From 439db0c97bd50cae008e876c6c8ed5e5011bf6eb Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Wed, 1 Mar 2017 12:11:51 +0000 Subject: Add compression tests Check whether we negotiate compression in various scenarios. Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/2814) --- test/ssl-tests/22-compression.conf | 112 ++++++++++++++++++++++++++++++ test/ssl-tests/22-compression.conf.in | 127 ++++++++++++++++++++++++++++++++++ 2 files changed, 239 insertions(+) create mode 100644 test/ssl-tests/22-compression.conf create mode 100644 test/ssl-tests/22-compression.conf.in (limited to 'test/ssl-tests') diff --git a/test/ssl-tests/22-compression.conf b/test/ssl-tests/22-compression.conf new file mode 100644 index 0000000000..999b008ede --- /dev/null +++ b/test/ssl-tests/22-compression.conf @@ -0,0 +1,112 @@ +# Generated with generate_ssl_tests.pl + +num_tests = 4 + +test-0 = 0-tlsv1_2-both-compress +test-1 = 1-tlsv1_2-client-compress +test-2 = 2-tlsv1_2-server-compress +test-3 = 3-tlsv1_2-neither-compress +# =========================================================== + +[0-tlsv1_2-both-compress] +ssl_conf = 0-tlsv1_2-both-compress-ssl + +[0-tlsv1_2-both-compress-ssl] +server = 0-tlsv1_2-both-compress-server +client = 0-tlsv1_2-both-compress-client + +[0-tlsv1_2-both-compress-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = Compression +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[0-tlsv1_2-both-compress-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +Options = Compression +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-0] +CompressionExpected = Yes +ExpectedResult = Success + + +# =========================================================== + +[1-tlsv1_2-client-compress] +ssl_conf = 1-tlsv1_2-client-compress-ssl + +[1-tlsv1_2-client-compress-ssl] +server = 1-tlsv1_2-client-compress-server +client = 1-tlsv1_2-client-compress-client + +[1-tlsv1_2-client-compress-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[1-tlsv1_2-client-compress-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +Options = Compression +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-1] +CompressionExpected = No +ExpectedResult = Success + + +# =========================================================== + +[2-tlsv1_2-server-compress] +ssl_conf = 2-tlsv1_2-server-compress-ssl + +[2-tlsv1_2-server-compress-ssl] +server = 2-tlsv1_2-server-compress-server +client = 2-tlsv1_2-server-compress-client + +[2-tlsv1_2-server-compress-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = Compression +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[2-tlsv1_2-server-compress-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-2] +CompressionExpected = No +ExpectedResult = Success + + +# =========================================================== + +[3-tlsv1_2-neither-compress] +ssl_conf = 3-tlsv1_2-neither-compress-ssl + +[3-tlsv1_2-neither-compress-ssl] +server = 3-tlsv1_2-neither-compress-server +client = 3-tlsv1_2-neither-compress-client + +[3-tlsv1_2-neither-compress-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[3-tlsv1_2-neither-compress-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-3] +CompressionExpected = No +ExpectedResult = Success + + diff --git a/test/ssl-tests/22-compression.conf.in b/test/ssl-tests/22-compression.conf.in new file mode 100644 index 0000000000..8d4d823345 --- /dev/null +++ b/test/ssl-tests/22-compression.conf.in @@ -0,0 +1,127 @@ +# -*- mode: perl; -*- +# Copyright 2016-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +## Test Compression + +use strict; +use warnings; + +package ssltests; +use OpenSSL::Test::Utils; + +our @tests = (); + +our @tests_tls1_3 = ( + { + name => "tlsv1_3-both-compress", + server => { + "Options" => "Compression" + }, + client => { + "Options" => "Compression" + }, + test => { + "CompressionExpected" => "No", + "ExpectedResult" => "Success" + } + }, + { + name => "tlsv1_3-client-compress", + server => { + }, + client => { + "Options" => "Compression" + }, + test => { + "CompressionExpected" => "No", + "ExpectedResult" => "Success" + } + }, + { + name => "tlsv1_3-server-compress", + server => { + "Options" => "Compression" + }, + client => { + }, + test => { + "CompressionExpected" => "No", + "ExpectedResult" => "Success" + } + }, + { + name => "tlsv1_3-neither-compress", + server => { + }, + client => { + }, + test => { + "CompressionExpected" => "No", + "ExpectedResult" => "Success" + } + }, +); +our @tests_tls1_2 = ( + { + name => "tlsv1_2-both-compress", + server => { + "Options" => "Compression" + }, + client => { + "Options" => "Compression", + "MaxProtocol" => "TLSv1.2" + }, + test => { + "CompressionExpected" => "Yes", + "ExpectedResult" => "Success" + } + }, + { + name => "tlsv1_2-client-compress", + server => { + }, + client => { + "Options" => "Compression", + "MaxProtocol" => "TLSv1.2" + }, + test => { + "CompressionExpected" => "No", + "ExpectedResult" => "Success" + } + }, + { + name => "tlsv1_2-server-compress", + server => { + "Options" => "Compression" + }, + client => { + "MaxProtocol" => "TLSv1.2" + }, + test => { + "CompressionExpected" => "No", + "ExpectedResult" => "Success" + } + }, + { + name => "tlsv1_2-neither-compress", + server => { + }, + client => { + "MaxProtocol" => "TLSv1.2" + }, + test => { + "CompressionExpected" => "No", + "ExpectedResult" => "Success" + } + }, +); + +push @tests, @tests_tls1_3 unless disabled("tls1_3"); +push @tests, @tests_tls1_2 unless alldisabled(("tls1_2", "tls1_1", "tls1", + "ssl3")); -- cgit v1.2.1