fix: re-seat the TLS impl's transport pointer on move

Both TLS stream impls referenced their owner's stream_ member, so
moving an openssl_stream or wolfssl_stream left the impl reading and
writing through the moved-from object's empty any_stream. Store a
pointer instead and re-seat it onto the new owner's stream_ in the
move constructor and move assignment.

Add shared TLS tests: move construction before the handshake and move
assignment of a live session followed by data transfer, reads and
shutdown after the peer closes the transport without close_notify
(stream_truncated), a handshake whose server key is AES-encrypted PEM
loaded through the password callback, an unparseable-credentials
context failing the handshake cleanly, and a no-SNI client against a
server with a servername callback. Encrypted-key decryption is a
compile-time wolfSSL feature, so that backend only requires a clean
outcome with the callback invoked; a failsafe timer tears down the
transport if a feature-limited build stalls the handshake.

Author: sgerbino

src/openssl/src/openssl_stream.cpp

@@ -36,8 +36,8 @@
 
     Data Flow (using BIO pairs)
     ---------------------------
-    App -> SSL_write -> int_bio_ -> BIO_read(ext_bio_) -> out_buf_ -> s_.write_some -> Network
-    App <- SSL_read  <- int_bio_ <- BIO_write(ext_bio_) <- in_buf_ <- s_.read_some  <- Network
+    App -> SSL_write -> int_bio_ -> BIO_read(ext_bio_) -> out_buf_ -> s_->write_some -> Network
+    App <- SSL_read  <- int_bio_ <- BIO_write(ext_bio_) <- in_buf_ <- s_->read_some  <- Network
 
     WANT_READ / WANT_WRITE Pattern
     ------------------------------
@@ -46,8 +46,8 @@
 
       1. Call SSL_read or SSL_write
       2. Check for pending output in ext_bio_ via BIO_ctrl_pending
-      3. If output pending: write to network via s_.write_some
-      4. If SSL_ERROR_WANT_READ: read from network into ext_bio_ via s_.read_some + BIO_write
+      3. If output pending: write to network via s_->write_some
+      4. If SSL_ERROR_WANT_READ: read from network into ext_bio_ via s_->read_some + BIO_write
       5. Loop back to step 1
 
     Renegotiation causes cross-direction I/O: SSL_read may need to write
@@ -311,7 +311,7 @@ get_openssl_context(tls_context_data const& cd)
 
 struct openssl_stream::impl
 {
-    capy::any_stream& s_;
+    capy::any_stream* s_;
     tls_context ctx_;
     SSL* ssl_     = nullptr;
     BIO* ext_bio_ = nullptr;
@@ -322,7 +322,7 @@ struct openssl_stream::impl
 
     capy::async_mutex io_cm_;
 
-    impl(capy::any_stream& s, tls_context ctx) : s_(s), ctx_(std::move(ctx))
+    impl(capy::any_stream& s, tls_context ctx) : s_(&s), ctx_(std::move(ctx))
     {
         in_buf_.resize(default_buffer_size);
         out_buf_.resize(default_buffer_size);
@@ -379,7 +379,7 @@ struct openssl_stream::impl
                     co_return lec;
                 capy::async_mutex::lock_guard io_guard(&io_cm_);
                 auto [ec, n] = co_await capy::write(
-                    s_, capy::const_buffer(out_buf_.data(), got));
+                    *s_, capy::const_buffer(out_buf_.data(), got));
                 if (ec)
                     co_return ec;
             }
@@ -393,7 +393,7 @@ struct openssl_stream::impl
         if (lec)
             co_return lec;
         capy::async_mutex::lock_guard io_guard(&io_cm_);
-        auto [ec, n] = co_await s_.read_some(
+        auto [ec, n] = co_await s_->read_some(
             capy::mutable_buffer(in_buf_.data(), in_buf_.size()));
         if (ec)
             co_return ec;
@@ -738,6 +738,8 @@ openssl_stream::openssl_stream(openssl_stream&& other) noexcept
     , impl_(other.impl_)
 {
     other.impl_ = nullptr;
+    if (impl_)
+        impl_->s_ = &stream_;
 }
 
 openssl_stream&
@@ -749,6 +751,8 @@ openssl_stream::operator=(openssl_stream&& other) noexcept
         stream_     = std::move(other.stream_);
         impl_       = other.impl_;
         other.impl_ = nullptr;
+        if (impl_)
+            impl_->s_ = &stream_;
     }
     return *this;
 }

src/wolfssl/src/wolfssl_stream.cpp

@@ -37,8 +37,8 @@
 
     Data Flow
     ---------
-    App -> wolfSSL_write -> send_callback -> out_buf_ -> s_.write_some -> Network
-    App <- wolfSSL_read  <- recv_callback <- in_buf_  <- s_.read_some  <- Network
+    App -> wolfSSL_write -> send_callback -> out_buf_ -> s_->write_some -> Network
+    App <- wolfSSL_read  <- recv_callback <- in_buf_  <- s_->read_some  <- Network
 
