[thirdparty/openssl.git] / test / recipes / 80-test_ssl_new.t

#! /usr/bin/env perl
# Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the Apache License 2.0 (the "License").  You may not use
# this file except in compliance with the License.  You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html


use strict;
use warnings;

use File::Basename;
use File::Compare qw/compare_text/;
use OpenSSL::Glob;
use OpenSSL::Test qw/:DEFAULT srctop_dir srctop_file/;
use OpenSSL::Test::Utils qw/disabled alldisabled available_protocols/;

setup("test_ssl_new");

$ENV{TEST_CERTS_DIR} = srctop_dir("test", "certs");
$ENV{CTLOG_FILE} = srctop_file("test", "ct", "log_list.conf");

my @conf_srcs =  glob(srctop_file("test", "ssl-tests", "*.conf.in"));
map { s/;.*// } @conf_srcs if $^O eq "VMS";
my @conf_files = map { basename($_, ".in") } @conf_srcs;
map { s/\^// } @conf_files if $^O eq "VMS";

# We hard-code the number of tests to double-check that the globbing above
# finds all files as expected.
plan tests => 30;  # = scalar @conf_srcs

# Some test results depend on the configuration of enabled protocols. We only
# verify generated sources in the default configuration.
my $is_default_tls = (disabled("ssl3") && !disabled("tls1") &&
                      !disabled("tls1_1") && !disabled("tls1_2") &&
                      !disabled("tls1_3"));

my $is_default_dtls = (!disabled("dtls1") && !disabled("dtls1_2"));

my @all_pre_tls1_3 = ("ssl3", "tls1", "tls1_1", "tls1_2");
my $no_tls = alldisabled(available_protocols("tls"));
my $no_tls_below1_3 = $no_tls || (disabled("tls1_2") && !disabled("tls1_3"));
my $no_pre_tls1_3 = alldisabled(@all_pre_tls1_3);
my $no_dtls = alldisabled(available_protocols("dtls"));
my $no_npn = disabled("nextprotoneg");
my $no_ct = disabled("ct");
my $no_ec = disabled("ec");
my $no_dh = disabled("dh");
my $no_dsa = disabled("dsa");
my $no_ec2m = disabled("ec2m");
my $no_ocsp = disabled("ocsp");

# Add your test here if the test conf.in generates test cases and/or
# expectations dynamically based on the OpenSSL compile-time config.
my %conf_dependent_tests = (
  "02-protocol-version.conf" => !$is_default_tls,
  "04-client_auth.conf" => !$is_default_tls || !$is_default_dtls
                           || !disabled("sctp"),
  "05-sni.conf" => disabled("tls1_1"),
  "07-dtls-protocol-version.conf" => !$is_default_dtls || !disabled("sctp"),
  "10-resumption.conf" => !$is_default_tls,
  "11-dtls_resumption.conf" => !$is_default_dtls || !disabled("sctp"),
  "16-dtls-certstatus.conf" => !$is_default_dtls || !disabled("sctp"),
  "17-renegotiate.conf" => disabled("tls1_2"),
  "18-dtls-renegotiate.conf" => disabled("dtls1_2") || !disabled("sctp"),
  "19-mac-then-encrypt.conf" => !$is_default_tls,
  "20-cert-select.conf" => !$is_default_tls || $no_dh || $no_dsa,
  "22-compression.conf" => !$is_default_tls,
  "25-cipher.conf" => disabled("poly1305") || disabled("chacha"),
  "27-ticket-appdata.conf" => !$is_default_tls,
  "28-seclevel.conf" => disabled("tls1_2") || $no_ec,
  "30-extended-master-secret.conf" => disabled("tls1_2"),
);

