source-git / perl-Net-SSLeay

Clone
Source Code
GIT

Blame t/local/44_sess.t

c8 master
  1.   c8
  2.   t
  3.   local
  4.   44_sess.t
Blob History Raw
Packit b893dc 
#!/usr/bin/perl
Packit b893dc
Packit b893dc 
# Various session related tests. Currently:
Packit b893dc 
# - SSL_CTX_sess_set_get_cb and related functions
Packit b893dc
Packit b893dc 
use strict;
Packit b893dc 
use warnings;
Packit b893dc 
use Test::More;
Packit b893dc 
use Socket;
Packit b893dc 
use File::Spec;
Packit b893dc 
use Net::SSLeay;
Packit b893dc 
use Config;
Packit b893dc 
use IO::Socket::INET;
Packit b893dc 
use Storable;
Packit b893dc
Packit b893dc 
BEGIN {
Packit b893dc 
  plan skip_all => "fork() not supported on $^O" unless $Config{d_fork};
Packit b893dc 
}
Packit b893dc
Packit b893dc 
my $tests = 58;
Packit b893dc 
plan tests => $tests;
Packit b893dc
Packit b893dc 
my $pid;
Packit b893dc 
alarm(30);
Packit b893dc 
END { kill 9,$pid if $pid }
Packit b893dc
Packit b893dc 
# The -end round is just for communicating stats back to client
Packit b893dc 
my @rounds = qw(TLSv1 TLSv1.1 TLSv1.2 TLSv1.3 TLSv1.3-num-tickets-ssl TLSv1.3-num-tickets-ctx-6 TLSv1.3-num-tickets-ctx-0 TLSv1-end);
Packit b893dc 
my (%server_stats, %client_stats);
Packit b893dc
Packit b893dc 
# Update client and server stats so that when something fails, it
Packit b893dc 
# remains in failed state
Packit b893dc 
sub set_client_stat
Packit b893dc 
{
Packit b893dc 
    my ($round, $param, $is_ok) = @_;
Packit b893dc
Packit b893dc 
    if ($is_ok) {
Packit b893dc 
	$client_stats{$round}->{$param} = 1 unless defined $client_stats{$round}->{$param};
Packit b893dc 
	return;
Packit b893dc 
    }
Packit b893dc 
    $client_stats{$round}->{$param} = 0;
Packit b893dc 
}
Packit b893dc
Packit b893dc 
sub set_server_stat
Packit b893dc 
{
Packit b893dc 
    my ($round, $param, $is_ok) = @_;
Packit b893dc
Packit b893dc 
    if ($is_ok) {
Packit b893dc 
	$server_stats{$round}->{$param} = 1 unless defined $server_stats{$round}->{$param};
Packit b893dc 
	return;
Packit b893dc 
    }
Packit b893dc 
    $server_stats{$round}->{$param} = 0;
