# Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
#
-# Licensed under the OpenSSL license (the "License"). You may not use
+# Licensed under the Apache License 2.0 (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html
$s->close();
};
if ($@ eq "") {
- $IP_factory = sub { IO::Socket::INET6->new(@_); };
+ $IP_factory = sub { IO::Socket::INET6->new(Domain => AF_INET6, @_); };
$have_IPv6 = 1;
} else {
eval {
my $execcmd = $self->execute
." s_server -max_protocol TLSv1.3 -no_comp -rev -engine ossltest"
+ #In TLSv1.3 we issue two session tickets. The default session id
+ #callback gets confused because the ossltest engine causes the same
+ #session id to be created twice due to the changed random number
+ #generation. Using "-ext_cache" replaces the default callback with a
+ #different one that doesn't get confused.
+ ." -ext_cache"
." -accept $self->{server_addr}:0"
." -cert ".$self->cert." -cert2 ".$self->cert
." -naccept ".$self->serverconnects;
open(my $savedin, "<&STDIN");
# Temporarily replace STDIN so that sink process can inherit it...
- $pid = open(STDIN, "$execcmd |") or die "Failed to $execcmd: $!\n";
+ $pid = open(STDIN, "$execcmd 2>&1 |") or die "Failed to $execcmd: $!\n";
$self->{real_serverpid} = $pid;
# Process the output from s_server until we find the ACCEPT line, which
# Wait for incoming connection from client
my $fdset = IO::Select->new($self->{proxy_sock});
- if (!$fdset->can_read(1)) {
+ if (!$fdset->can_read(60)) {
kill(3, $self->{real_serverpid});
die "s_client didn't try to connect\n";
}
my @ready;
my $ctr = 0;
local $SIG{PIPE} = "IGNORE";
- while($fdset->count
- && (!(TLSProxy::Message->end)
- || (defined $self->sessionfile()
- && (-s $self->sessionfile()) == 0))
- && $ctr < 10) {
+ $self->{saw_session_ticket} = undef;
+ while($fdset->count && $ctr < 10) {
+ if (defined($self->{sessionfile})) {
+ # s_client got -ign_eof and won't be exiting voluntarily, so we
+ # look for data *and* session ticket...
+ last if TLSProxy::Message->success()
+ && $self->{saw_session_ticket};
+ }
if (!(@ready = $fdset->can_read(1))) {
$ctr++;
next;
$self->connect_to_server();
}
$pid = $self->{clientpid};
- print "Waiting for client process to close: $pid...\n";
+ print "Waiting for s_client process to close: $pid...\n";
waitpid($pid, 0);
return 1;
$self->filter->($self);
}
+ #Take a note on NewSessionTicket
+ foreach my $message (reverse @{$self->{message_list}}) {
+ if ($message->{mt} == TLSProxy::Message::MT_NEW_SESSION_TICKET) {
+ $self->{saw_session_ticket} = 1;
+ last;
+ }
+ }
+
#Reconstruct the packet
$packet = "";
foreach my $record (@{$self->record_list}) {