WIP: change agent reuse process

tlspuffin · Jun 4, 2024 · 5ea47da · 5ea47da
1 parent c28b2c2
commit 5ea47da
Show file tree

Hide file tree

Showing 8 changed files with 70 additions and 94 deletions.
diff --git a/puffin/src/agent.rs b/puffin/src/agent.rs
@@ -203,15 +203,6 @@ impl<PB: ProtocolBehavior> Agent<PB> {
         &self.put_descriptor
     }
 
-    pub fn rename(&mut self, new_name: AgentName) -> Result<(), Error> {
-        self.name = new_name;
-
-        self.put.deregister_claimer();
-        self.put.register_claimer(new_name);
-
-        Ok(())
-    }
-
     pub fn progress(&mut self) -> Result<(), Error> {
         self.put.progress()
     }
@@ -233,7 +224,10 @@ impl<PB: ProtocolBehavior> Agent<PB> {
     /// Checks whether the agent is reusable with the descriptor.
     pub fn is_reusable_with(&self, other: &AgentDescriptor) -> bool {
         let agent_descriptor = self.put.descriptor();
-        agent_descriptor.typ == other.typ && agent_descriptor.tls_version == other.tls_version
+        println!("reusable? {:#?} vs {:#?}", agent_descriptor, other);
+        agent_descriptor.name == other.name
+            && agent_descriptor.typ == other.typ
+            && agent_descriptor.tls_version == other.tls_version
     }
 
     pub fn name(&self) -> AgentName {

diff --git a/puffin/src/trace.rs b/puffin/src/trace.rs
@@ -147,7 +147,7 @@ impl<PB: ProtocolBehavior> TraceContext<PB> {
 
     pub fn new(put_registry: &PutRegistry<PB>, default_put_options: PutOptions) -> Self {
         // We keep a global list of all claims throughout the execution. Each claim is identified
-        // by the AgentName. A rename of an Agent does not interfere with this.
+        // by the AgentName.
         let claims = GlobalClaimList::new();
 
         Self {
@@ -374,11 +374,12 @@ impl<M: Matcher> Trace<M> {
                 .iter_mut()
                 .position(|existing| existing.is_reusable_with(descriptor))
             {
+                println!("reusing agent");
                 let mut reusable = pool.swap_remove(position);
                 reusable.reset()?;
-                reusable.rename(descriptor.name)?;
                 reusable
             } else {
+                println!("spawning new agent for {:#?}", descriptor);
                 Agent::new(ctx, descriptor)?
             };
 
@@ -393,6 +394,7 @@ impl<M: Matcher> Trace<M> {
         PB: ProtocolBehavior<Matcher = M>,
     {
         let mut pool: Vec<Agent<PB>> = ctx.get_agents();
+        println!("new trace execution. Pool: {:#?}", pool);
 
         // We reseed all PUTs' PRNG before executing a trace!
         ctx.put_registry.determinism_reseed_all_factories();

diff --git a/puts/harness/include/tlspuffin/put.h b/puts/harness/include/tlspuffin/put.h
@@ -95,7 +95,6 @@ typedef struct C_PUT_TYPE
 
     RESULT (*const progress)(void *agent);
     RESULT (*const reset)(void *agent);
-    void (*const rename)(void *agent, uint8_t agent_name);
     const char *(*const describe_state)(void *agent);
     bool (*const is_state_successful)(void *agent);
     const char *(*const shutdown)(void *agent);

diff --git a/puts/harness/tls/openssl/src/put.c b/puts/harness/tls/openssl/src/put.c
@@ -15,7 +15,6 @@ static C_PUT_TYPE OPENSSL_PUT = {
 
     .progress = NULL,
     .reset = NULL,
-    .rename = NULL,
     .describe_state = NULL,
     .is_state_successful = NULL,
     .shutdown = NULL,

diff --git a/tlspuffin/src/tcp/mod.rs b/tlspuffin/src/tcp/mod.rs
@@ -713,25 +713,21 @@ mod tests {
 