Packit b893dc 
}
Packit b893dc
Packit b893dc 
# Separate session callbacks for client and server. The callbacks
Packit b893dc 
# update stats and check that SSL_CTX, SSL and SESSION are as
Packit b893dc 
# expected.
Packit b893dc 
sub client_new_cb
Packit b893dc 
{
Packit b893dc 
    my ($ssl, $ssl_session, $expected_ctx, $round) = @_;
Packit b893dc
Packit b893dc 
    $client_stats{$round}->{new_cb_called}++;
Packit b893dc
Packit b893dc 
    my $ctx = Net::SSLeay::get_SSL_CTX($ssl);
Packit b893dc 
    my $ssl_version = Net::SSLeay::get_version($ssl);
Packit b893dc 
    my $is_ok = ($ctx eq $expected_ctx &&
Packit b893dc 
		 $ssl_session eq Net::SSLeay::SSL_get0_session($ssl) &&
Packit b893dc 
		 $round =~ m/^$ssl_version/);
Packit b893dc 
    diag("client_new_cb params not ok: $round") unless $is_ok;
Packit b893dc 
    set_client_stat($round, 'new_params_ok', $is_ok);
Packit b893dc
Packit b893dc 
    if (defined &Net::SSLeay::SESSION_is_resumable) {
Packit b893dc 
	my $is_resumable = Net::SSLeay::SESSION_is_resumable($ssl_session);
Packit b893dc 
	BAIL_OUT("is_resumable is not 0 or 1: $round") unless defined $is_resumable && ($is_resumable == 0 || $is_resumable == 1);
Packit b893dc 
	set_client_stat($round, 'new_session_is_resumable', $is_resumable);
Packit b893dc 
    }
Packit b893dc
Packit b893dc 
    #Net::SSLeay::SESSION_print_fp(*STDOUT, $ssl_session);
Packit b893dc 
    return 0;
Packit b893dc 
}
Packit b893dc
Packit b893dc 
sub client_remove_cb
Packit b893dc 
{
Packit b893dc 
    my ($ctx, $ssl_session, $expected_ctx, $round) = @_;
Packit b893dc
Packit b893dc 
    $client_stats{$round}->{remove_cb_called}++;
Packit b893dc
Packit b893dc 
    my $is_ok = ($ctx eq $expected_ctx);
Packit b893dc 
    diag("client_remove_cb params not ok: $round") unless $is_ok;
Packit b893dc 
    set_client_stat($round, 'remove_params_ok', $is_ok);
Packit b893dc
Packit b893dc 
    #Net::SSLeay::SESSION_print_fp(*STDOUT, $ssl_session);
Packit b893dc 
    return;
Packit b893dc 
}
Packit b893dc
Packit b893dc 
sub server_new_cb
Packit b893dc 
{
Packit b893dc 
    my ($ssl, $ssl_session, $expected_ctx, $round) = @_;
Packit b893dc
Packit b893dc 
    $server_stats{$round}->{new_cb_called}++;
Packit b893dc
Packit b893dc 
    my $ctx = Net::SSLeay::get_SSL_CTX($ssl);
Packit b893dc 
    my $ssl_version = Net::SSLeay::get_version($ssl);
Packit b893dc 
    my $is_ok = ($ctx eq $expected_ctx &&
Packit b893dc 
		 $ssl_session eq Net::SSLeay::SSL_get0_session($ssl) &&
Packit b893dc 
		 $round =~ m/^$ssl_version/);
Packit b893dc 
    diag("server_new_cb params not ok: $round") unless $is_ok;
Packit b893dc 
    set_server_stat($round, 'new_params_ok', $is_ok);
Packit b893dc
Packit b893dc 
    if (defined &Net::SSLeay::SESSION_is_resumable) {
Packit b893dc 
	my $is_resumable = Net::SSLeay::SESSION_is_resumable($ssl_session);
Packit b893dc 
	BAIL_OUT("is_resumable is not 0 or 1: $round") unless defined $is_resumable && ($is_resumable == 0 || $is_resumable == 1);
Packit b893dc 
	set_server_stat($round, 'new_session_is_resumable', $is_resumable);
Packit b893dc 
    }
Packit b893dc
Packit b893dc 
    #Net::SSLeay::SESSION_print_fp(*STDOUT, $ssl_session);
Packit b893dc 
