1#!/bin/sh 2 3# ssl-opt.sh 4# 5# This file is part of mbed TLS (https://tls.mbed.org) 6# 7# Copyright (c) 2016, ARM Limited, All Rights Reserved 8# 9# Purpose 10# 11# Executes tests to prove various TLS/SSL options and extensions. 12# 13# The goal is not to cover every ciphersuite/version, but instead to cover 14# specific options (max fragment length, truncated hmac, etc) or procedures 15# (session resumption from cache or ticket, renego, etc). 16# 17# The tests assume a build with default options, with exceptions expressed 18# with a dependency. The tests focus on functionality and do not consider 19# performance. 20# 21 22set -u 23 24# default values, can be overriden by the environment 25: ${P_SRV:=../programs/ssl/ssl_server2} 26: ${P_CLI:=../programs/ssl/ssl_client2} 27: ${P_PXY:=../programs/test/udp_proxy} 28: ${OPENSSL_CMD:=openssl} # OPENSSL would conflict with the build system 29: ${GNUTLS_CLI:=gnutls-cli} 30: ${GNUTLS_SERV:=gnutls-serv} 31 32O_SRV="$OPENSSL_CMD s_server -www -cert data_files/server5.crt -key data_files/server5.key" 33O_CLI="echo 'GET / HTTP/1.0' | $OPENSSL_CMD s_client" 34G_SRV="$GNUTLS_SERV --x509certfile data_files/server5.crt --x509keyfile data_files/server5.key" 35G_CLI="echo 'GET / HTTP/1.0' | $GNUTLS_CLI --x509cafile data_files/test-ca_cat12.crt" 36 37TESTS=0 38FAILS=0 39SKIPS=0 40 41CONFIG_H='../include/mbedtls/config.h' 42 43MEMCHECK=0 44FILTER='.*' 45EXCLUDE='^$' 46 47SHOW_TEST_NUMBER=0 48RUN_TEST_NUMBER='' 49 50PRESERVE_LOGS=0 51 52print_usage() { 53 echo "Usage: $0 [options]" 54 printf " -h|--help\tPrint this help.\n" 55 printf " -m|--memcheck\tCheck memory leaks and errors.\n" 56 printf " -f|--filter\tOnly matching tests are executed (default: '$FILTER')\n" 57 printf " -e|--exclude\tMatching tests are excluded (default: '$EXCLUDE')\n" 58 printf " -n|--number\tExecute only numbered test (comma-separated, e.g. '245,256')\n" 59 printf " -s|--show-numbers\tShow test numbers in front of test names\n" 60 printf " -p|--preserve-logs\tPreserve logs of successful tests as well\n" 61 printf " --seed\tInteger seed value to use for this test run\n" 62} 63 64get_options() { 65 while [ $# -gt 0 ]; do 66 case "$1" in 67 -f|--filter) 68 shift; FILTER=$1 69 ;; 70 -e|--exclude) 71 shift; EXCLUDE=$1 72 ;; 73 -m|--memcheck) 74 MEMCHECK=1 75 ;; 76 -n|--number) 77 shift; RUN_TEST_NUMBER=$1 78 ;; 79 -s|--show-numbers) 80 SHOW_TEST_NUMBER=1 81 ;; 82 -p|--preserve-logs) 83 PRESERVE_LOGS=1 84 ;; 85 --seed) 86 shift; SEED="$1" 87 ;; 88 -h|--help) 89 print_usage 90 exit 0 91 ;; 92 *) 93 echo "Unknown argument: '$1'" 94 print_usage 95 exit 1 96 ;; 97 esac 98 shift 99 done 100} 101 102# skip next test if the flag is not enabled in config.h 103requires_config_enabled() { 104 if grep "^#define $1" $CONFIG_H > /dev/null; then :; else 105 SKIP_NEXT="YES" 106 fi 107} 108 109# skip next test if OpenSSL doesn't support FALLBACK_SCSV 110requires_openssl_with_fallback_scsv() { 111 if [ -z "${OPENSSL_HAS_FBSCSV:-}" ]; then 112 if $OPENSSL_CMD s_client -help 2>&1 | grep fallback_scsv >/dev/null 113 then 114 OPENSSL_HAS_FBSCSV="YES" 115 else 116 OPENSSL_HAS_FBSCSV="NO" 117 fi 118 fi 119 if [ "$OPENSSL_HAS_FBSCSV" = "NO" ]; then 120 SKIP_NEXT="YES" 121 fi 122} 123 124# skip next test if GnuTLS isn't available 125requires_gnutls() { 126 if [ -z "${GNUTLS_AVAILABLE:-}" ]; then 127 if ( which "$GNUTLS_CLI" && which "$GNUTLS_SERV" ) >/dev/null 2>&1; then 128 GNUTLS_AVAILABLE="YES" 129 else 130 GNUTLS_AVAILABLE="NO" 131 fi 132 fi 133 if [ "$GNUTLS_AVAILABLE" = "NO" ]; then 134 SKIP_NEXT="YES" 135 fi 136} 137 138# skip next test if IPv6 isn't available on this host 139requires_ipv6() { 140 if [ -z "${HAS_IPV6:-}" ]; then 141 $P_SRV server_addr='::1' > $SRV_OUT 2>&1 & 142 SRV_PID=$! 143 sleep 1 144 kill $SRV_PID >/dev/null 2>&1 145 if grep "NET - Binding of the socket failed" $SRV_OUT >/dev/null; then 146 HAS_IPV6="NO" 147 else 148 HAS_IPV6="YES" 149 fi 150 rm -r $SRV_OUT 151 fi 152 153 if [ "$HAS_IPV6" = "NO" ]; then 154 SKIP_NEXT="YES" 155 fi 156} 157 158# skip the next test if valgrind is in use 159not_with_valgrind() { 160 if [ "$MEMCHECK" -gt 0 ]; then 161 SKIP_NEXT="YES" 162 fi 163} 164 165# skip the next test if valgrind is NOT in use 166only_with_valgrind() { 167 if [ "$MEMCHECK" -eq 0 ]; then 168 SKIP_NEXT="YES" 169 fi 170} 171 172# multiply the client timeout delay by the given factor for the next test 173client_needs_more_time() { 174 CLI_DELAY_FACTOR=$1 175} 176 177# wait for the given seconds after the client finished in the next test 178server_needs_more_time() { 179 SRV_DELAY_SECONDS=$1 180} 181 182# print_name <name> 183print_name() { 184 TESTS=$(( $TESTS + 1 )) 185 LINE="" 186 187 if [ "$SHOW_TEST_NUMBER" -gt 0 ]; then 188 LINE="$TESTS " 189 fi 190 191 LINE="$LINE$1" 192 printf "$LINE " 193 LEN=$(( 72 - `echo "$LINE" | wc -c` )) 194 for i in `seq 1 $LEN`; do printf '.'; done 195 printf ' ' 196 197} 198 199# fail <message> 200fail() { 201 echo "FAIL" 202 echo " ! $1" 203 204 mv $SRV_OUT o-srv-${TESTS}.log 205 mv $CLI_OUT o-cli-${TESTS}.log 206 if [ -n "$PXY_CMD" ]; then 207 mv $PXY_OUT o-pxy-${TESTS}.log 208 fi 209 echo " ! outputs saved to o-XXX-${TESTS}.log" 210 211 if [ "X${USER:-}" = Xbuildbot -o "X${LOGNAME:-}" = Xbuildbot ]; then 212 echo " ! server output:" 213 cat o-srv-${TESTS}.log 214 echo " ! ========================================================" 215 echo " ! client output:" 216 cat o-cli-${TESTS}.log 217 if [ -n "$PXY_CMD" ]; then 218 echo " ! ========================================================" 219 echo " ! proxy output:" 220 cat o-pxy-${TESTS}.log 221 fi 222 echo "" 223 fi 224 225 FAILS=$(( $FAILS + 1 )) 226} 227 228# is_polar <cmd_line> 229is_polar() { 230 echo "$1" | grep 'ssl_server2\|ssl_client2' > /dev/null 231} 232 233# openssl s_server doesn't have -www with DTLS 234check_osrv_dtls() { 235 if echo "$SRV_CMD" | grep 's_server.*-dtls' >/dev/null; then 236 NEEDS_INPUT=1 237 SRV_CMD="$( echo $SRV_CMD | sed s/-www// )" 238 else 239 NEEDS_INPUT=0 240 fi 241} 242 243# provide input to commands that need it 244provide_input() { 245 if [ $NEEDS_INPUT -eq 0 ]; then 246 return 247 fi 248 249 while true; do 250 echo "HTTP/1.0 200 OK" 251 sleep 1 252 done 253} 254 255# has_mem_err <log_file_name> 256has_mem_err() { 257 if ( grep -F 'All heap blocks were freed -- no leaks are possible' "$1" && 258 grep -F 'ERROR SUMMARY: 0 errors from 0 contexts' "$1" ) > /dev/null 259 then 260 return 1 # false: does not have errors 261 else 262 return 0 # true: has errors 263 fi 264} 265 266# wait for server to start: two versions depending on lsof availability 267wait_server_start() { 268 if which lsof >/dev/null 2>&1; then 269 START_TIME=$( date +%s ) 270 DONE=0 271 272 # make a tight loop, server usually takes less than 1 sec to start 273 if [ "$DTLS" -eq 1 ]; then 274 while [ $DONE -eq 0 ]; do 275 if lsof -nbi UDP:"$SRV_PORT" 2>/dev/null | grep UDP >/dev/null 276 then 277 DONE=1 278 elif [ $(( $( date +%s ) - $START_TIME )) -gt $DOG_DELAY ]; then 279 echo "SERVERSTART TIMEOUT" 280 echo "SERVERSTART TIMEOUT" >> $SRV_OUT 281 DONE=1 282 fi 283 done 284 else 285 while [ $DONE -eq 0 ]; do 286 if lsof -nbi TCP:"$SRV_PORT" 2>/dev/null | grep LISTEN >/dev/null 287 then 288 DONE=1 289 elif [ $(( $( date +%s ) - $START_TIME )) -gt $DOG_DELAY ]; then 290 echo "SERVERSTART TIMEOUT" 291 echo "SERVERSTART TIMEOUT" >> $SRV_OUT 292 DONE=1 293 fi 294 done 295 fi 296 else 297 sleep "$START_DELAY" 298 fi 299} 300 301# wait for client to terminate and set CLI_EXIT 302# must be called right after starting the client 303wait_client_done() { 304 CLI_PID=$! 305 306 CLI_DELAY=$(( $DOG_DELAY * $CLI_DELAY_FACTOR )) 307 CLI_DELAY_FACTOR=1 308 309 ( sleep $CLI_DELAY; echo "===CLIENT_TIMEOUT===" >> $CLI_OUT; kill $CLI_PID ) & 310 DOG_PID=$! 311 312 wait $CLI_PID 313 CLI_EXIT=$? 314 315 kill $DOG_PID >/dev/null 2>&1 316 wait $DOG_PID 317 318 echo "EXIT: $CLI_EXIT" >> $CLI_OUT 319 320 sleep $SRV_DELAY_SECONDS 321 SRV_DELAY_SECONDS=0 322} 323 324# check if the given command uses dtls and sets global variable DTLS 325detect_dtls() { 326 if echo "$1" | grep 'dtls=1\|-dtls1\|-u' >/dev/null; then 327 DTLS=1 328 else 329 DTLS=0 330 fi 331} 332 333# Usage: run_test name [-p proxy_cmd] srv_cmd cli_cmd cli_exit [option [...]] 334# Options: -s pattern pattern that must be present in server output 335# -c pattern pattern that must be present in client output 336# -u pattern lines after pattern must be unique in client output 337# -S pattern pattern that must be absent in server output 338# -C pattern pattern that must be absent in client output 339# -U pattern lines after pattern must be unique in server output 340run_test() { 341 NAME="$1" 342 shift 1 343 344 if echo "$NAME" | grep "$FILTER" | grep -v "$EXCLUDE" >/dev/null; then : 345 else 346 SKIP_NEXT="NO" 347 return 348 fi 349 350 print_name "$NAME" 351 352 # Do we only run numbered tests? 353 if [ "X$RUN_TEST_NUMBER" = "X" ]; then : 354 elif echo ",$RUN_TEST_NUMBER," | grep ",$TESTS," >/dev/null; then : 355 else 356 SKIP_NEXT="YES" 357 fi 358 359 # should we skip? 360 if [ "X$SKIP_NEXT" = "XYES" ]; then 361 SKIP_NEXT="NO" 362 echo "SKIP" 363 SKIPS=$(( $SKIPS + 1 )) 364 return 365 fi 366 367 # does this test use a proxy? 368 if [ "X$1" = "X-p" ]; then 369 PXY_CMD="$2" 370 shift 2 371 else 372 PXY_CMD="" 373 fi 374 375 # get commands and client output 376 SRV_CMD="$1" 377 CLI_CMD="$2" 378 CLI_EXPECT="$3" 379 shift 3 380 381 # fix client port 382 if [ -n "$PXY_CMD" ]; then 383 CLI_CMD=$( echo "$CLI_CMD" | sed s/+SRV_PORT/$PXY_PORT/g ) 384 else 385 CLI_CMD=$( echo "$CLI_CMD" | sed s/+SRV_PORT/$SRV_PORT/g ) 386 fi 387 388 # update DTLS variable 389 detect_dtls "$SRV_CMD" 390 391 # prepend valgrind to our commands if active 392 if [ "$MEMCHECK" -gt 0 ]; then 393 if is_polar "$SRV_CMD"; then 394 SRV_CMD="valgrind --leak-check=full $SRV_CMD" 395 fi 396 if is_polar "$CLI_CMD"; then 397 CLI_CMD="valgrind --leak-check=full $CLI_CMD" 398 fi 399 fi 400 401 TIMES_LEFT=2 402 while [ $TIMES_LEFT -gt 0 ]; do 403 TIMES_LEFT=$(( $TIMES_LEFT - 1 )) 404 405 # run the commands 406 if [ -n "$PXY_CMD" ]; then 407 echo "$PXY_CMD" > $PXY_OUT 408 $PXY_CMD >> $PXY_OUT 2>&1 & 409 PXY_PID=$! 410 # assume proxy starts faster than server 411 fi 412 413 check_osrv_dtls 414 echo "$SRV_CMD" > $SRV_OUT 415 provide_input | $SRV_CMD >> $SRV_OUT 2>&1 & 416 SRV_PID=$! 417 wait_server_start 418 419 echo "$CLI_CMD" > $CLI_OUT 420 eval "$CLI_CMD" >> $CLI_OUT 2>&1 & 421 wait_client_done 422 423 # terminate the server (and the proxy) 424 kill $SRV_PID 425 wait $SRV_PID 426 if [ -n "$PXY_CMD" ]; then 427 kill $PXY_PID >/dev/null 2>&1 428 wait $PXY_PID 429 fi 430 431 # retry only on timeouts 432 if grep '===CLIENT_TIMEOUT===' $CLI_OUT >/dev/null; then 433 printf "RETRY " 434 else 435 TIMES_LEFT=0 436 fi 437 done 438 439 # check if the client and server went at least to the handshake stage 440 # (useful to avoid tests with only negative assertions and non-zero 441 # expected client exit to incorrectly succeed in case of catastrophic 442 # failure) 443 if is_polar "$SRV_CMD"; then 444 if grep "Performing the SSL/TLS handshake" $SRV_OUT >/dev/null; then :; 445 else 446 fail "server or client failed to reach handshake stage" 447 return 448 fi 449 fi 450 if is_polar "$CLI_CMD"; then 451 if grep "Performing the SSL/TLS handshake" $CLI_OUT >/dev/null; then :; 452 else 453 fail "server or client failed to reach handshake stage" 454 return 455 fi 456 fi 457 458 # check server exit code 459 if [ $? != 0 ]; then 460 fail "server fail" 461 return 462 fi 463 464 # check client exit code 465 if [ \( "$CLI_EXPECT" = 0 -a "$CLI_EXIT" != 0 \) -o \ 466 \( "$CLI_EXPECT" != 0 -a "$CLI_EXIT" = 0 \) ] 467 then 468 fail "bad client exit code (expected $CLI_EXPECT, got $CLI_EXIT)" 469 return 470 fi 471 472 # check other assertions 473 # lines beginning with == are added by valgrind, ignore them 474 # lines with 'Serious error when reading debug info', are valgrind issues as well 475 while [ $# -gt 0 ] 476 do 477 case $1 in 478 "-s") 479 if grep -v '^==' $SRV_OUT | grep -v 'Serious error when reading debug info' | grep "$2" >/dev/null; then :; else 480 fail "pattern '$2' MUST be present in the Server output" 481 return 482 fi 483 ;; 484 485 "-c") 486 if grep -v '^==' $CLI_OUT | grep -v 'Serious error when reading debug info' | grep "$2" >/dev/null; then :; else 487 fail "pattern '$2' MUST be present in the Client output" 488 return 489 fi 490 ;; 491 492 "-S") 493 if grep -v '^==' $SRV_OUT | grep -v 'Serious error when reading debug info' | grep "$2" >/dev/null; then 494 fail "pattern '$2' MUST NOT be present in the Server output" 495 return 496 fi 497 ;; 498 499 "-C") 500 if grep -v '^==' $CLI_OUT | grep -v 'Serious error when reading debug info' | grep "$2" >/dev/null; then 501 fail "pattern '$2' MUST NOT be present in the Client output" 502 return 503 fi 504 ;; 505 506 # The filtering in the following two options (-u and -U) do the following 507 # - ignore valgrind output 508 # - filter out everything but lines right after the pattern occurances 509 # - keep one of each non-unique line 510 # - count how many lines remain 511 # A line with '--' will remain in the result from previous outputs, so the number of lines in the result will be 1 512 # if there were no duplicates. 513 "-U") 514 if [ $(grep -v '^==' $SRV_OUT | grep -v 'Serious error when reading debug info' | grep -A1 "$2" | grep -v "$2" | sort | uniq -d | wc -l) -gt 1 ]; then 515 fail "lines following pattern '$2' must be unique in Server output" 516 return 517 fi 518 ;; 519 520 "-u") 521 if [ $(grep -v '^==' $CLI_OUT | grep -v 'Serious error when reading debug info' | grep -A1 "$2" | grep -v "$2" | sort | uniq -d | wc -l) -gt 1 ]; then 522 fail "lines following pattern '$2' must be unique in Client output" 523 return 524 fi 525 ;; 526 527 *) 528 echo "Unknown test: $1" >&2 529 exit 1 530 esac 531 shift 2 532 done 533 534 # check valgrind's results 535 if [ "$MEMCHECK" -gt 0 ]; then 536 if is_polar "$SRV_CMD" && has_mem_err $SRV_OUT; then 537 fail "Server has memory errors" 538 return 539 fi 540 if is_polar "$CLI_CMD" && has_mem_err $CLI_OUT; then 541 fail "Client has memory errors" 542 return 543 fi 544 fi 545 546 # if we're here, everything is ok 547 echo "PASS" 548 if [ "$PRESERVE_LOGS" -gt 0 ]; then 549 mv $SRV_OUT o-srv-${TESTS}.log 550 mv $CLI_OUT o-cli-${TESTS}.log 551 fi 552 553 rm -f $SRV_OUT $CLI_OUT $PXY_OUT 554} 555 556cleanup() { 557 rm -f $CLI_OUT $SRV_OUT $PXY_OUT $SESSION 558 test -n "${SRV_PID:-}" && kill $SRV_PID >/dev/null 2>&1 559 test -n "${PXY_PID:-}" && kill $PXY_PID >/dev/null 2>&1 560 test -n "${CLI_PID:-}" && kill $CLI_PID >/dev/null 2>&1 561 test -n "${DOG_PID:-}" && kill $DOG_PID >/dev/null 2>&1 562 exit 1 563} 564 565# 566# MAIN 567# 568 569if cd $( dirname $0 ); then :; else 570 echo "cd $( dirname $0 ) failed" >&2 571 exit 1 572fi 573 574get_options "$@" 575 576# sanity checks, avoid an avalanche of errors 577if [ ! -x "$P_SRV" ]; then 578 echo "Command '$P_SRV' is not an executable file" 579 exit 1 580fi 581if [ ! -x "$P_CLI" ]; then 582 echo "Command '$P_CLI' is not an executable file" 583 exit 1 584fi 585if [ ! -x "$P_PXY" ]; then 586 echo "Command '$P_PXY' is not an executable file" 587 exit 1 588fi 589if [ "$MEMCHECK" -gt 0 ]; then 590 if which valgrind >/dev/null 2>&1; then :; else 591 echo "Memcheck not possible. Valgrind not found" 592 exit 1 593 fi 594fi 595if which $OPENSSL_CMD >/dev/null 2>&1; then :; else 596 echo "Command '$OPENSSL_CMD' not found" 597 exit 1 598fi 599 600# used by watchdog 601MAIN_PID="$$" 602 603# be more patient with valgrind 604if [ "$MEMCHECK" -gt 0 ]; then 605 START_DELAY=3 606 DOG_DELAY=30 607else 608 START_DELAY=1 609 DOG_DELAY=10 610fi 611CLI_DELAY_FACTOR=1 612SRV_DELAY_SECONDS=0 613 614# Pick a "unique" server port in the range 10000-19999, and a proxy port 615PORT_BASE="0000$$" 616PORT_BASE="$( printf $PORT_BASE | tail -c 4 )" 617SRV_PORT="1$PORT_BASE" 618PXY_PORT="2$PORT_BASE" 619unset PORT_BASE 620 621# fix commands to use this port, force IPv4 while at it 622# +SRV_PORT will be replaced by either $SRV_PORT or $PXY_PORT later 623P_SRV="$P_SRV server_addr=127.0.0.1 server_port=$SRV_PORT" 624P_CLI="$P_CLI server_addr=127.0.0.1 server_port=+SRV_PORT" 625P_PXY="$P_PXY server_addr=127.0.0.1 server_port=$SRV_PORT listen_addr=127.0.0.1 listen_port=$PXY_PORT ${SEED:+"seed=$SEED"}" 626O_SRV="$O_SRV -accept $SRV_PORT -dhparam data_files/dhparams.pem" 627O_CLI="$O_CLI -connect localhost:+SRV_PORT" 628G_SRV="$G_SRV -p $SRV_PORT" 629G_CLI="$G_CLI -p +SRV_PORT localhost" 630 631# Also pick a unique name for intermediate files 632SRV_OUT="srv_out.