-# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
use TLSProxy::Record;
use TLSProxy::Message;
use TLSProxy::ClientHello;
-use TLSProxy::HelloRetryRequest;
use TLSProxy::ServerHello;
use TLSProxy::EncryptedExtensions;
use TLSProxy::Certificate;
cert => $cert,
debug => $debug,
cipherc => "",
- ciphers => "AES128-SHA:TLS13-AES-128-GCM-SHA256",
+ ciphersuitesc => "",
+ ciphers => "AES128-SHA",
+ ciphersuitess => "TLS_AES_128_GCM_SHA256",
flight => 0,
record_list => [],
message_list => [],
}
}
+ # Create the Proxy socket
+ my $proxaddr = $self->{proxy_addr};
+ $proxaddr =~ s/[\[\]]//g; # Remove [ and ]
+ my @proxyargs = (
+ LocalHost => $proxaddr,
+ LocalPort => $self->{proxy_port},
+ Proto => "tcp",
+ Listen => SOMAXCONN,
+ );
+ push @proxyargs, ReuseAddr => 1
+ unless $^O eq "MSWin32";
+ $self->{proxy_sock} = $IP_factory->(@proxyargs);
+
+ if ($self->{proxy_sock}) {
+ print "Proxy started on port ".$self->{proxy_port}."\n";
+ } else {
+ warn "Failed creating proxy socket (".$proxaddr.",".$self->{proxy_port}."): $!\n";
+ }
+
return bless $self, $class;
}
+sub DESTROY
+{
+ my $self = shift;
+
+ $self->{proxy_sock}->close() if $self->{proxy_sock};
+}
+
sub clearClient
{
my $self = shift;
$self->{cipherc} = "";
+ $self->{ciphersuitec} = "";
$self->{flight} = 0;
$self->{record_list} = [];
$self->{message_list} = [];
my $self = shift;
$self->clearClient;
- $self->{ciphers} = "AES128-SHA:TLS13-AES-128-GCM-SHA256";
+ $self->{ciphers} = "AES128-SHA";
+ $self->{ciphersuitess} = "TLS_AES_128_GCM_SHA256";
$self->{serverflags} = "";
$self->{serverconnects} = 1;
$self->{serverpid} = 0;
my ($self) = shift;
my $pid;
+ if ($self->{proxy_sock} == 0) {
+ return 0;
+ }
+
$pid = fork();
if ($pid == 0) {
- if (!$self->debug) {
- open(STDOUT, ">", File::Spec->devnull())
- or die "Failed to redirect stdout: $!";
- open(STDERR, ">&STDOUT");
- }
my $execcmd = $self->execute
- ." s_server -no_comp -rev -engine ossltest -accept "
+ ." s_server -max_protocol TLSv1.3 -no_comp -rev -engine ossltest -accept "
.($self->server_port)
." -cert ".$self->cert." -cert2 ".$self->cert
." -naccept ".$self->serverconnects;
+ unless ($self->supports_IPv6) {
+ $execcmd .= " -4";
+ }
if ($self->ciphers ne "") {
$execcmd .= " -cipher ".$self->ciphers;
}
+ if ($self->ciphersuitess ne "") {
+ $execcmd .= " -ciphersuites ".$self->ciphersuitess;
+ }
if ($self->serverflags ne "") {
$execcmd .= " ".$self->serverflags;
}
my ($self) = shift;
my $oldstdout;
- if(!$self->debug) {
- open DEVNULL, ">", File::Spec->devnull();
- $oldstdout = select(DEVNULL);
- }
-
- # Create the Proxy socket
- my $proxaddr = $self->proxy_addr;
- $proxaddr =~ s/[\[\]]//g; # Remove [ and ]
- my $proxy_sock = $IP_factory->(
- LocalHost => $proxaddr,
- LocalPort => $self->proxy_port,
- Proto => "tcp",
- Listen => SOMAXCONN,
- ReuseAddr => 1
- );
-
- if ($proxy_sock) {
- print "Proxy started on port ".$self->proxy_port."\n";
- } else {
- warn "Failed creating proxy socket (".$proxaddr.",".$self->proxy_port."): $!\n";
- return 0;
- }
-
if ($self->execute) {
my $pid = fork();
if ($pid == 0) {
- if (!$self->debug) {
- open(STDOUT, ">", File::Spec->devnull())
- or die "Failed to redirect stdout: $!";
- open(STDERR, ">&STDOUT");
- }
my $echostr;
if ($self->reneg()) {
$echostr = "R";
$echostr = "test";
}
my $execcmd = "echo ".$echostr." | ".$self->execute
- ." s_client -engine ossltest -connect "
+ ." s_client -max_protocol TLSv1.3 -engine ossltest -connect "
.($self->proxy_addr).":".($self->proxy_port);
+ unless ($self->supports_IPv6) {
+ $execcmd .= " -4";
+ }
if ($self->cipherc ne "") {
$execcmd .= " -cipher ".$self->cipherc;
}
+ if ($self->ciphersuitesc ne "") {
+ $execcmd .= " -ciphersuites ".$self->ciphersuitesc;
+ }
if ($self->clientflags ne "") {
$execcmd .= " ".$self->clientflags;
}
# Wait for incoming connection from client
my $client_sock;
- if(!($client_sock = $proxy_sock->accept())) {
+ if(!($client_sock = $self->{proxy_sock}->accept())) {
warn "Failed accepting incoming connection: $!\n";
return 0;
}
print "Connection opened\n";
# Now connect to the server
- my $retry = 10;
+ my $retry = 50;
my $server_sock;
#We loop over this a few times because sometimes s_server can take a while
#to start up
#Wait for either the server socket or the client socket to become readable
my @ready;
my $ctr = 0;
+ local $SIG{PIPE} = "IGNORE";
while( (!(TLSProxy::Message->end)
|| (defined $self->sessionfile()
&& (-s $self->sessionfile()) == 0))
#Closing this also kills the child process
$client_sock->close();
}
- if($proxy_sock) {
- $proxy_sock->close();
- }
if(!$self->debug) {
select($oldstdout);
}
my $self = shift;
return $have_IPv6;
}
-
-#Read/write accessors
sub proxy_addr
{
my $self = shift;
- if (@_) {
- $self->{proxy_addr} = shift;
- }
return $self->{proxy_addr};
}
sub proxy_port
{
my $self = shift;
- if (@_) {
- $self->{proxy_port} = shift;
- }
return $self->{proxy_port};
}
+
+#Read/write accessors
sub server_addr
{
my $self = shift;
}
return $self->{cipherc};
}
+sub ciphersuitesc
+{
+ my $self = shift;
+ if (@_) {
+ $self->{ciphersuitesc} = shift;
+ }
+ return $self->{ciphersuitesc};
+}
sub ciphers
{
my $self = shift;
}
return $self->{ciphers};
}
+sub ciphersuitess
+{
+ my $self = shift;
+ if (@_) {
+ $self->{ciphersuitess} = shift;
+ }
+ return $self->{ciphersuitess};
+}
sub serverflags
{
my $self = shift;
projects / openssl.git / blobdiff