# Add your test here if it should be skipped for some compile-time
# configurations. Default is $no_tls but some tests have different skip
# conditions.
my %skip = (
  "06-sni-ticket.conf" => $no_tls_below1_3,
  "07-dtls-protocol-version.conf" => $no_dtls,
  "08-npn.conf" => (disabled("tls1") && disabled("tls1_1")
                    && disabled("tls1_2")) || $no_npn,
  "10-resumption.conf" => disabled("tls1_1") || disabled("tls1_2"),
  "11-dtls_resumption.conf" => disabled("dtls1") || disabled("dtls1_2"),
  "12-ct.conf" => $no_tls || $no_ct || $no_ec,
  # We could run some of these tests without TLS 1.2 if we had a per-test
  # disable instruction but that's a bizarre configuration not worth
  # special-casing for.
  # TODO(TLS 1.3): We should review this once we have TLS 1.3.
  "13-fragmentation.conf" => disabled("tls1_2"),
  "14-curves.conf" => disabled("tls1_2") || $no_ec || $no_ec2m,
  "15-certstatus.conf" => $no_tls || $no_ocsp,
  "16-dtls-certstatus.conf" => $no_dtls || $no_ocsp,
  "17-renegotiate.conf" => $no_tls_below1_3,
  "18-dtls-renegotiate.conf" => $no_dtls,
  "19-mac-then-encrypt.conf" => $no_pre_tls1_3,
  "20-cert-select.conf" => disabled("tls1_2") || $no_ec,
  "21-key-update.conf" => disabled("tls1_3"),
  "22-compression.conf" => disabled("zlib") || $no_tls,
  "23-srp.conf" => (disabled("tls1") && disabled ("tls1_1")
                    && disabled("tls1_2")) || disabled("srp"),
  "24-padding.conf" => disabled("tls1_3"),
  "25-cipher.conf" => disabled("ec") || disabled("tls1_2"),
  "26-tls13_client_auth.conf" => disabled("tls1_3"),
  "29-dtls-sctp-label-bug.conf" => disabled("sctp") || disabled("sock"),
);

foreach my $conf (@conf_files) {
    subtest "Test configuration $conf" => sub {
        test_conf($conf,
                  $conf_dependent_tests{$conf} || $^O eq "VMS" ?  0 : 1,
                  defined($skip{$conf}) ? $skip{$conf} : $no_tls);
    }
}

sub test_conf {
    plan tests => 3;

    my ($conf, $check_source, $skip) = @_;

    my $conf_file = srctop_file("test", "ssl-tests", $conf);
    my $tmp_file = "${conf}.$$.tmp";
    my $run_test = 1;

  SKIP: {
      # "Test" 1. Generate the source.
      my $input_file = $conf_file . ".in";

      skip 'failure', 2 unless
        ok(run(perltest(["generate_ssl_tests.pl", $input_file],
                        interpreter_args => [ "-I", srctop_dir("util", "perl")],
                        stdout => $tmp_file)),
           "Getting output from generate_ssl_tests.pl.");

    SKIP: {
        # Test 2. Compare against existing output in test/ssl_tests.conf.
        skip "Skipping generated source test for $conf", 1
          if !$check_source;

        $run_test = is(cmp_text($tmp_file, $conf_file), 0,
                       "Comparing generated sources.");
      }

      # Test 3. Run the test.
      skip "No tests available; skipping tests", 1 if $skip;
      skip "Stale sources; skipping tests", 1 if !$run_test;