$$" 633CLI_OUT="cli_out.$$" 634PXY_OUT="pxy_out.$$" 635SESSION="session.$$" 636 637SKIP_NEXT="NO" 638 639trap cleanup INT TERM HUP 640 641# Basic test 642 643# Checks that: 644# - things work with all ciphersuites active (used with config-full in all.sh) 645# - the expected (highest security) parameters are selected 646# ("signature_algorithm ext: 6" means SHA-512 (highest common hash)) 647run_test "Default" \ 648 "$P_SRV debug_level=3" \ 649 "$P_CLI" \ 650 0 \ 651 -s "Protocol is TLSv1.2" \ 652 -s "Ciphersuite is TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384" \ 653 -s "client hello v3, signature_algorithm ext: 6" \ 654 -s "ECDHE curve: secp521r1" \ 655 -S "error" \ 656 -C "error" 657 658run_test "Default, DTLS" \ 659 "$P_SRV dtls=1" \ 660 "$P_CLI dtls=1" \ 661 0 \ 662 -s "Protocol is DTLSv1.2" \ 663 -s "Ciphersuite is TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384" 664 665# Test for uniqueness of IVs in AEAD ciphersuites 666run_test "Unique IV in GCM" \ 667 "$P_SRV exchanges=20 debug_level=4" \ 668 "$P_CLI exchanges=20 debug_level=4 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384" \ 669 0 \ 670 -u "IV used" \ 671 -U "IV used" 672 673# Tests for rc4 option 674 675requires_config_enabled MBEDTLS_REMOVE_ARC4_CIPHERSUITES 676run_test "RC4: server disabled, client enabled" \ 677 "$P_SRV" \ 678 "$P_CLI force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ 679 1 \ 680 -s "SSL - The server has no ciphersuites in common" 681 682requires_config_enabled MBEDTLS_REMOVE_ARC4_CIPHERSUITES 683run_test "RC4: server half, client enabled" \ 684 "$P_SRV arc4=1" \ 685 "$P_CLI force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ 686 1 \ 687 -s "SSL - The server has no ciphersuites in common" 688 689run_test "RC4: server enabled, client disabled" \ 690 "$P_SRV force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ 691 "$P_CLI" \ 692 1 \ 693 -s "SSL - The server has no ciphersuites in common" 694 695run_test "RC4: both enabled" \ 696 "$P_SRV force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ 697 "$P_CLI force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ 698 0 \ 699 -S "SSL - None of the common ciphersuites is usable" \ 700 -S "SSL - The server has no ciphersuites in common" 701 702# Tests for Truncated HMAC extension 703 704run_test "Truncated HMAC: client default, server default" \ 705 "$P_SRV debug_level=4" \ 706 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ 707 0 \ 708 -s "dumping 'computed mac' (20 bytes)" \ 709 -S "dumping 'computed mac' (10 bytes)" 710 711run_test "Truncated HMAC: client disabled, server default" \ 712 "$P_SRV debug_level=4" \ 713 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \ 714 trunc_hmac=0" \ 715 0 \ 716 -s "dumping 'computed mac' (20 bytes)" \ 717 -S "dumping 'computed mac' (10 bytes)" 718 719run_test "Truncated HMAC: client enabled, server default" \ 720 "$P_SRV debug_level=4" \ 721 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \ 722 trunc_hmac=1" \ 723 0 \ 724 -s "dumping 'computed mac' (20 bytes)" \ 725 -S "dumping 'computed mac' (10 bytes)" 726 727run_test "Truncated HMAC: client enabled, server disabled" \ 728 "$P_SRV debug_level=4 trunc_hmac=0" \ 729 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \ 730 trunc_hmac=1" \ 731 0 \ 732 -s "dumping 'computed mac' (20 bytes)" \ 733 -S "dumping 'computed mac' (10 bytes)" 734 735run_test "Truncated HMAC: client enabled, server enabled" \ 736 "$P_SRV debug_level=4 trunc_hmac=1" \ 737 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \ 738 trunc_hmac=1" \ 739 0 \ 740 -S "dumping 'computed mac' (20 bytes)" \ 741 -s "dumping 'computed mac' (10 bytes)" 742 743# Tests for Encrypt-then-MAC extension 744 745run_test "Encrypt then MAC: default" \ 746 "$P_SRV debug_level=3 \ 747 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ 748 "$P_CLI debug_level=3" \ 749 0 \ 750 -c "client hello, adding encrypt_then_mac extension" \ 751 -s "found encrypt then mac extension" \ 752 -s "server hello, adding encrypt then mac extension" \ 753 -c "found encrypt_then_mac extension" \ 754 -c "using encrypt then mac" \ 755 -s "using encrypt then mac" 756 757run_test "Encrypt then MAC: client enabled, server disabled" \ 758 "$P_SRV debug_level=3 etm=0 \ 759 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ 760 "$P_CLI debug_level=3 etm=1" \ 761 0 \ 762 -c "client hello, adding encrypt_then_mac extension" \ 763 -s "found encrypt then mac extension" \ 764 -S "server hello, adding encrypt then mac extension" \ 765 -C "found encrypt_then_mac extension" \ 766 -C "using encrypt then mac" \ 767 -S "using encrypt then mac" 768 769run_test "Encrypt then MAC: client enabled, aead cipher" \ 770 "$P_SRV debug_level=3 etm=1 \ 771 force_ciphersuite=TLS-RSA-WITH-AES-128-GCM-SHA256" \ 772 "$P_CLI debug_level=3 etm=1" \ 773 0 \ 774 -c "client hello, adding encrypt_then_mac extension" \ 775 -s "found encrypt then mac extension" \ 776 -S "server hello, adding encrypt then mac extension" \ 777 -C "found encrypt_then_mac extension" \ 778 -C "using encrypt then mac" \ 779 -S "using encrypt then mac" 780 781run_test "Encrypt then MAC: client enabled, stream cipher" \ 782 "$P_SRV debug_level=3 etm=1 \ 783 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ 784 "$P_CLI debug_level=3 etm=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ 785 0 \ 786 -c "client hello, adding encrypt_then_mac extension" \ 787 -s "found encrypt then mac extension" \ 788 -S "server hello, adding encrypt then mac extension" \ 789 -C "found encrypt_then_mac extension" \ 790 -C "using encrypt then mac" \ 791 -S "using encrypt then mac" 792 793run_test "Encrypt then MAC: client disabled, server enabled" \ 794 "$P_SRV debug_level=3 etm=1 \ 795 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ 796 "$P_CLI debug_level=3 etm=0" \ 797 0 \ 798 -C "client hello, adding encrypt_then_mac extension" \ 799 -S "found encrypt then mac extension" \ 800 -S "server hello, adding encrypt then mac extension" \ 801 -C "found encrypt_then_mac extension" \ 802 -C "using encrypt then mac" \ 803 -S "using encrypt then mac" 804 805requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 806run_test "Encrypt then MAC: client SSLv3, server enabled" \ 807 "$P_SRV debug_level=3 min_version=ssl3 \ 808 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ 809 "$P_CLI debug_level=3 force_version=ssl3" \ 810 0 \ 811 -C "client hello, adding encrypt_then_mac extension" \ 812 -S "found encrypt then mac extension" \ 813 -S "server hello, adding encrypt then mac extension" \ 814 -C "found encrypt_then_mac extension" \ 815 -C "using encrypt then mac" \ 816 -S "using encrypt then mac" 817 818requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 819run_test "Encrypt then MAC: client enabled, server SSLv3" \ 820 "$P_SRV debug_level=3 force_version=ssl3 \ 821 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ 822 "$P_CLI debug_level=3 min_version=ssl3" \ 823 0 \ 824 -c "client hello, adding encrypt_then_mac extension" \ 825 -S "found encrypt then mac extension" \ 826 -S "server hello, adding encrypt then mac extension" \ 827 -C "found encrypt_then_mac extension" \ 828 -C "using encrypt then mac" \ 829 -S "using encrypt then mac" 830 831# Tests for Extended Master Secret extension 832 833run_test "Extended Master Secret: default" \ 834 "$P_SRV debug_level=3" \ 835 "$P_CLI debug_level=3" \ 836 0 \ 837 -c "client hello, adding extended_master_secret extension" \ 838 -s "found extended master secret extension" \ 839 -s "server hello, adding extended master secret extension" \ 840 -c "found extended_master_secret extension" \ 841 -c "using extended master secret" \ 842 -s "using extended master secret" 843 844run_test "Extended Master Secret: client enabled, server disabled" \ 845 "$P_SRV debug_level=3 extended_ms=0" \ 846 "$P_CLI debug_level=3 extended_ms=1" \ 847 0 \ 848 -c "client hello, adding extended_master_secret extension" \ 849 -s "found extended master secret extension" \ 850 -S "server hello, adding extended master secret extension" \ 851 -C "found extended_master_secret extension" \ 852 -C "using extended master secret" \ 853 -S "using extended master secret" 854 855run_test "Extended Master Secret: client disabled, server enabled" \ 856 "$P_SRV debug_level=3 extended_ms=1" \ 857 "$P_CLI debug_level=3 extended_ms=0" \ 858 0 \ 859 -C "client hello, adding extended_master_secret extension" \ 860 -S "found extended master secret extension" \ 861 -S "server hello, adding extended master secret extension" \ 862 -C "found extended_master_secret extension" \ 863 -C "using extended master secret" \ 864 -S "using extended master secret" 865 866requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 867run_test "Extended Master Secret: client SSLv3, server enabled" \ 868 "$P_SRV debug_level=3 min_version=ssl3" \ 869 "$P_CLI debug_level=3 force_version=ssl3" \ 870 0 \ 871 -C "client hello, adding extended_master_secret extension" \ 872 -S "found extended master secret extension" \ 873 -S "server hello, adding extended master secret extension" \ 874 -C "found extended_master_secret extension" \ 875 -C "using extended master secret" \ 876 -S "using extended master secret" 877 878requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 879run_test "Extended Master Secret: client enabled, server SSLv3" \ 880 "$P_SRV debug_level=3 force_version=ssl3" \ 881 "$P_CLI debug_level=3 min_version=ssl3" \ 882 0 \ 883 -c "client hello, adding extended_master_secret extension" \ 884 -S "found extended master secret extension" \ 885 -S "server hello, adding extended master secret extension" \ 886 -C "found extended_master_secret extension" \ 887 -C "using extended master secret" \ 888 -S "using extended master secret" 889 890# Tests for FALLBACK_SCSV 891 892run_test "Fallback SCSV: default" \ 893 "$P_SRV debug_level=2" \ 894 "$P_CLI debug_level=3 force_version=tls1_1" \ 895 0 \ 896 -C "adding FALLBACK_SCSV" \ 897 -S "received FALLBACK_SCSV" \ 898 -S "inapropriate fallback" \ 899 -C "is a fatal alert message (msg 86)" 900 901run_test "Fallback SCSV: explicitly disabled" \ 902 "$P_SRV debug_level=2" \ 903 "$P_CLI debug_level=3 force_version=tls1_1 fallback=0" \ 904 0 \ 905 -C "adding FALLBACK_SCSV" \ 906 -S "received FALLBACK_SCSV" \ 907 -S "inapropriate fallback" \ 908 -C "is a fatal alert message (msg 86)" 909 910run_test "Fallback SCSV: enabled" \ 911 "$P_SRV debug_level=2" \ 912 "$P_CLI debug_level=3 force_version=tls1_1 fallback=1" \ 913 1 \ 914 -c "adding FALLBACK_SCSV" \ 915 -s "received FALLBACK_SCSV" \ 916 -s "inapropriate fallback" \ 917 -c "is a fatal alert message (msg 86)" 918 919run_test "Fallback SCSV: enabled, max version" \ 920 "$P_SRV debug_level=2" \ 921 "$P_CLI debug_level=3 fallback=1" \ 922 0 \ 923 -c "adding FALLBACK_SCSV" \ 924 -s "received FALLBACK_SCSV" \ 925 -S "inapropriate fallback" \ 926 -C "is a fatal alert message (msg 86)" 927 928requires_openssl_with_fallback_scsv 929run_test "Fallback SCSV: default, openssl server" \ 930 "$O_SRV" \ 931 "$P_CLI debug_level=3 force_version=tls1_1 fallback=0" \ 932 0 \ 933 -C "adding FALLBACK_SCSV" \ 934 -C "is a fatal alert message (msg 86)" 935 936requires_openssl_with_fallback_scsv 937run_test "Fallback SCSV: enabled, openssl server" \ 938 "$O_SRV" \ 939 "$P_CLI debug_level=3 force_version=tls1_1 fallback=1" \ 940 1 \ 941 -c "adding FALLBACK_SCSV" \ 942 -c "is a fatal alert message (msg 86)" 943 944requires_openssl_with_fallback_scsv 945run_test "Fallback SCSV: disabled, openssl client" \ 946 "$P_SRV debug_level=2" \ 947 "$O_CLI -tls1_1" \ 948 0 \ 949 -S "received FALLBACK_SCSV" \ 950 -S "inapropriate fallback" 951 952requires_openssl_with_fallback_scsv 953run_test "Fallback SCSV: enabled, openssl client" \ 954 "$P_SRV debug_level=2" \ 955 "$O_CLI -tls1_1 -fallback_scsv" \ 956 1 \ 957 -s "received FALLBACK_SCSV" \ 958 -s "inapropriate fallback" 959 960requires_openssl_with_fallback_scsv 961run_test "Fallback SCSV: enabled, max version, openssl client" \ 962 "$P_SRV debug_level=2" \ 963 "$O_CLI -fallback_scsv" \ 964 0 \ 965 -s "received FALLBACK_SCSV" \ 966 -S "inapropriate fallback" 967 968# Tests for CBC 1/n-1 record splitting 969 970run_test "CBC Record splitting: TLS 1.2, no splitting" \ 971 "$P_SRV" \ 972 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \ 973 request_size=123 force_version=tls1_2" \ 974 0 \ 975 -s "Read from client: 123 bytes read" \ 976 -S "Read from client: 1 bytes read" \ 977 -S "122 bytes read" 978 979run_test "CBC Record splitting: TLS 1.1, no splitting" \ 980 "$P_SRV" \ 981 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \ 982 request_size=123 force_version=tls1_1" \ 983 0 \ 984 -s "Read from client: 123 bytes read" \ 985 -S "Read from client: 1 bytes read" \ 986 -S "122 bytes read" 987 988run_test "CBC Record splitting: TLS 1.0, splitting" \ 989 "$P_SRV" \ 990 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \ 991 request_size=123 force_version=tls1" \ 992 0 \ 993 -S "Read from client: 123 bytes read" \ 994 -s "Read from client: 1 bytes read" \ 995 -s "122 bytes read" 996 997requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 998run_test "CBC Record splitting: SSLv3, splitting" \ 999 "$P_SRV min_version=ssl3" \ 1000 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \ 1001 request_size=123 force_version=ssl3" \ 1002 0 \ 1003 -S "Read from client: 123 bytes read" \ 1004 -s "Read from client: 1 bytes read" \ 1005 -s "122 bytes read" 1006 1007run_test "CBC Record splitting: TLS 1.0 RC4, no splitting" \ 1008 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ 1009 "$P_CLI force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \ 1010 request_size=123 force_version=tls1" \ 1011 0 \ 1012 -s "Read from client: 123 bytes read" \ 1013 -S "Read from client: 1 bytes read" \ 1014 -S "122 bytes read" 1015 1016run_test "CBC Record splitting: TLS 1.0, splitting disabled" \ 1017 "$P_SRV" \ 1018 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \ 1019 request_size=123 force_version=tls1 recsplit=0" \ 1020 0 \ 1021 -s "Read from client: 123 bytes read" \ 1022 -S "Read from client: 1 bytes read" \ 1023 -S "122 bytes read" 1024 1025run_test "CBC Record splitting: TLS 1.0, splitting, nbio" \ 1026 "$P_SRV nbio=2" \ 1027 "$P_CLI nbio=2 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \ 1028 request_size=123 force_version=tls1" \ 1029 0 \ 1030 -S "Read from client: 123 bytes read" \ 1031 -s "Read from client: 1 bytes read" \ 1032 -s "122 bytes read" 1033 1034# Tests for Session Tickets 1035 1036run_test "Session resume using tickets: basic" \ 1037 "$P_SRV debug_level=3 tickets=1" \ 1038 "$P_CLI debug_level=3 tickets=1 reconnect=1" \ 1039 0 \ 1040 -c "client hello, adding session ticket extension" \ 1041 -s "found session ticket extension" \ 1042 -s "server hello, adding session ticket extension" \ 1043 -c "found session_ticket extension" \ 1044 -c "parse new session ticket" \ 1045 -S "session successfully restored from cache" \ 1046 -s "session successfully restored from ticket" \ 1047 -s "a session has been resumed" \ 1048 -c "a session has been resumed" 1049 1050run_test "Session resume using tickets: cache disabled" \ 1051 "$P_SRV debug_level=3 tickets=1 cache_max=0" \ 1052 "$P_CLI debug_level=3 tickets=1 reconnect=1" \ 1053 0 \ 1054 -c "client hello, adding session ticket extension" \ 1055 -s "found session ticket extension" \ 1056 -s "server hello, adding session ticket extension" \ 1057 -c "found session_ticket extension" \ 1058 -c "parse new session ticket" \ 1059 -S "session successfully restored from cache" \ 1060 -s "session successfully restored from ticket" \ 1061 -s "a session has been resumed" \ 1062 -c "a session has been resumed" 1063 1064run_test "Session resume using tickets: timeout" \ 1065 "$P_SRV debug_level=3 tickets=1 cache_max=0 ticket_timeout=1" \ 1066 "$P_CLI debug_level=3 tickets=1 reconnect=1 reco_delay=2" \ 1067 0 \ 1068 -c "client hello, adding session ticket extension" \ 1069 -s "found session ticket extension" \ 1070 -s "server hello, adding session ticket extension" \ 1071 -c "found session_ticket extension" \ 1072 -c "parse new session ticket" \ 1073 -S "session successfully restored from cache" \ 1074 -S "session successfully