|
Packit |
b893dc |
#!/usr/bin/perl
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
# Various session related tests. Currently:
|
|
Packit |
b893dc |
# - SSL_CTX_sess_set_get_cb and related functions
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
use strict;
|
|
Packit |
b893dc |
use warnings;
|
|
Packit |
b893dc |
use Test::More;
|
|
Packit |
b893dc |
use Socket;
|
|
Packit |
b893dc |
use File::Spec;
|
|
Packit |
b893dc |
use Net::SSLeay;
|
|
Packit |
b893dc |
use Config;
|
|
Packit |
b893dc |
use IO::Socket::INET;
|
|
Packit |
b893dc |
use Storable;
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
BEGIN {
|
|
Packit |
b893dc |
plan skip_all => "fork() not supported on $^O" unless $Config{d_fork};
|
|
Packit |
b893dc |
}
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
my $tests = 58;
|
|
Packit |
b893dc |
plan tests => $tests;
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
my $pid;
|
|
Packit |
b893dc |
alarm(30);
|
|
Packit |
b893dc |
END { kill 9,$pid if $pid }
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
# The -end round is just for communicating stats back to client
|
|
Packit |
b893dc |
my @rounds = qw(TLSv1 TLSv1.1 TLSv1.2 TLSv1.3 TLSv1.3-num-tickets-ssl TLSv1.3-num-tickets-ctx-6 TLSv1.3-num-tickets-ctx-0 TLSv1-end);
|
|
Packit |
b893dc |
my (%server_stats, %client_stats);
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
# Update client and server stats so that when something fails, it
|
|
Packit |
b893dc |
# remains in failed state
|
|
Packit |
b893dc |
sub set_client_stat
|
|
Packit |
b893dc |
{
|
|
Packit |
b893dc |
my ($round, $param, $is_ok) = @_;
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
if ($is_ok) {
|
|
Packit |
b893dc |
$client_stats{$round}->{$param} = 1 unless defined $client_stats{$round}->{$param};
|
|
Packit |
b893dc |
return;
|
|
Packit |
b893dc |
}
|
|
Packit |
b893dc |
$client_stats{$round}->{$param} = 0;
|
|
Packit |
b893dc |
}
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
sub set_server_stat
|
|
Packit |
b893dc |
{
|
|
Packit |
b893dc |
my ($round, $param, $is_ok) = @_;
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
if ($is_ok) {
|
|
Packit |
b893dc |
$server_stats{$round}->{$param} = 1 unless defined $server_stats{$round}->{$param};
|
|
Packit |
b893dc |
return;
|
|
Packit |
b893dc |
}
|
|
Packit |
b893dc |
$server_stats{$round}->{$param} = 0;