     WANT_READ / WANT_WRITE Pattern
     ------------------------------
@@ -49,7 +49,7 @@
       2. If data available: return it immediately
       3. If not: return WOLFSSL_CBIO_ERR_WANT_READ or WANT_WRITE
       4. wolfSSL_read/write returns WOLFSSL_ERROR_WANT_*
-      5. Our coroutine does async I/O: co_await s_.read_some() or write_some()
+      5. Our coroutine does async I/O: co_await s_->read_some() or write_some()
       6. Loop back to step 1
 
     Renegotiation causes cross-direction I/O: SSL_read may need to write
@@ -300,7 +300,7 @@ get_wolfssl_native_context(tls_context_data const& cd)
 
 struct wolfssl_stream::impl
 {
-    capy::any_stream& s_;
+    capy::any_stream* s_;
     tls_context ctx_;
     WOLFSSL* ssl_ = nullptr;
     bool used_    = false;
@@ -336,7 +336,7 @@ struct wolfssl_stream::impl
     // Renegotiation can cause both TLS read/write to access the socket
     capy::async_mutex io_cm_;
 
-    impl(capy::any_stream& s, tls_context ctx) : s_(s), ctx_(std::move(ctx))
+    impl(capy::any_stream& s, tls_context ctx) : s_(&s), ctx_(std::move(ctx))
     {
         read_in_buf_.resize(default_buffer_size);
         read_out_buf_.resize(default_buffer_size);
@@ -501,7 +501,7 @@ struct wolfssl_stream::impl
                             co_return {lec, total_read};
                         }
                         capy::async_mutex::lock_guard io_guard(&io_cm_);
-                        auto [rec, rn] = co_await s_.read_some(rbuf);
+                        auto [rec, rn] = co_await s_->read_some(rbuf);
                         if (rec)
                         {
                             if (rec == make_error_code(capy::error::eof))
@@ -535,7 +535,7 @@ struct wolfssl_stream::impl
                             }
                             capy::async_mutex::lock_guard io_guard(&io_cm_);
                             auto [wec, wn] = co_await capy::write(
-                                s_,
+                                *s_,
                                 capy::const_buffer(
                                     read_out_buf_.data(), read_out_len_));
                             read_out_len_ = 0;
@@ -614,7 +614,7 @@ struct wolfssl_stream::impl
                             }
                             capy::async_mutex::lock_guard io_guard(&io_cm_);
                             auto [wec, wn] = co_await capy::write(
-                                s_,
+                                *s_,
                                 capy::const_buffer(
                                     write_out_buf_.data(), write_out_len_));
                             write_out_len_ = 0;
@@ -644,7 +644,7 @@ struct wolfssl_stream::impl
                             }
                             capy::async_mutex::lock_guard io_guard(&io_cm_);
                             auto [wec, wn] = co_await capy::write(
-                                s_,
+                                *s_,
                                 capy::const_buffer(
                                     write_out_buf_.data(), write_out_len_));
                             write_out_len_ = 0;
@@ -673,7 +673,7 @@ struct wolfssl_stream::impl
                             co_return {lec, total_written};
                         }
                         capy::async_mutex::lock_guard io_guard(&io_cm_);
-                        auto [rec, rn] = co_await s_.read_some(rbuf);
+                        auto [rec, rn] = co_await s_->read_some(rbuf);
                         if (rec)
                         {
                             current_op_ = nullptr;
@@ -742,7 +742,7 @@ struct wolfssl_stream::impl
                     }
                     capy::async_mutex::lock_guard io_guard(&io_cm_);
                     auto [wec, wn] = co_await capy::write(
-                        s_,
+                        *s_,
                         capy::const_buffer(
                             read_out_buf_.data(), read_out_len_));
                     read_out_len_ = 0;
@@ -768,7 +768,7 @@ struct wolfssl_stream::impl
                         }
                         capy::async_mutex::lock_guard io_guard(&io_cm_);
                         auto [wec, wn] = co_await capy::write(
-                            s_,
+                            *s_,
                             capy::const_buffer(
                                 read_out_buf_.data(), read_out_len_));
                         read_out_len_ = 0;
@@ -794,7 +794,7 @@ struct wolfssl_stream::impl
                         break;
                     }
                     capy::async_mutex::lock_guard io_guard(&io_cm_);
-                    auto [rec, rn] = co_await s_.read_some(rbuf);
+                    auto [rec, rn] = co_await s_->read_some(rbuf);
                     if (rec)
                     {
                         ec = rec;
@@ -814,7 +814,7 @@ struct wolfssl_stream::impl
                         }
                         capy::async_mutex::lock_guard io_guard(&io_cm_);
                         auto [wec, wn] = co_await capy::write(
-                            s_,
+                            *s_,
                             capy::const_buffer(
                                 read_out_buf_.data(), read_out_len_));
                         read_out_len_ = 0;
@@ -870,7 +870,7 @@ struct wolfssl_stream::impl
                     }
                     capy::async_mutex::lock_guard io_guard(&io_cm_);
                     auto [wec, wn] = co_await capy::write(
-                        s_,
+                        *s_,
                         capy::const_buffer(
                             read_out_buf_.data(), read_out_len_));
                     read_out_len_ = 0;
@@ -892,7 +892,7 @@ struct wolfssl_stream::impl
                     }
                     capy::async_mutex::lock_guard io_guard(&io_cm_);
                     auto [wec, wn] = co_await capy::write(
-                        s_,
+                        *s_,
                         capy::const_buffer(
                             read_out_buf_.data(), read_out_len_));
                     read_out_len_ = 0;
@@ -918,7 +918,7 @@ struct wolfssl_stream::impl
                         break;
                     }
                     capy::async_mutex::lock_guard io_guard(&io_cm_);
-                    auto [rec, rn] = co_await s_.read_some(rbuf);
+                    auto [rec, rn] = co_await s_->read_some(rbuf);
                     if (rec)
                         break; // EOF or socket error during shutdown read - acceptable
                     read_in_len_ += rn;
@@ -1029,6 +1029,8 @@ wolfssl_stream::wolfssl_stream(wolfssl_stream&& other) noexcept
     , impl_(other.impl_)
 {
     other.impl_ = nullptr;
+    if (impl_)
+        impl_->s_ = &stream_;
 }
 