    return 0;
Packit b893dc 
}
Packit b893dc
Packit b893dc 
sub server_remove_cb
Packit b893dc 
{
Packit b893dc 
    my ($ctx, $ssl_session, $expected_ctx, $round) = @_;
Packit b893dc
Packit b893dc 
    $server_stats{$round}->{remove_cb_called}++;
Packit b893dc
Packit b893dc 
    my $is_ok = ($ctx eq $expected_ctx);
Packit b893dc 
    diag("server_remove_cb params not ok: $round") unless $is_ok;
Packit b893dc 
    set_server_stat($round, 'remove_params_ok', $is_ok);
Packit b893dc
Packit b893dc 
    return;
Packit b893dc 
}
Packit b893dc
Packit b893dc 
my ($server, $server_ctx, $client_ctx, $server_ssl, $client_ssl);
Packit b893dc 
Net::SSLeay::initialize();
Packit b893dc
Packit b893dc 
# Helper for client and server
Packit b893dc 
sub make_ctx
Packit b893dc 
{
Packit b893dc 
    my ($round) = @_;
Packit b893dc
Packit b893dc 
    my $ctx;
Packit b893dc 
    if ($round =~ /^TLSv1\.3/) {
Packit b893dc 
	return undef unless eval { Net::SSLeay::TLS1_3_VERSION(); };
Packit b893dc
Packit b893dc 
	# Use API introduced in OpenSSL 1.1.0
Packit b893dc 
	$ctx = Net::SSLeay::CTX_new_with_method(Net::SSLeay::TLS_method());
Packit b893dc 
	Net::SSLeay::CTX_set_min_proto_version($ctx, Net::SSLeay::TLS1_3_VERSION());
Packit b893dc 
	Net::SSLeay::CTX_set_max_proto_version($ctx, Net::SSLeay::TLS1_3_VERSION());
Packit b893dc 
    }
Packit b893dc 
    elsif ($round =~ /^TLSv1\.2/) {
Packit b893dc 
	return undef unless exists &Net::SSLeay::TLSv1_2_method;
Packit b893dc
Packit b893dc 
	$ctx = Net::SSLeay::CTX_new_with_method(Net::SSLeay::TLSv1_2_method());
Packit b893dc 
    }
Packit b893dc 
    elsif ($round =~ /^TLSv1\.1/) {
Packit b893dc 
	return undef unless exists &Net::SSLeay::TLSv1_1_method;
Packit b893dc
Packit b893dc 
	$ctx = Net::SSLeay::CTX_new_with_method(Net::SSLeay::TLSv1_1_method());
Packit b893dc 
    }
Packit b893dc 
    else
Packit b893dc 
    {
Packit b893dc 
	$ctx = Net::SSLeay::CTX_new_with_method(Net::SSLeay::TLSv1_method());
Packit b893dc 
    }
Packit b893dc
Packit b893dc 
    return $ctx;
Packit b893dc 
}
Packit b893dc
Packit b893dc 
sub server
Packit b893dc 
{
Packit b893dc 
    # SSL server - just handle connections, send information to
Packit b893dc 
    # client and exit
Packit b893dc 
    my $cert_pem = File::Spec->catfile('t', 'data', 'testcert_wildcard.crt.pem');
Packit b893dc 
    my $key_pem = File::Spec->catfile('t', 'data', 'testcert_key_2048.pem');
Packit b893dc
Packit b893dc 
    $server = IO::Socket::INET->new( LocalAddr => '127.0.0.1', Listen => 3)
Packit b893dc 
	or BAIL_OUT("failed to create server socket: $!");
Packit b893dc
Packit b893dc 
    defined($pid = fork()) or BAIL_OUT("failed to fork: $!");
Packit b893dc 
    if ($pid == 0) {
Packit b893dc 
	my ($ctx, $ssl, $ret, $cl);
Packit b893dc
Packit b893dc 
	foreach my $round (@rounds)
Packit b893dc 
	{
Packit b893dc 
	    $cl = $server->accept or BAIL_OUT("accept failed: $!");
Packit b893dc
Packit b893dc 
	    $ctx = make_ctx($round);
Packit b893dc 
	    next unless $ctx;
Packit b893dc
Packit b893dc 
	    Net::SSLeay::set_cert_and_key($ctx, $cert_pem, $key_pem);
Packit b893dc 
	    Net::SSLeay::CTX_set_session_cache_mode($ctx, Net::SSLeay::SESS_CACHE_SERVER());