|
|
Packit |
b893dc |
}
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
# Separate session callbacks for client and server. The callbacks
|
|
Packit |
b893dc |
# update stats and check that SSL_CTX, SSL and SESSION are as
|
|
Packit |
b893dc |
# expected.
|
|
Packit |
b893dc |
sub client_new_cb
|
|
Packit |
b893dc |
{
|
|
Packit |
b893dc |
my ($ssl, $ssl_session, $expected_ctx, $round) = @_;
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
$client_stats{$round}->{new_cb_called}++;
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
my $ctx = Net::SSLeay::get_SSL_CTX($ssl);
|
|
Packit |
b893dc |
my $ssl_version = Net::SSLeay::get_version($ssl);
|
|
Packit |
b893dc |
my $is_ok = ($ctx eq $expected_ctx &&
|
|
Packit |
b893dc |
$ssl_session eq Net::SSLeay::SSL_get0_session($ssl) &&
|
|
Packit |
b893dc |
$round =~ m/^$ssl_version/);
|
|
Packit |
b893dc |
diag("client_new_cb params not ok: $round") unless $is_ok;
|
|
Packit |
b893dc |
set_client_stat($round, 'new_params_ok', $is_ok);
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
if (defined &Net::SSLeay::SESSION_is_resumable) {
|
|
Packit |
b893dc |
my $is_resumable = Net::SSLeay::SESSION_is_resumable($ssl_session);
|
|
Packit |
b893dc |
BAIL_OUT("is_resumable is not 0 or 1: $round") unless defined $is_resumable && ($is_resumable == 0 || $is_resumable == 1);
|
|
Packit |
b893dc |
set_client_stat($round, 'new_session_is_resumable', $is_resumable);
|
|
Packit |
b893dc |
}
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
#Net::SSLeay::SESSION_print_fp(*STDOUT, $ssl_session);
|
|
Packit |
b893dc |
return 0;
|
|
Packit |
b893dc |
}
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
sub client_remove_cb
|
|
Packit |
b893dc |
{
|
|
Packit |
b893dc |
my ($ctx, $ssl_session, $expected_ctx, $round) = @_;
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
$client_stats{$round}->{remove_cb_called}++;
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
my $is_ok = ($ctx eq $expected_ctx);
|
|
Packit |
b893dc |
diag("client_remove_cb params not ok: $round") unless $is_ok;
|
|
Packit |
b893dc |
set_client_stat($round, 'remove_params_ok', $is_ok);
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
#Net::SSLeay::SESSION_print_fp(*STDOUT, $ssl_session);
|
|
Packit |
b893dc |
return;
|
|
Packit |
b893dc |
}
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
sub server_new_cb
|
|
Packit |
b893dc |
{
|
|
Packit |
b893dc |
my ($ssl, $ssl_session, $expected_ctx, $round) = @_;
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
$server_stats{$round}->{new_cb_called}++;
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
my $ctx = Net::SSLeay::get_SSL_CTX($ssl);
|
|
Packit |
b893dc |
my $ssl_version = Net::SSLeay::get_version($ssl);
|
|
Packit |
b893dc |
my $is_ok = ($ctx eq $expected_ctx &&
|
|
Packit |
b893dc |
$ssl_session eq Net::SSLeay::SSL_get0_session($ssl) &&
|
|
Packit |
b893dc |
$round =~ m/^$ssl_version/);
|
|
Packit |
b893dc |
diag("server_new_cb params not ok: $round") unless $is_ok;
|
|
Packit |
b893dc |
set_server_stat($round, 'new_params_ok', $is_ok);
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
if (defined &Net::SSLeay::SESSION_is_resumable) {
|
|
Packit |
b893dc |
my $is_resumable = Net::SSLeay::SESSION_is_resumable($ssl_session);
|
|
Packit |
b893dc |
BAIL_OUT("is_resumable is not 0 or 1: $round") unless defined $is_resumable && ($is_resumable == 0 || $is_resumable == 1);
|
|
Packit |
b893dc |
set_server_stat($round, 'new_session_is_resumable', $is_resumable);
|
|
Packit |
b893dc |
}
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
#Net::SSLeay::SESSION_print_fp(*STDOUT, $ssl_session);
|
|
Packit |
b893dc |
return 0;
|
|
Packit |
b893dc |
}