      ok(run(test(["ssl_test", $tmp_file])), "running ssl_test $conf");
    }

    unlink glob $tmp_file;
}

sub cmp_text {
    return compare_text(@_, sub {
        $_[0] =~ s/\R//g;
        $_[1] =~ s/\R//g;
        return $_[0] ne $_[1];
    });
}
Commit	Line	Data
596d6b7e	1	#! /usr/bin/env perl
6738bf14	2	# Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
596d6b7e	3	#
909f1a2e	4	# Licensed under the Apache License 2.0 (the "License"). You may not use
596d6b7e RS	5	# this file except in compliance with the License. You can obtain a copy
	6	# in the file LICENSE in the source distribution or at
	7	# https://www.openssl.org/source/license.html
	8
453dfd8d EK	9
	10	use strict;
	11	use warnings;
	12
	13	use File::Basename;
	14	use File::Compare qw/compare_text/;
8d2214c0	15	use OpenSSL::Glob;
453dfd8d EK	16	use OpenSSL::Test qw/:DEFAULT srctop_dir srctop_file/;
	17	use OpenSSL::Test::Utils qw/disabled alldisabled available_protocols/;
	18
	19	setup("test_ssl_new");
	20
	21	$ENV{TEST_CERTS_DIR} = srctop_dir("test", "certs");
da085d27	22	$ENV{CTLOG_FILE} = srctop_file("test", "ct", "log_list.conf");
453dfd8d	23
97855556	24	my @conf_srcs = glob(srctop_file("test", "ssl-tests", "*.conf.in"));
1563102b	25	map { s/;.*// } @conf_srcs if $^O eq "VMS";
d89f6641 RL	26	my @conf_files = map { basename($_, ".in") } @conf_srcs;
d89f6641 RL	27	map { s/\^// } @conf_files if $^O eq "VMS";
453dfd8d	28
f4947bf1 RL	29	# We hard-code the number of tests to double-check that the globbing above
f4947bf1 RL	30	# finds all files as expected.
088dfa13	31	plan tests => 30; # = scalar @conf_srcs
f4947bf1	32
3e82ae57 MC	33	# Some test results depend on the configuration of enabled protocols. We only
3e82ae57 MC	34	# verify generated sources in the default configuration.
74726750	35	my $is_default_tls = (disabled("ssl3") && !disabled("tls1") &&
84a68336	36	!disabled("tls1_1") && !disabled("tls1_2") &&
f518cef4	37	!disabled("tls1_3"));
453dfd8d	38
74726750 EK	39	my $is_default_dtls = (!disabled("dtls1") && !disabled("dtls1_2"));
74726750 EK	40
54d028aa	41	my @all_pre_tls1_3 = ("ssl3", "tls1", "tls1_1", "tls1_2");
74726750	42	my $no_tls = alldisabled(available_protocols("tls"));
c423ecaa	43	my $no_tls_below1_3 = $no_tls \|\| (disabled("tls1_2") && !disabled("tls1_3"));
54d028aa	44	my $no_pre_tls1_3 = alldisabled(@all_pre_tls1_3);
74726750	45	my $no_dtls = alldisabled(available_protocols("dtls"));
ce2cdac2	46	my $no_npn = disabled("nextprotoneg");
da085d27	47	my $no_ct = disabled("ct");
be82f7b3	48	my $no_ec = disabled("ec");
7c98706e RL	49	my $no_dh = disabled("dh");
7c98706e RL	50	my $no_dsa = disabled("dsa");
0a307450	51	my $no_ec2m = disabled("ec2m");
057c676a	52	my $no_ocsp = disabled("ocsp");
74726750	53
15269e56 EK	54	# Add your test here if the test conf.in generates test cases and/or
15269e56 EK	55	# expectations dynamically based on the OpenSSL compile-time config.
74726750 EK	56	my %conf_dependent_tests = (
74726750 EK	57	"02-protocol-version.conf" => !$is_default_tls,
0f5df0f1 MC	58	"04-client_auth.conf" => !$is_default_tls \|\| !$is_default_dtls
0f5df0f1 MC	59	\|\| !disabled("sctp"),
548d0153	60	"05-sni.conf" => disabled("tls1_1"),
00da4f4d	61	"07-dtls-protocol-version.conf" => !$is_default_dtls \|\| !disabled("sctp"),
590ed3d7	62	"10-resumption.conf" => !$is_default_tls,
cf156009	63	"11-dtls_resumption.conf" => !$is_default_dtls \|\| !disabled("sctp"),
83964ca0	64	"16-dtls-certstatus.conf" => !$is_default_dtls \|\| !disabled("sctp"),
4d118fe0	65	"17-renegotiate.conf" => disabled("tls1_2"),
83964ca0	66	"18-dtls-renegotiate.conf" => disabled("dtls1_2") \|\| !disabled("sctp"),
ac6eb152	67	"19-mac-then-encrypt.conf" => !$is_default_tls,
e4a3d0f9	68	"20-cert-select.conf" => !$is_default_tls \|\| $no_dh \|\| $no_dsa,
439db0c9	69	"22-compression.conf" => !$is_default_tls,
