1 files changed, 94 insertions, 7 deletions

diff --git a/test/recipes/70-test_renegotiation.t b/test/recipes/70-test_renegotiation.t
index 37fbfd5854..445d447dc9 100644
--- a/test/recipes/70-test_renegotiation.t
+++ b/test/recipes/70-test_renegotiation.t
@@ -7,6 +7,7 @@
 # https://www.openssl.org/source/license.html
 
 use strict;
+use List::Util 'first';
 use OpenSSL::Test qw/:DEFAULT cmdstr srctop_file bldtop_dir/;
 use OpenSSL::Test::Utils;
 use TLSProxy::Proxy;
@@ -26,7 +27,7 @@ plan skip_all => "$test_name needs the sock feature enabled"
 plan skip_all => "$test_name needs TLS <= 1.2 enabled"
     if alldisabled(("ssl3", "tls1", "tls1_1", "tls1_2"));
 
-plan tests => 5;
+plan tests => 9;
 
 my $proxy = TLSProxy::Proxy->new(
     undef,
@@ -42,9 +43,10 @@ $proxy->reneg(1);
 $proxy->start() or plan skip_all => "Unable to start up Proxy for tests";
 ok(TLSProxy::Message->success(), "Basic renegotiation");
 
-#Test 2: Client does not send the Reneg SCSV. Reneg should fail
+#Test 2: Seclevel 0 client does not send the Reneg SCSV. Reneg should fail
 $proxy->clear();
-$proxy->filter(\&reneg_filter);
+$proxy->filter(\&reneg_scsv_filter);
+$proxy->cipherc("DEFAULT:\@SECLEVEL=0");
 $proxy->clientflags("-no_tls1_3");
 $proxy->serverflags("-client_renegotiation");
 $proxy->reneg(1);
@@ -52,9 +54,24 @@ $proxy->start();
 ok(TLSProxy::Message->fail(), "No client SCSV");
 
 SKIP: {
+    skip "TLSv1.2 disabled", 1
+        if disabled("tls1_2");
+
+    #Test 3: TLS 1.2 client does not send the Reneg extension. Reneg should fail
+
+    $proxy->clear();
+    $proxy->filter(\&reneg_ext_filter);
+    $proxy->clientflags("-no_tls1_3");
+    $proxy->serverflags("-client_renegotiation");
+    $proxy->reneg(1);
+    $proxy->start();
+    ok(TLSProxy::Message->fail(), "No client extension");
+}
+
+SKIP: {
     skip "TLSv1.2 or TLSv1.1 disabled", 1
         if disabled("tls1_2") || disabled("tls1_1");
-    #Test 3: Check that the ClientHello version remains the same in the reneg
+    #Test 4: Check that the ClientHello version remains the same in the reneg
     #        handshake
     $proxy->clear();
     $proxy->filter(undef);
@@ -84,7 +101,7 @@ SKIP: {
     skip "TLSv1.2 disabled", 1
         if disabled("tls1_2");
 
-    #Test 4: Test for CVE-2021-3449. client_sig_algs instead of sig_algs in
+    #Test 5: Test for CVE-2021-3449. client_sig_algs instead of sig_algs in
     #        resumption ClientHello
     $proxy->clear();
     $proxy->filter(\&sigalgs_filter);
@@ -98,7 +115,7 @@ SKIP: {
 SKIP: {
     skip "TLSv1.2 and TLSv1.1 disabled", 1
         if disabled("tls1_2") && disabled("tls1_1");
-    #Test 5: Client fails to do renegotiation
+    #Test 6: Client fails to do renegotiation
     $proxy->clear();
     $proxy->filter(undef);
     $proxy->serverflags("-no_tls1_3");
@@ -109,7 +126,60 @@ SKIP: {
         "Check client renegotiation failed");
 }
 
-sub reneg_filter
+SKIP: {
+    skip "TLSv1 disabled", 1
+        if disabled("tls1");
+
+    #Test 7: Check that SECLEVEL 0 sends SCSV not RI extension
+    $proxy->clear();
+    $proxy->filter(undef);
+    $proxy->cipherc("DEFAULT:\@SECLEVEL=0");
+    $proxy->start();
+
+    my $clientHello = first { $_->mt == TLSProxy::Message::MT_CLIENT_HELLO } @{$proxy->message_list};
+    my $has_scsv = 255 ~~ @{$clientHello->ciphersuites};
+    my $has_ri_extension = exists $clientHello->extension_data()->{TLSProxy::Message::EXT_RENEGOTIATE};
+
+    ok($has_scsv && !$has_ri_extension, "SECLEVEL=0 should use SCSV not RI extension by default");
+}
+
+SKIP: {
+    skip "TLSv1.2 disabled", 1
+        if disabled("tls1_2");
+
+    #Test 8: Check that SECLEVEL0 + TLS 1.2 sends RI extension not SCSV
+    $proxy->clear();
+    $proxy->filter(undef);
+    $proxy->cipherc("DEFAULT:\@SECLEVEL=0");
+    $proxy->clientflags("-tls1_2");
+    $proxy->start();
+
+    my $clientHello = first { $_->mt == TLSProxy::Message::MT_CLIENT_HELLO } @{$proxy->message_list};
+    my $has_scsv = 255 ~~ @{$clientHello->ciphersuites};
+    my $has_ri_extension = exists $clientHello->extension_data()->{TLSProxy::Message::EXT_RENEGOTIATE};
+
+    ok(!$has_scsv && $has_ri_extension, "TLS1.2 should use RI extension despite SECLEVEL=0");
+}
+
+
+SKIP: {
+    skip "TLSv1.3 disabled", 1
+        if disabled("tls1_3");
+
+    #Test 9: Check that TLS 1.3 sends neither RI extension nor SCSV
+    $proxy->clear();
+    $proxy->filter(undef);
+    $proxy->clientflags("-tls1_3");
+    $proxy->start();
+
+    my $clientHello = first { $_->mt == TLSProxy::Message::MT_CLIENT_HELLO } @{$proxy->message_list};
+    my $has_scsv = 255 ~~ @{$clientHello->ciphersuites};
+    my $has_ri_extension = exists $clientHello->extension_data()->{TLSProxy::Message::EXT_RENEGOTIATE};
+
+    ok(!$has_scsv && !$has_ri_extension, "TLS1.3 should not use RI extension or SCSV");
+}
+
+sub reneg_scsv_filter
 {
     my $proxy = shift;
 
@@ -129,6 +199,23 @@ sub reneg_filter
     }
 }
 
+sub reneg_ext_filter
+{
+    my $proxy = shift;
+
+    # We're only interested in the initial ClientHello message
+    if ($proxy->flight != 0) {
+        return;
+    }
+
+    foreach my $message (@{$proxy->message_list}) {
+        if ($message->mt == TLSProxy::Message::MT_CLIENT_HELLO) {
+            $message->delete_extension(TLSProxy::Message::EXT_RENEGOTIATE);
+            $message->repack();
+        }
+    }
+}
+
 sub sigalgs_filter
 {
     my $proxy = shift;