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
sub server_remove_cb
|
|
Packit |
b893dc |
{
|
|
Packit |
b893dc |
my ($ctx, $ssl_session, $expected_ctx, $round) = @_;
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
$server_stats{$round}->{remove_cb_called}++;
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
my $is_ok = ($ctx eq $expected_ctx);
|
|
Packit |
b893dc |
diag("server_remove_cb params not ok: $round") unless $is_ok;
|
|
Packit |
b893dc |
set_server_stat($round, 'remove_params_ok', $is_ok);
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
return;
|
|
Packit |
b893dc |
}
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
my ($server, $server_ctx, $client_ctx, $server_ssl, $client_ssl);
|
|
Packit |
b893dc |
Net::SSLeay::initialize();
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
# Helper for client and server
|
|
Packit |
b893dc |
sub make_ctx
|
|
Packit |
b893dc |
{
|
|
Packit |
b893dc |
my ($round) = @_;
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
my $ctx;
|
|
Packit |
b893dc |
if ($round =~ /^TLSv1\.3/) {
|
|
Packit |
b893dc |
return undef unless eval { Net::SSLeay::TLS1_3_VERSION(); };
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
# Use API introduced in OpenSSL 1.1.0
|
|
Packit |
b893dc |
$ctx = Net::SSLeay::CTX_new_with_method(Net::SSLeay::TLS_method());
|
|
Packit |
b893dc |
Net::SSLeay::CTX_set_min_proto_version($ctx, Net::SSLeay::TLS1_3_VERSION());
|
|
Packit |
b893dc |
Net::SSLeay::CTX_set_max_proto_version($ctx, Net::SSLeay::TLS1_3_VERSION());
|
|
Packit |
b893dc |
}
|
|
Packit |
b893dc |
elsif ($round =~ /^TLSv1\.2/) {
|
|
Packit |
b893dc |
return undef unless exists &Net::SSLeay::TLSv1_2_method;
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
$ctx = Net::SSLeay::CTX_new_with_method(Net::SSLeay::TLSv1_2_method());
|
|
Packit |
b893dc |
}
|
|
Packit |
b893dc |
elsif ($round =~ /^TLSv1\.1/) {
|
|
Packit |
b893dc |
return undef unless exists &Net::SSLeay::TLSv1_1_method;
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
$ctx = Net::SSLeay::CTX_new_with_method(Net::SSLeay::TLSv1_1_method());
|
|
Packit |
b893dc |
}
|
|
Packit |
b893dc |
else
|
|
Packit |
b893dc |
{
|
|
Packit |
b893dc |
$ctx = Net::SSLeay::CTX_new_with_method(Net::SSLeay::TLSv1_method());
|
|
Packit |
b893dc |
}
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
return $ctx;
|
|
Packit |
b893dc |
}
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
sub server
|
|
Packit |
b893dc |
{
|
|
Packit |
b893dc |
# SSL server - just handle connections, send information to
|
|
Packit |
b893dc |
# client and exit
|
|
Packit |
b893dc |
my $cert_pem = File::Spec->catfile('t', 'data', 'testcert_wildcard.crt.pem');
|
|
Packit |
b893dc |
my $key_pem = File::Spec->catfile('t', 'data', 'testcert_key_2048.pem');
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
$server = IO::Socket::INET->new( LocalAddr => '127.0.0.1', Listen => 3)
|
|
Packit |
b893dc |
or BAIL_OUT("failed to create server socket: $!");
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
defined($pid = fork()) or BAIL_OUT("failed to fork: $!");
|
|
Packit |
b893dc |
if ($pid == 0) {
|
|
Packit |
b893dc |
my ($ctx, $ssl, $ret, $cl);
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
foreach my $round (@rounds)
|
|
Packit |
b893dc |
{
|
|
Packit |
b893dc |
$cl = $server->accept or BAIL_OUT("accept failed: $!");
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
$ctx = make_ctx($round);
|
|
Packit |
b893dc |
next unless $ctx;
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
Net::SSLeay::set_cert_and_key($ctx, $cert_pem, $key_pem);
|
|
Packit |
b893dc |
Net::SSLeay::CTX_set_session_cache_mode($ctx, Net::SSLeay::SESS_CACHE_SERVER());
