch": ["x64", "x86", "arm", "arm64"], "Exe": "secnetperf", "Arguments": "-exec:lowlat -test:RPS -target:$RemoteAddress" @@ -214,7 +214,7 @@ "TestName": "RPS", "Local": { "Platform": "linux", - "Tls": ["openssl"], + "Tls": ["openssl", "openssl3"], "Arch": ["x64", "arm"], "Exe": "secnetperf", "Arguments": "-exec:lowlat -test:RPS -target:$RemoteAddress" @@ -259,7 +259,7 @@ "TestName": "HPS", "Local": { "Platform": "Windows", - "Tls": ["schannel", "openssl"], + "Tls": ["schannel", "openssl", "openssl3"], "Arch": ["x64", "x86", "arm", "arm64"], "Exe": "secnetperf", "Arguments": "-exec:maxtput -test:HPS -target:$RemoteAddress -incrementtarget:1" @@ -276,7 +276,7 @@ "TestName": "HPS", "Local": { "Platform": "linux", - "Tls": ["openssl"], + "Tls": ["openssl", "openssl3"], "Arch": ["x64", "arm"], "Exe": "secnetperf", "Arguments": "-exec:maxtput -test:HPS -target:$RemoteAddress" diff --git a/scripts/emulated-performance.ps1 b/scripts/emulated-performance.ps1 index acbdc2d380..8e3abf6c25 100644 --- a/scripts/emulated-performance.ps1 +++ b/scripts/emulated-performance.ps1 @@ -67,7 +67,7 @@ param ( [string]$Arch = "x64", [Parameter(Mandatory = $false)] - [ValidateSet("schannel", "openssl")] + [ValidateSet("schannel", "openssl", "openssl3")] [string]$Tls = "", [Parameter(Mandatory = $false)] diff --git a/scripts/install-build-artifacts.ps1 b/scripts/install-build-artifacts.ps1 index 9ea6c234f4..35d8568db8 100644 --- a/scripts/install-build-artifacts.ps1 +++ b/scripts/install-build-artifacts.ps1 @@ -27,7 +27,7 @@ param ( [string]$Arch, [Parameter(Mandatory = $true)] - [ValidateSet("schannel", "openssl")] + [ValidateSet("schannel", "openssl", "openssl3")] [string]$Tls ) diff --git a/scripts/interop.ps1 b/scripts/interop.ps1 index a126dcffc8..bf74141f5a 100644 --- a/scripts/interop.ps1 +++ b/scripts/interop.ps1 @@ -60,7 +60,7 @@ param ( [string]$Arch = "x64", [Parameter(Mandatory = $false)] - [ValidateSet("schannel", "openssl")] + [ValidateSet("schannel", "openssl", "openssl3")] [string]$Tls = "", [Parameter(Mandatory = $false)] diff --git a/scripts/merge-coverage.ps1 b/scripts/merge-coverage.ps1 index 7049565bb5..7145f86151 100644 --- a/scripts/merge-coverage.ps1 +++ b/scripts/merge-coverage.ps1 @@ -27,7 +27,7 @@ param ( [string]$Arch = "x64", [Parameter(Mandatory = $false)] - [ValidateSet("schannel", "openssl")] + [ValidateSet("schannel", "openssl", "openssl3")] [string]$Tls = "", [Parameter(Mandatory = $false)] diff --git a/scripts/package-nuget.ps1 b/scripts/package-nuget.ps1 index 6fcf9ddcc4..72dd8622f1 100644 --- a/scripts/package-nuget.ps1 +++ b/scripts/package-nuget.ps1 @@ -16,7 +16,7 @@ param ( [string]$Config = "Release", [Parameter(Mandatory = $false)] - [ValidateSet("schannel", "openssl")] + [ValidateSet("schannel", "openssl", "openssl3")] [string]$Tls = "openssl", [Parameter(Mandatory = $false)] diff --git a/scripts/performance.ps1 b/scripts/performance.ps1 index f93dd5a3c8..b8b8276213 100644 --- a/scripts/performance.ps1 +++ b/scripts/performance.ps1 @@ -77,7 +77,7 @@ param ( [string]$LocalArch = "x64", [Parameter(Mandatory = $false)] - [ValidateSet("schannel", "openssl")] + [ValidateSet("schannel", "openssl", "openssl3")] [string]$LocalTls = "", [Parameter(Mandatory = $false)] @@ -88,7 +88,7 @@ param ( [string]$ExtraArtifactDir = "", [Parameter(Mandatory = $false)] - [ValidateSet("schannel", "openssl")] + [ValidateSet("schannel", "openssl", "openssl3")] [string]$RemoteTls = "", [Parameter(Mandatory = $false)] diff --git a/scripts/prepare-machine.ps1 b/scripts/prepare-machine.ps1 index 51cc3fb3ed..1ebe9bb30b 100644 --- a/scripts/prepare-machine.ps1 +++ b/scripts/prepare-machine.ps1 @@ -472,7 +472,10 @@ function Install-Clog2Text { } # We remove OpenSSL path for kernel builds because it's not needed. -if ($ForKernel) { git rm submodules/openssl } +if ($ForKernel) { + git rm submodules/openssl + git rm submodules/openssl3 +} if ($InitSubmodules) { diff --git a/scripts/spin.ps1 b/scripts/spin.ps1 index b9998b2fe5..8b11e19b40 100644 --- a/scripts/spin.ps1 +++ b/scripts/spin.ps1 @@ -51,7 +51,7 @@ param ( [string]$Arch = "", [Parameter(Mandatory = $false)] - [ValidateSet("schannel", "openssl")] + [ValidateSet("schannel", "openssl", "openssl3")] [string]$Tls = "", [Parameter(Mandatory = $false)] diff --git a/scripts/test.ps1 b/scripts/test.ps1 index 8b82459e4a..1ebbfed355 100644 --- a/scripts/test.ps1 +++ b/scripts/test.ps1 @@ -97,7 +97,7 @@ param ( [string]$Arch = "", [Parameter(Mandatory = $false)] - [ValidateSet("schannel", "openssl")] + [ValidateSet("schannel", "openssl", "openssl3")] [string]$Tls = "", [Parameter(Mandatory = $false)] diff --git a/scripts/write-versions.ps1 b/scripts/write-versions.ps1 index 8ef87dd499..ec79f53ac9 100644 --- a/scripts/write-versions.ps1 +++ b/scripts/write-versions.ps1 @@ -12,7 +12,7 @@ param ( [string]$Platform = "", [Parameter(Mandatory = $false)] - [ValidateSet("schannel", "openssl")] + [ValidateSet("schannel", "openssl", "openssl3")] [string]$Tls = "" ) diff --git a/src/inc/msquicp.h b/src/inc/msquicp.h index 3eac36db5c..adf423339e 100644 --- a/src/inc/msquicp.h +++ b/src/inc/msquicp.h @@ -75,10 +75,12 @@ typedef struct QUIC_TEST_DATAPATH_HOOKS { // #define QUIC_TEST_DATAPATH_HOOKS_ENABLED 1 +#ifndef QUIC_TEST_OPENSSL_FLAGS // Not supported on OpenSSL currently // // Failing test certificates are only available for debug builds // #define QUIC_TEST_FAILING_TEST_CERTIFICATES 1 +#endif // // Allocation failures are currently only enabled on debug builds. diff --git a/src/platform/unittest/TlsTest.cpp b/src/platform/unittest/TlsTest.cpp index 937b9bca02..c132c14f0d 100644 --- a/src/platform/unittest/TlsTest.cpp +++ b/src/platform/unittest/TlsTest.cpp @@ -1540,7 +1540,6 @@ TEST_F(TlsTest, ExtraCertificateValidation) } } -#ifndef QUIC_DISABLE_PORTABLE_CERTIFICATE_TESTS TEST_F(TlsTest, PortableCertificateValidation) { CxPlatClientSecConfig ClientConfig( @@ -1565,6 +1564,7 @@ TEST_F(TlsTest, PortableCertificateValidation) } } +#ifndef QUIC_TEST_OPENSSL_FLAGS // Not supported on OpenSSL TEST_F(TlsTest, InProcPortableCertificateValidation) { CxPlatClientSecConfig ClientConfig( diff --git a/src/test/bin/quic_gtest.cpp b/src/test/bin/quic_gtest.cpp index 8c104db991..cc0ae5738e 100644 --- a/src/test/bin/quic_gtest.cpp +++ b/src/test/bin/quic_gtest.cpp @@ -1884,6 +1884,7 @@ TEST(Misc, SlowReceive) { } #ifdef QUIC_TEST_ALLOC_FAILURES_ENABLED +#ifndef QUIC_TEST_OPENSSL_FLAGS // Not supported on OpenSSL TEST(Misc, NthAllocFail) { TestLogger Logger("NthAllocFail"); if (TestingKernelMode) { @@ -1892,7 +1893,8 @@ TEST(Misc, NthAllocFail) { QuicTestNthAllocFail(); } } -#endif +#endif // QUIC_TEST_OPENSSL_FLAGS +#endif // QUIC_TEST_ALLOC_FAILURES_ENABLED TEST(Misc, StreamPriority) { TestLogger Logger("StreamPriority"); diff --git a/submodules/CMakeLists.txt b/submodules/CMakeLists.txt index db3883401a..6295f7f810 100644 --- a/submodules/CMakeLists.txt +++ b/submodules/CMakeLists.txt @@ -124,7 +124,7 @@ if (WIN32) add_custom_command( WORKING_DIRECTORY $,${QUIC_BUILD_DIR}/submodules/${QUIC_OPENSSL}/debug,${QUIC_BUILD_DIR}/submodules/${QUIC_OPENSSL}/release> OUTPUT $,${QUIC_BUILD_DIR}/submodules/${QUIC_OPENSSL}/debug/makefile,${QUIC_BUILD_DIR}/submodules/${QUIC_OPENSSL}/release/makefile> - COMMAND perl ${CMAKE_CURRENT_SOURCE_DIR}/openssl/Configure ${OPENSSL_CONFIG_FLAGS} $<$:--debug> $<$:--prefix=${OPENSSL_DIR}/debug> $<$>:--prefix=${OPENSSL_DIR}/release> + COMMAND perl ${CMAKE_CURRENT_SOURCE_DIR}/${QUIC_OPENSSL}/Configure ${OPENSSL_CONFIG_FLAGS} $<$:--debug> $<$:--prefix=${OPENSSL_DIR}/debug> $<$>:--prefix=${OPENSSL_DIR}/release> COMMENT "OpenSSL configure" ) @@ -300,7 +300,7 @@ else() if (QUIC_USE_OPENSSL3 AND QUIC_USE_SYSTEM_LIBCRYPTO) # OpenSSL 3 uses different sources for static and dynamic libraries. # That is ok if you use either one consistently but it fails to link when we use dynamic crypto with static ssl. - # To fix that we need little hackery - see openssl3/ssl/build.info + # To fix that we need little hackery - see openssl3/ssl/build.info add_custom_command( OUTPUT ${LIBSSL_PATH} OUTPUT ${LIBCRYPTO_PATH}