From: Matt Caswell <matt@openssl.org>
Date: Tue, 14 Jun 2016 13:35:26 +0000 (+0100)
Subject: Skip the TLSProxy tests if environmental problems are an issue
X-Git-Tag: OpenSSL_1_1_0-pre6~421
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=b02b57431718b74ddaf24cc3db004f145311abac;p=oweals%2Fopenssl.git
Skip the TLSProxy tests if environmental problems are an issue
On some platforms we can't startup the TLSProxy due to environmental
problems (e.g. network set up on the build machine). These aren't OpenSSL
problems so we shouldn't treat them as test failures. Just visibly
indicate that we are skipping the test.
We only skip the first time we attempt to start up the proxy. If that works
then everything else should do...if not we should probably investigate and
so report as a failure.
This also removes test_networking...there is a danger that this turns into
a test of user's environmental set up rather than OpenSSL.
Reviewed-by: Richard Levitte <levitte@openssl.org>
---
diff --git a/test/recipes/70-test_sslcertstatus.t b/test/recipes/70-test_sslcertstatus.t
index 9eb5116e7c..f700f92885 100755
--- a/test/recipes/70-test_sslcertstatus.t
+++ b/test/recipes/70-test_sslcertstatus.t
@@ -37,12 +37,11 @@ my $proxy = TLSProxy::Proxy->new(
(!$ENV{HARNESS_ACTIVE} || $ENV{HARNESS_VERBOSE})
);
-plan tests => 1;
-
-#Test 1: Sending a status_request extension in both ClientHello and ServerHello
-#but then omitting the CertificateStatus message is valid
+#Test 1: Sending a status_request extension in both ClientHello and
+#ServerHello but then omitting the CertificateStatus message is valid
$proxy->clientflags("-status");
-$proxy->start();
+$proxy->start() or plan skip_all => "Unable to start up Proxy for tests";
+plan tests => 1;
ok(TLSProxy::Message->success, "Missing CertificateStatus message");
sub certstatus_filter
diff --git a/test/recipes/70-test_sslextension.t b/test/recipes/70-test_sslextension.t
index 1084c9674d..7f69f649b3 100755
--- a/test/recipes/70-test_sslextension.t
+++ b/test/recipes/70-test_sslextension.t
@@ -34,10 +34,9 @@ my $proxy = TLSProxy::Proxy->new(
(!$ENV{HARNESS_ACTIVE} || $ENV{HARNESS_VERBOSE})
);
-plan tests => 3;
-
# Test 1: Sending a zero length extension block should pass
-$proxy->start();
+$proxy->start() or plan skip_all => "Unable to start up Proxy for tests";
+plan tests => 3;
ok(TLSProxy::Message->success, "Zero extension length test");
sub extension_filter
@@ -111,4 +110,3 @@ $proxy->clear();
$proxy->filter(\&inject_duplicate_extension_serverhello);
$proxy->start();
ok(TLSProxy::Message->fail(), "Duplicate ServerHello extension");
-
diff --git a/test/recipes/70-test_sslrecords.t b/test/recipes/70-test_sslrecords.t
index beacc4ad9a..b0e37398fb 100644
--- a/test/recipes/70-test_sslrecords.t
+++ b/test/recipes/70-test_sslrecords.t
@@ -34,12 +34,11 @@ my $proxy = TLSProxy::Proxy->new(
(!$ENV{HARNESS_ACTIVE} || $ENV{HARNESS_VERBOSE})
);
-plan tests => 3;
-
#Test 1: Injecting out of context empty records should fail
my $content_type = TLSProxy::Record::RT_APPLICATION_DATA;
my $inject_recs_num = 1;
-$proxy->start();