restored from ticket" \ 1075 -S "a session has been resumed" \ 1076 -C "a session has been resumed" 1077 1078run_test "Session resume using tickets: openssl server" \ 1079 "$O_SRV" \ 1080 "$P_CLI debug_level=3 tickets=1 reconnect=1" \ 1081 0 \ 1082 -c "client hello, adding session ticket extension" \ 1083 -c "found session_ticket extension" \ 1084 -c "parse new session ticket" \ 1085 -c "a session has been resumed" 1086 1087run_test "Session resume using tickets: openssl client" \ 1088 "$P_SRV debug_level=3 tickets=1" \ 1089 "( $O_CLI -sess_out $SESSION; \ 1090 $O_CLI -sess_in $SESSION; \ 1091 rm -f $SESSION )" \ 1092 0 \ 1093 -s "found session ticket extension" \ 1094 -s "server hello, adding session ticket extension" \ 1095 -S "session successfully restored from cache" \ 1096 -s "session successfully restored from ticket" \ 1097 -s "a session has been resumed" 1098 1099# Tests for Session Resume based on session-ID and cache 1100 1101run_test "Session resume using cache: tickets enabled on client" \ 1102 "$P_SRV debug_level=3 tickets=0" \ 1103 "$P_CLI debug_level=3 tickets=1 reconnect=1" \ 1104 0 \ 1105 -c "client hello, adding session ticket extension" \ 1106 -s "found session ticket extension" \ 1107 -S "server hello, adding session ticket extension" \ 1108 -C "found session_ticket extension" \ 1109 -C "parse new session ticket" \ 1110 -s "session successfully restored from cache" \ 1111 -S "session successfully restored from ticket" \ 1112 -s "a session has been resumed" \ 1113 -c "a session has been resumed" 1114 1115run_test "Session resume using cache: tickets enabled on server" \ 1116 "$P_SRV debug_level=3 tickets=1" \ 1117 "$P_CLI debug_level=3 tickets=0 reconnect=1" \ 1118 0 \ 1119 -C "client hello, adding session ticket extension" \ 1120 -S "found session ticket extension" \ 1121 -S "server hello, adding session ticket extension" \ 1122 -C "found session_ticket extension" \ 1123 -C "parse new session ticket" \ 1124 -s "session successfully restored from cache" \ 1125 -S "session successfully restored from ticket" \ 1126 -s "a session has been resumed" \ 1127 -c "a session has been resumed" 1128 1129run_test "Session resume using cache: cache_max=0" \ 1130 "$P_SRV debug_level=3 tickets=0 cache_max=0" \ 1131 "$P_CLI debug_level=3 tickets=0 reconnect=1" \ 1132 0 \ 1133 -S "session successfully restored from cache" \ 1134 -S "session successfully restored from ticket" \ 1135 -S "a session has been resumed" \ 1136 -C "a session has been resumed" 1137 1138run_test "Session resume using cache: cache_max=1" \ 1139 "$P_SRV debug_level=3 tickets=0 cache_max=1" \ 1140 "$P_CLI debug_level=3 tickets=0 reconnect=1" \ 1141 0 \ 1142 -s "session successfully restored from cache" \ 1143 -S "session successfully restored from ticket" \ 1144 -s "a session has been resumed" \ 1145 -c "a session has been resumed" 1146 1147run_test "Session resume using cache: timeout > delay" \ 1148 "$P_SRV debug_level=3 tickets=0" \ 1149 "$P_CLI debug_level=3 tickets=0 reconnect=1 reco_delay=0" \ 1150 0 \ 1151 -s "session successfully restored from cache" \ 1152 -S "session successfully restored from ticket" \ 1153 -s "a session has been resumed" \ 1154 -c "a session has been resumed" 1155 1156run_test "Session resume using cache: timeout < delay" \ 1157 "$P_SRV debug_level=3 tickets=0 cache_timeout=1" \ 1158 "$P_CLI debug_level=3 tickets=0 reconnect=1 reco_delay=2" \ 1159 0 \ 1160 -S "session successfully restored from cache" \ 1161 -S "session successfully restored from ticket" \ 1162 -S "a session has been resumed" \ 1163 -C "a session has been resumed" 1164 1165run_test "Session resume using cache: no timeout" \ 1166 "$P_SRV debug_level=3 tickets=0 cache_timeout=0" \ 1167 "$P_CLI debug_level=3 tickets=0 reconnect=1 reco_delay=2" \ 1168 0 \ 1169 -s "session successfully restored from cache" \ 1170 -S "session successfully restored from ticket" \ 1171 -s "a session has been resumed" \ 1172 -c "a session has been resumed" 1173 1174run_test "Session resume using cache: openssl client" \ 1175 "$P_SRV debug_level=3 tickets=0" \ 1176 "( $O_CLI -sess_out $SESSION; \ 1177 $O_CLI -sess_in $SESSION; \ 1178 rm -f $SESSION )" \ 1179 0 \ 1180 -s "found session ticket extension" \ 1181 -S "server hello, adding session ticket extension" \ 1182 -s "session successfully restored from cache" \ 1183 -S "session successfully restored from ticket" \ 1184 -s "a session has been resumed" 1185 1186run_test "Session resume using cache: openssl server" \ 1187 "$O_SRV" \ 1188 "$P_CLI debug_level=3 tickets=0 reconnect=1" \ 1189 0 \ 1190 -C "found session_ticket extension" \ 1191 -C "parse new session ticket" \ 1192 -c "a session has been resumed" 1193 1194# Tests for Max Fragment Length extension 1195 1196run_test "Max fragment length: not used, reference" \ 1197 "$P_SRV debug_level=3" \ 1198 "$P_CLI debug_level=3" \ 1199 0 \ 1200 -c "Maximum fragment length is 16384" \ 1201 -s "Maximum fragment length is 16384" \ 1202 -C "client hello, adding max_fragment_length extension" \ 1203 -S "found max fragment length extension" \ 1204 -S "server hello, max_fragment_length extension" \ 1205 -C "found max_fragment_length extension" 1206 1207run_test "Max fragment length: used by client" \ 1208 "$P_SRV debug_level=3" \ 1209 "$P_CLI debug_level=3 max_frag_len=4096" \ 1210 0 \ 1211 -c "Maximum fragment length is 4096" \ 1212 -s "Maximum fragment length is 4096" \ 1213 -c "client hello, adding max_fragment_length extension" \ 1214 -s "found max fragment length extension" \ 1215 -s "server hello, max_fragment_length extension" \ 1216 -c "found max_fragment_length extension" 1217 1218run_test "Max fragment length: used by server" \ 1219 "$P_SRV debug_level=3 max_frag_len=4096" \ 1220 "$P_CLI debug_level=3" \ 1221 0 \ 1222 -c "Maximum fragment length is 16384" \ 1223 -s "Maximum fragment length is 4096" \ 1224 -C "client hello, adding max_fragment_length extension" \ 1225 -S "found max fragment length extension" \ 1226 -S "server hello, max_fragment_length extension" \ 1227 -C "found max_fragment_length extension" 1228 1229requires_gnutls 1230run_test "Max fragment length: gnutls server" \ 1231 "$G_SRV" \ 1232 "$P_CLI debug_level=3 max_frag_len=4096" \ 1233 0 \ 1234 -c "Maximum fragment length is 4096" \ 1235 -c "client hello, adding max_fragment_length extension" \ 1236 -c "found max_fragment_length extension" 1237 1238run_test "Max fragment length: client, message just fits" \ 1239 "$P_SRV debug_level=3" \ 1240 "$P_CLI debug_level=3 max_frag_len=2048 request_size=2048" \ 1241 0 \ 1242 -c "Maximum fragment length is 2048" \ 1243 -s "Maximum fragment length is 2048" \ 1244 -c "client hello, adding max_fragment_length extension" \ 1245 -s "found max fragment length extension" \ 1246 -s "server hello, max_fragment_length extension" \ 1247 -c "found max_fragment_length extension" \ 1248 -c "2048 bytes written in 1 fragments" \ 1249 -s "2048 bytes read" 1250 1251run_test "Max fragment length: client, larger message" \ 1252 "$P_SRV debug_level=3" \ 1253 "$P_CLI debug_level=3 max_frag_len=2048 request_size=2345" \ 1254 0 \ 1255 -c "Maximum fragment length is 2048" \ 1256 -s "Maximum fragment length is 2048" \ 1257 -c "client hello, adding max_fragment_length extension" \ 1258 -s "found max fragment length extension" \ 1259 -s "server hello, max_fragment_length extension" \ 1260 -c "found max_fragment_length extension" \ 1261 -c "2345 bytes written in 2 fragments" \ 1262 -s "2048 bytes read" \ 1263 -s "297 bytes read" 1264 1265run_test "Max fragment length: DTLS client, larger message" \ 1266 "$P_SRV debug_level=3 dtls=1" \ 1267 "$P_CLI debug_level=3 dtls=1 max_frag_len=2048 request_size=2345" \ 1268 1 \ 1269 -c "Maximum fragment length is 2048" \ 1270 -s "Maximum fragment length is 2048" \ 1271 -c "client hello, adding max_fragment_length extension" \ 1272 -s "found max fragment length extension" \ 1273 -s "server hello, max_fragment_length extension" \ 1274 -c "found max_fragment_length extension" \ 1275 -c "fragment larger than.*maximum" 1276 1277# Tests for renegotiation 1278 1279run_test "Renegotiation: none, for reference" \ 1280 "$P_SRV debug_level=3 exchanges=2 auth_mode=optional" \ 1281 "$P_CLI debug_level=3 exchanges=2" \ 1282 0 \ 1283 -C "client hello, adding renegotiation extension" \ 1284 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ 1285 -S "found renegotiation extension" \ 1286 -s "server hello, secure renegotiation extension" \ 1287 -c "found renegotiation extension" \ 1288 -C "=> renegotiate" \ 1289 -S "=> renegotiate" \ 1290 -S "write hello request" 1291 1292run_test "Renegotiation: client-initiated" \ 1293 "$P_SRV debug_level=3 exchanges=2 renegotiation=1 auth_mode=optional" \ 1294 "$P_CLI debug_level=3 exchanges=2 renegotiation=1 renegotiate=1" \ 1295 0 \ 1296 -c "client hello, adding renegotiation extension" \ 1297 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ 1298 -s "found renegotiation extension" \ 1299 -s "server hello, secure renegotiation extension" \ 1300 -c "found renegotiation extension" \ 1301 -c "=> renegotiate" \ 1302 -s "=> renegotiate" \ 1303 -S "write hello request" 1304 1305run_test "Renegotiation: server-initiated" \ 1306 "$P_SRV debug_level=3 exchanges=2 renegotiation=1 auth_mode=optional renegotiate=1" \ 1307 "$P_CLI debug_level=3 exchanges=2 renegotiation=1" \ 1308 0 \ 1309 -c "client hello, adding renegotiation extension" \ 1310 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ 1311 -s "found renegotiation extension" \ 1312 -s "server hello, secure renegotiation extension" \ 1313 -c "found renegotiation extension" \ 1314 -c "=> renegotiate" \ 1315 -s "=> renegotiate" \ 1316 -s "write hello request" 1317 1318run_test "Renegotiation: double" \ 1319 "$P_SRV debug_level=3 exchanges=2 renegotiation=1 auth_mode=optional renegotiate=1" \ 1320 "$P_CLI debug_level=3 exchanges=2 renegotiation=1 renegotiate=1" \ 1321 0 \ 1322 -c "client hello, adding renegotiation extension" \ 1323 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ 1324 -s "found renegotiation extension" \ 1325 -s "server hello, secure renegotiation extension" \ 1326 -c "found renegotiation extension" \ 1327 -c "=> renegotiate" \ 1328 -s "=> renegotiate" \ 1329 -s "write hello request" 1330 1331run_test "Renegotiation: client-initiated, server-rejected" \ 1332 "$P_SRV debug_level=3 exchanges=2 renegotiation=0 auth_mode=optional" \ 1333 "$P_CLI debug_level=3 exchanges=2 renegotiation=1 renegotiate=1" \ 1334 1 \ 1335 -c "client hello, adding renegotiation extension" \ 1336 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ 1337 -S "found renegotiation extension" \ 1338 -s "server hello, secure renegotiation extension" \ 1339 -c "found renegotiation extension" \ 1340 -c "=> renegotiate" \ 1341 -S "=> renegotiate" \ 1342 -S "write hello request" \ 1343 -c "SSL - Unexpected message at ServerHello in renegotiation" \ 1344 -c "failed" 1345 1346run_test "Renegotiation: server-initiated, client-rejected, default" \ 1347 "$P_SRV debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 auth_mode=optional" \ 1348 "$P_CLI debug_level=3 exchanges=2 renegotiation=0" \ 1349 0 \ 1350 -C "client hello, adding renegotiation extension" \ 1351 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ 1352 -S "found renegotiation extension" \ 1353 -s "server hello, secure renegotiation extension" \ 1354 -c "found renegotiation extension" \ 1355 -C "=> renegotiate" \ 1356 -S "=> renegotiate" \ 1357 -s "write hello request" \ 1358 -S "SSL - An unexpected message was received from our peer" \ 1359 -S "failed" 1360 1361run_test "Renegotiation: server-initiated, client-rejected, not enforced" \ 1362 "$P_SRV debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 \ 1363 renego_delay=-1 auth_mode=optional" \ 1364 "$P_CLI debug_level=3 exchanges=2 renegotiation=0" \ 1365 0 \ 1366 -C "client hello, adding renegotiation extension" \ 1367 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ 1368 -S "found renegotiation extension" \ 1369 -s "server hello, secure renegotiation extension" \ 1370 -c "found renegotiation extension" \ 1371 -C "=> renegotiate" \ 1372 -S "=> renegotiate" \ 1373 -s "write hello request" \ 1374 -S "SSL - An unexpected message was received from our peer" \ 1375 -S "failed" 1376 1377# delay 2 for 1 alert record + 1 application data record 1378run_test "Renegotiation: server-initiated, client-rejected, delay 2" \ 1379 "$P_SRV debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 \ 1380 renego_delay=2 auth_mode=optional" \ 1381 "$P_CLI debug_level=3 exchanges=2 renegotiation=0" \ 1382 0 \ 1383 -C "client hello, adding renegotiation extension" \ 1384 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ 1385 -S "found renegotiation extension" \ 1386 -s "server hello, secure renegotiation extension" \ 1387 -c "found renegotiation extension" \ 1388 -C "=> renegotiate" \ 1389 -S "=> renegotiate" \ 1390 -s "write hello request" \ 1391 -S "SSL - An unexpected message was received from our peer" \ 1392 -S "failed" 1393 1394run_test "Renegotiation: server-initiated, client-rejected, delay 0" \ 1395 "$P_SRV debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 \ 1396 renego_delay=0 auth_mode=optional" \ 1397 "$P_CLI debug_level=3 exchanges=2 renegotiation=0" \ 1398 0 \ 1399 -C "client hello, adding renegotiation extension" \ 1400 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ 1401 -S "found renegotiation extension" \ 1402 -s "server hello, secure renegotiation extension" \ 1403 -c "found renegotiation extension" \ 1404 -C "=> renegotiate" \ 1405 -S "=> renegotiate" \ 1406 -s "write hello request" \ 1407 -s "SSL - An unexpected message was received from our peer" 1408 1409run_test "Renegotiation: server-initiated, client-accepted, delay 0" \ 1410 "$P_SRV debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 \ 1411 renego_delay=0 auth_mode=optional" \ 1412 "$P_CLI debug_level=3 exchanges=2 renegotiation=1" \ 1413 0 \ 1414 -c "client hello, adding renegotiation extension" \ 1415 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ 1416 -s "found renegotiation extension" \ 1417 -s "server hello, secure renegotiation extension" \ 1418 -c "found renegotiation extension" \ 1419 -c "=> renegotiate" \ 1420 -s "=> renegotiate" \ 1421 -s "write hello request" \ 1422 -S "SSL - An unexpected message was received from our peer" \ 1423 -S "failed" 1424 1425run_test "Renegotiation: periodic, just below period" \ 1426 "$P_SRV debug_level=3 exchanges=9 renegotiation=1 renego_period=3 auth_mode=optional" \ 1427 "$P_CLI debug_level=3 exchanges=2 renegotiation=1" \ 1428 0 \ 1429 -C "client hello, adding renegotiation extension" \ 1430 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ 1431 -S "found renegotiation extension" \ 1432 -s "server hello, secure renegotiation extension" \ 1433 -c "found renegotiation extension" \ 1434 -S "record counter limit reached: renegotiate" \ 1435 -C "=> renegotiate" \ 1436 -S "=> renegotiate" \ 1437 -S "write hello request" \ 1438 -S "SSL - An unexpected message was received from our peer" \ 1439 -S "failed" 1440 1441# one extra exchange to be able to complete renego 1442run_test "Renegotiation: periodic, just above period" \ 1443 "$P_SRV debug_level=3 exchanges=9 renegotiation=1 renego_period=3 auth_mode=optional" \ 1444 "$P_CLI debug_level=3 exchanges=4 renegotiation=1" \ 1445 0 \ 1446 -c "client hello, adding renegotiation extension" \ 1447 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ 1448 -s "found renegotiation extension" \ 1449 -s "server hello, secure renegotiation extension" \ 1450 -c "found renegotiation extension" \ 1451 -s "record counter limit reached: renegotiate" \ 1452 -c "=> renegotiate" \ 1453 -s "=> renegotiate" \ 1454 -s "write hello request" \ 1455 -S "SSL - An unexpected message was received from our peer" \ 1456 -S "failed" 1457 1458run_test "Renegotiation: periodic, two times period" \ 1459 "$P_SRV debug_level=3 exchanges=9 renegotiation=1 renego_period=3 auth_mode=optional" \ 1460 "$P_CLI debug_level=3 exchanges=7 renegotiation=1" \ 1461 0 \ 1462 -c "client hello, adding renegotiation extension" \ 1463 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ 1464 -s "found renegotiation extension" \ 1465 -s "server hello, secure renegotiation extension" \ 1466 -c "found renegotiation extension" \ 1467 -s "record counter limit reached: renegotiate" \ 1468 -c "=> renegotiate" \ 1469 -s "=> renegotiate" \ 1470 -s "write hello request" \ 1471 -S "SSL - An unexpected message was received from our peer" \ 1472 -S "failed" 1473 1474run_test "Renegotiation: periodic, above period, disabled" \ 1475 "$P_SRV debug_level=3 exchanges=9 renegotiation=0 renego_period=3 auth_mode=optional" \ 1476 "$P_CLI debug_level=3 exchanges=4 renegotiation=1" \ 1477 0 \ 1478 -C "client hello, adding renegotiation extension" \ 1479 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ 1480 -S "found renegotiation extension" \ 1481 -s "server hello, secure renegotiation extension" \ 1482 -c "found renegotiation extension" \ 1483 -S "record counter limit reached: renegotiate" \ 1484 -C "=> renegotiate" \ 1485 -S "=> renegotiate" \ 1486 -S "write hello request" \ 1487 -S "SSL - An unexpected message was received from our peer" \ 1488 -S "failed" 1489 1490run_test "Renegotiation: nbio, client-initiated" \ 1491 "$P_SRV debug_level=3 nbio=2 exchanges=2 renegotiation=1 auth_mode=optional" \ 1492 "$P_CLI debug_level=3 nbio=2 exchanges=2 renegotiation=1 renegotiate=1" \ 1493 0 \ 1494 -c "client hello, adding renegotiation extension" \ 1495 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ 1496 -s "found renegotiation extension" \ 1497 -s "server hello, secure renegotiation extension" \ 1498 -c "found renegotiation extension" \ 1499 -c "=> renegotiate" \ 1500 -s "=> renegotiate" \ 1501 -S "write hello request" 1502 1503run_test "Renegotiation: nbio, server-initiated" \ 1504 "$P_SRV debug_level=3 nbio=2 exchanges=2 renegotiation=1 renegotiate=1 auth_mode=optional" \ 1505 "$P_CLI debug_level=3 nbio=2 exchanges=2 renegotiation=1" \ 1506 0 \ 1507 -c "client hello, adding renegotiation extension" \ 1508 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ 1509 -s "found renegotiation extension" \ 1510 -s "server hello, secure renegotiation extension" \ 1511 -c "found renegotiation extension" \ 1512 -c "=> renegotiate" \ 1513 -s "=> renegotiate" \ 1514 -s "write hello request" 1515 1516run_test "Renegotiation: openssl server, client-initiated" \ 1517 "$O_SRV -www" \ 1518 "$P_CLI debug_level=3 exchanges=1 renegotiation=1 renegotiate=1" \ 1519 0 \ 1520 -c "client hello, adding renegotiation extension" \ 1521 -c "found renegotiation extension" \ 1522 -c "=> renegotiate" \ 1523 -C "ssl_hanshake() returned" \ 1524 -C "error" \ 1525 -c "HTTP/1.0 200 [Oo][Kk]" 1526 1527requires_gnutls 1528run_test "Renegotiation: gnutls server strict, client-initiated" \ 1529 "$G_SRV --priority=NORMAL:%SAFE_RENEGOTIATION" \ 1530 "$P_CLI debug_level=3 exchanges=1 renegotiation=1 renegotiate=1" \ 1531 0 \ 1532 -c "client hello, adding renegotiation extension" \ 1533 -c "found renegotiation extension" \ 1534 -c "=> renegotiate" \ 1535 -C "ssl_hanshake() returned" \ 1536 -C "error" \ 1537 -c "HTTP/1.0 200 [Oo][Kk]" 1538 1539requires_gnutls 1540run_test "Renegotiation: gnutls server unsafe, client-initiated default" \ 1541 "$G_SRV --priority=NORMAL:%DISABLE_SAFE_RENEGOTIATION" \ 1542 "$P_CLI debug_level=3 exchanges=1 renegotiation=1 renegotiate=1" \ 1543 1 \ 1544 -c "client hello, adding renegotiation extension" \ 1545 -C "found renegotiation extension" \ 1546 -c "=> renegotiate" \ 1547 -c "mbedtls_ssl_handshake() returned" \ 1548 -c "error" \ 1549 -C "HTTP/1.0 200 [Oo][Kk]" 1550 1551requires_gnutls 1552run_test "Renegotiation: gnutls server unsafe, client-inititated no legacy" \ 1553 "$G_SRV --priority=NORMAL:%DISABLE_SAFE_RENEGOTIATION" \ 1554 "$P_CLI debug_level=3 exchanges=1 renegotiation=1 renegotiate=1 \ 1555 allow_legacy=0" \ 1556 1 \ 1557 -c "client hello, adding renegotiation extension" \ 1558 -C "found renegotiation extension" \ 1559 -c "=> renegotiate" \ 1560 -c "mbedtls_ssl_handshake() returned" \ 1561 -c "error" \ 1562 -C "HTTP/1.0 200 [Oo][Kk]" 1563 1564requires_gnutls 1565run_test "Renegotiation: gnutls server unsafe, client-inititated legacy" \ 1566 "$G_SRV --priority=NORMAL:%DISABLE_SAFE_RENEGOTIATION" \ 1567 "$P_CLI debug_level=3 exchanges=1 renegotiation=1 renegotiate=1 \ 1568 allow_legacy=1" \ 1569 0 \ 1570 -c "client hello, adding renegotiation extension" \ 1571 -C "found renegotiation extension" \ 1572 -c "=> renegotiate" \ 1573 -C "ssl_hanshake() returned" \ 1574 -C "error" \ 1575 -c "HTTP/1.0 200 [Oo][Kk]" 1576 1577run_test "Renegotiation: DTLS, client-initiated" \ 1578 "$P_SRV debug_level=3 dtls=1 exchanges=2 renegotiation=1" \ 1579 "$P_CLI debug_level=3 dtls=1 exchanges=2 renegotiation=1 renegotiate=1" \ 1580 0 \ 1581 -c "client hello, adding renegotiation extension" \ 1582 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ 1583 -s "found renegotiation extension" \ 1584 -s "server hello, secure renegotiation extension" \ 1585 -c "found renegotiation extension" \ 1586 -c "=> renegotiate" \ 1587 -s "=> renegotiate" \ 1588 -S "write hello request" 1589 1590run_test "Renegotiation: DTLS, server-initiated" \ 1591 "$P_SRV debug_level=3 dtls=1 exchanges=2 renegotiation=1 renegotiate=1" \ 1592 "$P_CLI debug_level=3 dtls=1 exchanges=2 renegotiation=1 \ 1593 read_timeout=1000 max_resend=2" \ 1594 0 \ 1595 -c "client hello, adding renegotiation extension" \ 1596 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ 1597 -s "found renegotiation extension" \ 1598 -s "server hello, secure renegotiation extension" \ 1599 -c "found renegotiation extension" \ 1600 -c "=> renegotiate" \ 1601 -s "=> renegotiate" \ 1602 -s "write hello request" 1603 1604requires_gnutls 1605run_test "Renegotiation: DTLS, gnutls server, client-initiated" \ 1606 "$G_SRV -u --mtu 4096" \ 1607 "$P_CLI debug_level=3 dtls=1 exchanges=1 renegotiation=1 renegotiate=1" \ 1608 0 \ 1609 -c "client hello, adding renegotiation extension" \ 1610 -c "found renegotiation extension" \ 1611 -c "=> renegotiate" \ 1612 -C "mbedtls_ssl_handshake returned" \ 1613 -C "error" \ 1614 -s "Extra-header:" 1615 1616# Test for the "secure renegotation" extension only (no actual renegotiation) 1617 1618requires_gnutls 1619run_test "Renego ext: gnutls server strict, client default" \ 1620 "$G_SRV --priority=NORMAL:%SAFE_RENEGOTIATION" \ 1621 "$P_CLI debug_level=3" \ 1622 0 \ 1623 -c "found renegotiation extension" \ 1624 -C "error" \ 1625 -c "HTTP/1.0 200 [Oo][Kk]" 1626 1627requires_gnutls 1628run_test "Renego ext: gnutls server unsafe, client default" \ 1629 "$G_SRV --priority=NORMAL:%DISABLE_SAFE_RENEGOTIATION" \ 1630 "$P_CLI debug_level=3" \ 1631 0 \ 1632 -C "found renegotiation extension" \ 1633 -C "error" \ 1634 -c "HTTP/1.0 200 [Oo][Kk]" 1635 1636requires_gnutls 1637run_test "Renego ext: gnutls server unsafe, client break legacy" \ 1638 "$G_SRV --priority=NORMAL:%DISABLE_SAFE_RENEGOTIATION" \ 1639 "$P_CLI debug_level=3 allow_legacy=-1" \ 1640 1 \ 1641 -C "found renegotiation extension" \ 1642 -c "error" \ 1643 -C "HTTP/1.0 200 [Oo][Kk]" 1644 1645requires_gnutls 1646run_test "Renego ext: gnutls client strict, server default" \ 1647 "$P_SRV debug_level=3" \ 1648 "$G_CLI --priority=NORMAL:%SAFE_RENEGOTIATION" \ 1649 0 \ 1650 -s "received TLS_EMPTY_RENEGOTIATION_INFO\|found renegotiation extension" \ 1651 -s "server hello, secure renegotiation extension" 1652 1653requires_gnutls 1654run_test "Renego ext: gnutls client unsafe, server default" \ 1655 "$P_SRV debug_level=3" \ 1656 "$G_CLI --priority=NORMAL:%DISABLE_SAFE_RENEGOTIATION" \ 1657 0 \ 1658 -S "received TLS_EMPTY_RENEGOTIATION_INFO\|found renegotiation extension" \ 1659 -S "server hello, secure renegotiation extension" 1660 1661requires_gnutls 1662run_test "Renego ext: gnutls client unsafe, server break legacy" \ 1663 "$P_SRV debug_level=3 allow_legacy=-1" \ 1664 "$G_CLI --priority=NORMAL:%DISABLE_SAFE_RENEGOTIATION" \ 1665 1 \ 1666 -S "received TLS_EMPTY_RENEGOTIATION_INFO\|found renegotiation extension" \ 1667 -S "server hello, secure renegotiation extension" 1668 1669# Tests for silently dropping trailing extra bytes in .der certificates 1670 1671requires_gnutls 1672run_test "DER format: no trailing bytes" \ 1673 "$P_SRV crt_file=data_files/server5-der0.crt \ 1674 key_file=data_files/server5.key" \ 1675 "$G_CLI " \ 1676 0 \ 1677 -c "Handshake was completed" \ 1678 1679requires_gnutls 1680run_test "DER format: with a trailing zero byte" \ 1681 "$P_SRV crt_file=data_files/server5-der1a.crt \ 1682 key_file=data_files/server5.key" \ 1683 "$G_CLI " \ 1684 0 \ 1685 -c "Handshake was completed" \ 1686 1687requires_gnutls 1688run_test "DER format: with a trailing random byte" \ 1689 "$P_SRV crt_file=data_files/server5-der1b.crt \ 1690 key_file=data_files/server5.key" \ 1691 "$G_CLI " \ 1692 0 \ 1693 -c "Handshake was completed" \ 1694 1695requires_gnutls 1696run_test "DER format: with 2 trailing random bytes" \ 1697 "$P_SRV crt_file=data_files/server5-der2.crt \ 1698 key_file=data_files/server5.key" \ 1699 "$G_CLI " \ 1700 0 \ 1701 -c "Handshake was completed" \ 1702 1703requires_gnutls 1704run_test "DER format: with 4 trailing random bytes" \ 1705 "$P_SRV crt_file=data_files/server5-der4.crt \ 1706 key_file=data_files/server5.key" \ 1707 "$G_CLI " \ 1708 0 \ 1709 -c "Handshake was completed" \ 1710 1711requires_gnutls 1712run_test "DER format: with 8 trailing random bytes" \ 1713 "$P_SRV crt_file=data_files/server5-der8.crt \ 1714 key_file=data_files/server5.key" \ 1715 "$G_CLI " \ 1716 0 \ 1717 -c "Handshake was completed" \ 1718 1719requires_gnutls 1720run_test "DER format: with 9 trailing random bytes" \ 1721 "$P_SRV crt_file=data_files/server5-der9.crt \ 1722 key_file=data_files/server5.key" \ 1723 "$G_CLI " \ 1724 0 \ 1725 -c "Handshake was completed" \ 1726 1727# Tests for auth_mode 1728 1729run_test "Authentication: server badcert, client required" \ 1730 "$P_SRV crt_file=data_files/server5-badsign.crt \ 1731 key_file=data_files/server5.key" \ 1732 "$P_CLI debug_level=1 auth_mode=required" \ 1733 1 \ 1734 -c "x509_verify_cert() returned" \ 1735 -c "! The certificate is not correctly signed by the trusted CA" \ 1736 -c "! mbedtls_ssl_handshake returned" \ 1737 -c "X509 - Certificate verification failed" 1738 1739run_test "Authentication: server badcert, client optional" \ 1740 "$P_SRV crt_file=data_files/server5-badsign.crt \ 1741 key_file=data_files/server5.key" \ 1742 "$P_CLI debug_level=1 auth_mode=optional" \ 1743 0 \ 1744 -c "x509_verify_cert() returned" \ 1745 -c "! The certificate is not correctly signed by the trusted CA" \ 1746 -C "! mbedtls_ssl_handshake returned" \ 1747 -C "X509 - Certificate verification failed" 1748 1749run_test "Authentication: server badcert, client none" \ 1750 "$P_SRV crt_file=data_files/server5-badsign.crt \ 1751 key_file=data_files/server5.key" \ 1752 "$P_CLI debug_level=1 auth_mode=none" \ 1753 0 \ 1754 -C "x509_verify_cert() returned" \ 1755 -C "! The certificate is not correctly signed by the trusted CA" \ 1756 -C "! mbedtls_ssl_handshake returned" \ 1757 -C "X509 - Certificate verification failed" 1758 1759run_test "Authentication: client SHA256, server required" \ 1760 "$P_SRV auth_mode=required" \ 1761 "$P_CLI debug_level=3 crt_file=data_files/server6.crt \ 1762 key_file=data_files/server6.key \ 1763 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384" \ 1764 0 \ 1765 -c "Supported Signature Algorithm found: 4," \ 1766 -c "Supported Signature Algorithm found: 5," 1767 1768run_test "Authentication: client SHA384, server required" \ 1769 "$P_SRV auth_mode=required" \ 1770 "$P_CLI debug_level=3 crt_file=data_files/server6.crt \ 1771 key_file=data_files/server6.key \ 1772 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256" \ 1773 0 \ 1774 -c "Supported Signature Algorithm found: 4," \ 1775 -c "Supported Signature Algorithm found: 5," 1776 1777run_test "Authentication: client badcert, server required" \ 1778 "$P_SRV debug_level=3 auth_mode=required" \ 1779 "$P_CLI debug_level=3 crt_file=data_files/server5-badsign.crt \ 1780 key_file=data_files/server5.key" \ 1781 1 \ 1782 -S "skip write certificate request" \ 1783 -C "skip parse certificate request" \ 1784 -c "got a certificate request" \ 1785 -C "skip write certificate" \ 1786 -C "skip write certificate verify" \ 1787 -S "skip parse certificate verify" \ 1788 -s "x509_verify_cert() returned" \ 1789 -s "! The certificate is not correctly signed by the trusted CA" \ 1790 -s "! mbedtls_ssl_handshake returned" \ 1791 -c "! mbedtls_ssl_handshake returned" \ 1792 -s "X509 - Certificate verification failed" 1793 1794run_test "Authentication: client badcert, server optional" \ 1795 "$P_SRV debug_level=3 auth_mode=optional" \ 1796 "$P_CLI debug_level=3 crt_file=data_files/server5-badsign.crt \ 1797 key_file=data_files/server5.key" \ 1798 0 \ 1799 -S "skip write certificate request" \ 1800 -C "skip parse certificate request" \ 1801 -c "got a certificate request" \ 1802 -C "skip write certificate" \ 1803 -C "skip write certificate verify" \ 1804 -S "skip parse certificate verify" \ 1805 -s "x509_verify_cert() returned" \ 1806 -s "! The certificate is not correctly signed by the trusted CA" \ 1807 -S "! mbedtls_ssl_handshake returned" \ 1808 -C "! mbedtls_ssl_handshake returned" \ 1809 -S "X509 - Certificate verification failed" 1810 1811run_test "Authentication: client badcert, server none" \ 1812 "$P_SRV debug_level=3 auth_mode=none" \ 1813 "$P_CLI debug_level=3 crt_file=data_files/server5-badsign.crt \ 1814 key_file=data_files/server5.key" \ 1815 0 \ 1816 -s "skip write certificate request" \ 1817 -C "skip parse certificate request" \ 1818 -c "got no certificate request" \ 1819 -c "skip write certificate" \ 1820 -c "skip write certificate verify" \ 1821 -s "skip parse certificate verify" \ 1822 -S "x509_verify_cert() returned" \ 1823 -S "! The certificate is not correctly signed by the trusted CA" \ 1824 -S "! mbedtls_ssl_handshake returned" \ 1825 -C "! mbedtls_ssl_handshake returned" \ 1826 -S "X509 - Certificate verification failed" 1827 1828run_test "Authentication: client no cert, server optional" \ 1829 "$P_SRV debug_level=3 auth_mode=optional" \ 1830 "$P_CLI debug_level=3 crt_file=none key_file=none" \ 1831 0 \ 1832 -S "skip write certificate request" \ 1833 -C "skip parse certificate request" \ 1834 -c "got a certificate request" \ 1835 -C "skip write certificate$" \ 1836 -C "got no certificate to send" \ 1837 -S "SSLv3 client has no certificate" \ 1838 -c "skip write certificate verify" \ 1839 -s "skip parse certificate verify" \ 1840 -s "! Certificate was missing" \ 1841 -S "! mbedtls_ssl_handshake returned" \ 1842 -C "! mbedtls_ssl_handshake returned" \ 1843 -S "X509 - Certificate verification failed" 1844 1845run_test "Authentication: openssl client no cert, server optional" \ 1846 "$P_SRV debug_level=3 auth_mode=optional" \ 1847 "$O_CLI" \ 1848 0 \ 1849 -S "skip write certificate request" \ 1850 -s "skip parse certificate verify" \ 1851 -s "! Certificate was missing" \ 1852 -S "! mbedtls_ssl_handshake returned" \ 1853 -S "X509 - Certificate verification failed" 1854 1855run_test "Authentication: client no cert, openssl server optional" \ 1856 "$O_SRV -verify 10" \ 1857 "$P_CLI debug_level=3 crt_file=none key_file=none" \ 1858 0 \ 1859 -C "skip parse certificate request" \ 1860 -c "got a certificate request" \ 1861 -C "skip write certificate$" \ 1862 -c "skip write certificate verify" \ 1863 -C "! mbedtls_ssl_handshake returned" 1864 1865requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 1866run_test "Authentication: client no cert, ssl3" \ 1867 "$P_SRV debug_level=3 auth_mode=optional force_version=ssl3" \ 1868 "$P_CLI debug_level=3 crt_file=none key_file=none min_version=ssl3" \ 1869 0 \ 1870 -S "skip write certificate request" \ 1871 -C "skip parse certificate request" \ 1872 -c "got a certificate request" \ 1873 -C "skip write certificate$" \ 1874 -c "skip write certificate verify" \ 1875 -c "got no certificate to send" \ 1876 -s "SSLv3 client has no certificate" \ 1877 -s "skip parse certificate verify" \ 1878 -s "! Certificate was missing" \ 1879 -S "! mbedtls_ssl_handshake returned" \ 1880 -C "! mbedtls_ssl_handshake returned" \ 1881 -S "X509 - Certificate verification failed" 1882 1883# Tests for certificate selection based on SHA verson 1884 1885run_test "Certificate hash: client TLS 1.2 -> SHA-2" \ 1886 "$P_SRV crt_file=data_files/server5.crt \ 1887 key_file=data_files/server5.key \ 1888 crt_file2=data_files/server5-sha1.crt \ 1889 key_file2=data_files/server5.key" \ 1890 "$P_CLI force_version=tls1_2" \ 1891 0 \ 1892 -c "signed using.*ECDSA with SHA256" \ 1893 -C "signed using.