     #[test]
     fn test_openssl_session_resumption_dhe_full() {
-        let port = 44330;
-        let guard = openssl_server(port, TLSVersion::V1_3);
-        let put = PutDescriptor {
+        let guard = openssl_server(44330, TLSVersion::V1_3);
+        let server_put = PutDescriptor {
             factory: TCP_PUT.to_string(),
             options: guard.build_options(),
         };
 
         let put_registry = tls_registry();
         let trace = seed_session_resumption_dhe_full.build_trace();
-        let initial_server = trace.prior_traces[0].descriptors[0].name;
         let server = trace.descriptors[0].name;
         let mut context = TraceContext::builder(&put_registry)
-            .set_put(initial_server, put.clone())
-            .set_put(server, put)
+            .set_put(server, server_put)
             .build();
 
         trace.execute(&mut context).unwrap();
 
-        let server = AgentName::first().next();
         let shutdown = context.find_agent_mut(server).unwrap().shutdown();
         info!("{}", shutdown);
         assert!(shutdown.contains("Reused session-id"));

diff --git a/tlspuffin/src/tls/seeds.rs b/tlspuffin/src/tls/seeds.rs
@@ -1300,18 +1300,15 @@ pub fn _seed_client_attacker12(
     (trace, client_verify_data)
 }
 
-pub fn seed_session_resumption_dhe(
-    initial_server: AgentName,
-    server: AgentName,
-) -> Trace<TlsQueryMatcher> {
-    let initial_handshake = seed_client_attacker(initial_server);
+pub fn seed_session_resumption_dhe(server: AgentName) -> Trace<TlsQueryMatcher> {
+    let initial_handshake = seed_client_attacker(server);
 
     let new_ticket_message = term! {
         fn_decrypt_application(
-            ((initial_server, 4)[Some(TlsQueryMatcher::ApplicationData)]), // Ticket from last session
-            (fn_server_hello_transcript(((initial_server, 0)))),
-            (fn_server_finished_transcript(((initial_server, 0)))),
-            (fn_get_server_key_share(((initial_server, 0)))),
+            ((server, 4)[Some(TlsQueryMatcher::ApplicationData)]), // Ticket from last session
+            (fn_server_hello_transcript(((server, 0)))),
+            (fn_server_finished_transcript(((server, 0)))),
+            (fn_get_server_key_share(((server, 0)))),
             fn_no_psk,
             fn_named_group_secp384r1,
             fn_true,
@@ -1357,10 +1354,10 @@ pub fn seed_session_resumption_dhe(
 
     let psk = term! {
         fn_derive_psk(
-            (fn_server_hello_transcript(((initial_server, 0)))),
-            (fn_server_finished_transcript(((initial_server, 0)))),
-            (fn_client_finished_transcript(((initial_server, 0)))),
-            (fn_get_server_key_share(((initial_server, 0)[Some(TlsQueryMatcher::Handshake(Some(HandshakeType::ServerHello)))]))),
+            (fn_server_hello_transcript(((server, 0)))),
+            (fn_server_finished_transcript(((server, 0)))),
+            (fn_client_finished_transcript(((server, 0)))),
+            (fn_get_server_key_share(((server, 0)[Some(TlsQueryMatcher::Handshake(Some(HandshakeType::ServerHello)))]))),
             (fn_get_ticket_nonce((@new_ticket_message))),
             fn_named_group_secp384r1
         )
@@ -1383,9 +1380,9 @@ pub fn seed_session_resumption_dhe(
     let resumption_client_finished = term! {
         fn_finished(
             (fn_verify_data(
-                (fn_server_finished_transcript(((server, 0)))),
-                (fn_server_hello_transcript(((server, 0)))),
-                (fn_get_server_key_share(((server, 0)[Some(TlsQueryMatcher::Handshake(Some(HandshakeType::ServerHello)))]))),
+                (fn_server_finished_transcript(((server, 1)))),
+                (fn_server_hello_transcript(((server, 1)))),
+                (fn_get_server_key_share(((server, 1)[Some(TlsQueryMatcher::Handshake(Some(HandshakeType::ServerHello)))]))),
                 (fn_psk((@psk))),
                 fn_named_group_secp384r1
             ))
@@ -1410,8 +1407,8 @@ pub fn seed_session_resumption_dhe(
                     recipe: term! {
                         fn_encrypt_handshake(
                             (@resumption_client_finished),
-                            (fn_server_hello_transcript(((server, 0)))),
-                            (fn_get_server_key_share(((server, 0)[Some(TlsQueryMatcher::Handshake(Some(HandshakeType::ServerHello)))]))),
+                            (fn_server_hello_transcript(((server, 1)))),
+                            (fn_get_server_key_share(((server, 1)[Some(TlsQueryMatcher::Handshake(Some(HandshakeType::ServerHello)))]))),
                             (fn_psk((@psk))),
                             fn_named_group_secp384r1,
                             fn_true,
@@ -1424,18 +1421,15 @@ pub fn seed_session_resumption_dhe(
     }
 }
 