+$proxy->start() or plan skip_all => "Unable to start up Proxy for tests";
+plan tests => 3;
ok(TLSProxy::Message->fail(), "Out of context empty records test");
#Test 2: Injecting in context empty records should succeed
diff --git a/test/recipes/70-test_sslsessiontick.t b/test/recipes/70-test_sslsessiontick.t
index aeed99c6b6..89ef12f75b 100755
--- a/test/recipes/70-test_sslsessiontick.t
+++ b/test/recipes/70-test_sslsessiontick.t
@@ -45,12 +45,11 @@ my $proxy = TLSProxy::Proxy->new(
(!$ENV{HARNESS_ACTIVE} || $ENV{HARNESS_VERBOSE})
);
-plan tests => 10;
-
#Test 1: By default with no existing session we should get a session ticket
#Expected result: ClientHello extension seen; ServerHello extension seen
# NewSessionTicket message seen; Full handshake
-$proxy->start();
+$proxy->start() or plan skip_all => "Unable to start up Proxy for tests";
+plan tests => 10;
checkmessages(1, "Default session ticket test", 1, 1, 1, 1);
#Test 2: If the server does not accept tickets we should get a normal handshake
diff --git a/test/recipes/70-test_sslskewith0p.t b/test/recipes/70-test_sslskewith0p.t
index ca8dfe7681..bfdee8b739 100755
--- a/test/recipes/70-test_sslskewith0p.t
+++ b/test/recipes/70-test_sslskewith0p.t
@@ -37,13 +37,12 @@ my $proxy = TLSProxy::Proxy->new(
(!$ENV{HARNESS_ACTIVE} || $ENV{HARNESS_VERBOSE})
);
-plan tests => 1;
-
#We must use an anon DHE cipher for this test
$proxy->cipherc('ADH-AES128-SHA:@SECLEVEL=0');
$proxy->ciphers('ADH-AES128-SHA:@SECLEVEL=0');
-$proxy->start();
+$proxy->start() or plan skip_all => "Unable to start up Proxy for tests";
+plan tests => 1;
ok(TLSProxy::Message->fail, "ServerKeyExchange with 0 p");
sub ske_0_p_filter
diff --git a/test/recipes/70-test_sslvertol.t b/test/recipes/70-test_sslvertol.t
index af82a8c121..f8c94e91df 100755
--- a/test/recipes/70-test_sslvertol.t
+++ b/test/recipes/70-test_sslvertol.t
@@ -34,11 +34,10 @@ my $proxy = TLSProxy::Proxy->new(
(!$ENV{HARNESS_ACTIVE} || $ENV{HARNESS_VERBOSE})
);
-plan tests => 2;
-
#Test 1: Asking for TLS1.3 should pass
my $client_version = TLSProxy::Record::VERS_TLS_1_3;
-$proxy->start();
+$proxy->start() or plan skip_all => "Unable to start up Proxy for tests";
+plan tests => 2;
ok(TLSProxy::Message->success(), "Version tolerance test, TLS 1.3");
#Test 2: Testing something below SSLv3 should fail
diff --git a/test/recipes/70-test_tlsextms.t b/test/recipes/70-test_tlsextms.t
index 25cc627381..1248594c06 100644
--- a/test/recipes/70-test_tlsextms.t
+++ b/test/recipes/70-test_tlsextms.t
@@ -46,15 +46,14 @@ my $proxy = TLSProxy::Proxy->new(
(!$ENV{HARNESS_ACTIVE} || $ENV{HARNESS_VERBOSE})
);
-plan tests => 9;
-
#Test 1: By default server and client should send extended master secret
# extension.
#Expected result: ClientHello extension seen; ServerHello extension seen
# Full handshake
setrmextms(0, 0);
-$proxy->start();
+$proxy->start() or plan skip_all => "Unable to start up Proxy for tests";
+plan tests => 9;
checkmessages(1, "Default extended master secret test", 1, 1, 1);
#Test 2: If client omits extended master secret extension, server should too.