Packit b893dc 
	    # Need OP_NO_TICKET to enable server side (Session ID based) resumption.
Packit b893dc 
	    # See also SSL_CTX_set_options documenation about its use with TLSv1.3
Packit b893dc 
	    Net::SSLeay::CTX_set_options($ctx, Net::SSLeay::OP_ALL() | Net::SSLeay::OP_NO_TICKET())
Packit b893dc 
		if ($round !~ /^TLSv1\.3/);
Packit b893dc
Packit b893dc 
	    Net::SSLeay::CTX_sess_set_new_cb($ctx, sub {server_new_cb(@_, $ctx, $round);});
Packit b893dc 
	    Net::SSLeay::CTX_sess_set_remove_cb($ctx, sub {server_remove_cb(@_, $ctx, $round);});
Packit b893dc
Packit b893dc 
	    # Test set_num_tickets separately for CTX and SSL
Packit b893dc 
	    if (defined &Net::SSLeay::CTX_set_num_tickets)
Packit b893dc 
	    {
Packit b893dc 
		Net::SSLeay::CTX_set_num_tickets($ctx, 6) if ($round eq 'TLSv1.3-num-tickets-ctx-6');
Packit b893dc 
		Net::SSLeay::CTX_set_num_tickets($ctx, 0) if ($round eq 'TLSv1.3-num-tickets-ctx-0');
Packit b893dc 
		$server_stats{$round}->{get_num_tickets} = Net::SSLeay::CTX_get_num_tickets($ctx);
Packit b893dc 
	    }
Packit b893dc
Packit b893dc 
	    $ssl = Net::SSLeay::new($ctx);
Packit b893dc 
	    if (defined &Net::SSLeay::set_num_tickets)
Packit b893dc 
	    {
Packit b893dc 
		Net::SSLeay::set_num_tickets($ssl, 4) if ($round eq 'TLSv1.3-num-tickets-ssl');
Packit b893dc 
		$server_stats{$round}->{get_num_tickets} = Net::SSLeay::get_num_tickets($ssl);
Packit b893dc 
	    }
Packit b893dc 
	    Net::SSLeay::set_fd($ssl, fileno($cl));
Packit b893dc 
	    Net::SSLeay::accept($ssl);
Packit b893dc
Packit b893dc 
	    Net::SSLeay::write($ssl, "msg from server: $round");
Packit b893dc 
	    my $end = Net::SSLeay::read($ssl);
Packit b893dc 
	    #print "client said: $end\n";
Packit b893dc 
	    if ($end eq 'end')
Packit b893dc 
	    {
Packit b893dc 
		Net::SSLeay::write($ssl, $end);
Packit b893dc 
		Net::SSLeay::write($ssl, Storable::freeze(\%server_stats));
Packit b893dc 
	    }
Packit b893dc 
	    Net::SSLeay::shutdown($ssl);
Packit b893dc 
	    my $sess = Net::SSLeay::get1_session($ssl);
Packit b893dc 
	    $ret = Net::SSLeay::CTX_remove_session($ctx, $sess);
Packit b893dc
Packit b893dc 
	    if (defined &Net::SSLeay::SESSION_is_resumable) {
Packit b893dc 
		my $is_resumable = Net::SSLeay::SESSION_is_resumable($sess);
Packit b893dc 
		BAIL_OUT("is_resumable is not 0 or 1: $round") unless defined $is_resumable && ($is_resumable == 0 || $is_resumable == 1);
Packit b893dc 
		set_server_stat($round, 'old_session_is_resumable', $is_resumable);
Packit b893dc 
	    }
Packit b893dc
Packit b893dc 
	    Net::SSLeay::SESSION_free($sess) unless $ret; # Not cached, undo get1
Packit b893dc 
	    Net::SSLeay::free($ssl);
Packit b893dc 
	}
Packit b893dc 
	#use Data::Dumper; print "Server:\n" . Dumper(\%server_stats);
Packit b893dc 
	exit(0);
Packit b893dc 
    }
Packit b893dc 
}
Packit b893dc
Packit b893dc 
sub client {
Packit b893dc 
    # SSL client - connect to server and receive information that we
Packit b893dc 