|
|
Packit |
b893dc |
# Need OP_NO_TICKET to enable server side (Session ID based) resumption.
|
|
Packit |
b893dc |
# See also SSL_CTX_set_options documenation about its use with TLSv1.3
|
|
Packit |
b893dc |
Net::SSLeay::CTX_set_options($ctx, Net::SSLeay::OP_ALL() | Net::SSLeay::OP_NO_TICKET())
|
|
Packit |
b893dc |
if ($round !~ /^TLSv1\.3/);
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
Net::SSLeay::CTX_sess_set_new_cb($ctx, sub {server_new_cb(@_, $ctx, $round);});
|
|
Packit |
b893dc |
Net::SSLeay::CTX_sess_set_remove_cb($ctx, sub {server_remove_cb(@_, $ctx, $round);});
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
# Test set_num_tickets separately for CTX and SSL
|
|
Packit |
b893dc |
if (defined &Net::SSLeay::CTX_set_num_tickets)
|
|
Packit |
b893dc |
{
|
|
Packit |
b893dc |
Net::SSLeay::CTX_set_num_tickets($ctx, 6) if ($round eq 'TLSv1.3-num-tickets-ctx-6');
|
|
Packit |
b893dc |
Net::SSLeay::CTX_set_num_tickets($ctx, 0) if ($round eq 'TLSv1.3-num-tickets-ctx-0');
|
|
Packit |
b893dc |
$server_stats{$round}->{get_num_tickets} = Net::SSLeay::CTX_get_num_tickets($ctx);
|
|
Packit |
b893dc |
}
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
$ssl = Net::SSLeay::new($ctx);
|
|
Packit |
b893dc |
if (defined &Net::SSLeay::set_num_tickets)
|
|
Packit |
b893dc |
{
|
|
Packit |
b893dc |
Net::SSLeay::set_num_tickets($ssl, 4) if ($round eq 'TLSv1.3-num-tickets-ssl');
|
|
Packit |
b893dc |
$server_stats{$round}->{get_num_tickets} = Net::SSLeay::get_num_tickets($ssl);
|
|
Packit |
b893dc |
}
|
|
Packit |
b893dc |
Net::SSLeay::set_fd($ssl, fileno($cl));
|
|
Packit |
b893dc |
Net::SSLeay::accept($ssl);
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
Net::SSLeay::write($ssl, "msg from server: $round");
|
|
Packit |
b893dc |
my $end = Net::SSLeay::read($ssl);
|
|
Packit |
b893dc |
#print "client said: $end\n";
|
|
Packit |
b893dc |
if ($end eq 'end')
|
|
Packit |
b893dc |
{
|
|
Packit |
b893dc |
Net::SSLeay::write($ssl, $end);
|
|
Packit |
b893dc |
Net::SSLeay::write($ssl, Storable::freeze(\%server_stats));
|
|
Packit |
b893dc |
}
|
|
Packit |
b893dc |
Net::SSLeay::shutdown($ssl);
|
|
Packit |
b893dc |
my $sess = Net::SSLeay::get1_session($ssl);
|
|
Packit |
b893dc |
$ret = Net::SSLeay::CTX_remove_session($ctx, $sess);
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
if (defined &Net::SSLeay::SESSION_is_resumable) {
|
|
Packit |
b893dc |
my $is_resumable = Net::SSLeay::SESSION_is_resumable($sess);
|
|
Packit |
b893dc |
BAIL_OUT("is_resumable is not 0 or 1: $round") unless defined $is_resumable && ($is_resumable == 0 || $is_resumable == 1);
|
|
Packit |
b893dc |
set_server_stat($round, 'old_session_is_resumable', $is_resumable);
|
|
Packit |
b893dc |
}
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
Net::SSLeay::SESSION_free($sess) unless $ret; # Not cached, undo get1
|
|
Packit |
b893dc |
Net::SSLeay::free($ssl);
|
|
Packit |
b893dc |
}
|
|
Packit |
b893dc |
#use Data::Dumper; print "Server:\n" . Dumper(\%server_stats);
|
|
Packit |
b893dc |
exit(0);
|
|
Packit |
b893dc |
}
|
|
Packit |
b893dc |
}
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
sub client {
|
|
Packit |
b893dc |
# SSL client - connect to server and receive information that we
|
|
Packit |
