xref: /openssl/test/recipes/70-test_comp.t (revision 39ed0745) 
1#! /usr/bin/env perl
2# Copyright 2017-2021 The OpenSSL Project Authors. All Rights Reserved.
3#
4# Licensed under the Apache License 2.0 (the "License").  You may not use
5# this file except in compliance with the License.  You can obtain a copy
6# in the file LICENSE in the source distribution or at
7# https://www.openssl.org/source/license.html
8
9use strict;
10use OpenSSL::Test qw/:DEFAULT cmdstr srctop_file srctop_dir bldtop_dir/;
11use OpenSSL::Test::Utils;
12use File::Temp qw(tempfile);
13use TLSProxy::Proxy;
14
15my $test_name = "test_comp";
16setup($test_name);
17
18plan skip_all => "TLSProxy isn't usable on $^O"
19    if $^O =~ /^(VMS)$/;
20
21plan skip_all => "$test_name needs the dynamic engine feature enabled"
22    if disabled("engine") || disabled("dynamic-engine");
23
24plan skip_all => "$test_name needs the sock feature enabled"
25    if disabled("sock");
26
27plan skip_all => "$test_name needs TLSv1.3 or TLSv1.2 enabled"
28    if disabled("tls1_3") && disabled("tls1_2");
29
30use constant {
31    MULTIPLE_COMPRESSIONS => 0,
32    NON_NULL_COMPRESSION => 1
33};
34my $testtype;
35
36my $proxy = TLSProxy::Proxy->new(
37    undef,
38    cmdstr(app(["openssl"]), display => 1),
39    srctop_file("apps", "server.pem"),
40    (!$ENV{HARNESS_ACTIVE} || $ENV{HARNESS_VERBOSE})
41);
42
43$proxy->start() or plan skip_all => "Unable to start up Proxy for tests";
44plan tests => 4;
45
46SKIP: {
47    skip "TLSv1.2 disabled", 2 if disabled("tls1_2");
48    #Test 1: Check that sending multiple compression methods in a TLSv1.2
49    #        ClientHello succeeds
50    $proxy->clear();
51    $proxy->filter(\&add_comp_filter);
52    $proxy->clientflags("-no_tls1_3");
53    $testtype = MULTIPLE_COMPRESSIONS;
54    $proxy->start();
55    ok(TLSProxy::Message->success(), "Non null compression");
56
57    #Test 2: NULL compression method must be present in TLSv1.2
58    $proxy->clear();
59    $proxy->clientflags("-no_tls1_3");
60    $testtype = NON_NULL_COMPRESSION;
61    $proxy->start();
62    ok(TLSProxy::Message->fail(), "NULL compression missing");
63}
64
65SKIP: {
66    skip "TLSv1.3 disabled", 2
67        if disabled("tls1_3") || (disabled("ec") && disabled("dh"));
68    #Test 3: Check that sending multiple compression methods in a TLSv1.3
69    #        ClientHello fails
70    $proxy->clear();
71    $proxy->filter(\&add_comp_filter);
72    $testtype = MULTIPLE_COMPRESSIONS;
73    $proxy->start();
74    ok(TLSProxy::Message->fail(), "Non null compression (TLSv1.3)");
75
76    #Test 4: NULL compression method must be present in TLSv1.3
77    $proxy->clear();
78    $testtype = NON_NULL_COMPRESSION;
79    $proxy->start();
80    ok(TLSProxy::Message->fail(), "NULL compression missing (TLSv1.3)");
81}
82
83sub add_comp_filter
84{
85    my $proxy = shift;
86    my $flight;
87    my $message;
88    my @comp;
89
90    # Only look at the ClientHello
91    return if $proxy->flight != 0;
92
93    $message = ${$proxy->message_list}[0];
94
95    return if (!defined $message
96               || $message->mt != TLSProxy::Message::MT_CLIENT_HELLO);
97
98    if ($testtype == MULTIPLE_COMPRESSIONS) {
99        @comp = (
100            0x00, #Null compression method
101            0xff); #Unknown compression
102    } elsif ($testtype == NON_NULL_COMPRESSION) {
103        @comp = (0xff); #Unknown compression
104    }
105    $message->comp_meths(\@comp);
106    $message->comp_meth_len(scalar @comp);
107    $message->repack();
108}
109