a8ea8018	70	"25-cipher.conf" => disabled("poly1305") \|\| disabled("chacha"),
35a164ea	71	"27-ticket-appdata.conf" => !$is_default_tls,
65d2c16c	72	"28-seclevel.conf" => disabled("tls1_2") \|\| $no_ec,
088dfa13	73	"30-extended-master-secret.conf" => disabled("tls1_2"),
74726750 EK	74	);
74726750 EK	75
15269e56 EK	76	# Add your test here if it should be skipped for some compile-time
	77	# configurations. Default is $no_tls but some tests have different skip
	78	# conditions.
74726750	79	my %skip = (
c423ecaa	80	"06-sni-ticket.conf" => $no_tls_below1_3,
3e82ae57	81	"07-dtls-protocol-version.conf" => $no_dtls,
0f1e51ea MC	82	"08-npn.conf" => (disabled("tls1") && disabled("tls1_1")
0f1e51ea MC	83	&& disabled("tls1_2")) \|\| $no_npn,
80f397e2 MC	84	"10-resumption.conf" => disabled("tls1_1") \|\| disabled("tls1_2"),
80f397e2 MC	85	"11-dtls_resumption.conf" => disabled("dtls1") \|\| disabled("dtls1_2"),
be82f7b3	86	"12-ct.conf" => $no_tls \|\| $no_ct \|\| $no_ec,
6dc99745 EK	87	# We could run some of these tests without TLS 1.2 if we had a per-test
	88	# disable instruction but that's a bizarre configuration not worth
	89	# special-casing for.
cf72c757	90	# TODO(TLS 1.3): We should review this once we have TLS 1.3.
b1b22b0b	91	"13-fragmentation.conf" => disabled("tls1_2"),
767ccc3b	92	"14-curves.conf" => disabled("tls1_2") \|\| $no_ec \|\| $no_ec2m,
f07d639e	93	"15-certstatus.conf" => $no_tls \|\| $no_ocsp,
057c676a	94	"16-dtls-certstatus.conf" => $no_dtls \|\| $no_ocsp,
c423ecaa	95	"17-renegotiate.conf" => $no_tls_below1_3,
f9b1b664	96	"18-dtls-renegotiate.conf" => $no_dtls,
ac6eb152	97	"19-mac-then-encrypt.conf" => $no_pre_tls1_3,
ea24bb0a	98	"20-cert-select.conf" => disabled("tls1_2") \|\| $no_ec,
9b92f161	99	"21-key-update.conf" => disabled("tls1_3"),
439db0c9	100	"22-compression.conf" => disabled("zlib") \|\| $no_tls,
ea1ecd98 EK	101	"23-srp.conf" => (disabled("tls1") && disabled ("tls1_1")
ea1ecd98 EK	102	&& disabled("tls1_2")) \|\| disabled("srp"),
c649d10d	103	"24-padding.conf" => disabled("tls1_3"),
f5fea665	104	"25-cipher.conf" => disabled("ec") \|\| disabled("tls1_2"),
9d75dce3	105	"26-tls13_client_auth.conf" => disabled("tls1_3"),
09d62b33	106	"29-dtls-sctp-label-bug.conf" => disabled("sctp") \|\| disabled("sock"),
74726750	107	);
453dfd8d EK	108
	109	foreach my $conf (@conf_files) {
	110	subtest "Test configuration $conf" => sub {
578a0004	111	test_conf($conf,
74726750	112	$conf_dependent_tests{$conf} \|\| $^O eq "VMS" ? 0 : 1,
f37c159a	113	defined($skip{$conf}) ? $skip{$conf} : $no_tls);
453dfd8d EK	114	}
	115	}
	116
453dfd8d EK	117	sub test_conf {
	118	plan tests => 3;
	119
74726750	120	my ($conf, $check_source, $skip) = @_;
453dfd8d EK	121
	122	my $conf_file = srctop_file("test", "ssl-tests", $conf);
	123	my $tmp_file = "${conf}.$$.tmp";
	124	my $run_test = 1;
	125
	126	SKIP: {
	127	# "Test" 1. Generate the source.
	128	my $input_file = $conf_file . ".in";
	129
	130	skip 'failure', 2 unless
	131	ok(run(perltest(["generate_ssl_tests.pl", $input_file],
cb6afcd6	132	interpreter_args => [ "-I", srctop_dir("util", "perl")],
453dfd8d EK	133	stdout => $tmp_file)),
	134	"Getting output from generate_ssl_tests.pl.");
	135
	136	SKIP: {
	137	# Test 2. Compare against existing output in test/ssl_tests.conf.
	138	skip "Skipping generated source test for $conf", 1
	139	if !$check_source;
	140
	141	$run_test = is(cmp_text($tmp_file, $conf_file), 0,
	142	"Comparing generated sources.");
	143	}
	144
	145	# Test 3. Run the test.
74726750	146	skip "No tests available; skipping tests", 1 if $skip;
453dfd8d EK	147	skip "Stale sources; skipping tests", 1 if !$run_test;
	148
	149	ok(run(test(["ssl_test", $tmp_file])), "running ssl_test $conf");
	150	}
	151
	152	unlink glob $tmp_file;
	153	}
	154
	155	sub cmp_text {
	156	return compare_text(@_, sub {
	157	$_[0] =~ s/\R//g;
	158	$_[1] =~ s/\R//g;
	159	return $_[0] ne $_[1];
	160	});
	161	}