b893dc |
# compare to our expected values
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
my $saddr = $server->sockhost.':'.$server->sockport;
|
|
Packit |
b893dc |
my ($ctx, $ssl, $ret, $cl);
|
|
Packit |
b893dc |
my $end = "end";
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
foreach my $round (@rounds)
|
|
Packit |
b893dc |
{
|
|
Packit |
b893dc |
$cl = IO::Socket::INET->new($saddr)
|
|
Packit |
b893dc |
or BAIL_OUT("failed to connect to server: $!");
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
$ctx = make_ctx($round);
|
|
Packit |
b893dc |
next unless $ctx;
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
Net::SSLeay::CTX_set_session_cache_mode($ctx, Net::SSLeay::SESS_CACHE_CLIENT());
|
|
Packit |
b893dc |
Net::SSLeay::CTX_set_options($ctx, Net::SSLeay::OP_ALL());
|
|
Packit |
b893dc |
Net::SSLeay::CTX_sess_set_new_cb($ctx, sub {client_new_cb(@_, $ctx, $round);});
|
|
Packit |
b893dc |
Net::SSLeay::CTX_sess_set_remove_cb($ctx, sub {client_remove_cb(@_, $ctx, $round);});
|
|
Packit |
b893dc |
$ssl = Net::SSLeay::new($ctx);
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
Net::SSLeay::set_fd($ssl, $cl);
|
|
Packit |
b893dc |
Net::SSLeay::connect($ssl);
|
|
Packit |
b893dc |
my $msg = Net::SSLeay::read($ssl);
|
|
Packit |
b893dc |
#print "server said: $msg\n";
|
|
Packit |
b893dc |
if ($round =~ /end/)
|
|
Packit |
b893dc |
{
|
|
Packit |
b893dc |
Net::SSLeay::write($ssl, $end);
|
|
Packit |
b893dc |
last;
|
|
Packit |
b893dc |
}
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
Net::SSLeay::write($ssl, "continue");
|
|
Packit |
b893dc |
my $sess = Net::SSLeay::get1_session($ssl);
|
|
Packit |
b893dc |
$ret = Net::SSLeay::CTX_remove_session($ctx, $sess);
|
|
Packit |
b893dc |
Net::SSLeay::SESSION_free($sess) unless $ret; # Not cached, undo get1
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
if (defined &Net::SSLeay::SESSION_is_resumable) {
|
|
Packit |
b893dc |
my $is_resumable = Net::SSLeay::SESSION_is_resumable($sess);
|
|
Packit |
b893dc |
BAIL_OUT("is_resumable is not 0 or 1: $round") unless defined $is_resumable && ($is_resumable == 0 || $is_resumable == 1);
|
|
Packit |
b893dc |
set_client_stat($round, 'old_session_is_resumable', $is_resumable);
|
|
Packit |
b893dc |
}
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
Net::SSLeay::shutdown($ssl);
|
|
Packit |
b893dc |
Net::SSLeay::free($ssl);
|
|
Packit |
b893dc |
}
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
# Server should have acked our end request. Also see that our connection is still up
|
|
Packit |
b893dc |
my $server_end = Net::SSLeay::read($ssl);
|
|
Packit |
b893dc |
is($server_end, $end, "Successful termination");
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
# Stats from server
|
|
Packit |
b893dc |
my $server_stats_ref = Storable::thaw(Net::SSLeay::read($ssl));
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
my $sess = Net::SSLeay::get1_session($ssl);
|
|
Packit |
b893dc |
$ret = Net::SSLeay::CTX_remove_session($ctx, $sess);
|
|
Packit |
b893dc |
Net::SSLeay::SESSION_free($sess) unless $ret; # Not cached, undo get1
|
|
Packit |
b893dc |
Net::SSLeay::shutdown($ssl);
|
|
Packit |
b893dc |
Net::SSLeay::free($ssl);
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