 wolfssl_stream&
@@ -1040,6 +1042,8 @@ wolfssl_stream::operator=(wolfssl_stream&& other) noexcept
         stream_     = std::move(other.stream_);
         impl_       = other.impl_;
         other.impl_ = nullptr;
+        if (impl_)
+            impl_->s_ = &stream_;
     }
     return *this;
 }

test/unit/openssl_stream.cpp

@@ -118,6 +118,10 @@ struct openssl_stream_test
         test::testSni(make_stream);
         test::testSniCallback(make_stream);
         test::testMtls(make_stream);
+        test::testMoveSemantics(make_stream);
+        test::testAbruptClose(make_stream);
+        test::testEncryptedKey(make_stream);
+        test::testInvalidContextHandshake(make_stream);
 
         test::testReset(make_stream, cert_modes);
         test::testResetViaHandshake(make_stream, cert_modes);

test/unit/test_utils.hpp

@@ -624,6 +624,67 @@ make_wrong_ca_context()
     return ctx;
 }
 
+/** server_key_pem encrypted with AES-128-CBC (traditional PEM).
+    Passphrase: "test-password"
+    Command:
+      openssl rsa -traditional -in server_key.pem -aes128 -passout pass:test-password
+*/
+inline constexpr char const* encrypted_server_key_pem =
+    "-----BEGIN RSA PRIVATE KEY-----\n"
+    "Proc-Type: 4,ENCRYPTED\n"
+    "DEK-Info: AES-128-CBC,8042604E303B1469DCCA597EA6555AA9\n"
+    "\n"
+    "c6KSpVasopI6/gsa+NOVnOsMGJG8Y1emu3J4aLsCoYkHWQT7axL/ZLTH7AjRn4Sj\n"
+    "HD+gP/4QA6UMdVqShesc4zd1bEhq2RV3yir6ast6IfXB3zpq4ggK2cLMYYOo4VwF\n"
+    "jKP4XTN8KL3xLQssWdahPsPnkFBR0M/VCo6YCpuZi8zc5iAOHzkGVXf3rCkRORtO\n"
+    "5qssbqV33FzwHPeH0PuKWZxcApYfLSRA7vt/bqIxg49WhXGJMhkv4qFpSoaiZ5Tc\n"
+    "HlNLfrTbG+A0zUh6f3Oeqm6F95LP7yi2TGxM7oGiJtkwksWoEvS4d9p+NmRNKr0i\n"
+    "gZJjOUKq9oxPzFdcRS1H7AkDjraw3q1NTxrcFlXbjtxDm9t6GkLuwXfUz0n31IL9\n"
+    "/jQX3/N3eVKp8mHMRWmdtllmK0/XeYBH5A4MKpBz4/smuDoStMsmezP4+0qYyE2H\n"
+    "YUHaTlTrJQBG/BpIJmJk7BfzqGoTg3dgSNxMc1gYpCwcK0X/w+6HzEOtMjGWGhv1\n"
+    "Cbq03wMH8BLdIFMNRpnN0cLUBJItnn58AxDg0JsIii7jxEpAVVpl3tTC5Lk3q97k\n"
+    "15fpGhMKya8iZ0EFs6jdjuJoGNl7+KnMoet0cQ1CyV5uSzus6qBdz6ATHsF8KTRj\n"
+    "xNCXc1cbEt8A2soazFBUVeN1MQFt5yTKLCEz1Sb4M9Wn3IT07JUpWjGZLIrz9KWe\n"
