X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=test%2Frecipes%2F70-test_sslmessages.t;h=95c4cbe5537fea66e342751517d916246746274b;hp=790b3aeda26c540ecef5567e73cd14c6f83f2f10;hb=433deaffce45d58efd6bb014672f7fb95062d458;hpb=d734582275aa29ef839af2130ae84af20b84425e diff --git a/test/recipes/70-test_sslmessages.t b/test/recipes/70-test_sslmessages.t index 790b3aeda2..95c4cbe553 100644 --- a/test/recipes/70-test_sslmessages.t +++ b/test/recipes/70-test_sslmessages.t @@ -1,7 +1,7 @@ #! /usr/bin/env perl -# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved. # -# Licensed under the OpenSSL license (the "License"). You may not use +# Licensed under the Apache License 2.0 (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy # in the file LICENSE in the source distribution or at # https://www.openssl.org/source/license.html @@ -17,7 +17,7 @@ my $test_name = "test_sslmessages"; setup($test_name); plan skip_all => "TLSProxy isn't usable on $^O" - if $^O =~ /^(VMS|MSWin32)$/; + if $^O =~ /^(VMS)$/; plan skip_all => "$test_name needs the dynamic engine feature enabled" if disabled("engine") || disabled("dynamic-engine"); @@ -26,10 +26,11 @@ plan skip_all => "$test_name needs the sock feature enabled" if disabled("sock"); plan skip_all => "$test_name needs TLS enabled" - if alldisabled(available_protocols("tls")); + if alldisabled(available_protocols("tls")) + || (!disabled("tls1_3") && disabled("tls1_2")); $ENV{OPENSSL_ia32cap} = '~0x200000200000000'; -$ENV{CTLOG_FILE} = srctop_file("test", "ct", "log_list.conf"); +$ENV{CTLOG_FILE} = srctop_file("test", "ct", "log_list.cnf"); my $proxy = TLSProxy::Proxy->new( undef, @@ -94,58 +95,81 @@ my $proxy = TLSProxy::Proxy->new( @extensions = ( [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SERVER_NAME, + TLSProxy::Message::CLIENT, checkhandshake::SERVER_NAME_CLI_EXTENSION], [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_STATUS_REQUEST, + TLSProxy::Message::CLIENT, checkhandshake::STATUS_REQUEST_CLI_EXTENSION], (disabled("ec") ? () : [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SUPPORTED_GROUPS, + TLSProxy::Message::CLIENT, checkhandshake::DEFAULT_EXTENSIONS]), (disabled("ec") ? () : [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_EC_POINT_FORMATS, + TLSProxy::Message::CLIENT, checkhandshake::DEFAULT_EXTENSIONS]), (disabled("tls1_2") ? () : [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SIG_ALGS, + TLSProxy::Message::CLIENT, checkhandshake::DEFAULT_EXTENSIONS]), [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_ALPN, + TLSProxy::Message::CLIENT, checkhandshake::ALPN_CLI_EXTENSION], [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SCT, + TLSProxy::Message::CLIENT, checkhandshake::SCT_CLI_EXTENSION], [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_ENCRYPT_THEN_MAC, + TLSProxy::Message::CLIENT, checkhandshake::DEFAULT_EXTENSIONS], [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_EXTENDED_MASTER_SECRET, + TLSProxy::Message::CLIENT, checkhandshake::DEFAULT_EXTENSIONS], [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SESSION_TICKET, + TLSProxy::Message::CLIENT, checkhandshake::DEFAULT_EXTENSIONS], [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_RENEGOTIATE, + TLSProxy::Message::CLIENT, checkhandshake::RENEGOTIATE_CLI_EXTENSION], [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_NPN, + TLSProxy::Message::CLIENT, checkhandshake::NPN_CLI_EXTENSION], [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SRP, + TLSProxy::Message::CLIENT, checkhandshake::SRP_CLI_EXTENSION], [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_RENEGOTIATE, + TLSProxy::Message::SERVER, checkhandshake::DEFAULT_EXTENSIONS], [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_ENCRYPT_THEN_MAC, + TLSProxy::Message::SERVER, checkhandshake::DEFAULT_EXTENSIONS], [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_EXTENDED_MASTER_SECRET, + TLSProxy::Message::SERVER, checkhandshake::DEFAULT_EXTENSIONS], [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_SESSION_TICKET, + TLSProxy::Message::SERVER, checkhandshake::SESSION_TICKET_SRV_EXTENSION], [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_SERVER_NAME, + TLSProxy::Message::SERVER, checkhandshake::SERVER_NAME_SRV_EXTENSION], [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_STATUS_REQUEST, + TLSProxy::Message::SERVER, checkhandshake::STATUS_REQUEST_SRV_EXTENSION], [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_ALPN, + TLSProxy::Message::SERVER, checkhandshake::ALPN_SRV_EXTENSION], [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_SCT, + TLSProxy::Message::SERVER, checkhandshake::SCT_SRV_EXTENSION], [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_NPN, + TLSProxy::Message::SERVER, checkhandshake::NPN_SRV_EXTENSION], [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_EC_POINT_FORMATS, + TLSProxy::Message::SERVER, checkhandshake::EC_POINT_FORMAT_SRV_EXTENSION], - [0,0,0] + [0,0,0,0] ); #Test 1: Check we get all the right messages for a default handshake @@ -220,24 +244,25 @@ $proxy->reneg(1); $proxy->start(); checkhandshake($proxy, checkhandshake::RENEG_HANDSHAKE, checkhandshake::DEFAULT_EXTENSIONS, - "Rengotiation handshake test"); + "Renegotiation handshake test"); -#Test 8: Server name handshake (client request only) +#Test 8: Server name handshake (no client request) $proxy->clear(); -$proxy->clientflags("-no_tls1_3 -servername testhost"); +$proxy->clientflags("-no_tls1_3 -noservername"); $proxy->start(); checkhandshake($proxy, checkhandshake::DEFAULT_HANDSHAKE, checkhandshake::DEFAULT_EXTENSIONS - | checkhandshake::SERVER_NAME_CLI_EXTENSION, + & ~checkhandshake::SERVER_NAME_CLI_EXTENSION, "Server name handshake test (client)"); #Test 9: Server name handshake (server support only) $proxy->clear(); -$proxy->clientflags("-no_tls1_3"); +$proxy->clientflags("-no_tls1_3 -noservername"); $proxy->serverflags("-servername testhost"); $proxy->start(); checkhandshake($proxy, checkhandshake::DEFAULT_HANDSHAKE, - checkhandshake::DEFAULT_EXTENSIONS, + checkhandshake::DEFAULT_EXTENSIONS + & ~checkhandshake::SERVER_NAME_CLI_EXTENSION, "Server name handshake test (server)"); #Test 10: Server name handshake (client and server) @@ -247,7 +272,6 @@ $proxy->serverflags("-servername testhost"); $proxy->start(); checkhandshake($proxy, checkhandshake::DEFAULT_HANDSHAKE, checkhandshake::DEFAULT_EXTENSIONS - | checkhandshake::SERVER_NAME_CLI_EXTENSION | checkhandshake::SERVER_NAME_SRV_EXTENSION, "Server name handshake test"); @@ -396,6 +420,7 @@ SKIP: { skip "No EC support in this OpenSSL build", 1 if disabled("ec"); $proxy->clear(); $proxy->clientflags("-no_tls1_3"); + $proxy->serverflags("-no_tls1_3"); $proxy->ciphers("ECDHE-RSA-AES128-SHA"); $proxy->start(); checkhandshake($proxy, checkhandshake::EC_HANDSHAKE,