-pub fn seed_session_resumption_ke(
-    initial_server: AgentName,
-    server: AgentName,
-) -> Trace<TlsQueryMatcher> {
-    let initial_handshake = seed_client_attacker(initial_server);
+pub fn seed_session_resumption_ke(server: AgentName) -> Trace<TlsQueryMatcher> {
+    let initial_handshake = seed_client_attacker(server);
 
     let new_ticket_message = term! {
         fn_decrypt_application(
-            ((initial_server, 4)[Some(TlsQueryMatcher::ApplicationData)]), // Ticket from last session
-            (fn_server_hello_transcript(((initial_server, 0)))),
-            (fn_server_finished_transcript(((initial_server, 0)))),
-            (fn_get_server_key_share(((initial_server, 0)))),
+            ((server, 4)[Some(TlsQueryMatcher::ApplicationData)]), // Ticket from last session
+            (fn_server_hello_transcript(((server, 0)))),
+            (fn_server_finished_transcript(((server, 0)))),
+            (fn_get_server_key_share(((server, 0)))),
             fn_no_psk,
             fn_named_group_secp384r1,
             fn_true,
@@ -1481,10 +1475,10 @@ pub fn seed_session_resumption_ke(
 
     let psk = term! {
         fn_derive_psk(
-            (fn_server_hello_transcript(((initial_server, 0)))),
-            (fn_server_finished_transcript(((initial_server, 0)))),
-            (fn_client_finished_transcript(((initial_server, 0)))),
-            (fn_get_server_key_share(((initial_server, 0)[Some(TlsQueryMatcher::Handshake(Some(HandshakeType::ServerHello)))]))),
+            (fn_server_hello_transcript(((server, 0)))),
+            (fn_server_finished_transcript(((server, 0)))),
+            (fn_client_finished_transcript(((server, 0)))),
+            (fn_get_server_key_share(((server, 0)[Some(TlsQueryMatcher::Handshake(Some(HandshakeType::ServerHello)))]))),
             (fn_get_ticket_nonce((@new_ticket_message))),
             fn_named_group_secp384r1
         )
@@ -1507,8 +1501,8 @@ pub fn seed_session_resumption_ke(
     let resumption_client_finished = term! {
         fn_finished(
             (fn_verify_data(
-                (fn_server_finished_transcript(((server, 0)))),
-                (fn_server_hello_transcript(((server, 0)))),
+                (fn_server_finished_transcript(((server, 1)))),
+                (fn_server_hello_transcript(((server, 1)))),
                 fn_no_key_share,
                 (fn_psk((@psk))),
                 fn_named_group_secp384r1
@@ -1534,7 +1528,7 @@ pub fn seed_session_resumption_ke(
                     recipe: term! {
                         fn_encrypt_handshake(
                             (@resumption_client_finished),
-                            (fn_server_hello_transcript(((server, 0)))),
+                            (fn_server_hello_transcript(((server, 1)))),
                             fn_no_key_share,
                             (fn_psk((@psk))),
                             fn_named_group_secp384r1,
@@ -1938,23 +1932,20 @@ pub fn _seed_client_attacker_full_boring(
 
