]>
Commit | Line | Data |
---|---|---|
db48a903 | 1 | #! /usr/bin/env perl |
6738bf14 | 2 | # Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved. |
db48a903 MC |
3 | # |
4 | # Licensed under the OpenSSL license (the "License"). You may not use | |
5 | # this file except in compliance with the License. You can obtain a copy | |
6 | # in the file LICENSE in the source distribution or at | |
7 | # https://www.openssl.org/source/license.html | |
8 | ||
9 | use strict; | |
10 | use OpenSSL::Test qw/:DEFAULT cmdstr srctop_file srctop_dir bldtop_dir/; | |
11 | use OpenSSL::Test::Utils; | |
12 | use File::Temp qw(tempfile); | |
13 | use TLSProxy::Proxy; | |
14 | ||
15 | my $test_name = "test_comp"; | |
16 | setup($test_name); | |
17 | ||
18 | plan skip_all => "TLSProxy isn't usable on $^O" | |
c5856878 | 19 | if $^O =~ /^(VMS)$/; |
db48a903 MC |
20 | |
21 | plan skip_all => "$test_name needs the dynamic engine feature enabled" | |
22 | if disabled("engine") || disabled("dynamic-engine"); | |
23 | ||
24 | plan skip_all => "$test_name needs the sock feature enabled" | |
25 | if disabled("sock"); | |
26 | ||
ad448b21 MC |
27 | plan skip_all => "$test_name needs TLSv1.3 or TLSv1.2 enabled" |
28 | if disabled("tls1_3") && disabled("tls1_2"); | |
db48a903 MC |
29 | |
30 | $ENV{OPENSSL_ia32cap} = '~0x200000200000000'; | |
31 | $ENV{CTLOG_FILE} = srctop_file("test", "ct", "log_list.conf"); | |
32 | ||
33 | use constant { | |
34 | MULTIPLE_COMPRESSIONS => 0, | |
35 | NON_NULL_COMPRESSION => 1 | |
36 | }; | |
37 | my $testtype; | |
38 | ||
39 | my $proxy = TLSProxy::Proxy->new( | |
40 | undef, | |
41 | cmdstr(app(["openssl"]), display => 1), | |
42 | srctop_file("apps", "server.pem"), | |
43 | (!$ENV{HARNESS_ACTIVE} || $ENV{HARNESS_VERBOSE}) | |
44 | ); | |
45 | ||
46 | $proxy->start() or plan skip_all => "Unable to start up Proxy for tests"; | |
47 | plan tests => 4; | |
48 | ||
49 | SKIP: { | |
50 | skip "TLSv1.2 disabled", 2 if disabled("tls1_2"); | |
51 | #Test 1: Check that sending multiple compression methods in a TLSv1.2 | |
52 | # ClientHello succeeds | |
53 | $proxy->clear(); | |
54 | $proxy->filter(\&add_comp_filter); | |
55 | $proxy->clientflags("-no_tls1_3"); | |
56 | $testtype = MULTIPLE_COMPRESSIONS; | |
57 | $proxy->start(); | |
58 | ok(TLSProxy::Message->success(), "Non null compression"); | |
59 | ||
60 | #Test 2: NULL compression method must be present in TLSv1.2 | |
61 | $proxy->clear(); | |
db48a903 MC |
62 | $proxy->clientflags("-no_tls1_3"); |
63 | $testtype = NON_NULL_COMPRESSION; | |
64 | $proxy->start(); | |
65 | ok(TLSProxy::Message->fail(), "NULL compression missing"); | |
66 | } | |
67 | ||
68 | SKIP: { | |
69 | skip "TLSv1.3 disabled", 2 if disabled("tls1_3"); | |
70 | #Test 3: Check that sending multiple compression methods in a TLSv1.3 | |
71 | # ClientHello fails | |
72 | $proxy->clear(); | |
73 | $proxy->filter(\&add_comp_filter); | |
74 | $testtype = MULTIPLE_COMPRESSIONS; | |
75 | $proxy->start(); | |
76 | ok(TLSProxy::Message->fail(), "Non null compression (TLSv1.3)"); | |
77 | ||
ad448b21 | 78 | #Test 4: NULL compression method must be present in TLSv1.3 |
db48a903 | 79 | $proxy->clear(); |
db48a903 MC |
80 | $testtype = NON_NULL_COMPRESSION; |
81 | $proxy->start(); | |
82 | ok(TLSProxy::Message->fail(), "NULL compression missing (TLSv1.3)"); | |
83 | } | |
84 | ||
85 | sub add_comp_filter | |
86 | { | |
87 | my $proxy = shift; | |
88 | my $flight; | |
89 | my $message; | |
90 | my @comp; | |
91 | ||
92 | # Only look at the ClientHello | |
93 | return if $proxy->flight != 0; | |
94 | ||
95 | $message = ${$proxy->message_list}[0]; | |
96 | ||
97 | return if (!defined $message | |
98 | || $message->mt != TLSProxy::Message::MT_CLIENT_HELLO); | |
99 | ||
100 | if ($testtype == MULTIPLE_COMPRESSIONS) { | |
101 | @comp = ( | |
102 | 0x00, #Null compression method | |
103 | 0xff); #Unknown compression | |
ad448b21 | 104 | } elsif ($testtype == NON_NULL_COMPRESSION) { |
db48a903 MC |
105 | @comp = (0xff); #Unknown compression |
106 | } | |
107 | $message->comp_meths(\@comp); | |
108 | $message->comp_meth_len(scalar @comp); | |
109 | $message->repack(); | |
110 | } |