X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=test%2Frecipes%2F70-test_sslcertstatus.t;h=ed01855863d31db8d51d3231dc5b74fae4ca07d5;hb=b83ace316282f05d8507561cc8129ec8491caade;hp=f7c6363cbba4cf34a8ee311910686aaf6a0bc0b3;hpb=83365051f5d91dece1973016dbdd6ce7541a5bcf;p=oweals%2Fopenssl.git diff --git a/test/recipes/70-test_sslcertstatus.t b/test/recipes/70-test_sslcertstatus.t old mode 100755 new mode 100644 index f7c6363cbb..ed01855863 --- a/test/recipes/70-test_sslcertstatus.t +++ b/test/recipes/70-test_sslcertstatus.t @@ -1,59 +1,13 @@ -#!/usr/bin/perl -# Written by Matt Caswell for the OpenSSL project. -# ==================================================================== -# Copyright (c) 1998-2015 The OpenSSL Project. All rights reserved. +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. # -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# -# 1. Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in -# the documentation and/or other materials provided with the -# distribution. -# -# 3. All advertising materials mentioning features or use of this -# software must display the following acknowledgment: -# "This product includes software developed by the OpenSSL Project -# for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -# -# 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -# endorse or promote products derived from this software without -# prior written permission. For written permission, please contact -# openssl-core@openssl.org. -# -# 5. Products derived from this software may not be called "OpenSSL" -# nor may "OpenSSL" appear in their names without prior written -# permission of the OpenSSL Project. -# -# 6. Redistributions of any form whatsoever must retain the following -# acknowledgment: -# "This product includes software developed by the OpenSSL Project -# for use in the OpenSSL Toolkit (http://www.openssl.org/)" -# -# THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -# EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -# ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -# OF THE POSSIBILITY OF SUCH DAMAGE. -# ==================================================================== -# -# This product includes cryptographic software written by Eric Young -# (eay@cryptsoft.com). This product includes software written by Tim -# Hudson (tjh@cryptsoft.com). +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html use strict; -use OpenSSL::Test qw/:DEFAULT cmdstr top_file top_dir/; +use OpenSSL::Test qw/:DEFAULT cmdstr srctop_file bldtop_dir/; use OpenSSL::Test::Utils; use TLSProxy::Proxy; @@ -61,28 +15,35 @@ my $test_name = "test_sslcertstatus"; setup($test_name); plan skip_all => "TLSProxy isn't usable on $^O" - if $^O =~ /^VMS$/; + if $^O =~ /^(VMS|MSWin32)$/; + +plan skip_all => "$test_name needs the dynamic engine feature enabled" + if disabled("engine") || disabled("dynamic-engine"); -plan skip_all => "$test_name needs the engine feature enabled" - if disabled("engine"); +plan skip_all => "$test_name needs the sock feature enabled" + if disabled("sock"); -plan skip_all => "$test_name can only be performed with OpenSSL configured shared" - if config("no_shared"); +plan skip_all => "$test_name needs the ocsp feature enabled" + if disabled("ocsp"); + +plan skip_all => "$test_name needs TLS enabled" + if alldisabled(available_protocols("tls")); -$ENV{OPENSSL_ENGINES} = top_dir("engines"); $ENV{OPENSSL_ia32cap} = '~0x200000200000000'; my $proxy = TLSProxy::Proxy->new( \&certstatus_filter, - cmdstr(app(["openssl"])), - top_file("apps", "server.pem") + cmdstr(app(["openssl"]), display => 1), + srctop_file("apps", "server.pem"), + (!$ENV{HARNESS_ACTIVE} || $ENV{HARNESS_VERBOSE}) ); +#Test 1: Sending a status_request extension in both ClientHello and +#ServerHello but then omitting the CertificateStatus message is valid +#TODO(TLS1.3): Temporarily disabling this test in TLS1.3 until we've completed +#the move the status request extension to the Certificate message. +$proxy->clientflags("-status -no_tls1_3"); +$proxy->start() or plan skip_all => "Unable to start up Proxy for tests"; plan tests => 1; - -#Test 1: Sending a status_request extension in both ClientHello and ServerHello -#but then omitting the CertificateStatus message is valid -$proxy->clientflags("-status"); -$proxy->start(); ok(TLSProxy::Message->success, "Missing CertificateStatus message"); sub certstatus_filter @@ -98,7 +59,7 @@ sub certstatus_filter if ($message->mt == TLSProxy::Message::MT_SERVER_HELLO) { #Add the status_request to the ServerHello even though we are not #going to send a CertificateStatus message - $message->set_extension(TLSProxy::ClientHello::EXT_STATUS_REQUEST, + $message->set_extension(TLSProxy::Message::EXT_STATUS_REQUEST, ""); $message->repack();