Add ALPN tests to ssl-opt.sh

Only self-op for now, required peer versions are a bit high:
- OpenSSL 1.0.2-beta
- GnuTLS 3.2.0 (released 2013-05-10) (gnutls-cli only)
This commit is contained in:
Manuel Pégourié-Gonnard 2014-04-07 12:42:04 +02:00
parent 89e35798ae
commit f6521de17b
3 changed files with 91 additions and 3 deletions

View File

@ -396,7 +396,7 @@ static void ssl_write_alpn_ext( ssl_context *ssl,
return; return;
} }
SSL_DEBUG_MSG( 3, ( "client hello, adding ALPN extension" ) ); SSL_DEBUG_MSG( 3, ( "client hello, adding alpn extension" ) );
*p++ = (unsigned char)( ( TLS_EXT_ALPN >> 8 ) & 0xFF ); *p++ = (unsigned char)( ( TLS_EXT_ALPN >> 8 ) & 0xFF );
*p++ = (unsigned char)( ( TLS_EXT_ALPN ) & 0xFF ); *p++ = (unsigned char)( ( TLS_EXT_ALPN ) & 0xFF );

View File

@ -1450,7 +1450,7 @@ static int ssl_parse_client_hello( ssl_context *ssl )
#if defined(POLARSSL_SSL_ALPN) #if defined(POLARSSL_SSL_ALPN)
case TLS_EXT_ALPN: case TLS_EXT_ALPN:
SSL_DEBUG_MSG( 3, ( "found ALPN extension" ) ); SSL_DEBUG_MSG( 3, ( "found alpn extension" ) );
ret = ssl_parse_alpn_ext( ssl, ext + 4, ext_size ); ret = ssl_parse_alpn_ext( ssl, ext + 4, ext_size );
if( ret != 0 ) if( ret != 0 )
@ -1708,7 +1708,7 @@ static void ssl_write_alpn_ext( ssl_context *ssl,
return; return;
} }
SSL_DEBUG_MSG( 3, ( "server hello, alpn extension" ) ); SSL_DEBUG_MSG( 3, ( "server hello, adding alpn extension" ) );
/* /*
* 0 . 1 ext identifier * 0 . 1 ext identifier

View File

@ -804,6 +804,8 @@ run_test "Non-blocking I/O #7 (session-id resume)" \
-C "ssl_handshake returned" \ -C "ssl_handshake returned" \
-c "Read from server: .* bytes read" -c "Read from server: .* bytes read"
# Tests for version negotiation
run_test "Version check #1 (all -> 1.2)" \ run_test "Version check #1 (all -> 1.2)" \
"$P_SRV" \ "$P_SRV" \
"$P_CLI" \ "$P_CLI" \
@ -874,6 +876,92 @@ run_test "Version check #8 (srv min 1.2, cli max 1.1 -> fail)" \
-c "ssl_handshake returned" \ -c "ssl_handshake returned" \
-s "SSL - Handshake protocol not within min/max boundaries" -s "SSL - Handshake protocol not within min/max boundaries"
# Tests for ALPN extension
run_test "ALPN #0 (none)" \
"$P_SRV debug_level=4" \
"$P_CLI debug_level=4" \
0 \
-C "client hello, adding alpn extension" \
-S "found alpn extension" \
-C "got an alert message, type: \\[2:120]" \
-S "server hello, adding alpn extension" \
-C "found alpn extension " \
-C "Application Layer Protocol is" \
-S "Application Layer Protocol is"
run_test "ALPN #1 (client only)" \
"$P_SRV debug_level=4" \
"$P_CLI debug_level=4 alpn=abc,1234" \
0 \
-c "client hello, adding alpn extension" \
-s "found alpn extension" \
-C "got an alert message, type: \\[2:120]" \
-S "server hello, adding alpn extension" \
-C "found alpn extension " \
-c "Application Layer Protocol is (none)" \
-S "Application Layer Protocol is"
run_test "ALPN #2 (server only)" \
"$P_SRV debug_level=4 alpn=abc,1234" \
"$P_CLI debug_level=4" \
0 \
-C "client hello, adding alpn extension" \
-S "found alpn extension" \
-C "got an alert message, type: \\[2:120]" \
-S "server hello, adding alpn extension" \
-C "found alpn extension " \
-C "Application Layer Protocol is" \
-s "Application Layer Protocol is (none)"
run_test "ALPN #3 (both, common cli1-srv1)" \
"$P_SRV debug_level=4 alpn=abc,1234" \
"$P_CLI debug_level=4 alpn=abc,1234" \
0 \
-c "client hello, adding alpn extension" \
-s "found alpn extension" \
-C "got an alert message, type: \\[2:120]" \
-s "server hello, adding alpn extension" \
-c "found alpn extension" \
-c "Application Layer Protocol is abc" \
-s "Application Layer Protocol is abc"
run_test "ALPN #4 (both, common cli2-srv1)" \
"$P_SRV debug_level=4 alpn=abc,1234" \
"$P_CLI debug_level=4 alpn=1234,abc" \
0 \
-c "client hello, adding alpn extension" \
-s "found alpn extension" \
-C "got an alert message, type: \\[2:120]" \
-s "server hello, adding alpn extension" \
-c "found alpn extension" \
-c "Application Layer Protocol is abc" \
-s "Application Layer Protocol is abc"
run_test "ALPN #5 (both, common cli1-srv2)" \
"$P_SRV debug_level=4 alpn=abc,1234" \
"$P_CLI debug_level=4 alpn=1234,abcde" \
0 \
-c "client hello, adding alpn extension" \
-s "found alpn extension" \
-C "got an alert message, type: \\[2:120]" \
-s "server hello, adding alpn extension" \
-c "found alpn extension" \
-c "Application Layer Protocol is 1234" \
-s "Application Layer Protocol is 1234"
run_test "ALPN #6 (both, no common)" \
"$P_SRV debug_level=4 alpn=abc,123" \
"$P_CLI debug_level=4 alpn=1234,abcde" \
1 \
-c "client hello, adding alpn extension" \
-s "found alpn extension" \
-c "got an alert message, type: \\[2:120]" \
-S "server hello, adding alpn extension" \
-C "found alpn extension" \
-C "Application Layer Protocol is 1234" \
-S "Application Layer Protocol is 1234"
# Final report # Final report
echo "------------------------------------------------------------------------" echo "------------------------------------------------------------------------"