1#! /usr/bin/env perl
2# Copyright 2024 The OpenSSL Project Authors. All Rights Reserved.
3#
4# Licensed under the Apache License 2.0 (the "License").  You may not use
5# this file except in compliance with the License.  You can obtain a copy
6# in the file LICENSE in the source distribution or at
7# https://www.openssl.org/source/license.html
8
9use strict;
10use warnings;
11
12use IPC::Open3;
13use OpenSSL::Test qw/:DEFAULT result_dir srctop_file bldtop_file/;
14use OpenSSL::Test::Utils;
15
16my $test_name = "test_sslkeylogfile";
17setup($test_name);
18
19plan skip_all => "$test_name requires SSLKEYLOGFILE support"
20    if disabled("sslkeylog");
21
22plan tests => 1;
23
24
25my $shlib_wrap   = srctop_file("util", "wrap.pl");
26my $apps_openssl = srctop_file("apps", "openssl");
27my $server_pem   = srctop_file("test", "certs", "servercert.pem");
28my $server_key   = srctop_file("test", "certs", "serverkey.pem");
29
30my $resultdir = result_dir();
31my $sslkeylogfile = "$resultdir/sslkeylog.keys";
32my $trace_file = "$resultdir/keylog.keys";
33
34# Start s_server
35my @s_server_cmd = ("s_server", "-accept", "0", "-naccept", "1",
36                    "-cert", $server_pem, "-key", $server_key);
37my $s_server_pid = open3(my $s_server_i, my $s_server_o, my $s_server_e, $shlib_wrap, $apps_openssl, @s_server_cmd);
38
39# expected outputs from the server
40# ACCEPT 0.0.0.0:<port>
41# ACCEPT [::]:<port>
42my $port = "0";
43# Figure out what port its listening on
44while (<$s_server_o>) {
45    print($_);
46    chomp;
47    if (/^ACCEPT 0.0.0.0:(\d+)/) {
48        $port = $1;
49        last;
50    } elsif (/^ACCEPT \[::\]:(\d+)/) {
51        $port = $1;
52        last;
53    } elsif (/^Using default/) {
54        ;
55    } else {
56        last;
57    }
58}
59my $server_port = $port;
60
61print("s_server ready, listening on port $server_port\n");
62
63# Use SSLKEYLOGFILE to record keylogging
64$ENV{SSLKEYLOGFILE} = $sslkeylogfile;
65
66# Start a client and use the -keylogfile option to independently trace keylog messages
67my @s_client_cmd = ("s_client", "-connect", "localhost:$server_port", "-keylogfile", $trace_file);
68my $s_client_pid = open3(my $s_client_i, my $s_client_o, my $s_client_e, $shlib_wrap, $apps_openssl, @s_client_cmd);
69
70# Issue a quit command to terminate the client after connect
71print $s_client_i "Q\n";
72waitpid($s_client_pid, 0);
73kill 'HUP', $s_server_pid;
74
75# Test 1: Compare the output of -keylogfile  and SSLKEYLOGFILE, and make sure they match
76# Note, the former adds a comment, that the latter does not, so ignore comments with -I in diff
77ok(run(cmd(["diff", "-I" ,"^#.*\$", $sslkeylogfile, $trace_file])));
78