diff options
author | Frederik Wedel-Heinen <frederik.wedel-heinen@dencrypt.dk> | 2024-05-29 11:04:14 +0200 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2024-06-27 15:01:01 +0100 |
commit | feef23e4f18b45ca176bba6809ff82ea818c6be0 (patch) | |
tree | 09310724e66893f0538f93ea2927f30485eddf43 /test/recipes | |
parent | 4b810dea2da6571a4e0f0a6752277729b2355bc7 (diff) |
Run 70-test_tls13alerts.t with dtls
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24525)
Diffstat (limited to 'test/recipes')
-rw-r--r-- | test/recipes/70-test_tls13alerts.t | 71 |
1 files changed, 54 insertions, 17 deletions
diff --git a/test/recipes/70-test_tls13alerts.t b/test/recipes/70-test_tls13alerts.t index 152e6cc130..130ca70e18 100644 --- a/test/recipes/70-test_tls13alerts.t +++ b/test/recipes/70-test_tls13alerts.t @@ -23,23 +23,60 @@ plan skip_all => "$test_name needs the dynamic engine feature enabled" plan skip_all => "$test_name needs the sock feature enabled" if disabled("sock"); -plan skip_all => "$test_name needs TLS1.3 enabled" - if disabled("tls1_3") || (disabled("ec") && disabled("dh")); - -my $proxy = TLSProxy::Proxy->new( - undef, - cmdstr(app(["openssl"]), display => 1), - srctop_file("apps", "server.pem"), - (!$ENV{HARNESS_ACTIVE} || $ENV{HARNESS_VERBOSE}) -); - -#Test 1: We test that a server can handle an unencrypted alert when normally the -# next message is encrypted -$proxy->filter(\&alert_filter); -$proxy->start() or plan skip_all => "Unable to start up Proxy for tests"; -plan tests => 1; -my $alert = TLSProxy::Message->alert(); -ok(TLSProxy::Message->fail() && !$alert->server() && !$alert->encrypted(), "Client sends an unencrypted alert"); +plan skip_all => "$test_name needs elliptic curves and diffie-hellman enabled" + if disabled("ec") && disabled("dh"); + +my $testcount = 1; + +plan tests => 2 * $testcount; + +SKIP: { + skip "TLS 1.3 is disabled", $testcount if disabled("tls1_3"); + # Run tests with TLS + run_tests(0); +} + +SKIP: { + skip "DTLS 1.3 is disabled", $testcount if disabled("dtls1_3"); + skip "DTLSProxy does not support partial messages that are sent when EC is disabled", + $testcount if disabled("ec"); + skip "DTLSProxy does not work on Windows", $testcount if $^O =~ /^(MSWin32)$/; + run_tests(1); +} + +sub run_tests +{ + my $run_test_as_dtls = shift; + my $proxy_start_success = 0; + + my $proxy; + if ($run_test_as_dtls == 1) { + $proxy = TLSProxy::Proxy->new_dtls( + undef, + cmdstr(app([ "openssl" ]), display => 1), + srctop_file("apps", "server.pem"), + (!$ENV{HARNESS_ACTIVE} || $ENV{HARNESS_VERBOSE}) + ); + } + else { + $proxy = TLSProxy::Proxy->new( + undef, + cmdstr(app(["openssl"]), display => 1), + srctop_file("apps", "server.pem"), + (!$ENV{HARNESS_ACTIVE} || $ENV{HARNESS_VERBOSE}) + ); + } + + #Test 1: We test that a server can handle an unencrypted alert when normally the + # next message is encrypted + $proxy->clear(); + $proxy->filter(\&alert_filter); + $proxy_start_success = $proxy->start(); + skip "TLSProxy did not start correctly", $testcount if $proxy_start_success == 0; + + my $alert = TLSProxy::Message->alert(); + ok(TLSProxy::Message->fail() && !$alert->server() && !$alert->encrypted(), "Client sends an unencrypted alert"); +} sub alert_filter { |