xref: /openssl/test/recipes/82-test_tfo_cli.t (revision be4b2ed2)
1#! /usr/bin/env perl
2# Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
3#
4# Licensed under the Apache License 2.0 (the "License").  You may not use
5# this file except in compliance with the License.  You can obtain a copy
6# in the file LICENSE in the source distribution or at
7# https://www.openssl.org/source/license.html
8
9use strict;
10use warnings;
11
12use IPC::Open2;
13use OpenSSL::Test qw/:DEFAULT srctop_file bldtop_file/;
14use OpenSSL::Test::Utils;
15
16setup("test_tfo");
17
18plan skip_all => "test_tfo_cli needs tfo enabled" if disabled("tfo");
19plan skip_all => "test_tfo_cli needs sock enabled" if disabled("sock");
20plan skip_all => "test_tfo_cli needs tls < 1.3 enabled"
21    if disabled("tls1") && disabled("tls1_1") && disabled("tls1_2");
22plan skip_all => "test_tfo_cli does not run on Windows nor VMS"
23    if $^O =~ /^(VMS|MSWin32|msys)$/;
24
25plan tests => 8;
26
27my $shlib_wrap = bldtop_file("util", "shlib_wrap.sh");
28my $apps_openssl = bldtop_file("apps", "openssl");
29my $cert = srctop_file("apps", "server.pem");
30
31sub run_test {
32    my $tfo = shift;
33
34    my $client_good = ! $tfo;
35    my $server_good = ! $tfo;
36    my $connect_good = 0;
37    my $port = "0";
38
39    # Not using TLSv1.3 allows the test to work with "no-ec"
40    my @s_cmd = ("s_server", "-accept", ":0", "-cert", $cert, "-www", "-no_tls1_3", "-naccept", "1");
41    push @s_cmd, "-tfo" if ($tfo);
42
43    my $spid = open2(my $sout, my $sin, $shlib_wrap, $apps_openssl, @s_cmd);
44
45    # Read until we get the port, TFO is output before the ACCEPT line
46    while (<$sout>) {
47        chomp;
48        $server_good = $tfo if /^Listening for TFO$/;
49        if (/^ACCEPT\s.*:(\d+)$/) {
50            $port = $1;
51            last;
52        }
53    }
54    print STDERR "Port: $port\n";
55    print STDERR "Invalid port\n" if ! ok($port);
56
57    # Start up the client
58    my @c_cmd = ("s_client", "-connect", ":$port", "-no_tls1_3");
59    push @c_cmd, "-tfo" if ($tfo);
60
61    my $cpid = open2(my $cout, my $cin, $shlib_wrap, $apps_openssl, @c_cmd);
62
63    # Do the "GET", which will cause the client to finish
64    print $cin "GET /\r\n";
65
66    waitpid($cpid, 0);
67    waitpid($spid, 0);
68
69    # Check the client output
70    while (<$cout>) {
71        chomp;
72        $client_good = $tfo if /^Connecting via TFO$/;
73        $connect_good = 1 if /^Content-type: text/;
74    }
75
76    print STDERR "Client TFO check failed\n" if ! ok($client_good);
77    print STDERR "Server TFO check failed\n" if ! ok($server_good);
78    print STDERR "Connection failed\n" if ! ok($connect_good);
79}
80
81for my $tfo (0..1) {
82    SKIP:
83    {
84        skip "TFO not enabled", 4 if disabled("tfo") && $tfo;
85
86        run_test($tfo);
87    }
88}
89