diff options
| author | David Benjamin <davidben@google.com> | 2016-08-10 00:45:51 -0400 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2016-09-26 23:10:29 +0100 |
| commit | 8523288e6d667f052bda092e01ab17986782fede (patch) | |
| tree | 08f35fb07ef433d837a67d7ed0f2964d9acc22da /util | |
| parent | fa454945cf2855fed452ff9bdb1876096bc07beb (diff) | |
Test CBC mode padding.
This is a regression test for
https://github.com/openssl/openssl/pull/1431. It tests a
maximally-padded record with each possible invalid offset.
This required fixing a bug in Message.pm where the client sending a
fatal alert followed by close_notify was still treated as success.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Diffstat (limited to 'util')
| -rw-r--r-- | util/TLSProxy/Message.pm | 6 | ||||
| -rw-r--r-- | util/TLSProxy/Proxy.pm | 11 |
2 files changed, 14 insertions, 3 deletions
diff --git a/util/TLSProxy/Message.pm b/util/TLSProxy/Message.pm index 321e080ea3..1810d8c30e 100644 --- a/util/TLSProxy/Message.pm +++ b/util/TLSProxy/Message.pm @@ -199,14 +199,14 @@ sub get_messages print " [".$record->decrypt_data."]\n"; } elsif ($record->content_type == TLSProxy::Record::RT_ALERT) { my ($alertlev, $alertdesc) = unpack('CC', $record->decrypt_data); - #All alerts end the test - $end = 1; #A CloseNotify from the client indicates we have finished successfully #(we assume) - if (!$server && $alertlev == AL_LEVEL_WARN + if (!$end && !$server && $alertlev == AL_LEVEL_WARN && $alertdesc == AL_DESC_CLOSE_NOTIFY) { $success = 1; } + #All alerts end the test + $end = 1; } return @messages; diff --git a/util/TLSProxy/Proxy.pm b/util/TLSProxy/Proxy.pm index e0ce43aa77..eeb83ed74f 100644 --- a/util/TLSProxy/Proxy.pm +++ b/util/TLSProxy/Proxy.pm @@ -493,4 +493,15 @@ sub serverpid } return $self->{serverpid}; } + +sub fill_known_data +{ + my $length = shift; + my $ret = ""; + for (my $i = 0; $i < $length; $i++) { + $ret .= chr($i); + } + return $ret; +} + 1; |