*ECDSA with SHA1" 1894 1895run_test "Certificate hash: client TLS 1.1 -> SHA-1" \ 1896 "$P_SRV crt_file=data_files/server5.crt \ 1897 key_file=data_files/server5.key \ 1898 crt_file2=data_files/server5-sha1.crt \ 1899 key_file2=data_files/server5.key" \ 1900 "$P_CLI force_version=tls1_1" \ 1901 0 \ 1902 -C "signed using.*ECDSA with SHA256" \ 1903 -c "signed using.*ECDSA with SHA1" 1904 1905run_test "Certificate hash: client TLS 1.0 -> SHA-1" \ 1906 "$P_SRV crt_file=data_files/server5.crt \ 1907 key_file=data_files/server5.key \ 1908 crt_file2=data_files/server5-sha1.crt \ 1909 key_file2=data_files/server5.key" \ 1910 "$P_CLI force_version=tls1" \ 1911 0 \ 1912 -C "signed using.*ECDSA with SHA256" \ 1913 -c "signed using.*ECDSA with SHA1" 1914 1915run_test "Certificate hash: client TLS 1.1, no SHA-1 -> SHA-2 (order 1)" \ 1916 "$P_SRV crt_file=data_files/server5.crt \ 1917 key_file=data_files/server5.key \ 1918 crt_file2=data_files/server6.crt \ 1919 key_file2=data_files/server6.key" \ 1920 "$P_CLI force_version=tls1_1" \ 1921 0 \ 1922 -c "serial number.*09" \ 1923 -c "signed using.*ECDSA with SHA256" \ 1924 -C "signed using.*ECDSA with SHA1" 1925 1926run_test "Certificate hash: client TLS 1.1, no SHA-1 -> SHA-2 (order 2)" \ 1927 "$P_SRV crt_file=data_files/server6.crt \ 1928 key_file=data_files/server6.key \ 1929 crt_file2=data_files/server5.crt \ 1930 key_file2=data_files/server5.key" \ 1931 "$P_CLI force_version=tls1_1" \ 1932 0 \ 1933 -c "serial number.*0A" \ 1934 -c "signed using.*ECDSA with SHA256" \ 1935 -C "signed using.*ECDSA with SHA1" 1936 1937# tests for SNI 1938 1939run_test "SNI: no SNI callback" \ 1940 "$P_SRV debug_level=3 \ 1941 crt_file=data_files/server5.crt key_file=data_files/server5.key" \ 1942 "$P_CLI server_name=localhost" \ 1943 0 \ 1944 -S "parse ServerName extension" \ 1945 -c "issuer name *: C=NL, O=PolarSSL, CN=Polarssl Test EC CA" \ 1946 -c "subject name *: C=NL, O=PolarSSL, CN=localhost" 1947 1948run_test "SNI: matching cert 1" \ 1949 "$P_SRV debug_level=3 \ 1950 crt_file=data_files/server5.crt key_file=data_files/server5.key \ 1951 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key,-,-,-" \ 1952 "$P_CLI server_name=localhost" \ 1953 0 \ 1954 -s "parse ServerName extension" \ 1955 -c "issuer name *: C=NL, O=PolarSSL, CN=PolarSSL Test CA" \ 1956 -c "subject name *: C=NL, O=PolarSSL, CN=localhost" 1957 1958run_test "SNI: matching cert 2" \ 1959 "$P_SRV debug_level=3 \ 1960 crt_file=data_files/server5.crt key_file=data_files/server5.key \ 1961 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key,-,-,-" \ 1962 "$P_CLI server_name=polarssl.example" \ 1963 0 \ 1964 -s "parse ServerName extension" \ 1965 -c "issuer name *: C=NL, O=PolarSSL, CN=PolarSSL Test CA" \ 1966 -c "subject name *: C=NL, O=PolarSSL, CN=polarssl.example" 1967 1968run_test "SNI: no matching cert" \ 1969 "$P_SRV debug_level=3 \ 1970 crt_file=data_files/server5.crt key_file=data_files/server5.key \ 1971 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key,-,-,-" \ 1972 "$P_CLI server_name=nonesuch.example" \ 1973 1 \ 1974 -s "parse ServerName extension" \ 1975 -s "ssl_sni_wrapper() returned" \ 1976 -s "mbedtls_ssl_handshake returned" \ 1977 -c "mbedtls_ssl_handshake returned" \ 1978 -c "SSL - A fatal alert message was received from our peer" 1979 1980run_test "SNI: client auth no override: optional" \ 1981 "$P_SRV debug_level=3 auth_mode=optional \ 1982 crt_file=data_files/server5.crt key_file=data_files/server5.key \ 1983 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-" \ 1984 "$P_CLI debug_level=3 server_name=localhost" \ 1985 0 \ 1986 -S "skip write certificate request" \ 1987 -C "skip parse certificate request" \ 1988 -c "got a certificate request" \ 1989 -C "skip write certificate" \ 1990 -C "skip write certificate verify" \ 1991 -S "skip parse certificate verify" 1992 1993run_test "SNI: client auth override: none -> optional" \ 1994 "$P_SRV debug_level=3 auth_mode=none \ 1995 crt_file=data_files/server5.crt key_file=data_files/server5.key \ 1996 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,optional" \ 1997 "$P_CLI debug_level=3 server_name=localhost" \ 1998 0 \ 1999 -S "skip write certificate request" \ 2000 -C "skip parse certificate request" \ 2001 -c "got a certificate request" \ 2002 -C "skip write certificate" \ 2003 -C "skip write certificate verify" \ 2004 -S "skip parse certificate verify" 2005 2006run_test "SNI: client auth override: optional -> none" \ 2007 "$P_SRV debug_level=3 auth_mode=optional \ 2008 crt_file=data_files/server5.crt key_file=data_files/server5.key \ 2009 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,none" \ 2010 "$P_CLI debug_level=3 server_name=localhost" \ 2011 0 \ 2012 -s "skip write certificate request" \ 2013 -C "skip parse certificate request" \ 2014 -c "got no certificate request" \ 2015 -c "skip write certificate" \ 2016 -c "skip write certificate verify" \ 2017 -s "skip parse certificate verify" 2018 2019run_test "SNI: CA no override" \ 2020 "$P_SRV debug_level=3 auth_mode=optional \ 2021 crt_file=data_files/server5.crt key_file=data_files/server5.key \ 2022 ca_file=data_files/test-ca.crt \ 2023 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,required" \ 2024 "$P_CLI debug_level=3 server_name=localhost \ 2025 crt_file=data_files/server6.crt key_file=data_files/server6.key" \ 2026 1 \ 2027 -S "skip write certificate request" \ 2028 -C "skip parse certificate request" \ 2029 -c "got a certificate request" \ 2030 -C "skip write certificate" \ 2031 -C "skip write certificate verify" \ 2032 -S "skip parse certificate verify" \ 2033 -s "x509_verify_cert() returned" \ 2034 -s "! The certificate is not correctly signed by the trusted CA" \ 2035 -S "The certificate has been revoked (is on a CRL)" 2036 2037run_test "SNI: CA override" \ 2038 "$P_SRV debug_level=3 auth_mode=optional \ 2039 crt_file=data_files/server5.crt key_file=data_files/server5.key \ 2040 ca_file=data_files/test-ca.crt \ 2041 sni=localhost,data_files/server2.crt,data_files/server2.key,data_files/test-ca2.crt,-,required" \ 2042 "$P_CLI debug_level=3 server_name=localhost \ 2043 crt_file=data_files/server6.crt key_file=data_files/server6.key" \ 2044 0 \ 2045 -S "skip write certificate request" \ 2046 -C "skip parse certificate request" \ 2047 -c "got a certificate request" \ 2048 -C "skip write certificate" \ 2049 -C "skip write certificate verify" \ 2050 -S "skip parse certificate verify" \ 2051 -S "x509_verify_cert() returned" \ 2052 -S "! The certificate is not correctly signed by the trusted CA" \ 2053 -S "The certificate has been revoked (is on a CRL)" 2054 2055run_test "SNI: CA override with CRL" \ 2056 "$P_SRV debug_level=3 auth_mode=optional \ 2057 crt_file=data_files/server5.crt key_file=data_files/server5.key \ 2058 ca_file=data_files/test-ca.crt \ 2059 sni=localhost,data_files/server2.crt,data_files/server2.key,data_files/test-ca2.crt,data_files/crl-ec-sha256.pem,required" \ 2060 "$P_CLI debug_level=3 server_name=localhost \ 2061 crt_file=data_files/server6.crt key_file=data_files/server6.key" \ 2062 1 \ 2063 -S "skip write certificate request" \ 2064 -C "skip parse certificate request" \ 2065 -c "got a certificate request" \ 2066 -C "skip write certificate" \ 2067 -C "skip write certificate verify" \ 2068 -S "skip parse certificate verify" \ 2069 -s "x509_verify_cert() returned" \ 2070 -S "! The certificate is not correctly signed by the trusted CA" \ 2071 -s "The certificate has been revoked (is on a CRL)" 2072 2073# Tests for non-blocking I/O: exercise a variety of handshake flows 2074 2075run_test "Non-blocking I/O: basic handshake" \ 2076 "$P_SRV nbio=2 tickets=0 auth_mode=none" \ 2077 "$P_CLI nbio=2 tickets=0" \ 2078 0 \ 2079 -S "mbedtls_ssl_handshake returned" \ 2080 -C "mbedtls_ssl_handshake returned" \ 2081 -c "Read from server: .* bytes read" 2082 2083run_test "Non-blocking I/O: client auth" \ 2084 "$P_SRV nbio=2 tickets=0 auth_mode=required" \ 2085 "$P_CLI nbio=2 tickets=0" \ 2086 0 \ 2087 -S "mbedtls_ssl_handshake returned" \ 2088 -C "mbedtls_ssl_handshake returned" \ 2089 -c "Read from server: .* bytes read" 2090 2091run_test "Non-blocking I/O: ticket" \ 2092 "$P_SRV nbio=2 tickets=1 auth_mode=none" \ 2093 "$P_CLI nbio=2 tickets=1" \ 2094 0 \ 2095 -S "mbedtls_ssl_handshake returned" \ 2096 -C "mbedtls_ssl_handshake returned" \ 2097 -c "Read from server: .* bytes read" 2098 2099run_test "Non-blocking I/O: ticket + client auth" \ 2100 "$P_SRV nbio=2 tickets=1 auth_mode=required" \ 2101 "$P_CLI nbio=2 tickets=1" \ 2102 0 \ 2103 -S "mbedtls_ssl_handshake returned" \ 2104 -C "mbedtls_ssl_handshake returned" \ 2105 -c "Read from server: .* bytes read" 2106 2107run_test "Non-blocking I/O: ticket + client auth + resume" \ 2108 "$P_SRV nbio=2 tickets=1 auth_mode=required" \ 2109 "$P_CLI nbio=2 tickets=1 reconnect=1" \ 2110 0 \ 2111 -S "mbedtls_ssl_handshake returned" \ 2112 -C "mbedtls_ssl_handshake returned" \ 2113 -c "Read from server: .* bytes read" 2114 2115run_test "Non-blocking I/O: ticket + resume" \ 2116 "$P_SRV nbio=2 tickets=1 auth_mode=none" \ 2117 "$P_CLI nbio=2 tickets=1 reconnect=1" \ 2118 0 \ 2119 -S "mbedtls_ssl_handshake returned" \ 2120 -C "mbedtls_ssl_handshake returned" \ 2121 -c "Read from server: .* bytes read" 2122 2123run_test "Non-blocking I/O: session-id resume" \ 2124 "$P_SRV nbio=2 tickets=0 auth_mode=none" \ 2125 "$P_CLI nbio=2 tickets=0 reconnect=1" \ 2126 0 \ 2127 -S "mbedtls_ssl_handshake returned" \ 2128 -C "mbedtls_ssl_handshake returned" \ 2129 -c "Read from server: .* bytes read" 2130 2131# Tests for version negotiation 2132 2133run_test "Version check: all -> 1.2" \ 2134 "$P_SRV" \ 2135 "$P_CLI" \ 2136 0 \ 2137 -S "mbedtls_ssl_handshake returned" \ 2138 -C "mbedtls_ssl_handshake returned" \ 2139 -s "Protocol is TLSv1.2" \ 2140 -c "Protocol is TLSv1.2" 2141 2142run_test "Version check: cli max 1.1 -> 1.1" \ 2143 "$P_SRV" \ 2144 "$P_CLI max_version=tls1_1" \ 2145 0 \ 2146 -S "mbedtls_ssl_handshake returned" \ 2147 -C "mbedtls_ssl_handshake returned" \ 2148 -s "Protocol is TLSv1.1" \ 2149 -c "Protocol is TLSv1.1" 2150 2151run_test "Version check: srv max 1.1 -> 1.1" \ 2152 "$P_SRV max_version=tls1_1" \ 2153 "$P_CLI" \ 2154 0 \ 2155 -S "mbedtls_ssl_handshake returned" \ 2156 -C "mbedtls_ssl_handshake returned" \ 2157 -s "Protocol is TLSv1.1" \ 2158 -c "Protocol is TLSv1.1" 2159 2160run_test "Version check: cli+srv max 1.1 -> 1.1" \ 2161 "$P_SRV max_version=tls1_1" \ 2162 "$P_CLI max_version=tls1_1" \ 2163 0 \ 2164 -S "mbedtls_ssl_handshake returned" \ 2165 -C "mbedtls_ssl_handshake returned" \ 2166 -s "Protocol is TLSv1.1" \ 2167 -c "Protocol is TLSv1.1" 2168 2169run_test "Version check: cli max 1.1, srv min 1.1 -> 1.1" \ 2170 "$P_SRV min_version=tls1_1" \ 2171 "$P_CLI max_version=tls1_1" \ 2172 0 \ 2173 -S "mbedtls_ssl_handshake returned" \ 2174 -C "mbedtls_ssl_handshake returned" \ 2175 -s "Protocol is TLSv1.1" \ 2176 -c "Protocol is TLSv1.1" 2177 2178run_test "Version check: cli min 1.1, srv max 1.1 -> 1.1" \ 2179 "$P_SRV max_version=tls1_1" \ 2180 "$P_CLI min_version=tls1_1" \ 2181 0 \ 2182 -S "mbedtls_ssl_handshake returned" \ 2183 -C "mbedtls_ssl_handshake returned" \ 2184 -s "Protocol is TLSv1.1" \ 2185 -c "Protocol is TLSv1.1" 2186 2187run_test "Version check: cli min 1.2, srv max 1.1 -> fail" \ 2188 "$P_SRV max_version=tls1_1" \ 2189 "$P_CLI min_version=tls1_2" \ 2190 1 \ 2191 -s "mbedtls_ssl_handshake returned" \ 2192 -c "mbedtls_ssl_handshake returned" \ 2193 -c "SSL - Handshake protocol not within min/max boundaries" 2194 2195run_test "Version check: srv min 1.2, cli max 1.1 -> fail" \ 2196 "$P_SRV min_version=tls1_2" \ 2197 "$P_CLI max_version=tls1_1" \ 2198 1 \ 2199 -s "mbedtls_ssl_handshake returned" \ 2200 -c "mbedtls_ssl_handshake returned" \ 2201 -s "SSL - Handshake protocol not within min/max boundaries" 2202 2203# Tests for ALPN extension 2204 2205run_test "ALPN: none" \ 2206 "$P_SRV debug_level=3" \ 2207 "$P_CLI debug_level=3" \ 2208 0 \ 2209 -C "client hello, adding alpn extension" \ 2210 -S "found alpn extension" \ 2211 -C "got an alert message, type: \\[2:120]" \ 2212 -S "server hello, adding alpn extension" \ 2213 -C "found alpn extension " \ 2214 -C "Application Layer Protocol is" \ 2215 -S "Application Layer Protocol is" 2216 2217run_test "ALPN: client only" \ 2218 "$P_SRV debug_level=3" \ 2219 "$P_CLI debug_level=3 alpn=abc,1234" \ 2220 0 \ 2221 -c "client hello, adding alpn extension" \ 2222 -s "found alpn extension" \ 2223 -C "got an alert message, type: \\[2:120]" \ 2224 -S "server hello, adding alpn extension" \ 2225 -C "found alpn extension " \ 2226 -c "Application Layer Protocol is (none)" \ 2227 -S "Application Layer Protocol is" 2228 2229run_test "ALPN: server only" \ 2230 "$P_SRV debug_level=3 alpn=abc,1234" \ 2231 "$P_CLI debug_level=3" \ 2232 0 \ 2233 -C "client hello, adding alpn extension" \ 2234 -S "found alpn extension" \ 2235 -C "got an alert message, type: \\[2:120]" \ 2236 -S "server hello, adding alpn extension" \ 2237 -C "found alpn extension " \ 2238 -C "Application Layer Protocol is" \ 2239 -s "Application Layer Protocol is (none)" 2240 2241run_test "ALPN: both, common cli1-srv1" \ 2242 "$P_SRV debug_level=3 alpn=abc,1234" \ 2243 "$P_CLI debug_level=3 alpn=abc,1234" \ 2244 0 \ 2245 -c "client hello, adding alpn extension" \ 2246 -s "found alpn extension" \ 2247 -C "got an alert message, type: \\[2:120]" \ 2248 -s "server hello, adding alpn extension" \ 2249 -c "found alpn extension" \ 2250 -c "Application Layer Protocol is abc" \ 2251 -s "Application Layer Protocol is abc" 2252 2253run_test "ALPN: both, common cli2-srv1" \ 2254 "$P_SRV debug_level=3 alpn=abc,1234" \ 2255 "$P_CLI debug_level=3 alpn=1234,abc" \ 2256 0 \ 2257 -c "client hello, adding alpn extension" \ 2258 -s "found alpn extension" \ 2259 -C "got an alert message, type: \\[2:120]" \ 2260 -s "server hello, adding alpn extension" \ 2261 -c "found alpn extension" \ 2262 -c "Application Layer Protocol is abc" \ 2263 -s "Application Layer Protocol is abc" 2264 2265run_test "ALPN: both, common cli1-srv2" \ 2266 "$P_SRV debug_level=3 alpn=abc,1234" \ 2267 "$P_CLI debug_level=3 alpn=1234,abcde" \ 2268 0 \ 2269 -c "client hello, adding alpn extension" \ 2270 -s "found alpn extension" \ 2271 -C "got an alert message, type: \\[2:120]" \ 2272 -s "server hello, adding alpn extension" \ 2273 -c "found alpn extension" \ 2274 -c "Application Layer Protocol is 1234" \ 2275 -s "Application Layer Protocol is 1234" 2276 2277run_test "ALPN: both, no common" \ 2278 "$P_SRV debug_level=3 alpn=abc,123" \ 2279 "$P_CLI debug_level=3 alpn=1234,abcde" \ 2280 1 \ 2281 -c "client hello, adding alpn extension" \ 2282 -s "found alpn extension" \ 2283 -c "got an alert message, type: \\[2:120]" \ 2284 -S "server hello, adding alpn extension" \ 2285 -C "found alpn extension" \ 2286 -C "Application Layer Protocol is 1234" \ 2287 -S "Application Layer Protocol is 1234" 2288 2289 2290# Tests for keyUsage in leaf certificates, part 1: 2291# server-side certificate/suite selection 2292 2293run_test "keyUsage srv: RSA, digitalSignature -> (EC)DHE-RSA" \ 2294 "$P_SRV key_file=data_files/server2.key \ 2295 crt_file=data_files/server2.ku-ds.crt" \ 2296 "$P_CLI" \ 2297 0 \ 2298 -c "Ciphersuite is TLS-[EC]*DHE-RSA-WITH-" 2299 2300 2301run_test "keyUsage srv: RSA, keyEncipherment -> RSA" \ 2302 "$P_SRV key_file=data_files/server2.key \ 2303 crt_file=data_files/server2.ku-ke.crt" \ 2304 "$P_CLI" \ 2305 0 \ 2306 -c "Ciphersuite is TLS-RSA-WITH-" 2307 2308run_test "keyUsage srv: RSA, keyAgreement -> fail" \ 2309 "$P_SRV key_file=data_files/server2.key \ 2310 crt_file=data_files/server2.ku-ka.crt" \ 2311 "$P_CLI" \ 2312 1 \ 2313 -C "Ciphersuite is " 2314 2315run_test "keyUsage srv: ECDSA, digitalSignature -> ECDHE-ECDSA" \ 2316 "$P_SRV key_file=data_files/server5.key \ 2317 crt_file=data_files/server5.ku-ds.crt" \ 2318 "$P_CLI" \ 2319 0 \ 2320 -c "Ciphersuite is TLS-ECDHE-ECDSA-WITH-" 2321 2322 2323run_test "keyUsage srv: ECDSA, keyAgreement -> ECDH-" \ 2324 "$P_SRV key_file=data_files/server5.key \ 2325 crt_file=data_files/server5.ku-ka.crt" \ 2326 "$P_CLI" \ 2327 0 \ 2328 -c "Ciphersuite is TLS-ECDH-" 2329 2330run_test "keyUsage srv: ECDSA, keyEncipherment -> fail" \ 2331 "$P_SRV key_file=data_files/server5.key \ 2332 crt_file=data_files/server5.ku-ke.crt" \ 2333 "$P_CLI" \ 2334 1 \ 2335 -C "Ciphersuite is " 2336 2337# Tests for keyUsage in leaf certificates, part 2: 2338# client-side checking of server cert 2339 