test_stats($server_stats_ref, \%client_stats);
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
return;
|
|
Packit |
b893dc |
}
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
sub test_stats
|
|
Packit |
b893dc |
{
|
|
Packit |
b893dc |
my ($srv_stats, $clt_stats) = @_;
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
is($srv_stats->{'TLSv1'}->{new_cb_called}, 1, 'Server TLSv1 new_cb call count');
|
|
Packit |
b893dc |
is($srv_stats->{'TLSv1'}->{new_params_ok}, 1, 'Server TLSv1 new_cb params were correct');
|
|
Packit |
b893dc |
is($srv_stats->{'TLSv1'}->{remove_cb_called}, 1, 'Server TLSv1 remove_cb call count');
|
|
Packit |
b893dc |
is($srv_stats->{'TLSv1'}->{remove_params_ok}, 1, 'Server TLSv1 remove_cb params were correct');
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
is($clt_stats->{'TLSv1'}->{new_cb_called}, 1, 'Client TLSv1 new_cb call count');
|
|
Packit |
b893dc |
is($clt_stats->{'TLSv1'}->{new_params_ok}, 1, 'Client TLSv1 new_cb params were correct');
|
|
Packit |
b893dc |
is($clt_stats->{'TLSv1'}->{remove_cb_called}, 1, 'Client TLSv1 remove_cb call count');
|
|
Packit |
b893dc |
is($clt_stats->{'TLSv1'}->{remove_params_ok}, 1, 'Client TLSv1 remove_cb params were correct');
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
if (defined &Net::SSLeay::SESSION_is_resumable) {
|
|
Packit |
b893dc |
is($srv_stats->{'TLSv1'}->{new_session_is_resumable}, 1, 'Server TLSv1 session is resumable');
|
|
Packit |
b893dc |
is($srv_stats->{'TLSv1'}->{old_session_is_resumable}, 0, 'Server TLSv1 session is no longer resumable');
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
is($clt_stats->{'TLSv1'}->{new_session_is_resumable}, 1, 'Client TLSv1 session is resumable');
|
|
Packit |
b893dc |
is($clt_stats->{'TLSv1'}->{old_session_is_resumable}, 0, 'Client TLSv1 session is no longer resumable');
|
|
Packit |
b893dc |
} else {
|
|
Packit |
b893dc |
SKIP: {
|
|
Packit |
b893dc |
skip('Do not have Net::SSLeay::SESSION_is_resumable', 4);
|
|
Packit |
b893dc |
}
|
|
Packit |
b893dc |
}
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
if (exists &Net::SSLeay::TLSv1_1_method)
|
|
Packit |
b893dc |
{
|
|
Packit |
b893dc |
# Should be the same as TLSv1
|
|
Packit |
b893dc |
is($srv_stats->{'TLSv1.1'}->{new_cb_called}, 1, 'Server TLSv1.1 new_cb call count');
|
|
Packit |
b893dc |
is($srv_stats->{'TLSv1.1'}->{new_params_ok}, 1, 'Server TLSv1.1 new_cb params were correct');
|
|
Packit |
b893dc |
is($srv_stats->{'TLSv1.1'}->{remove_cb_called}, 1, 'Server TLSv1.1 remove_cb call count');
|
|
Packit |
b893dc |
is($srv_stats->{'TLSv1.1'}->{remove_params_ok}, 1, 'Server TLSv1.1 remove_cb params were correct');
|
|
Packit |
b893dc |
if (defined &Net::SSLeay::SESSION_is_resumable) {
|
|
Packit |
b893dc |
is($srv_stats->{'TLSv1.1'}->{new_session_is_resumable}, 1, 'Server TLSv1.1 session is resumable');
|
|
Packit |
b893dc |
is($srv_stats->{'TLSv1.1'}->{old_session_is_resumable}, 0, 'Server TLSv1.1 session is no longer resumable');
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
is($clt_stats->{'TLSv1.1'}->{new_session_is_resumable}, 1, 'Client TLSv1.1 session is resumable');
|
|
Packit |
b893dc |
is($clt_stats->{'TLSv1.1'}->{old_session_is_resumable}, 0, 'Client TLSv1.1 session is no longer resumable');