    # compare to our expected values
Packit b893dc
Packit b893dc 
    my $saddr = $server->sockhost.':'.$server->sockport;
Packit b893dc 
    my ($ctx, $ssl, $ret, $cl);
Packit b893dc 
    my $end = "end";
Packit b893dc
Packit b893dc 
    foreach my $round (@rounds)
Packit b893dc 
    {
Packit b893dc 
	$cl = IO::Socket::INET->new($saddr)
Packit b893dc 
	    or BAIL_OUT("failed to connect to server: $!");
Packit b893dc
Packit b893dc 
	$ctx = make_ctx($round);
Packit b893dc 
	next unless $ctx;
Packit b893dc
Packit b893dc 
	Net::SSLeay::CTX_set_session_cache_mode($ctx, Net::SSLeay::SESS_CACHE_CLIENT());
Packit b893dc 
        Net::SSLeay::CTX_set_options($ctx, Net::SSLeay::OP_ALL());
Packit b893dc 
	Net::SSLeay::CTX_sess_set_new_cb($ctx, sub {client_new_cb(@_, $ctx, $round);});
Packit b893dc 
	Net::SSLeay::CTX_sess_set_remove_cb($ctx, sub {client_remove_cb(@_, $ctx, $round);});
Packit b893dc 
	$ssl = Net::SSLeay::new($ctx);
Packit b893dc
Packit b893dc 
	Net::SSLeay::set_fd($ssl, $cl);
Packit b893dc 
	Net::SSLeay::connect($ssl);
Packit b893dc 
	my $msg = Net::SSLeay::read($ssl);
Packit b893dc 
	#print "server said: $msg\n";
Packit b893dc 
	if ($round =~ /end/)
Packit b893dc 
	{
Packit b893dc 
	    Net::SSLeay::write($ssl, $end);
Packit b893dc 
	    last;
Packit b893dc 
	}
Packit b893dc
Packit b893dc 
	Net::SSLeay::write($ssl, "continue");
Packit b893dc 
	my $sess = Net::SSLeay::get1_session($ssl);
Packit b893dc 
	$ret = Net::SSLeay::CTX_remove_session($ctx, $sess);
Packit b893dc 
	Net::SSLeay::SESSION_free($sess) unless $ret; # Not cached, undo get1
Packit b893dc
Packit b893dc 
	if (defined &Net::SSLeay::SESSION_is_resumable) {
Packit b893dc 
	    my $is_resumable = Net::SSLeay::SESSION_is_resumable($sess);
Packit b893dc 
	    BAIL_OUT("is_resumable is not 0 or 1: $round") unless defined $is_resumable && ($is_resumable == 0 || $is_resumable == 1);
Packit b893dc 
	    set_client_stat($round, 'old_session_is_resumable', $is_resumable);
Packit b893dc 
	}
Packit b893dc
Packit b893dc 
	Net::SSLeay::shutdown($ssl);
Packit b893dc 
	Net::SSLeay::free($ssl);
Packit b893dc 
    }
Packit b893dc
Packit b893dc 
    # Server should have acked our end request. Also see that our connection is still up
Packit b893dc 
    my $server_end = Net::SSLeay::read($ssl);
Packit b893dc 
    is($server_end, $end, "Successful termination");
Packit b893dc
Packit b893dc 
    # Stats from server
Packit b893dc 
    my $server_stats_ref = Storable::thaw(Net::SSLeay::read($ssl));
Packit b893dc
Packit b893dc 
    my $sess = Net::SSLeay::get1_session($ssl);
Packit b893dc 
    $ret = Net::SSLeay::CTX_remove_session($ctx, $sess);
Packit b893dc 
    Net::SSLeay::SESSION_free($sess) unless $ret; # Not cached, undo get1
Packit b893dc 
    Net::SSLeay::shutdown($ssl);
Packit b893dc 
    Net::SSLeay::free($ssl);
Packit b893dc
Packit b893dc 
    test_stats($server_stats_ref, \%client_stats);
Packit b893dc
Packit b893dc 
    return;
Packit b893dc 
}
Packit b893dc
