diff options
| author | Matt Caswell <matt@openssl.org> | 2017-12-05 10:14:35 +0000 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2017-12-14 15:06:37 +0000 |
| commit | 597c51bc980ba6d7470dd8de747ac12a6c7a442b (patch) | |
| tree | bfaa1fb62ac77032ed159170cf5df7ab7a31b717 /test | |
| parent | db37d32cb89160328b0ba48e3808f601a7b3ebe8 (diff) | |
Merge HRR into ServerHello
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4701)
Diffstat (limited to 'test')
| -rw-r--r-- | test/recipes/70-test_key_share.t | 14 | ||||
| -rw-r--r-- | test/recipes/70-test_sslrecords.t | 3 | ||||
| -rw-r--r-- | test/recipes/70-test_tls13cookie.t | 2 | ||||
| -rw-r--r-- | test/recipes/70-test_tls13kexmodes.t | 4 | ||||
| -rw-r--r-- | test/recipes/70-test_tls13messages.t | 6 |
5 files changed, 16 insertions, 13 deletions
diff --git a/test/recipes/70-test_key_share.t b/test/recipes/70-test_key_share.t index ae0a2b0c29..e2cdf0972f 100644 --- a/test/recipes/70-test_key_share.t +++ b/test/recipes/70-test_key_share.t @@ -223,6 +223,7 @@ ok(TLSProxy::Message->success(), "Ignore key_share for TLS<=1.2 server"); #Test 22: The server sending an HRR but not requesting a new key_share should # fail $proxy->clear(); +$direction = SERVER_TO_CLIENT; $testtype = NO_KEY_SHARES_IN_HRR; $proxy->serverflags("-curves X25519"); $proxy->start(); @@ -341,6 +342,12 @@ sub modify_key_shares_filter if ($testtype == LOOK_ONLY) { return; } + if ($testtype == NO_KEY_SHARES_IN_HRR) { + $message->delete_extension(TLSProxy::Message::EXT_KEY_SHARE); + $message->set_extension(TLSProxy::Message::EXT_UNKNOWN, ""); + $message->repack(); + return; + } if ($testtype == SELECT_X25519) { $ext = pack "C4H64", 0x00, 0x1d, #x25519 @@ -370,12 +377,7 @@ sub modify_key_shares_filter $message->set_extension(TLSProxy::Message::EXT_KEY_SHARE, $ext); $message->repack(); - } elsif ($message->mt == TLSProxy::Message::MT_HELLO_RETRY_REQUEST - && $testtype == NO_KEY_SHARES_IN_HRR) { - $message->delete_extension(TLSProxy::Message::EXT_KEY_SHARE); - $message->set_extension(TLSProxy::Message::EXT_UNKNOWN, ""); - $message->repack(); - } + } } } diff --git a/test/recipes/70-test_sslrecords.t b/test/recipes/70-test_sslrecords.t index ef4679261d..94dd11eef2 100644 --- a/test/recipes/70-test_sslrecords.t +++ b/test/recipes/70-test_sslrecords.t @@ -485,7 +485,8 @@ sub change_outer_record_type for ($i = 0; ${$proxy->record_list}[$i]->flight() < 1; $i++) { next; } - $i++; + #Skip CCS and ServerHello + $i += 2; ${$proxy->record_list}[$i]->outer_content_type(TLSProxy::Record::RT_HANDSHAKE); } diff --git a/test/recipes/70-test_tls13cookie.t b/test/recipes/70-test_tls13cookie.t index 3d3a10fcbf..289e589897 100644 --- a/test/recipes/70-test_tls13cookie.t +++ b/test/recipes/70-test_tls13cookie.t @@ -74,7 +74,7 @@ sub cookie_filter 0x04, 0x05; foreach my $message (@{$proxy->message_list}) { - if ($message->mt == TLSProxy::Message::MT_HELLO_RETRY_REQUEST + if ($message->mt == TLSProxy::Message::MT_SERVER_HELLO && ${$message->records}[0]->flight == 1) { $message->delete_extension(TLSProxy::Message::EXT_KEY_SHARE) if ($testtype == COOKIE_ONLY); diff --git a/test/recipes/70-test_tls13kexmodes.t b/test/recipes/70-test_tls13kexmodes.t index dcc51aecdd..908ca4a21d 100644 --- a/test/recipes/70-test_tls13kexmodes.t +++ b/test/recipes/70-test_tls13kexmodes.t @@ -35,7 +35,7 @@ $ENV{CTLOG_FILE} = srctop_file("test", "ct", "log_list.conf"); @handmessages = ( [TLSProxy::Message::MT_CLIENT_HELLO, checkhandshake::ALL_HANDSHAKES], - [TLSProxy::Message::MT_HELLO_RETRY_REQUEST, + [TLSProxy::Message::MT_SERVER_HELLO, checkhandshake::HRR_HANDSHAKE | checkhandshake::HRR_RESUME_HANDSHAKE], [TLSProxy::Message::MT_CLIENT_HELLO, checkhandshake::HRR_HANDSHAKE | checkhandshake::HRR_RESUME_HANDSHAKE], @@ -90,7 +90,7 @@ $ENV{CTLOG_FILE} = srctop_file("test", "ct", "log_list.conf"); [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_PSK, checkhandshake::PSK_CLI_EXTENSION], - [TLSProxy::Message::MT_HELLO_RETRY_REQUEST, TLSProxy::Message::EXT_KEY_SHARE, + [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_KEY_SHARE, checkhandshake::KEY_SHARE_HRR_EXTENSION], [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SERVER_NAME, diff --git a/test/recipes/70-test_tls13messages.t b/test/recipes/70-test_tls13messages.t index 9319e8492d..4b0552c5ca 100644 --- a/test/recipes/70-test_tls13messages.t +++ b/test/recipes/70-test_tls13messages.t @@ -35,7 +35,7 @@ $ENV{CTLOG_FILE} = srctop_file("test", "ct", "log_list.conf"); @handmessages = ( [TLSProxy::Message::MT_CLIENT_HELLO, checkhandshake::ALL_HANDSHAKES], - [TLSProxy::Message::MT_HELLO_RETRY_REQUEST, + [TLSProxy::Message::MT_SERVER_HELLO, checkhandshake::HRR_HANDSHAKE | checkhandshake::HRR_RESUME_HANDSHAKE], [TLSProxy::Message::MT_CLIENT_HELLO, checkhandshake::HRR_HANDSHAKE | checkhandshake::HRR_RESUME_HANDSHAKE], @@ -90,7 +90,7 @@ $ENV{CTLOG_FILE} = srctop_file("test", "ct", "log_list.conf"); [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_PSK, checkhandshake::PSK_CLI_EXTENSION], - [TLSProxy::Message::MT_HELLO_RETRY_REQUEST, TLSProxy::Message::EXT_KEY_SHARE, + [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_KEY_SHARE, checkhandshake::KEY_SHARE_HRR_EXTENSION], [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SERVER_NAME, @@ -324,6 +324,6 @@ $proxy->start(); checkhandshake($proxy, checkhandshake::DEFAULT_HANDSHAKE, checkhandshake::DEFAULT_EXTENSIONS | checkhandshake::SUPPORTED_GROUPS_SRV_EXTENSION, - "Default handshake test"); + "Acceptable but non preferred key_share"); unlink $session; |