|
|
Packit |
b893dc |
} else {
|
|
Packit |
b893dc |
SKIP: {
|
|
Packit |
b893dc |
skip('Do not have Net::SSLeay::SESSION_is_resumable', 4);
|
|
Packit |
b893dc |
}
|
|
Packit |
b893dc |
}
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
is($clt_stats->{'TLSv1.1'}->{new_cb_called}, 1, 'Client TLSv1.1 new_cb call count');
|
|
Packit |
b893dc |
is($clt_stats->{'TLSv1.1'}->{new_params_ok}, 1, 'Client TLSv1.1 new_cb params were correct');
|
|
Packit |
b893dc |
is($clt_stats->{'TLSv1.1'}->{remove_cb_called}, 1, 'Client TLSv1.1 remove_cb call count');
|
|
Packit |
b893dc |
is($clt_stats->{'TLSv1.1'}->{remove_params_ok}, 1, 'Client TLSv1.1 remove_cb params were correct');
|
|
Packit |
b893dc |
} else {
|
|
Packit |
b893dc |
SKIP: {
|
|
Packit |
b893dc |
skip('Do not have support for TLSv1.1', 12);
|
|
Packit |
b893dc |
}
|
|
Packit |
b893dc |
}
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
if (exists &Net::SSLeay::TLSv1_2_method)
|
|
Packit |
b893dc |
{
|
|
Packit |
b893dc |
# Should be the same as TLSv1
|
|
Packit |
b893dc |
is($srv_stats->{'TLSv1.2'}->{new_cb_called}, 1, 'Server TLSv1.2 new_cb call count');
|
|
Packit |
b893dc |
is($srv_stats->{'TLSv1.2'}->{new_params_ok}, 1, 'Server TLSv1.2 new_cb params were correct');
|
|
Packit |
b893dc |
is($srv_stats->{'TLSv1.2'}->{remove_cb_called}, 1, 'Server TLSv1.2 remove_cb call count');
|
|
Packit |
b893dc |
is($srv_stats->{'TLSv1.2'}->{remove_params_ok}, 1, 'Server TLSv1.2 remove_cb params were correct');
|
|
Packit |
b893dc |
if (defined &Net::SSLeay::SESSION_is_resumable) {
|
|
Packit |
b893dc |
is($srv_stats->{'TLSv1.2'}->{new_session_is_resumable}, 1, 'Server TLSv1.2 session is resumable');
|
|
Packit |
b893dc |
is($srv_stats->{'TLSv1.2'}->{old_session_is_resumable}, 0, 'Server TLSv1.2 session is no longer resumable');
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
is($clt_stats->{'TLSv1.2'}->{new_session_is_resumable}, 1, 'Client TLSv1.2 session is resumable');
|
|
Packit |
b893dc |
is($clt_stats->{'TLSv1.2'}->{old_session_is_resumable}, 0, 'Client TLSv1.2 session is no longer resumable');
|
|
Packit |
b893dc |
} else {
|
|
Packit |
b893dc |
SKIP: {
|
|
Packit |
b893dc |
skip('Do not have Net::SSLeay::SESSION_is_resumable', 4);
|
|
Packit |
b893dc |
}
|
|
Packit |
b893dc |
}
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
is($clt_stats->{'TLSv1.2'}->{new_cb_called}, 1, 'Client TLSv1.2 new_cb call count');
|
|
Packit |
b893dc |
is($clt_stats->{'TLSv1.2'}->{new_params_ok}, 1, 'Client TLSv1.2 new_cb params were correct');
|
|
Packit |
b893dc |
is($clt_stats->{'TLSv1.2'}->{remove_cb_called}, 1, 'Client TLSv1.2 remove_cb call count');
|
|
Packit |
b893dc |
is($clt_stats->{'TLSv1.2'}->{remove_params_ok}, 1, 'Client TLSv1.2 remove_cb params were correct');
|
|
Packit |
b893dc |
} else {
|
|
Packit |
b893dc |
SKIP: {
|
|
Packit |
b893dc |
skip('Do not have support for TLSv1.2', 12);
|
|
Packit |
b893dc |
}
|
|
Packit |
b893dc |
}
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
if (eval { Net::SSLeay::TLS1_3_VERSION(); })
|
|
Packit |
b893dc |
{
|
|
Packit |
b893dc |
# OpenSSL sends two session tickets by default: new_cb called two times
|
|
Packit |
b893dc |