 /// Seed which contains the whole transcript in the tree. This is rather huge 10k symbols. It grows
 /// exponentially.
-pub fn seed_session_resumption_dhe_full(
-    initial_server: AgentName,
-    server: AgentName,
-) -> Trace<TlsQueryMatcher> {
+pub fn seed_session_resumption_dhe_full(server: AgentName) -> Trace<TlsQueryMatcher> {
     let (
         initial_handshake,
         server_hello_transcript,
         server_finished_transcript,
         client_finished_transcript,
-    ) = _seed_client_attacker_full(initial_server);
+    ) = _seed_client_attacker_full(server);
 
     let new_ticket_message = term! {
         fn_decrypt_application(
-            ((initial_server, 4)[Some(TlsQueryMatcher::ApplicationData)]), // Ticket?
+            ((server, 4)[Some(TlsQueryMatcher::ApplicationData)]), // Ticket?
             (@server_hello_transcript),
             (@server_finished_transcript),
-            (fn_get_server_key_share(((initial_server, 0)))),
+            (fn_get_server_key_share(((server, 0)))),
             fn_no_psk,
             fn_named_group_secp384r1,
             fn_true,
@@ -2003,7 +1994,7 @@ pub fn seed_session_resumption_dhe_full(
             (@server_hello_transcript),
             (@server_finished_transcript),
             (@client_finished_transcript),
-            (fn_get_server_key_share(((initial_server, 0)[Some(TlsQueryMatcher::Handshake(Some(HandshakeType::ServerHello)))]))),
+            (fn_get_server_key_share(((server, 0)[Some(TlsQueryMatcher::Handshake(Some(HandshakeType::ServerHello)))]))),
             (fn_get_ticket_nonce((@new_ticket_message))),
             fn_named_group_secp384r1
         )
@@ -2029,13 +2020,13 @@ pub fn seed_session_resumption_dhe_full(
                 fn_new_transcript,
                 (@full_client_hello) // ClientHello
             )),
-            ((server, 0)[Some(TlsQueryMatcher::Handshake(Some(HandshakeType::ServerHello)))]) // plaintext ServerHello
+            ((server, 1)[Some(TlsQueryMatcher::Handshake(Some(HandshakeType::ServerHello)))]) // plaintext ServerHello
         )
     };
 
     let resumption_encrypted_extensions = term! {
         fn_decrypt_handshake(
-            ((server, 0)[Some(TlsQueryMatcher::ApplicationData)]), // Encrypted Extensions
+            ((server, 5)[Some(TlsQueryMatcher::ApplicationData)]), // Encrypted Extensions
             (@resumption_server_hello_transcript),
             (fn_get_server_key_share(((server, 0)[Some(TlsQueryMatcher::Handshake(Some(HandshakeType::ServerHello)))]))), //
             (fn_psk((@psk))),
@@ -2054,7 +2045,7 @@ pub fn seed_session_resumption_dhe_full(
 
     let resumption_server_finished = term! {
         fn_decrypt_handshake(
-            ((server, 1)[Some(TlsQueryMatcher::ApplicationData)]), // Server Handshake Finished
+            ((server, 6)[Some(TlsQueryMatcher::ApplicationData)]), // Server Handshake Finished
             (@resumption_server_hello_transcript),
             (fn_get_server_key_share(((server, 0)[Some(TlsQueryMatcher::Handshake(Some(HandshakeType::ServerHello)))]))), //
             (fn_psk((@psk))),
@@ -2102,7 +2093,7 @@ pub fn seed_session_resumption_dhe_full(
                         fn_encrypt_handshake(
                             (@resumption_client_finished),
                             (@resumption_server_hello_transcript),
-                            (fn_get_server_key_share(((server, 0)[Some(TlsQueryMatcher::Handshake(Some(HandshakeType::ServerHello)))]))),
+                            (fn_get_server_key_share(((server, 1)[Some(TlsQueryMatcher::Handshake(Some(HandshakeType::ServerHello)))]))),
                             (fn_psk((@psk))),
                             fn_named_group_secp384r1,
                             fn_true,