2340run_test "keyUsage cli: DigitalSignature+KeyEncipherment, RSA: OK" \ 2341 "$O_SRV -key data_files/server2.key \ 2342 -cert data_files/server2.ku-ds_ke.crt" \ 2343 "$P_CLI debug_level=1 \ 2344 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ 2345 0 \ 2346 -C "bad certificate (usage extensions)" \ 2347 -C "Processing of the Certificate handshake message failed" \ 2348 -c "Ciphersuite is TLS-" 2349 2350run_test "keyUsage cli: DigitalSignature+KeyEncipherment, DHE-RSA: OK" \ 2351 "$O_SRV -key data_files/server2.key \ 2352 -cert data_files/server2.ku-ds_ke.crt" \ 2353 "$P_CLI debug_level=1 \ 2354 force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \ 2355 0 \ 2356 -C "bad certificate (usage extensions)" \ 2357 -C "Processing of the Certificate handshake message failed" \ 2358 -c "Ciphersuite is TLS-" 2359 2360run_test "keyUsage cli: KeyEncipherment, RSA: OK" \ 2361 "$O_SRV -key data_files/server2.key \ 2362 -cert data_files/server2.ku-ke.crt" \ 2363 "$P_CLI debug_level=1 \ 2364 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ 2365 0 \ 2366 -C "bad certificate (usage extensions)" \ 2367 -C "Processing of the Certificate handshake message failed" \ 2368 -c "Ciphersuite is TLS-" 2369 2370run_test "keyUsage cli: KeyEncipherment, DHE-RSA: fail" \ 2371 "$O_SRV -key data_files/server2.key \ 2372 -cert data_files/server2.ku-ke.crt" \ 2373 "$P_CLI debug_level=1 \ 2374 force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \ 2375 1 \ 2376 -c "bad certificate (usage extensions)" \ 2377 -c "Processing of the Certificate handshake message failed" \ 2378 -C "Ciphersuite is TLS-" 2379 2380run_test "keyUsage cli: KeyEncipherment, DHE-RSA: fail, soft" \ 2381 "$O_SRV -key data_files/server2.key \ 2382 -cert data_files/server2.ku-ke.crt" \ 2383 "$P_CLI debug_level=1 auth_mode=optional \ 2384 force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \ 2385 0 \ 2386 -c "bad certificate (usage extensions)" \ 2387 -C "Processing of the Certificate handshake message failed" \ 2388 -c "Ciphersuite is TLS-" \ 2389 -c "! Usage does not match the keyUsage extension" 2390 2391run_test "keyUsage cli: DigitalSignature, DHE-RSA: OK" \ 2392 "$O_SRV -key data_files/server2.key \ 2393 -cert data_files/server2.ku-ds.crt" \ 2394 "$P_CLI debug_level=1 \ 2395 force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \ 2396 0 \ 2397 -C "bad certificate (usage extensions)" \ 2398 -C "Processing of the Certificate handshake message failed" \ 2399 -c "Ciphersuite is TLS-" 2400 2401run_test "keyUsage cli: DigitalSignature, RSA: fail" \ 2402 "$O_SRV -key data_files/server2.key \ 2403 -cert data_files/server2.ku-ds.crt" \ 2404 "$P_CLI debug_level=1 \ 2405 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ 2406 1 \ 2407 -c "bad certificate (usage extensions)" \ 2408 -c "Processing of the Certificate handshake message failed" \ 2409 -C "Ciphersuite is TLS-" 2410 2411run_test "keyUsage cli: DigitalSignature, RSA: fail, soft" \ 2412 "$O_SRV -key data_files/server2.key \ 2413 -cert data_files/server2.ku-ds.crt" \ 2414 "$P_CLI debug_level=1 auth_mode=optional \ 2415 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ 2416 0 \ 2417 -c "bad certificate (usage extensions)" \ 2418 -C "Processing of the Certificate handshake message failed" \ 2419 -c "Ciphersuite is TLS-" \ 2420 -c "! Usage does not match the keyUsage extension" 2421 2422# Tests for keyUsage in leaf certificates, part 3: 2423# server-side checking of client cert 2424 2425run_test "keyUsage cli-auth: RSA, DigitalSignature: OK" \ 2426 "$P_SRV debug_level=1 auth_mode=optional" \ 2427 "$O_CLI -key data_files/server2.key \ 2428 -cert data_files/server2.ku-ds.crt" \ 2429 0 \ 2430 -S "bad certificate (usage extensions)" \ 2431 -S "Processing of the Certificate handshake message failed" 2432 2433run_test "keyUsage cli-auth: RSA, KeyEncipherment: fail (soft)" \ 2434 "$P_SRV debug_level=1 auth_mode=optional" \ 2435 "$O_CLI -key data_files/server2.key \ 2436 -cert data_files/server2.ku-ke.crt" \ 2437 0 \ 2438 -s "bad certificate (usage extensions)" \ 2439 -S "Processing of the Certificate handshake message failed" 2440 2441run_test "keyUsage cli-auth: RSA, KeyEncipherment: fail (hard)" \ 2442 "$P_SRV debug_level=1 auth_mode=required" \ 2443 "$O_CLI -key data_files/server2.key \ 2444 -cert data_files/server2.ku-ke.crt" \ 2445 1 \ 2446 -s "bad certificate (usage extensions)" \ 2447 -s "Processing of the Certificate handshake message failed" 2448 2449run_test "keyUsage cli-auth: ECDSA, DigitalSignature: OK" \ 2450 "$P_SRV debug_level=1 auth_mode=optional" \ 2451 "$O_CLI -key data_files/server5.key \ 2452 -cert data_files/server5.ku-ds.crt" \ 2453 0 \ 2454 -S "bad certificate (usage extensions)" \ 2455 -S "Processing of the Certificate handshake message failed" 2456 2457run_test "keyUsage cli-auth: ECDSA, KeyAgreement: fail (soft)" \ 2458 "$P_SRV debug_level=1 auth_mode=optional" \ 2459 "$O_CLI -key data_files/server5.key \ 2460 -cert data_files/server5.ku-ka.crt" \ 2461 0 \ 2462 -s "bad certificate (usage extensions)" \ 2463 -S "Processing of the Certificate handshake message failed" 2464 2465# Tests for extendedKeyUsage, part 1: server-side certificate/suite selection 2466 2467run_test "extKeyUsage srv: serverAuth -> OK" \ 2468 "$P_SRV key_file=data_files/server5.key \ 2469 crt_file=data_files/server5.eku-srv.crt" \ 2470 "$P_CLI" \ 2471 0 2472 2473run_test "extKeyUsage srv: serverAuth,clientAuth -> OK" \ 2474 "$P_SRV key_file=data_files/server5.key \ 2475 crt_file=data_files/server5.eku-srv.crt" \ 2476 "$P_CLI" \ 2477 0 2478 2479run_test "extKeyUsage srv: codeSign,anyEKU -> OK" \ 2480 "$P_SRV key_file=data_files/server5.key \ 2481 crt_file=data_files/server5.eku-cs_any.crt" \ 2482 "$P_CLI" \ 2483 0 2484 2485run_test "extKeyUsage srv: codeSign -> fail" \ 2486 "$P_SRV key_file=data_files/server5.key \ 2487 crt_file=data_files/server5.eku-cli.crt" \ 2488 "$P_CLI" \ 2489 1 2490 2491# Tests for extendedKeyUsage, part 2: client-side checking of server cert 2492 2493run_test "extKeyUsage cli: serverAuth -> OK" \ 2494 "$O_SRV -key data_files/server5.key \ 2495 -cert data_files/server5.eku-srv.crt" \ 2496 "$P_CLI debug_level=1" \ 2497 0 \ 2498 -C "bad certificate (usage extensions)" \ 2499 -C "Processing of the Certificate handshake message failed" \ 2500 -c "Ciphersuite is TLS-" 2501 2502run_test "extKeyUsage cli: serverAuth,clientAuth -> OK" \ 2503 "$O_SRV -key data_files/server5.key \ 2504 -cert data_files/server5.eku-srv_cli.crt" \ 2505 "$P_CLI debug_level=1" \ 2506 0 \ 2507 -C "bad certificate (usage extensions)" \ 2508 -C "Processing of the Certificate handshake message failed" \ 2509 -c "Ciphersuite is TLS-" 2510 2511run_test "extKeyUsage cli: codeSign,anyEKU -> OK" \ 2512 "$O_SRV -key data_files/server5.key \ 2513 -cert data_files/server5.eku-cs_any.crt" \ 2514 "$P_CLI debug_level=1" \ 2515 0 \ 2516 -C "bad certificate (usage extensions)" \ 2517 -C "Processing of the Certificate handshake message failed" \ 2518 -c "Ciphersuite is TLS-" 2519 2520run_test "extKeyUsage cli: codeSign -> fail" \ 2521 "$O_SRV -key data_files/server5.key \ 2522 -cert data_files/server5.eku-cs.crt" \ 2523 "$P_CLI debug_level=1" \ 2524 1 \ 2525 -c "bad certificate (usage extensions)" \ 2526 -c "Processing of the Certificate handshake message failed" \ 2527 -C "Ciphersuite is TLS-" 2528 2529# Tests for extendedKeyUsage, part 3: server-side checking of client cert 2530 2531run_test "extKeyUsage cli-auth: clientAuth -> OK" \ 2532 "$P_SRV debug_level=1 auth_mode=optional" \ 2533 "$O_CLI -key data_files/server5.key \ 2534 -cert data_files/server5.eku-cli.crt" \ 2535 0 \ 2536 -S "bad certificate (usage extensions)" \ 2537 -S "Processing of the Certificate handshake message failed" 2538 2539run_test "extKeyUsage cli-auth: serverAuth,clientAuth -> OK" \ 2540 "$P_SRV debug_level=1 auth_mode=optional" \ 2541 "$O_CLI -key data_files/server5.key \ 2542 -cert data_files/server5.eku-srv_cli.crt" \ 2543 0 \ 2544 -S "bad certificate (usage extensions)" \ 2545 -S "Processing of the Certificate handshake message failed" 2546 2547run_test "extKeyUsage cli-auth: codeSign,anyEKU -> OK" \ 2548 "$P_SRV debug_level=1 auth_mode=optional" \ 2549 "$O_CLI -key data_files/server5.key \ 2550 -cert data_files/server5.eku-cs_any.crt" \ 2551 0 \ 2552 -S "bad certificate (usage extensions)" \ 2553 -S "Processing of the Certificate handshake message failed" 2554 2555run_test "extKeyUsage cli-auth: codeSign -> fail (soft)" \ 2556 "$P_SRV debug_level=1 auth_mode=optional" \ 2557 "$O_CLI -key data_files/server5.key \ 2558 -cert data_files/server5.eku-cs.crt" \ 2559 0 \ 2560 -s "bad certificate (usage extensions)" \ 2561 -S "Processing of the Certificate handshake message failed" 2562 2563run_test "extKeyUsage cli-auth: codeSign -> fail (hard)" \ 2564 "$P_SRV debug_level=1 auth_mode=required" \ 2565 "$O_CLI -key data_files/server5.key \ 2566 -cert data_files/server5.eku-cs.crt" \ 2567 1 \ 2568 -s "bad certificate (usage extensions)" \ 2569 -s "Processing of the Certificate handshake message failed" 2570 2571# Tests for DHM parameters loading 2572 2573run_test "DHM parameters: reference" \ 2574 "$P_SRV" \ 2575 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ 2576 debug_level=3" \ 2577 0 \ 2578 -c "value of 'DHM: P ' (2048 bits)" \ 2579 -c "value of 'DHM: G ' (2048 bits)" 2580 2581run_test "DHM parameters: other parameters" \ 2582 "$P_SRV dhm_file=data_files/dhparams.pem" \ 2583 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ 2584 debug_level=3" \ 2585 0 \ 2586 -c "value of 'DHM: P ' (1024 bits)" \ 2587 -c "value of 'DHM: G ' (2 bits)" 2588 2589# Tests for DHM client-side size checking 2590 2591run_test "DHM size: server default, client default, OK" \ 2592 "$P_SRV" \ 2593 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ 2594 debug_level=1" \ 2595 0 \ 2596 -C "DHM prime too short:" 2597 2598run_test "DHM size: server default, client 2048, OK" \ 2599 "$P_SRV" \ 2600 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ 2601 debug_level=1 dhmlen=2048" \ 2602 0 \ 2603 -C "DHM prime too short:" 2604 2605run_test "DHM size: server 1024, client default, OK" \ 2606 "$P_SRV dhm_file=data_files/dhparams.pem" \ 2607 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ 2608 debug_level=1" \ 2609 0 \ 2610 -C "DHM prime too short:" 2611 2612run_test "DHM size: server 1000, client default, rejected" \ 2613 "$P_SRV dhm_file=data_files/dh.1000.pem" \ 2614 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ 2615 debug_level=1" \ 2616 1 \ 2617 -c "DHM prime too short:" 2618 2619run_test "DHM size: server default, client 2049, rejected" \ 2620 "$P_SRV" \ 2621 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ 2622 debug_level=1 dhmlen=2049" \ 2623 1 \ 2624 -c "DHM prime too short:" 2625 2626# Tests for PSK callback 2627 2628run_test "PSK callback: psk, no callback" \ 2629 "$P_SRV psk=abc123 psk_identity=foo" \ 2630 "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ 2631 psk_identity=foo psk=abc123" \ 2632 0 \ 2633 -S "SSL - None of the common ciphersuites is usable" \ 2634 -S "SSL - Unknown identity received" \ 2635 -S "SSL - Verification of the message MAC failed" 2636 2637run_test "PSK callback: no psk, no callback" \ 2638 "$P_SRV" \ 2639 "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ 2640 psk_identity=foo psk=abc123" \ 2641 1 \ 2642 -s "SSL - None of the common ciphersuites is usable" \ 2643 -S "SSL - Unknown identity received" \ 2644 -S "SSL - Verification of the message MAC failed" 2645 2646run_test "PSK callback: callback overrides other settings" \ 2647 "$P_SRV psk=abc123 psk_identity=foo psk_list=abc,dead,def,beef" \ 2648 "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ 2649 psk_identity=foo psk=abc123" \ 2650 1 \ 2651 -S "SSL - None of the common ciphersuites is usable" \ 2652 -s "SSL - Unknown identity received" \ 2653 -S "SSL - Verification of the message MAC failed" 2654 2655run_test "PSK callback: first id matches" \ 2656 "$P_SRV psk_list=abc,dead,def,beef" \ 2657 "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ 2658 psk_identity=abc psk=dead" \ 2659 0 \ 2660 -S "SSL - None of the common ciphersuites is usable" \ 2661 -S "SSL - Unknown identity received" \ 2662 -S "SSL - Verification of the message MAC failed" 2663 2664run_test "PSK callback: second id matches" \ 2665 "$P_SRV psk_list=abc,dead,def,beef" \ 2666 "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ 2667 psk_identity=def psk=beef" \ 2668 0 \ 2669 -S "SSL - None of the common ciphersuites is usable" \ 2670 -S "SSL - Unknown identity received" \ 2671 -S "SSL - Verification of the message MAC failed" 2672 2673run_test "PSK callback: no match" \ 2674 "$P_SRV psk_list=abc,dead,def,beef" \ 2675 "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ 2676 psk_identity=ghi psk=beef" \ 2677 1 \ 2678 -S "SSL - None of the common ciphersuites is usable" \ 2679 -s "SSL - Unknown identity received" \ 2680 -S "SSL - Verification of the message MAC failed" 2681 2682run_test "PSK callback: wrong key" \ 2683 "$P_SRV psk_list=abc,dead,def,beef" \ 2684 "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ 2685 psk_identity=abc psk=beef" \ 2686 1 \ 2687 -S "SSL - None of the common ciphersuites is usable" \ 2688 -S "SSL - Unknown identity received" \ 2689 -s "SSL - Verification of the message MAC failed" 2690 2691# Tests for EC J-PAKE 2692 2693requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE 2694run_test "ECJPAKE: client not configured" \ 2695 "$P_SRV debug_level=3" \ 2696 "$P_CLI debug_level=3" \ 2697 0 \ 2698 -C "add ciphersuite: c0ff" \ 2699 -C "adding ecjpake_kkpp extension" \ 2700 -S "found ecjpake kkpp extension" \ 2701 -S "skip ecjpake kkpp extension" \ 2702 -S "ciphersuite mismatch: ecjpake not configured" \ 2703 -S "server hello, ecjpake kkpp extension" \ 2704 -C "found ecjpake_kkpp extension" \ 2705 -S "None of the common ciphersuites is usable" 2706 2707requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE 2708run_test "ECJPAKE: server not configured" \ 2709 "$P_SRV debug_level=3" \ 2710 "$P_CLI debug_level=3 ecjpake_pw=bla \ 2711 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \ 2712 1 \ 2713 -c "add ciphersuite: c0ff" \ 2714 -c "adding ecjpake_kkpp extension" \ 2715 -s "found ecjpake kkpp extension" \ 2716 -s "skip ecjpake kkpp extension" \ 2717 -s "ciphersuite mismatch: ecjpake not configured" \ 2718 -S "server hello, ecjpake kkpp extension" \ 2719 -C "found ecjpake_kkpp extension" \ 2720 -s "None of the common ciphersuites is usable" 2721 2722requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE 2723run_test "ECJPAKE: working, TLS" \ 2724 "$P_SRV debug_level=3 ecjpake_pw=bla" \ 2725 "$P_CLI debug_level=3 ecjpake_pw=bla \ 2726 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \ 2727 0 \ 2728 -c "add ciphersuite: c0ff" \ 2729 -c "adding ecjpake_kkpp extension" \ 2730 -C "re-using cached ecjpake parameters" \ 2731 -s "found ecjpake kkpp extension" \ 2732 -S "skip ecjpake kkpp extension" \ 2733 -S "ciphersuite mismatch: ecjpake not configured" \ 2734 -s "server hello, ecjpake kkpp extension" \ 2735 -c "found ecjpake_kkpp extension" \ 2736 -S "None of the common ciphersuites is usable" \ 2737 -S "SSL - Verification of the message MAC failed" 2738 2739server_needs_more_time 1 2740requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE 2741run_test "ECJPAKE: password mismatch, TLS" \ 2742 "$P_SRV debug_level=3 ecjpake_pw=bla" \ 2743 "$P_CLI debug_level=3 ecjpake_pw=bad \ 2744 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \ 2745 1 \ 2746 -C "re-using cached ecjpake parameters" \ 2747 -s "SSL - Verification of the message MAC failed" 2748 2749requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE 2750run_test "ECJPAKE: working, DTLS" \ 2751 "$P_SRV debug_level=3 dtls=1 ecjpake_pw=bla" \ 2752 "$P_CLI debug_level=3 dtls=1 ecjpake_pw=bla \ 2753 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \ 2754 0 \ 2755 -c "re-using cached ecjpake parameters" \ 2756 -S "SSL - Verification of the message MAC failed" 2757 2758requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE 2759run_test "ECJPAKE: working, DTLS, no cookie" \ 2760 "$P_SRV debug_level=3 dtls=1 ecjpake_pw=bla cookies=0" \ 2761 "$P_CLI debug_level=3 dtls=1 ecjpake_pw=bla \ 2762 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \ 2763 0 \ 2764 -C "re-using cached ecjpake parameters" \ 2765 -S "SSL - Verification of the message MAC failed" 2766 