Packit b893dc 
sub test_stats
Packit b893dc 
{
Packit b893dc 
    my ($srv_stats, $clt_stats) = @_;
Packit b893dc
Packit b893dc 
    is($srv_stats->{'TLSv1'}->{new_cb_called}, 1, 'Server TLSv1 new_cb call count');
Packit b893dc 
    is($srv_stats->{'TLSv1'}->{new_params_ok}, 1, 'Server TLSv1 new_cb params were correct');
Packit b893dc 
    is($srv_stats->{'TLSv1'}->{remove_cb_called}, 1, 'Server TLSv1 remove_cb call count');
Packit b893dc 
    is($srv_stats->{'TLSv1'}->{remove_params_ok}, 1, 'Server TLSv1 remove_cb params were correct');
Packit b893dc
Packit b893dc 
    is($clt_stats->{'TLSv1'}->{new_cb_called}, 1, 'Client TLSv1 new_cb call count');
Packit b893dc 
    is($clt_stats->{'TLSv1'}->{new_params_ok}, 1, 'Client TLSv1 new_cb params were correct');
Packit b893dc 
    is($clt_stats->{'TLSv1'}->{remove_cb_called}, 1, 'Client TLSv1 remove_cb call count');
Packit b893dc 
    is($clt_stats->{'TLSv1'}->{remove_params_ok}, 1, 'Client TLSv1 remove_cb params were correct');
Packit b893dc
Packit b893dc 
    if (defined &Net::SSLeay::SESSION_is_resumable) {
Packit b893dc 
	is($srv_stats->{'TLSv1'}->{new_session_is_resumable}, 1, 'Server TLSv1 session is resumable');
Packit b893dc 
	is($srv_stats->{'TLSv1'}->{old_session_is_resumable}, 0, 'Server TLSv1 session is no longer resumable');
Packit b893dc
Packit b893dc 
	is($clt_stats->{'TLSv1'}->{new_session_is_resumable}, 1, 'Client TLSv1 session is resumable');
Packit b893dc 
	is($clt_stats->{'TLSv1'}->{old_session_is_resumable}, 0, 'Client TLSv1 session is no longer resumable');
Packit b893dc 
    } else {
Packit b893dc 
      SKIP: {
Packit b893dc 
	  skip('Do not have Net::SSLeay::SESSION_is_resumable', 4);
Packit b893dc 
	}
Packit b893dc 
    }
Packit b893dc
Packit b893dc 
    if (exists &Net::SSLeay::TLSv1_1_method)
Packit b893dc 
    {
Packit b893dc 
	# Should be the same as TLSv1
Packit b893dc 
	is($srv_stats->{'TLSv1.1'}->{new_cb_called}, 1, 'Server TLSv1.1 new_cb call count');
Packit b893dc 
	is($srv_stats->{'TLSv1.1'}->{new_params_ok}, 1, 'Server TLSv1.1 new_cb params were correct');
Packit b893dc 
	is($srv_stats->{'TLSv1.1'}->{remove_cb_called}, 1, 'Server TLSv1.1 remove_cb call count');
Packit b893dc 
	is($srv_stats->{'TLSv1.1'}->{remove_params_ok}, 1, 'Server TLSv1.1 remove_cb params were correct');
Packit b893dc 
	if (defined &Net::SSLeay::SESSION_is_resumable) {
Packit b893dc 
	    is($srv_stats->{'TLSv1.1'}->{new_session_is_resumable}, 1, 'Server TLSv1.1 session is resumable');
Packit b893dc 
	    is($srv_stats->{'TLSv1.1'}->{old_session_is_resumable}, 0, 'Server TLSv1.1 session is no longer resumable');
Packit b893dc
Packit b893dc 
	    is($clt_stats->{'TLSv1.1'}->{new_session_is_resumable}, 1, 'Client TLSv1.1 session is resumable');
Packit b893dc 
	    is($clt_stats->{'TLSv1.1'}->{old_session_is_resumable}, 0, 'Client TLSv1.1 session is no longer resumable');
Packit b893dc 
	} else {
Packit b893dc 
	  SKIP: {
Packit b893dc 