+    "JU2oKjSxQmKbAPmpRRe84MR5O8qCytCAstR/GG+qU1HZsW/bgB/2RTY7kcTeOpke\n"
+    "/jw2iZUygNkXgCiik+LqwAbchkVw6ImRYCTdaXfq+bFwV+2JBUMfotCgxawFVaDc\n"
+    "EdEF18g01II/xxr9HGA6hCJioP4curRiJNeqqs0S+4nJAxv8IiesdbmzbxBzAPql\n"
+    "bzcfmrMH2qrDEJg1NiPaMODwfcdpgfjE5yMewI+nCRuOWSVPzk092zmPI9qv1xFK\n"
+    "B+76CzH88yGESip3x2Zsce1FB/HV2CBcvzjIkkMtHdFzpXidg0bS7vDG4WTyGdti\n"
+    "9z3K31rD0qi6IRtQlLiHZIaKhSMNqPnfePRCru0S4rHWGcVtdrsKaHL201meLSPi\n"
+    "Iw82DRbNVs/lLPGtMJ0DzKbJvTMWFoC0zZ/nIaRa2hi7nd/Ig0oD19cVIkB4IWPp\n"
+    "tuR53NZs9EsEqjNnNmn5ftdTAO8P50EulaaPjJggIF59C9u74hhgI+UvMrnOhq0C\n"
+    "nlyfUgl6nS0WgBc+rtCdB59xppPobefyZ06Rud4QFJmz/wdazXzuimPCkpNDv/8t\n"
+    "lbS952xleT2dYawtho4K+ZMV6q2SFfjAXZjhy/fbVP1vqqXOZPeEC4n070ITifHO\n"
+    "GN/5evJpcYxohXB2paKkwHWeN9oaolBXBpW5zZKNacEcu/uFWjN8UYuxO/9/Wls7\n"
+    "yimyYsmoYtbxVTH5H+UE4TlaIhGXy46VzYRkEYx43m7laIPdyyctQV4cb7Xec9ZS\n"
+    "o/UWTdrl/e0k0UoftWRH4a5RCubDQ21khoyTabVSfiJY48GEAUExGItiG6C7KZ/S\n"
+    "xXW6nBG4TmkXJYEwVNJfVygvVDjFPrHtKhFLHs7nsigDK0jNvTbAXNhhCrSMkLC8\n"
+    "-----END RSA PRIVATE KEY-----\n";
+
+/// Passphrase matching `encrypted_server_key_pem`.
+inline constexpr char const* encrypted_key_password = "test-password";
+
+/** Create a server context whose key needs the password callback. */
+inline tls_context
+make_encrypted_key_server_context(bool& callback_invoked)
+{
+    tls_context ctx;
+    ctx.use_certificate(
+        server_cert_pem,
+        tls_file_format::pem); // NOLINT(bugprone-unused-return-value)
+    ctx.set_password_callback(
+        [&callback_invoked](std::size_t, tls_password_purpose) {
+            callback_invoked = true;
+            return std::string(encrypted_key_password);
+        });
+    ctx.use_private_key(
+        encrypted_server_key_pem,
+        tls_file_format::pem); // NOLINT(bugprone-unused-return-value)
+    ctx.set_verify_mode(
+        tls_verify_mode::none); // NOLINT(bugprone-unused-return-value)
+    return ctx;
+}
+
 /** Create a context that requires peer verification but has no cert. */
 inline tls_context
 make_verify_no_cert_context()