diff --git a/test/recipes/90-test_networking.t b/test/recipes/90-test_networking.t
deleted file mode 100644
index 4f984cb908..0000000000
--- a/test/recipes/90-test_networking.t
+++ /dev/null
@@ -1,67 +0,0 @@
-#! /usr/bin/env perl
-# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
-#
-# Licensed under the OpenSSL license (the "License"). You may not use
-# this file except in compliance with the License. You can obtain a copy
-# in the file LICENSE in the source distribution or at
-# https://www.openssl.org/source/license.html
-
-use strict;
-use OpenSSL::Test qw/:DEFAULT cmdstr srctop_file bldtop_file bldtop_dir/;
-use OpenSSL::Test::Utils;
-use TLSProxy::Proxy;
-
-my $test_name = "test_networking";
-setup($test_name);
-
-plan skip_all => "TLSProxy isn't usable on $^O"
- if $^O =~ /^(VMS|MSWin32)$/;
-
-plan skip_all => "$test_name needs the dynamic engine feature enabled"
- if disabled("engine") || disabled("dynamic-engine");
-
-plan skip_all => "$test_name needs the sock feature enabled"
- if disabled("sock");
-
-$ENV{OPENSSL_ia32cap} = '~0x200000200000000';
-
-my $proxy = TLSProxy::Proxy->new(
- undef,
- cmdstr(app(["openssl"]), display => 1),
- srctop_file("apps", "server.pem"),
- (!$ENV{HARNESS_ACTIVE} || $ENV{HARNESS_VERBOSE})
-);
-
-plan tests => 2;
-
-#Test 1: Try IPv4
-$proxy->clear();
-$proxy->serverflags("-4");
-$proxy->clientflags("-4");
-$proxy->server_addr("127.0.0.1");
-$proxy->proxy_addr("127.0.0.1");
-ok(check_connection(), "Trying IPv4");
-
- SKIP: {
- skip "No IPv6 support", 1 unless $proxy->supports_IPv6();
-
- #Test 2: Try IPv6
- $proxy->clear();
- $proxy->serverflags("-6");
- $proxy->clientflags("-6");
- $proxy->server_addr("[::1]");
- $proxy->proxy_addr("[::1]");
- ok(check_connection(), "Trying IPv6");
-}
-
-sub check_connection
-{
- eval { $proxy->start(); };
-
- if ($@ ne "") {
- print STDERR "Proxy connection failed: $@\n";
- return 0;
- }
-
- 1;
-}
diff --git a/util/TLSProxy/Proxy.pm b/util/TLSProxy/Proxy.pm
index 3b03ea9eeb..e0ce43aa77 100644
--- a/util/TLSProxy/Proxy.pm
+++ b/util/TLSProxy/Proxy.pm
@@ -161,7 +161,7 @@ sub start
}
$self->serverpid($pid);
- $self->clientstart;
+ return $self->clientstart;
}
sub clientstart
@@ -188,7 +188,8 @@ sub clientstart
if ($proxy_sock) {
print "Proxy started on port ".$self->proxy_port."\n";
} else {
- die "Failed creating proxy socket (".$proxaddr.",".$self->proxy_port."): $!\n";
+ warn "Failed creating proxy socket (".$proxaddr.",".$self->proxy_port."): $!\n";
+ return 0;
}
if ($self->execute) {
@@ -213,8 +214,11 @@ sub clientstart
}
# Wait for incoming connection from client
- my $client_sock = $proxy_sock->accept()
- or die "Failed accepting incoming connection: $!\n";
+ my $client_sock;
+ if(!($client_sock = $proxy_sock->accept())) {
+ warn "Failed accepting incoming connection: $!\n";
+ return 0;
+ }
print "Connection opened\n";
@@ -245,7 +249,8 @@ sub clientstart
#Sleep for a short while
select(undef, undef, undef, 0.1);
} else {
- die "Failed to start up server (".$servaddr.",".$self->server_port."): $!\n";
+ warn "Failed to start up server (".$servaddr.",".$self->server_port."): $!\n";
+ return 0;
}
}
} while (!$server_sock);
@@ -295,6 +300,7 @@ sub clientstart
.$self->serverpid."\n";
waitpid( $self->serverpid, 0);
}
+ return 1;
}
sub process_packet