	      skip('Do not have Net::SSLeay::SESSION_is_resumable', 4);
Packit b893dc 
	    }
Packit b893dc 
	}
Packit b893dc
Packit b893dc 
	is($clt_stats->{'TLSv1.1'}->{new_cb_called}, 1, 'Client TLSv1.1 new_cb call count');
Packit b893dc 
	is($clt_stats->{'TLSv1.1'}->{new_params_ok}, 1, 'Client TLSv1.1 new_cb params were correct');
Packit b893dc 
	is($clt_stats->{'TLSv1.1'}->{remove_cb_called}, 1, 'Client TLSv1.1 remove_cb call count');
Packit b893dc 
	is($clt_stats->{'TLSv1.1'}->{remove_params_ok}, 1, 'Client TLSv1.1 remove_cb params were correct');
Packit b893dc 
    } else {
Packit b893dc 
      SKIP: {
Packit b893dc 
	  skip('Do not have support for TLSv1.1', 12);
Packit b893dc 
	}
Packit b893dc 
    }
Packit b893dc
Packit b893dc 
    if (exists &Net::SSLeay::TLSv1_2_method)
Packit b893dc 
    {
Packit b893dc 
	# Should be the same as TLSv1
Packit b893dc 
	is($srv_stats->{'TLSv1.2'}->{new_cb_called}, 1, 'Server TLSv1.2 new_cb call count');
Packit b893dc 
	is($srv_stats->{'TLSv1.2'}->{new_params_ok}, 1, 'Server TLSv1.2 new_cb params were correct');
Packit b893dc 
	is($srv_stats->{'TLSv1.2'}->{remove_cb_called}, 1, 'Server TLSv1.2 remove_cb call count');
Packit b893dc 
	is($srv_stats->{'TLSv1.2'}->{remove_params_ok}, 1, 'Server TLSv1.2 remove_cb params were correct');
Packit b893dc 
	if (defined &Net::SSLeay::SESSION_is_resumable) {
Packit b893dc 
	    is($srv_stats->{'TLSv1.2'}->{new_session_is_resumable}, 1, 'Server TLSv1.2 session is resumable');
Packit b893dc 
	    is($srv_stats->{'TLSv1.2'}->{old_session_is_resumable}, 0, 'Server TLSv1.2 session is no longer resumable');
Packit b893dc
Packit b893dc 
	    is($clt_stats->{'TLSv1.2'}->{new_session_is_resumable}, 1, 'Client TLSv1.2 session is resumable');
Packit b893dc 
	    is($clt_stats->{'TLSv1.2'}->{old_session_is_resumable}, 0, 'Client TLSv1.2 session is no longer resumable');
Packit b893dc 
	} else {
Packit b893dc 
	  SKIP: {
Packit b893dc 
	      skip('Do not have Net::SSLeay::SESSION_is_resumable', 4);
Packit b893dc 
	    }
Packit b893dc 
	}
Packit b893dc
Packit b893dc 
	is($clt_stats->{'TLSv1.2'}->{new_cb_called}, 1, 'Client TLSv1.2 new_cb call count');
Packit b893dc 
	is($clt_stats->{'TLSv1.2'}->{new_params_ok}, 1, 'Client TLSv1.2 new_cb params were correct');
Packit b893dc 
	is($clt_stats->{'TLSv1.2'}->{remove_cb_called}, 1, 'Client TLSv1.2 remove_cb call count');
Packit b893dc 
	is($clt_stats->{'TLSv1.2'}->{remove_params_ok}, 1, 'Client TLSv1.2 remove_cb params were correct');
Packit b893dc 
    } else {
Packit b893dc 
      SKIP: {
Packit b893dc 
	  skip('Do not have support for TLSv1.2', 12);
Packit b893dc 
	}
Packit b893dc 
    }
Packit b893dc
Packit b893dc 
    if (eval { Net::SSLeay::TLS1_3_VERSION(); })
Packit b893dc 
    {
Packit b893dc 
	# OpenSSL sends two session tickets by default: new_cb called two times
Packit b893dc 
	is($srv_stats->{'TLSv1.3'}->{new_cb_called}, 2, 'Server TLSv1.3 new_cb call count');
Packit b893dc 
	is($srv_stats->{'TLSv1.3'}->{new_params_ok}, 1, 'Server TLSv1.3 new_cb params were correct');