is($srv_stats->{'TLSv1.3'}->{new_cb_called}, 2, 'Server TLSv1.3 new_cb call count');
|
|
Packit |
b893dc |
is($srv_stats->{'TLSv1.3'}->{new_params_ok}, 1, 'Server TLSv1.3 new_cb params were correct');
|
|
Packit |
b893dc |
is($srv_stats->{'TLSv1.3'}->{remove_cb_called}, 1, 'Server TLSv1.3 remove_cb call count');
|
|
Packit |
b893dc |
is($srv_stats->{'TLSv1.3'}->{remove_params_ok}, 1, 'Server TLSv1.3 remove_cb params were correct');
|
|
Packit |
b893dc |
is($srv_stats->{'TLSv1.3-num-tickets-ssl'}->{get_num_tickets}, 4, 'Server TLSv1.3 get_num_tickets 4');
|
|
Packit |
b893dc |
is($srv_stats->{'TLSv1.3-num-tickets-ssl'}->{new_cb_called}, 4, 'Server TLSv1.3 new_cb call count with set_num_tickets 4');
|
|
Packit |
b893dc |
is($srv_stats->{'TLSv1.3-num-tickets-ctx-6'}->{get_num_tickets}, 6, 'Server TLSv1.3 CTX_get_num_tickets 6');
|
|
Packit |
b893dc |
is($srv_stats->{'TLSv1.3-num-tickets-ctx-6'}->{new_cb_called}, 6, 'Server TLSv1.3 new_cb call count with CTX_set_num_tickets 6');
|
|
Packit |
b893dc |
is($srv_stats->{'TLSv1.3-num-tickets-ctx-0'}->{get_num_tickets}, 0, 'Server TLSv1.3 CTX_get_num_tickets 0');
|
|
Packit |
b893dc |
is($srv_stats->{'TLSv1.3-num-tickets-ctx-0'}->{new_cb_called}, undef, 'Server TLSv1.3 new_cb call count with CTX_set_num_tickets 0');
|
|
Packit |
b893dc |
is($srv_stats->{'TLSv1.3'}->{new_session_is_resumable}, 1, 'Server TLSv1.3 session is resumable');
|
|
Packit |
b893dc |
is($srv_stats->{'TLSv1.3'}->{old_session_is_resumable}, 0, 'Server TLSv1.3 session is no longer resumable');
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
is($clt_stats->{'TLSv1.3'}->{new_cb_called}, 2, 'Client TLSv1.3 new_cb call count');
|
|
Packit |
b893dc |
is($clt_stats->{'TLSv1.3'}->{new_params_ok}, 1, 'Client TLSv1.3 new_cb params were correct');
|
|
Packit |
b893dc |
is($clt_stats->{'TLSv1.3'}->{remove_cb_called}, 1, 'Client TLSv1.3 remove_cb call count');
|
|
Packit |
b893dc |
is($clt_stats->{'TLSv1.3'}->{remove_params_ok}, 1, 'Client TLSv1.3 remove_cb params were correct');
|
|
Packit |
b893dc |
is($clt_stats->{'TLSv1.3-num-tickets-ssl'}->{new_cb_called}, 4, 'Client TLSv1.3 new_cb call count with set_num_tickets 4');
|
|
Packit |
b893dc |
is($clt_stats->{'TLSv1.3-num-tickets-ctx-6'}->{new_cb_called}, 6, 'Client TLSv1.3 new_cb call count with CTX_set_num_tickets 6');
|
|
Packit |
b893dc |
is($clt_stats->{'TLSv1.3-num-tickets-ctx-0'}->{new_cb_called}, undef, 'Client TLSv1.3 new_cb call count with CTX_set_num_tickets 0');
|
|
Packit |
b893dc |
is($clt_stats->{'TLSv1.3'}->{new_session_is_resumable}, 1, 'Client TLSv1.3 session is resumable');
|
|
Packit |
b893dc |
is($clt_stats->{'TLSv1.3'}->{old_session_is_resumable}, 0, 'Client TLSv1.3 session is no longer resumable');
|
|
Packit |
b893dc |
} else {
|
|
Packit |
b893dc |
SKIP: {
|
|
Packit |
b893dc |
skip('Do not have support for TLSv1.3', 21);
|
|
Packit |
b893dc |
}
|
|
Packit |
b893dc |
}
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
# use Data::Dumper; print "Server:\n" . Dumper(\%srv_stats);
|
|
Packit |
b893dc |
# use Data::Dumper; print "Client:\n" . Dumper(\%clt_stats);
|
|
Packit |
b893dc |
}
|
|
Packit |
b893dc |
|
|
Packit |
b893dc |
server();
|
|
Packit |
b893dc |
client();
|
|
Packit |
b893dc |
waitpid $pid, 0;
|
|
Packit |
b893dc |
exit(0);
|