xref: /freebsd/crypto/openssl/test/recipes/70-test_comp.t (revision 0fca6ea1d4eea4c934cfff25ac9ee8ad6fe95583) 
1#! /usr/bin/env perl
2# Copyright 2017-2021 The OpenSSL Project Authors. All Rights Reserved.
3#
4# Licensed under the Apache License 2.0 (the "License").  You may not use
5# this file except in compliance with the License.  You can obtain a copy
6# in the file LICENSE in the source distribution or at
7# https://www.openssl.org/source/license.html
8
9use strict;
10use OpenSSL::Test qw/:DEFAULT cmdstr srctop_file srctop_dir bldtop_dir/;
11use OpenSSL::Test::Utils;
12use File::Temp qw(tempfile);
13use TLSProxy::Proxy;
14
15my $test_name = "test_comp";
16setup($test_name);
17
18plan skip_all => "TLSProxy isn't usable on $^O"
19    if $^O =~ /^(VMS)$/;
20
21plan skip_all => "$test_name needs the dynamic engine feature enabled"
22    if disabled("engine") || disabled("dynamic-engine");
23
24plan skip_all => "$test_name needs the sock feature enabled"
25    if disabled("sock");
26
27plan skip_all => "$test_name needs TLSv1.3 or TLSv1.2 enabled"
28    if disabled("tls1_3") && disabled("tls1_2");
29
30$ENV{OPENSSL_ia32cap} = '~0x200000200000000';
31
32use constant {
33    MULTIPLE_COMPRESSIONS => 0,
34    NON_NULL_COMPRESSION => 1
35};
36my $testtype;
37
38my $proxy = TLSProxy::Proxy->new(
39    undef,
40    cmdstr(app(["openssl"]), display => 1),
41    srctop_file("apps", "server.pem"),
42    (!$ENV{HARNESS_ACTIVE} || $ENV{HARNESS_VERBOSE})
43);
44
45$proxy->start() or plan skip_all => "Unable to start up Proxy for tests";
46plan tests => 4;
47
48SKIP: {
49    skip "TLSv1.2 disabled", 2 if disabled("tls1_2");
50    #Test 1: Check that sending multiple compression methods in a TLSv1.2
51    #        ClientHello succeeds
52    $proxy->clear();
53    $proxy->filter(\&add_comp_filter);
54    $proxy->clientflags("-no_tls1_3");
55    $testtype = MULTIPLE_COMPRESSIONS;
56    $proxy->start();
57    ok(TLSProxy::Message->success(), "Non null compression");
58
59    #Test 2: NULL compression method must be present in TLSv1.2
60    $proxy->clear();
61    $proxy->clientflags("-no_tls1_3");
62    $testtype = NON_NULL_COMPRESSION;
63    $proxy->start();
64    ok(TLSProxy::Message->fail(), "NULL compression missing");
65}
66
67SKIP: {
68    skip "TLSv1.3 disabled", 2
69        if disabled("tls1_3") || (disabled("ec") && disabled("dh"));
70    #Test 3: Check that sending multiple compression methods in a TLSv1.3
71    #        ClientHello fails
72    $proxy->clear();
73    $proxy->filter(\&add_comp_filter);
74    $testtype = MULTIPLE_COMPRESSIONS;
75    $proxy->start();
76    ok(TLSProxy::Message->fail(), "Non null compression (TLSv1.3)");
77
78    #Test 4: NULL compression method must be present in TLSv1.3
79    $proxy->clear();
80    $testtype = NON_NULL_COMPRESSION;
81    $proxy->start();
82    ok(TLSProxy::Message->fail(), "NULL compression missing (TLSv1.3)");
83}
84
85sub add_comp_filter
86{
87    my $proxy = shift;
88    my $flight;
89    my $message;
90    my @comp;
91
92    # Only look at the ClientHello
93    return if $proxy->flight != 0;
94
95    $message = ${$proxy->message_list}[0];
96
97    return if (!defined $message
98               || $message->mt != TLSProxy::Message::MT_CLIENT_HELLO);
99
100    if ($testtype == MULTIPLE_COMPRESSIONS) {
101        @comp = (
102            0x00, #Null compression method
103            0xff); #Unknown compression
104    } elsif ($testtype == NON_NULL_COMPRESSION) {
105        @comp = (0xff); #Unknown compression
106    }
107    $message->comp_meths(\@comp);
108    $message->comp_meth_len(scalar @comp);
109    $message->repack();
110}
111