2767server_needs_more_time 1 2768requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE 2769run_test "ECJPAKE: password mismatch, DTLS" \ 2770 "$P_SRV debug_level=3 dtls=1 ecjpake_pw=bla" \ 2771 "$P_CLI debug_level=3 dtls=1 ecjpake_pw=bad \ 2772 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \ 2773 1 \ 2774 -c "re-using cached ecjpake parameters" \ 2775 -s "SSL - Verification of the message MAC failed" 2776 2777# for tests with configs/config-thread.h 2778requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE 2779run_test "ECJPAKE: working, DTLS, nolog" \ 2780 "$P_SRV dtls=1 ecjpake_pw=bla" \ 2781 "$P_CLI dtls=1 ecjpake_pw=bla \ 2782 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \ 2783 0 2784 2785# Tests for ciphersuites per version 2786 2787requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 2788run_test "Per-version suites: SSL3" \ 2789 "$P_SRV min_version=ssl3 version_suites=TLS-RSA-WITH-3DES-EDE-CBC-SHA,TLS-RSA-WITH-AES-256-CBC-SHA,TLS-RSA-WITH-AES-128-CBC-SHA,TLS-RSA-WITH-AES-128-GCM-SHA256" \ 2790 "$P_CLI force_version=ssl3" \ 2791 0 \ 2792 -c "Ciphersuite is TLS-RSA-WITH-3DES-EDE-CBC-SHA" 2793 2794run_test "Per-version suites: TLS 1.0" \ 2795 "$P_SRV arc4=1 version_suites=TLS-RSA-WITH-3DES-EDE-CBC-SHA,TLS-RSA-WITH-AES-256-CBC-SHA,TLS-RSA-WITH-AES-128-CBC-SHA,TLS-RSA-WITH-AES-128-GCM-SHA256" \ 2796 "$P_CLI force_version=tls1 arc4=1" \ 2797 0 \ 2798 -c "Ciphersuite is TLS-RSA-WITH-AES-256-CBC-SHA" 2799 2800run_test "Per-version suites: TLS 1.1" \ 2801 "$P_SRV version_suites=TLS-RSA-WITH-3DES-EDE-CBC-SHA,TLS-RSA-WITH-AES-256-CBC-SHA,TLS-RSA-WITH-AES-128-CBC-SHA,TLS-RSA-WITH-AES-128-GCM-SHA256" \ 2802 "$P_CLI force_version=tls1_1" \ 2803 0 \ 2804 -c "Ciphersuite is TLS-RSA-WITH-AES-128-CBC-SHA" 2805 2806run_test "Per-version suites: TLS 1.2" \ 2807 "$P_SRV version_suites=TLS-RSA-WITH-3DES-EDE-CBC-SHA,TLS-RSA-WITH-AES-256-CBC-SHA,TLS-RSA-WITH-AES-128-CBC-SHA,TLS-RSA-WITH-AES-128-GCM-SHA256" \ 2808 "$P_CLI force_version=tls1_2" \ 2809 0 \ 2810 -c "Ciphersuite is TLS-RSA-WITH-AES-128-GCM-SHA256" 2811 2812# Test for ClientHello without extensions 2813 2814requires_gnutls 2815run_test "ClientHello without extensions" \ 2816 "$P_SRV debug_level=3" \ 2817 "$G_CLI --priority=NORMAL:%NO_EXTENSIONS:%DISABLE_SAFE_RENEGOTIATION" \ 2818 0 \ 2819 -s "dumping 'client hello extensions' (0 bytes)" 2820 2821# Tests for mbedtls_ssl_get_bytes_avail() 2822 2823run_test "mbedtls_ssl_get_bytes_avail: no extra data" \ 2824 "$P_SRV" \ 2825 "$P_CLI request_size=100" \ 2826 0 \ 2827 -s "Read from client: 100 bytes read$" 2828 2829run_test "mbedtls_ssl_get_bytes_avail: extra data" \ 2830 "$P_SRV" \ 2831 "$P_CLI request_size=500" \ 2832 0 \ 2833 -s "Read from client: 500 bytes read (.*+.*)" 2834 2835# Tests for small packets 2836 2837requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 2838run_test "Small packet SSLv3 BlockCipher" \ 2839 "$P_SRV min_version=ssl3" \ 2840 "$P_CLI request_size=1 force_version=ssl3 \ 2841 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ 2842 0 \ 2843 -s "Read from client: 1 bytes read" 2844 2845requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 2846run_test "Small packet SSLv3 StreamCipher" \ 2847 "$P_SRV min_version=ssl3 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ 2848 "$P_CLI request_size=1 force_version=ssl3 \ 2849 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ 2850 0 \ 2851 -s "Read from client: 1 bytes read" 2852 2853run_test "Small packet TLS 1.0 BlockCipher" \ 2854 "$P_SRV" \ 2855 "$P_CLI request_size=1 force_version=tls1 \ 2856 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ 2857 0 \ 2858 -s "Read from client: 1 bytes read" 2859 2860run_test "Small packet TLS 1.0 BlockCipher without EtM" \ 2861 "$P_SRV" \ 2862 "$P_CLI request_size=1 force_version=tls1 etm=0 \ 2863 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ 2864 0 \ 2865 -s "Read from client: 1 bytes read" 2866 2867run_test "Small packet TLS 1.0 BlockCipher truncated MAC" \ 2868 "$P_SRV" \ 2869 "$P_CLI request_size=1 force_version=tls1 \ 2870 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA \ 2871 trunc_hmac=1" \ 2872 0 \ 2873 -s "Read from client: 1 bytes read" 2874 2875run_test "Small packet TLS 1.0 StreamCipher truncated MAC" \ 2876 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ 2877 "$P_CLI request_size=1 force_version=tls1 \ 2878 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \ 2879 trunc_hmac=1" \ 2880 0 \ 2881 -s "Read from client: 1 bytes read" 2882 2883run_test "Small packet TLS 1.1 BlockCipher" \ 2884 "$P_SRV" \ 2885 "$P_CLI request_size=1 force_version=tls1_1 \ 2886 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ 2887 0 \ 2888 -s "Read from client: 1 bytes read" 2889 2890run_test "Small packet TLS 1.1 BlockCipher without EtM" \ 2891 "$P_SRV" \ 2892 "$P_CLI request_size=1 force_version=tls1_1 etm=0 \ 2893 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ 2894 0 \ 2895 -s "Read from client: 1 bytes read" 2896 2897run_test "Small packet TLS 1.1 StreamCipher" \ 2898 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ 2899 "$P_CLI request_size=1 force_version=tls1_1 \ 2900 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ 2901 0 \ 2902 -s "Read from client: 1 bytes read" 2903 2904run_test "Small packet TLS 1.1 BlockCipher truncated MAC" \ 2905 "$P_SRV" \ 2906 "$P_CLI request_size=1 force_version=tls1_1 \ 2907 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA \ 2908 trunc_hmac=1" \ 2909 0 \ 2910 -s "Read from client: 1 bytes read" 2911 2912run_test "Small packet TLS 1.1 StreamCipher truncated MAC" \ 2913 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ 2914 "$P_CLI request_size=1 force_version=tls1_1 \ 2915 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \ 2916 trunc_hmac=1" \ 2917 0 \ 2918 -s "Read from client: 1 bytes read" 2919 2920run_test "Small packet TLS 1.2 BlockCipher" \ 2921 "$P_SRV" \ 2922 "$P_CLI request_size=1 force_version=tls1_2 \ 2923 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ 2924 0 \ 2925 -s "Read from client: 1 bytes read" 2926 2927run_test "Small packet TLS 1.2 BlockCipher without EtM" \ 2928 "$P_SRV" \ 2929 "$P_CLI request_size=1 force_version=tls1_2 etm=0 \ 2930 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ 2931 0 \ 2932 -s "Read from client: 1 bytes read" 2933 2934run_test "Small packet TLS 1.2 BlockCipher larger MAC" \ 2935 "$P_SRV" \ 2936 "$P_CLI request_size=1 force_version=tls1_2 \ 2937 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \ 2938 0 \ 2939 -s "Read from client: 1 bytes read" 2940 2941run_test "Small packet TLS 1.2 BlockCipher truncated MAC" \ 2942 "$P_SRV" \ 2943 "$P_CLI request_size=1 force_version=tls1_2 \ 2944 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA \ 2945 trunc_hmac=1" \ 2946 0 \ 2947 -s "Read from client: 1 bytes read" 2948 2949run_test "Small packet TLS 1.2 StreamCipher" \ 2950 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ 2951 "$P_CLI request_size=1 force_version=tls1_2 \ 2952 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ 2953 0 \ 2954 -s "Read from client: 1 bytes read" 2955 2956run_test "Small packet TLS 1.2 StreamCipher truncated MAC" \ 2957 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ 2958 "$P_CLI request_size=1 force_version=tls1_2 \ 2959 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \ 2960 trunc_hmac=1" \ 2961 0 \ 2962 -s "Read from client: 1 bytes read" 2963 2964run_test "Small packet TLS 1.2 AEAD" \ 2965 "$P_SRV" \ 2966 "$P_CLI request_size=1 force_version=tls1_2 \ 2967 force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \ 2968 0 \ 2969 -s "Read from client: 1 bytes read" 2970 2971run_test "Small packet TLS 1.2 AEAD shorter tag" \ 2972 "$P_SRV" \ 2973 "$P_CLI request_size=1 force_version=tls1_2 \ 2974 force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \ 2975 0 \ 2976 -s "Read from client: 1 bytes read" 2977 2978# A test for extensions in SSLv3 2979 2980requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 2981run_test "SSLv3 with extensions, server side" \ 2982 "$P_SRV min_version=ssl3 debug_level=3" \ 2983 "$P_CLI force_version=ssl3 tickets=1 max_frag_len=4096 alpn=abc,1234" \ 2984 0 \ 2985 -S "dumping 'client hello extensions'" \ 2986 -S "server hello, total extension length:" 2987 2988# Test for large packets 2989 2990requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 2991run_test "Large packet SSLv3 BlockCipher" \ 2992 "$P_SRV min_version=ssl3" \ 2993 "$P_CLI request_size=16384 force_version=ssl3 recsplit=0 \ 2994 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ 2995 0 \ 2996 -s "Read from client: 16384 bytes read" 2997 2998requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 2999run_test "Large packet SSLv3 StreamCipher" \ 3000 "$P_SRV min_version=ssl3 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ 3001 "$P_CLI request_size=16384 force_version=ssl3 \ 3002 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ 3003 0 \ 3004 -s "Read from client: 16384 bytes read" 3005 3006run_test "Large packet TLS 1.0 BlockCipher" \ 3007 "$P_SRV" \ 3008 "$P_CLI request_size=16384 force_version=tls1 recsplit=0 \ 3009 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ 3010 0 \ 3011 -s "Read from client: 16384 bytes read" 3012 3013run_test "Large packet TLS 1.0 BlockCipher truncated MAC" \ 3014 "$P_SRV" \ 3015 "$P_CLI request_size=16384 force_version=tls1 recsplit=0 \ 3016 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA \ 3017 trunc_hmac=1" \ 3018 0 \ 3019 -s "Read from client: 16384 bytes read" 3020 3021run_test "Large packet TLS 1.0 StreamCipher truncated MAC" \ 3022 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ 3023 "$P_CLI request_size=16384 force_version=tls1 \ 3024 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \ 3025 trunc_hmac=1" \ 3026 0 \ 3027 -s "Read from client: 16384 bytes read" 3028 3029run_test "Large packet TLS 1.1 BlockCipher" \ 3030 "$P_SRV" \ 3031 "$P_CLI request_size=16384 force_version=tls1_1 \ 3032 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ 3033 0 \ 3034 -s "Read from client: 16384 bytes read" 3035 3036run_test "Large packet TLS 1.1 StreamCipher" \ 3037 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ 3038 "$P_CLI request_size=16384 force_version=tls1_1 \ 3039 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ 3040 0 \ 3041 -s "Read from client: 16384 bytes read" 3042 3043run_test "Large packet TLS 1.1 BlockCipher truncated MAC" \ 3044 "$P_SRV" \ 3045 "$P_CLI request_size=16384 force_version=tls1_1 \ 3046 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA \ 3047 trunc_hmac=1" \ 3048 0 \ 3049 -s "Read from client: 16384 bytes read" 3050 3051run_test "Large packet TLS 1.1 StreamCipher truncated MAC" \ 3052 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ 3053 "$P_CLI request_size=16384 force_version=tls1_1 \ 3054 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \ 3055 trunc_hmac=1" \ 3056 0 \ 3057 -s "Read from client: 16384 bytes read" 3058 3059run_test "Large packet TLS 1.2 BlockCipher" \ 3060 "$P_SRV" \ 3061 "$P_CLI request_size=16384 force_version=tls1_2 \ 3062 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ 3063 0 \ 3064 -s "Read from client: 16384 bytes read" 3065 3066run_test "Large packet TLS 1.2 BlockCipher larger MAC" \ 3067 "$P_SRV" \ 3068 "$P_CLI request_size=16384 force_version=tls1_2 \ 3069 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \ 3070 0 \ 3071 -s "Read from client: 16384 bytes read" 3072 3073run_test "Large packet TLS 1.2 BlockCipher truncated MAC" \ 3074 "$P_SRV" \ 3075 "$P_CLI request_size=16384 force_version=tls1_2 \ 3076 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA \ 3077 trunc_hmac=1" \ 3078 0 \ 3079 -s "Read from client: 16384 bytes read" 3080 3081run_test "Large packet TLS 1.2 StreamCipher" \ 3082 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ 3083 "$P_CLI request_size=16384 force_version=tls1_2 \ 3084 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ 3085 0 \ 3086 -s "Read from client: 16384 bytes read" 3087 3088run_test "Large packet TLS 1.2 StreamCipher truncated MAC" \ 3089 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ 3090 "$P_CLI request_size=16384 force_version=tls1_2 \ 3091 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \ 3092 trunc_hmac=1" \ 3093 0 \ 3094 -s "Read from client: 16384 bytes read" 3095 3096run_test "Large packet TLS 1.2 AEAD" \ 3097 "$P_SRV" \ 3098 "$P_CLI request_size=16384 force_version=tls1_2 \ 3099 force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \ 3100 0 \ 3101 -s "Read from client: 16384 bytes read" 3102 3103run_test "Large packet TLS 1.2 AEAD shorter tag" \ 3104 "$P_SRV" \ 3105 "$P_CLI request_size=16384 force_version=tls1_2 \ 3106 force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \ 3107 0 \ 3108 -s "Read from client: 16384 bytes read" 3109 3110# Tests for DTLS HelloVerifyRequest 3111 3112run_test "DTLS cookie: enabled" \ 3113 "$P_SRV dtls=1 debug_level=2" \ 3114 "$P_CLI dtls=1 debug_level=2" \ 3115 0 \ 3116 -s "cookie verification failed" \ 3117 -s "cookie verification passed" \ 3118 -S "cookie verification skipped" \ 3119 -c "received hello verify request" \ 3120 -s "hello verification requested" \ 3121 -S "SSL - The requested feature is not available" 3122 3123run_test "DTLS cookie: disabled" \ 3124 "$P_SRV dtls=1 debug_level=2 cookies=0" \ 3125 "$P_CLI dtls=1 debug_level=2" \ 3126 0 \ 3127 -S "cookie verification failed" \ 3128 -S "cookie verification passed" \ 3129 -s "cookie verification skipped" \ 3130 -C "received hello verify request" \ 3131 -S "hello verification requested" \ 3132 -S "SSL - The requested feature is not available" 3133 3134run_test "DTLS cookie: default (failing)" \ 3135 "$P_SRV dtls=1 debug_level=2 cookies=-1" \ 3136 "$P_CLI dtls=1 debug_level=2 hs_timeout=100-400" \ 3137 1 \ 3138 -s "cookie verification failed" \ 3139 -S "cookie verification passed" \ 3140 -S "cookie verification skipped" \ 3141 -C "received hello verify request" \ 3142 -S "hello verification requested" \ 3143 -s "SSL - The requested feature is not available" 3144 3145requires_ipv6 3146run_test "DTLS cookie: enabled, IPv6" \ 3147 "$P_SRV dtls=1 debug_level=2 server_addr=::1" \ 3148 "$P_CLI dtls=1 debug_level=2 server_addr=::1" \ 3149 0 \ 3150 -s "cookie verification failed" \ 3151 -s "cookie verification passed" \ 3152 -S "cookie verification skipped" \ 3153 -c "received hello verify request" \ 3154 -s "hello verification requested" \ 3155 -S "SSL - The requested feature is not available" 3156 3157run_test "DTLS cookie: enabled, nbio" \ 3158 "$P_SRV dtls=1 nbio=2 debug_level=2" \ 3159 "$P_CLI dtls=1 nbio=2 debug_level=2" \ 3160 0 \ 3161 -s "cookie verification failed" \ 3162 -s "cookie verification passed" \ 3163 -S "cookie verification skipped" \ 3164 -c "received hello verify request" \ 3165 -s "hello verification requested" \ 3166 -S "SSL - The requested feature is not available" 3167 3168# Tests for client reconnecting from the same port with DTLS 3169 3170not_with_valgrind # spurious resend 3171run_test "DTLS client reconnect from same port: reference" \ 3172 "$P_SRV dtls=1 exchanges=2 read_timeout=1000" \ 3173 "$P_CLI dtls=1 exchanges=2 debug_level=2 hs_timeout=500-1000" \ 3174 0 \ 3175 -C "resend" \ 3176 -S "The operation timed out" \ 3177 -S "Client initiated reconnection from same port" 3178 3179not_with_valgrind # spurious resend 3180run_test "DTLS client reconnect from same port: reconnect" \ 3181 "$P_SRV dtls=1 exchanges=2 read_timeout=1000" \ 3182 "$P_CLI dtls=1 exchanges=2 debug_level=2 hs_timeout=500-1000 reconnect_hard=1" \ 3183 0 \ 3184 -C "resend" \ 3185 -S "The operation timed out" \ 3186 -s "Client initiated reconnection from same port" 3187 3188not_with_valgrind # server/client too slow to respond in time (next test has higher timeouts) 3189run_test "DTLS client reconnect from same port: reconnect, nbio, no valgrind" \ 3190 "$P_SRV dtls=1 exchanges=2 read_timeout=1000 nbio=2" \ 3191 "$P_CLI dtls=1 exchanges=2 debug_level=2 hs_timeout=500-1000 reconnect_hard=1" \ 3192 0 \ 3193 -S "The operation timed out" \ 3194 -s "Client initiated reconnection from same port" 3195 3196only_with_valgrind # Only with valgrind, do previous test but with higher read_timeout and hs_timeout 3197run_test "DTLS client reconnect from same port: reconnect, nbio, valgrind" \ 3198 "$P_SRV dtls=1 exchanges=2 read_timeout=2000 nbio=2 hs_timeout=1500-6000" \ 3199 "$P_CLI dtls=1 exchanges=2 