diff options
author | Daiki Ueno <dueno@redhat.com> | 2018-10-22 11:12:02 +0200 |
---|---|---|
committer | Daiki Ueno <dueno@redhat.com> | 2018-11-12 13:26:43 +0100 |
commit | 589233239d2c10622b70c38b64a87b6dff2e1641 (patch) | |
tree | b807d77f5db57c090effe3d7e1a1d381af407759 | |
parent | 3d6d94b5d148a34f1ce2fb327eda02a525e439e8 (diff) | |
download | gnutls-589233239d2c10622b70c38b64a87b6dff2e1641.tar.gz |
testcompat-tls13-openssl: exercise early data transmission
Signed-off-by: Daiki Ueno <dueno@redhat.com>
-rwxr-xr-x | tests/suite/testcompat-tls13-openssl.sh | 54 |
1 files changed, 54 insertions, 0 deletions
diff --git a/tests/suite/testcompat-tls13-openssl.sh b/tests/suite/testcompat-tls13-openssl.sh index b28aad5bf0..0ae4d51bac 100755 --- a/tests/suite/testcompat-tls13-openssl.sh +++ b/tests/suite/testcompat-tls13-openssl.sh @@ -232,6 +232,40 @@ run_client_suite() { kill ${PID} wait + # Try resumption with early data + echo_cmd "${PREFIX}Checking TLS 1.3 with resumption with early data..." + testdir=`create_testdir tls13-openssl-resumption` + eval "${GETPORT}" + launch_bare_server $$ s_server -quiet -accept "${PORT}" -keyform pem -certform pem ${OPENSSL_DH_PARAMS_OPT} -key "${RSA_KEY}" -cert "${RSA_CERT}" -CAfile "${CA_CERT}" -early_data + PID=$! + wait_server ${PID} + + echo "This file contains early data sent by the client" > "${testdir}/earlydata.txt" + ${VALGRIND} "${CLI}" ${DEBUG} -p "${PORT}" 127.0.0.1 --priority "NORMAL:-VERS-ALL:+VERS-TLS1.3:+GROUP-ALL${ADD}" --earlydata "${testdir}/earlydata.txt" --insecure --inline-commands <<< '^resume^'| tee "${testdir}/client.out" >> ${OUTPUT} + grep '^\*\*\* This is a resumed session' "${testdir}/client.out" || \ + fail ${PID} "Failed" + + kill ${PID} + wait + + # Try resumption with early data with small limit + echo_cmd "${PREFIX}Checking TLS 1.3 with resumption with early data..." + testdir=`create_testdir tls13-openssl-resumption` + eval "${GETPORT}" + launch_bare_server $$ s_server -quiet -accept "${PORT}" -keyform pem -certform pem ${OPENSSL_DH_PARAMS_OPT} -key "${RSA_KEY}" -cert "${RSA_CERT}" -CAfile "${CA_CERT}" -early_data -max_early_data 1 + PID=$! + wait_server ${PID} + + echo "This file contains early data sent by the client" > "${testdir}/earlydata.txt" + ${VALGRIND} "${CLI}" ${DEBUG} -p "${PORT}" 127.0.0.1 --priority "NORMAL:-VERS-ALL:+VERS-TLS1.3:+GROUP-ALL${ADD}" --earlydata "${testdir}/earlydata.txt" --insecure --inline-commands <<< '^resume^'|& tee "${testdir}/client.out" >> ${OUTPUT} + grep '^\*\*\* This is a resumed session' "${testdir}/client.out" || \ + fail ${PID} "Failed" + grep '^\*\*\* Received alert \[10\]: Unexpected message' "${testdir}/client.out" || \ + fail ${PID} "Failed" + + kill ${PID} + wait + rm -rf "${testdir}" } @@ -478,6 +512,26 @@ _EOF_ kill ${PID} wait + + echo_cmd "${PREFIX}Checking TLS 1.3 with resumption and early data..." + testdir=`create_testdir tls13-openssl-resumption` + eval "${GETPORT}" + launch_server $$ --priority "NORMAL:-VERS-ALL:+VERS-TLS1.3${ADD}" --x509certfile "${RSA_CERT}" --x509keyfile "${RSA_KEY}" --x509cafile "${CA_CERT}" --earlydata >>${OUTPUT} 2>&1 + PID=$! + wait_server ${PID} + + echo "This file contains early data sent by the client" > "${testdir}/earlydata.txt" + { echo a; sleep 1; } | \ + ${OPENSSL_CLI} s_client -host localhost -port "${PORT}" -CAfile "${CA_CERT}" -sess_out "${testdir}/sess-earlydata.pem" 2>&1 | grep "\:error\:" && \ + fail ${PID} "Failed" + ${OPENSSL_CLI} s_client -host localhost -port "${PORT}" -CAfile "${CA_CERT}" -sess_in "${testdir}/sess-earlydata.pem" -early_data "${testdir}/earlydata.txt" </dev/null 2>&1 > "${testdir}/server.out" + grep "\:error\:" "${testdir}/server.out" && \ + fail ${PID} "Failed" + grep "^Reused, TLSv1.3" "${testdir}/server.out" || \ + fail ${PID} "Failed" + + kill ${PID} + wait rm -rf "${testdir}" } |