use TLSProxy::Record;
use TLSProxy::Message;
use TLSProxy::ClientHello;
+use TLSProxy::HelloRetryRequest;
use TLSProxy::ServerHello;
use TLSProxy::EncryptedExtensions;
+use TLSProxy::Certificate;
+use TLSProxy::CertificateVerify;
use TLSProxy::ServerKeyExchange;
use TLSProxy::NewSessionTicket;
my $IP_factory;
my $is_tls13 = 0;
+my $ciphersuite = undef;
sub new
{
serverconnects => 1,
serverpid => 0,
reneg => 0,
+ sessionfile => undef,
#Public read
execute => $execute,
$self->{record_list} = [];
$self->{message_list} = [];
$self->{clientflags} = "";
+ $self->{sessionfile} = undef;
$is_tls13 = 0;
+ $ciphersuite = undef;
TLSProxy::Message->clear();
TLSProxy::Record->clear();
if ($self->clientflags ne "") {
$execcmd .= " ".$self->clientflags;
}
+ if (defined $self->sessionfile) {
+ $execcmd .= " -ign_eof";
+ }
exec($execcmd);
}
}
}
}
+ for (my $ctr = 0;
+ defined $self->sessionfile()
+ && (!(-f $self->sessionfile()) || $ctr == 3);
+ $ctr++) {
+ sleep 1;
+ }
+
+ die "Session file not created"
+ if (defined $self->sessionfile() && !(-f $self->sessionfile()));
+
END:
print "Connection closed\n";
if($server_sock) {
print "Waiting for server process to close: "
.$self->serverpid."\n";
waitpid( $self->serverpid, 0);
+ die "exit code $? from server process\n" if $? != 0;
}
return 1;
}
return $self->{reneg};
}
+#Setting a sessionfile means that the client will not close until the given
+#file exists. This is useful in TLSv1.3 where otherwise s_client will close
+#immediately at the end of the handshake, but before the session has been
+#received from the server. A side effect of this is that s_client never sends
+#a close_notify, so instead we consider success to be when it sends application
+#data over the connection.
+sub sessionfile
+{
+ my $self = shift;
+ if (@_) {
+ $self->{sessionfile} = shift;
+ TLSProxy::Message->successondata(1);
+ }
+ return $self->{sessionfile};
+}
+
+sub ciphersuite
+{
+ my $class = shift;
+ if (@_) {
+ $ciphersuite = shift;
+ }
+ return $ciphersuite;
+}
+
1;