debug_level=2 hs_timeout=1500-3000 reconnect_hard=1" \ 3200 0 \ 3201 -S "The operation timed out" \ 3202 -s "Client initiated reconnection from same port" 3203 3204run_test "DTLS client reconnect from same port: no cookies" \ 3205 "$P_SRV dtls=1 exchanges=2 read_timeout=1000 cookies=0" \ 3206 "$P_CLI dtls=1 exchanges=2 debug_level=2 hs_timeout=500-8000 reconnect_hard=1" \ 3207 0 \ 3208 -s "The operation timed out" \ 3209 -S "Client initiated reconnection from same port" 3210 3211# Tests for various cases of client authentication with DTLS 3212# (focused on handshake flows and message parsing) 3213 3214run_test "DTLS client auth: required" \ 3215 "$P_SRV dtls=1 auth_mode=required" \ 3216 "$P_CLI dtls=1" \ 3217 0 \ 3218 -s "Verifying peer X.509 certificate... ok" 3219 3220run_test "DTLS client auth: optional, client has no cert" \ 3221 "$P_SRV dtls=1 auth_mode=optional" \ 3222 "$P_CLI dtls=1 crt_file=none key_file=none" \ 3223 0 \ 3224 -s "! Certificate was missing" 3225 3226run_test "DTLS client auth: none, client has no cert" \ 3227 "$P_SRV dtls=1 auth_mode=none" \ 3228 "$P_CLI dtls=1 crt_file=none key_file=none debug_level=2" \ 3229 0 \ 3230 -c "skip write certificate$" \ 3231 -s "! Certificate verification was skipped" 3232 3233run_test "DTLS wrong PSK: badmac alert" \ 3234 "$P_SRV dtls=1 psk=abc123 force_ciphersuite=TLS-PSK-WITH-AES-128-GCM-SHA256" \ 3235 "$P_CLI dtls=1 psk=abc124" \ 3236 1 \ 3237 -s "SSL - Verification of the message MAC failed" \ 3238 -c "SSL - A fatal alert message was received from our peer" 3239 3240# Tests for receiving fragmented handshake messages with DTLS 3241 3242requires_gnutls 3243run_test "DTLS reassembly: no fragmentation (gnutls server)" \ 3244 "$G_SRV -u --mtu 2048 -a" \ 3245 "$P_CLI dtls=1 debug_level=2" \ 3246 0 \ 3247 -C "found fragmented DTLS handshake message" \ 3248 -C "error" 3249 3250requires_gnutls 3251run_test "DTLS reassembly: some fragmentation (gnutls server)" \ 3252 "$G_SRV -u --mtu 512" \ 3253 "$P_CLI dtls=1 debug_level=2" \ 3254 0 \ 3255 -c "found fragmented DTLS handshake message" \ 3256 -C "error" 3257 3258requires_gnutls 3259run_test "DTLS reassembly: more fragmentation (gnutls server)" \ 3260 "$G_SRV -u --mtu 128" \ 3261 "$P_CLI dtls=1 debug_level=2" \ 3262 0 \ 3263 -c "found fragmented DTLS handshake message" \ 3264 -C "error" 3265 3266requires_gnutls 3267run_test "DTLS reassembly: more fragmentation, nbio (gnutls server)" \ 3268 "$G_SRV -u --mtu 128" \ 3269 "$P_CLI dtls=1 nbio=2 debug_level=2" \ 3270 0 \ 3271 -c "found fragmented DTLS handshake message" \ 3272 -C "error" 3273 3274requires_gnutls 3275run_test "DTLS reassembly: fragmentation, renego (gnutls server)" \ 3276 "$G_SRV -u --mtu 256" \ 3277 "$P_CLI debug_level=3 dtls=1 renegotiation=1 renegotiate=1" \ 3278 0 \ 3279 -c "found fragmented DTLS handshake message" \ 3280 -c "client hello, adding renegotiation extension" \ 3281 -c "found renegotiation extension" \ 3282 -c "=> renegotiate" \ 3283 -C "mbedtls_ssl_handshake returned" \ 3284 -C "error" \ 3285 -s "Extra-header:" 3286 3287requires_gnutls 3288run_test "DTLS reassembly: fragmentation, nbio, renego (gnutls server)" \ 3289 "$G_SRV -u --mtu 256" \ 3290 "$P_CLI debug_level=3 nbio=2 dtls=1 renegotiation=1 renegotiate=1" \ 3291 0 \ 3292 -c "found fragmented DTLS handshake message" \ 3293 -c "client hello, adding renegotiation extension" \ 3294 -c "found renegotiation extension" \ 3295 -c "=> renegotiate" \ 3296 -C "mbedtls_ssl_handshake returned" \ 3297 -C "error" \ 3298 -s "Extra-header:" 3299 3300run_test "DTLS reassembly: no fragmentation (openssl server)" \ 3301 "$O_SRV -dtls1 -mtu 2048" \ 3302 "$P_CLI dtls=1 debug_level=2" \ 3303 0 \ 3304 -C "found fragmented DTLS handshake message" \ 3305 -C "error" 3306 3307run_test "DTLS reassembly: some fragmentation (openssl server)" \ 3308 "$O_SRV -dtls1 -mtu 768" \ 3309 "$P_CLI dtls=1 debug_level=2" \ 3310 0 \ 3311 -c "found fragmented DTLS handshake message" \ 3312 -C "error" 3313 3314run_test "DTLS reassembly: more fragmentation (openssl server)" \ 3315 "$O_SRV -dtls1 -mtu 256" \ 3316 "$P_CLI dtls=1 debug_level=2" \ 3317 0 \ 3318 -c "found fragmented DTLS handshake message" \ 3319 -C "error" 3320 3321run_test "DTLS reassembly: fragmentation, nbio (openssl server)" \ 3322 "$O_SRV -dtls1 -mtu 256" \ 3323 "$P_CLI dtls=1 nbio=2 debug_level=2" \ 3324 0 \ 3325 -c "found fragmented DTLS handshake message" \ 3326 -C "error" 3327 3328# Tests for specific things with "unreliable" UDP connection 3329 3330not_with_valgrind # spurious resend due to timeout 3331run_test "DTLS proxy: reference" \ 3332 -p "$P_PXY" \ 3333 "$P_SRV dtls=1 debug_level=2" \ 3334 "$P_CLI dtls=1 debug_level=2" \ 3335 0 \ 3336 -C "replayed record" \ 3337 -S "replayed record" \ 3338 -C "record from another epoch" \ 3339 -S "record from another epoch" \ 3340 -C "discarding invalid record" \ 3341 -S "discarding invalid record" \ 3342 -S "resend" \ 3343 -s "Extra-header:" \ 3344 -c "HTTP/1.0 200 OK" 3345 3346not_with_valgrind # spurious resend due to timeout 3347run_test "DTLS proxy: duplicate every packet" \ 3348 -p "$P_PXY duplicate=1" \ 3349 "$P_SRV dtls=1 debug_level=2" \ 3350 "$P_CLI dtls=1 debug_level=2" \ 3351 0 \ 3352 -c "replayed record" \ 3353 -s "replayed record" \ 3354 -c "discarding invalid record" \ 3355 -s "discarding invalid record" \ 3356 -S "resend" \ 3357 -s "Extra-header:" \ 3358 -c "HTTP/1.0 200 OK" 3359 3360run_test "DTLS proxy: duplicate every packet, server anti-replay off" \ 3361 -p "$P_PXY duplicate=1" \ 3362 "$P_SRV dtls=1 debug_level=2 anti_replay=0" \ 3363 "$P_CLI dtls=1 debug_level=2" \ 3364 0 \ 3365 -c "replayed record" \ 3366 -S "replayed record" \ 3367 -c "discarding invalid record" \ 3368 -s "discarding invalid record" \ 3369 -c "resend" \ 3370 -s "resend" \ 3371 -s "Extra-header:" \ 3372 -c "HTTP/1.0 200 OK" 3373 3374run_test "DTLS proxy: inject invalid AD record, default badmac_limit" \ 3375 -p "$P_PXY bad_ad=1" \ 3376 "$P_SRV dtls=1 debug_level=1" \ 3377 "$P_CLI dtls=1 debug_level=1 read_timeout=100" \ 3378 0 \ 3379 -c "discarding invalid record (mac)" \ 3380 -s "discarding invalid record (mac)" \ 3381 -s "Extra-header:" \ 3382 -c "HTTP/1.0 200 OK" \ 3383 -S "too many records with bad MAC" \ 3384 -S "Verification of the message MAC failed" 3385 3386run_test "DTLS proxy: inject invalid AD record, badmac_limit 1" \ 3387 -p "$P_PXY bad_ad=1" \ 3388 "$P_SRV dtls=1 debug_level=1 badmac_limit=1" \ 3389 "$P_CLI dtls=1 debug_level=1 read_timeout=100" \ 3390 1 \ 3391 -C "discarding invalid record (mac)" \ 3392 -S "discarding invalid record (mac)" \ 3393 -S "Extra-header:" \ 3394 -C "HTTP/1.0 200 OK" \ 3395 -s "too many records with bad MAC" \ 3396 -s "Verification of the message MAC failed" 3397 3398run_test "DTLS proxy: inject invalid AD record, badmac_limit 2" \ 3399 -p "$P_PXY bad_ad=1" \ 3400 "$P_SRV dtls=1 debug_level=1 badmac_limit=2" \ 3401 "$P_CLI dtls=1 debug_level=1 read_timeout=100" \ 3402 0 \ 3403 -c "discarding invalid record (mac)" \ 3404 -s "discarding invalid record (mac)" \ 3405 -s "Extra-header:" \ 3406 -c "HTTP/1.0 200 OK" \ 3407 -S "too many records with bad MAC" \ 3408 -S "Verification of the message MAC failed" 3409 3410run_test "DTLS proxy: inject invalid AD record, badmac_limit 2, exchanges 2"\ 3411 -p "$P_PXY bad_ad=1" \ 3412 "$P_SRV dtls=1 debug_level=1 badmac_limit=2 exchanges=2" \ 3413 "$P_CLI dtls=1 debug_level=1 read_timeout=100 exchanges=2" \ 3414 1 \ 3415 -c "discarding invalid record (mac)" \ 3416 -s "discarding invalid record (mac)" \ 3417 -s "Extra-header:" \ 3418 -c "HTTP/1.0 200 OK" \ 3419 -s "too many records with bad MAC" \ 3420 -s "Verification of the message MAC failed" 3421 3422run_test "DTLS proxy: delay ChangeCipherSpec" \ 3423 -p "$P_PXY delay_ccs=1" \ 3424 "$P_SRV dtls=1 debug_level=1" \ 3425 "$P_CLI dtls=1 debug_level=1" \ 3426 0 \ 3427 -c "record from another epoch" \ 3428 -s "record from another epoch" \ 3429 -c "discarding invalid record" \ 3430 -s "discarding invalid record" \ 3431 -s "Extra-header:" \ 3432 -c "HTTP/1.0 200 OK" 3433 3434# Tests for "randomly unreliable connection": try a variety of flows and peers 3435 3436client_needs_more_time 2 3437run_test "DTLS proxy: 3d (drop, delay, duplicate), \"short\" PSK handshake" \ 3438 -p "$P_PXY drop=5 delay=5 duplicate=5" \ 3439 "$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none \ 3440 psk=abc123" \ 3441 "$P_CLI dtls=1 hs_timeout=250-10000 tickets=0 psk=abc123 \ 3442 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \ 3443 0 \ 3444 -s "Extra-header:" \ 3445 -c "HTTP/1.0 200 OK" 3446 3447client_needs_more_time 2 3448run_test "DTLS proxy: 3d, \"short\" RSA handshake" \ 3449 -p "$P_PXY drop=5 delay=5 duplicate=5" \ 3450 "$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none" \ 3451 "$P_CLI dtls=1 hs_timeout=250-10000 tickets=0 \ 3452 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ 3453 0 \ 3454 -s "Extra-header:" \ 3455 -c "HTTP/1.0 200 OK" 3456 3457client_needs_more_time 2 3458run_test "DTLS proxy: 3d, \"short\" (no ticket, no cli_auth) FS handshake" \ 3459 -p "$P_PXY drop=5 delay=5 duplicate=5" \ 3460 "$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none" \ 3461 "$P_CLI dtls=1 hs_timeout=250-10000 tickets=0" \ 3462 0 \ 3463 -s "Extra-header:" \ 3464 -c "HTTP/1.0 200 OK" 3465 3466client_needs_more_time 2 3467run_test "DTLS proxy: 3d, FS, client auth" \ 3468 -p "$P_PXY drop=5 delay=5 duplicate=5" \ 3469 "$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=required" \ 3470 "$P_CLI dtls=1 hs_timeout=250-10000 tickets=0" \ 3471 0 \ 3472 -s "Extra-header:" \ 3473 -c "HTTP/1.0 200 OK" 3474 3475client_needs_more_time 2 3476run_test "DTLS proxy: 3d, FS, ticket" \ 3477 -p "$P_PXY drop=5 delay=5 duplicate=5" \ 3478 "$P_SRV dtls=1 hs_timeout=250-10000 tickets=1 auth_mode=none" \ 3479 "$P_CLI dtls=1 hs_timeout=250-10000 tickets=1" \ 3480 0 \ 3481 -s "Extra-header:" \ 3482 -c "HTTP/1.0 200 OK" 3483 3484client_needs_more_time 2 3485run_test "DTLS proxy: 3d, max handshake (FS, ticket + client auth)" \ 3486 -p "$P_PXY drop=5 delay=5 duplicate=5" \ 3487 "$P_SRV dtls=1 hs_timeout=250-10000 tickets=1 auth_mode=required" \ 3488 "$P_CLI dtls=1 hs_timeout=250-10000 tickets=1" \ 3489 0 \ 3490 -s "Extra-header:" \ 3491 -c "HTTP/1.0 200 OK" 3492 3493client_needs_more_time 2 3494run_test "DTLS proxy: 3d, max handshake, nbio" \ 3495 -p "$P_PXY drop=5 delay=5 duplicate=5" \ 3496 "$P_SRV dtls=1 hs_timeout=250-10000 nbio=2 tickets=1 \ 3497 auth_mode=required" \ 3498 "$P_CLI dtls=1 hs_timeout=250-10000 nbio=2 tickets=1" \ 3499 0 \ 3500 -s "Extra-header:" \ 3501 -c "HTTP/1.0 200 OK" 3502 3503client_needs_more_time 4 3504run_test "DTLS proxy: 3d, min handshake, resumption" \ 3505 -p "$P_PXY drop=5 delay=5 duplicate=5" \ 3506 "$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none \ 3507 psk=abc123 debug_level=3" \ 3508 "$P_CLI dtls=1 hs_timeout=250-10000 tickets=0 psk=abc123 \ 3509 debug_level=3 reconnect=1 read_timeout=1000 max_resend=10 \ 3510 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \ 3511 0 \ 3512 -s "a session has been resumed" \ 3513 -c "a session has been resumed" \ 3514 -s "Extra-header:" \ 3515 -c "HTTP/1.0 200 OK" 3516 3517client_needs_more_time 4 3518run_test "DTLS proxy: 3d, min handshake, resumption, nbio" \ 3519 -p "$P_PXY drop=5 delay=5 duplicate=5" \ 3520 "$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none \ 3521 psk=abc123 debug_level=3 nbio=2" \ 3522 "$P_CLI dtls=1 hs_timeout=250-10000 tickets=0 psk=abc123 \ 3523 debug_level=3 reconnect=1 read_timeout=1000 max_resend=10 \ 3524 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8 nbio=2" \ 3525 0 \ 3526 -s "a session has been resumed" \ 3527 -c "a session has been resumed" \ 3528 -s "Extra-header:" \ 3529 -c "HTTP/1.0 200 OK" 3530 3531client_needs_more_time 4 3532run_test "DTLS proxy: 3d, min handshake, client-initiated renego" \ 3533 -p "$P_PXY drop=5 delay=5 duplicate=5" \ 3534 "$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none \ 3535 psk=abc123 renegotiation=1 debug_level=2" \ 3536 "$P_CLI dtls=1 hs_timeout=250-10000 tickets=0 psk=abc123 \ 3537 renegotiate=1 debug_level=2 \ 3538 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \ 3539 0 \ 3540 -c "=> renegotiate" \ 3541 -s "=> renegotiate" \ 3542 -s "Extra-header:" \ 3543 -c "HTTP/1.0 200 OK" 3544 3545client_needs_more_time 4 3546run_test "DTLS proxy: 3d, min handshake, client-initiated renego, nbio" \ 3547 -p "$P_PXY drop=5 delay=5 duplicate=5" \ 3548 "$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none \ 3549 psk=abc123 renegotiation=1 debug_level=2" \ 3550 "$P_CLI dtls=1 hs_timeout=250-10000 tickets=0 psk=abc123 \ 3551 renegotiate=1 debug_level=2 \ 3552 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \ 3553 0 \ 3554 -c "=> renegotiate" \ 3555 -s "=> renegotiate" \ 3556 -s "Extra-header:" \ 3557 -c "HTTP/1.0 200 OK" 3558 3559client_needs_more_time 4 3560run_test "DTLS proxy: 3d, min handshake, server-initiated renego" \ 3561 -p "$P_PXY drop=5 delay=5 duplicate=5" \ 3562 "$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none \ 3563 psk=abc123 renegotiate=1 renegotiation=1 exchanges=4 \ 3564 debug_level=2" \ 3565 "$P_CLI dtls=1 hs_timeout=250-10000 tickets=0 psk=abc123 \ 3566 renegotiation=1 exchanges=4 debug_level=2 \ 3567 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \ 3568 0 \ 3569 -c "=> renegotiate" \ 3570 -s "=> renegotiate" \ 3571 -s "Extra-header:" \ 3572 -c "HTTP/1.0 200 OK" 3573 3574client_needs_more_time 4 3575run_test "DTLS proxy: 3d, min handshake, server-initiated renego, nbio" \ 3576 -p "$P_PXY drop=5 delay=5 duplicate=5" \ 3577 "$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none \ 3578 psk=abc123 renegotiate=1 renegotiation=1 exchanges=4 \ 3579 debug_level=2 nbio=2" \ 3580 "$P_CLI dtls=1 hs_timeout=250-10000 tickets=0 psk=abc123 \ 3581 renegotiation=1 exchanges=4 debug_level=2 nbio=2 \ 3582 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \ 3583 0 \ 3584 -c "=> renegotiate" \ 3585 -s "=> renegotiate" \ 3586 -s "Extra-header:" \ 3587 -c "HTTP/1.0 200 OK" 3588 3589client_needs_more_time 6 3590not_with_valgrind # risk of non-mbedtls peer timing out 3591run_test "DTLS proxy: 3d, openssl server" \ 3592 -p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \ 3593 "$O_SRV -dtls1 -mtu 2048" \ 3594 "$P_CLI dtls=1 hs_timeout=250-60000 tickets=0" \ 3595 0 \ 3596 -c "HTTP/1.0 200 OK" 3597 3598client_needs_more_time 8 3599not_with_valgrind # risk of non-mbedtls peer timing out 3600run_test "DTLS proxy: 3d, openssl server, fragmentation" \ 3601 -p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \ 3602 "$O_SRV -dtls1 -mtu 768" \ 3603 "$P_CLI dtls=1 hs_timeout=250-60000 tickets=0" \ 3604 0 \ 3605 -c "HTTP/1.0 200 OK" 3606 3607client_needs_more_time 8 3608not_with_valgrind # risk of non-mbedtls peer timing out 3609run_test "DTLS proxy: 3d, openssl server, fragmentation, nbio" \ 3610 -p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \ 3611 "$O_SRV -dtls1 -mtu 768" \ 3612 "$P_CLI dtls=1 hs_timeout=250-60000 nbio=2 tickets=0" \ 3613 0 \ 3614 -c "HTTP/1.0 200 OK" 3615 3616requires_gnutls 3617client_needs_more_time 6 3618not_with_valgrind # risk of non-mbedtls peer timing out 3619run_test "DTLS proxy: 3d, gnutls server" \ 3620 -p "$P_PXY drop=5 delay=5 duplicate=5" \ 3621 "$G_SRV -u --mtu 2048 -a" \ 3622 "$P_CLI dtls=1 hs_timeout=250-60000" \ 3623 0 \ 3624 -s "Extra-header:" \ 3625 -c "Extra-header:" 3626 3627requires_gnutls 3628client_needs_more_time 8 3629not_with_valgrind # risk of non-mbedtls peer timing out 3630run_test "DTLS proxy: 3d, gnutls server, fragmentation" \ 3631 -p "$P_PXY drop=5 delay=5 duplicate=5" \ 3632 "$G_SRV -u --mtu 512" \ 3633 "$P_CLI dtls=1 hs_timeout=250-60000" \ 3634 0 \ 3635 -s "Extra-header:" \ 3636 -c "Extra-header:" 3637 3638requires_gnutls 3639client_needs_more_time 8 3640not_with_valgrind # risk of non-mbedtls peer timing out 3641run_test "DTLS proxy: 3d, gnutls server, fragmentation, nbio" \ 3642 -p "$P_PXY drop=5 delay=5 duplicate=5" \ 3643 "$G_SRV -u --mtu 512" \ 3644 "$P_CLI dtls=1 hs_timeout=250-60000 nbio=2" \ 3645 0 \ 3646 -s "Extra-header:" \ 3647 -c "Extra-header:" 3648 3649# Final report 3650 3651echo "------------------------------------------------------------------------" 3652 3653if [ $FAILS = 0 ]; then 3654 printf "PASSED" 3655else 3656 printf "FAILED" 3657fi 3658PASSES=$(( $TESTS - $FAILS )) 3659echo " ($PASSES / $TESTS tests ($SKIPS skipped))" 3660 3661exit $FAILS 3662