Packit b893dc 
	is($srv_stats->{'TLSv1.3'}->{remove_cb_called}, 1, 'Server TLSv1.3 remove_cb call count');
Packit b893dc 
	is($srv_stats->{'TLSv1.3'}->{remove_params_ok}, 1, 'Server TLSv1.3 remove_cb params were correct');
Packit b893dc 
	is($srv_stats->{'TLSv1.3-num-tickets-ssl'}->{get_num_tickets}, 4, 'Server TLSv1.3 get_num_tickets 4');
Packit b893dc 
	is($srv_stats->{'TLSv1.3-num-tickets-ssl'}->{new_cb_called}, 4, 'Server TLSv1.3 new_cb call count with set_num_tickets 4');
Packit b893dc 
	is($srv_stats->{'TLSv1.3-num-tickets-ctx-6'}->{get_num_tickets}, 6, 'Server TLSv1.3 CTX_get_num_tickets 6');
Packit b893dc 
	is($srv_stats->{'TLSv1.3-num-tickets-ctx-6'}->{new_cb_called}, 6, 'Server TLSv1.3 new_cb call count with CTX_set_num_tickets 6');
Packit b893dc 
	is($srv_stats->{'TLSv1.3-num-tickets-ctx-0'}->{get_num_tickets}, 0, 'Server TLSv1.3 CTX_get_num_tickets 0');
Packit b893dc 
	is($srv_stats->{'TLSv1.3-num-tickets-ctx-0'}->{new_cb_called}, undef, 'Server TLSv1.3 new_cb call count with CTX_set_num_tickets 0');
Packit b893dc 
	is($srv_stats->{'TLSv1.3'}->{new_session_is_resumable}, 1, 'Server TLSv1.3 session is resumable');
Packit b893dc 
	is($srv_stats->{'TLSv1.3'}->{old_session_is_resumable}, 0, 'Server TLSv1.3 session is no longer resumable');
Packit b893dc
Packit b893dc 
	is($clt_stats->{'TLSv1.3'}->{new_cb_called}, 2, 'Client TLSv1.3 new_cb call count');
Packit b893dc 
	is($clt_stats->{'TLSv1.3'}->{new_params_ok}, 1, 'Client TLSv1.3 new_cb params were correct');
Packit b893dc 
	is($clt_stats->{'TLSv1.3'}->{remove_cb_called}, 1, 'Client TLSv1.3 remove_cb call count');
Packit b893dc 
	is($clt_stats->{'TLSv1.3'}->{remove_params_ok}, 1, 'Client TLSv1.3 remove_cb params were correct');
Packit b893dc 
	is($clt_stats->{'TLSv1.3-num-tickets-ssl'}->{new_cb_called}, 4, 'Client TLSv1.3 new_cb call count with set_num_tickets 4');
Packit b893dc 
	is($clt_stats->{'TLSv1.3-num-tickets-ctx-6'}->{new_cb_called}, 6, 'Client TLSv1.3 new_cb call count with CTX_set_num_tickets 6');
Packit b893dc 
	is($clt_stats->{'TLSv1.3-num-tickets-ctx-0'}->{new_cb_called}, undef, 'Client TLSv1.3 new_cb call count with CTX_set_num_tickets 0');
Packit b893dc 
	is($clt_stats->{'TLSv1.3'}->{new_session_is_resumable}, 1, 'Client TLSv1.3 session is resumable');
Packit b893dc 
	is($clt_stats->{'TLSv1.3'}->{old_session_is_resumable}, 0, 'Client TLSv1.3 session is no longer resumable');
Packit b893dc 
    } else {
Packit b893dc 
      SKIP: {
Packit b893dc 
	  skip('Do not have support for TLSv1.3', 21);
Packit b893dc 
	}
Packit b893dc 
    }
Packit b893dc
Packit b893dc 
    #  use Data::Dumper; print "Server:\n" . Dumper(\%srv_stats);
Packit b893dc 
    #  use Data::Dumper; print "Client:\n" . Dumper(\%clt_stats);
Packit b893dc 
}
Packit b893dc
Packit b893dc 
server();
Packit b893dc 
client();
Packit b893dc 
waitpid $pid, 0;
Packit b893dc 
exit(0);

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation