Add compression tests (439db0c9) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

test/handshake_helper.c

+3 −0

Original line number	Diff line number	Diff line
		@@ -1207,6 +1207,9 @@ static HANDSHAKE_RESULT *do_handshake_internal(
		ret->session_ticket = SSL_TEST_SESSION_TICKET_NO;
		else
		ret->session_ticket = SSL_TEST_SESSION_TICKET_YES;
		ret->compression = (SSL_get_current_compression(client.ssl) == NULL)
		? SSL_TEST_COMPRESSION_NO
		: SSL_TEST_COMPRESSION_YES;
		ret->session_ticket_do_not_call = server_ex_data.session_ticket_do_not_call;

		#ifndef OPENSSL_NO_NEXTPROTONEG

test/handshake_helper.h

+1 −0

Original line number	Diff line number	Diff line
		@@ -34,6 +34,7 @@ typedef struct handshake_result {
		ssl_servername_t servername;
		/* Session ticket status */
		ssl_session_ticket_t session_ticket;
		ssl_compression_t compression;
		/* Was this called on the second context? */
		int session_ticket_do_not_call;
		char *client_npn_negotiated;

test/recipes/80-test_ssl_new.t

+3 −1

Original line number	Diff line number	Diff line
		@@ -29,7 +29,7 @@ map { s/\^// } @conf_files if $^O eq "VMS";

		# We hard-code the number of tests to double-check that the globbing above
		# finds all files as expected.
		plan tests => 21; # = scalar @conf_srcs
		plan tests => 22; # = scalar @conf_srcs

		# Some test results depend on the configuration of enabled protocols. We only
		# verify generated sources in the default configuration.
		@@ -63,6 +63,7 @@ my %conf_dependent_tests = (
		"18-dtls-renegotiate.conf" => disabled("dtls1_2"),
		"19-mac-then-encrypt.conf" => !$is_default_tls,
		"20-cert-select.conf" => !$is_default_tls \|\| $no_dh \|\| $no_dsa,
		"22-compression.conf" => !$is_default_tls,
		);

		# Add your test here if it should be skipped for some compile-time
		@@ -87,6 +88,7 @@ my %skip = (
		"19-mac-then-encrypt.conf" => $no_pre_tls1_3,
		"20-cert-select.conf" => disabled("tls1_2") \|\| $no_ec,
		"21-key-update.conf" => disabled("tls1_3"),
		"22-compression.conf" => disabled("zlib") \|\| $no_tls,
		);

		foreach my $conf (@conf_files) {

test/ssl-tests/22-compression.conf

0 → 100644

+112 −0

Original line number	Diff line number	Diff line
		# Generated with generate_ssl_tests.pl

		num_tests = 4

		test-0 = 0-tlsv1_2-both-compress
		test-1 = 1-tlsv1_2-client-compress
		test-2 = 2-tlsv1_2-server-compress
		test-3 = 3-tlsv1_2-neither-compress
		# ===========================================================

		[0-tlsv1_2-both-compress]
		ssl_conf = 0-tlsv1_2-both-compress-ssl

		[0-tlsv1_2-both-compress-ssl]
		server = 0-tlsv1_2-both-compress-server
		client = 0-tlsv1_2-both-compress-client

		[0-tlsv1_2-both-compress-server]
		Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
		CipherString = DEFAULT
		Options = Compression
		PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem

		[0-tlsv1_2-both-compress-client]
		CipherString = DEFAULT
		MaxProtocol = TLSv1.2
		Options = Compression
		VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
		VerifyMode = Peer

		[test-0]
		CompressionExpected = Yes
		ExpectedResult = Success


		# ===========================================================

		[1-tlsv1_2-client-compress]
		ssl_conf = 1-tlsv1_2-client-compress-ssl

		[1-tlsv1_2-client-compress-ssl]
		server = 1-tlsv1_2-client-compress-server
		client = 1-tlsv1_2-client-compress-client

		[1-tlsv1_2-client-compress-server]
		Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
		CipherString = DEFAULT
		PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem

		[1-tlsv1_2-client-compress-client]
		CipherString = DEFAULT
		MaxProtocol = TLSv1.2
		Options = Compression
		VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
		VerifyMode = Peer

		[test-1]
		CompressionExpected = No
		ExpectedResult = Success


		# ===========================================================

		[2-tlsv1_2-server-compress]
		ssl_conf = 2-tlsv1_2-server-compress-ssl

		[2-tlsv1_2-server-compress-ssl]
		server = 2-tlsv1_2-server-compress-server
		client = 2-tlsv1_2-server-compress-client

		[2-tlsv1_2-server-compress-server]
		Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
		CipherString = DEFAULT
		Options = Compression
		PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem

		[2-tlsv1_2-server-compress-client]
		CipherString = DEFAULT
		MaxProtocol = TLSv1.2
		VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
		VerifyMode = Peer

		[test-2]
		CompressionExpected = No
		ExpectedResult = Success


		# ===========================================================

		[3-tlsv1_2-neither-compress]
		ssl_conf = 3-tlsv1_2-neither-compress-ssl

		[3-tlsv1_2-neither-compress-ssl]
		server = 3-tlsv1_2-neither-compress-server
		client = 3-tlsv1_2-neither-compress-client

		[3-tlsv1_2-neither-compress-server]
		Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
		CipherString = DEFAULT
		PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem

		[3-tlsv1_2-neither-compress-client]
		CipherString = DEFAULT
		MaxProtocol = TLSv1.2
		VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
		VerifyMode = Peer

		[test-3]
		CompressionExpected = No
		ExpectedResult = Success

test/ssl-tests/22-compression.conf.in

0 → 100644

+127 −0

Original line number	Diff line number	Diff line
		# -- mode: perl; --
		# Copyright 2016-2016 The OpenSSL Project Authors. All Rights Reserved.
		#
		# Licensed under the OpenSSL license (the "License"). You may not use
		# this file except in compliance with the License. You can obtain a copy
		# in the file LICENSE in the source distribution or at
		# https://www.openssl.org/source/license.html


		## Test Compression

		use strict;
		use warnings;

		package ssltests;
		use OpenSSL::Test::Utils;

		our @tests = ();

		our @tests_tls1_3 = (
		{
		name => "tlsv1_3-both-compress",
		server => {
		"Options" => "Compression"
		},
		client => {
		"Options" => "Compression"
		},
		test => {
		"CompressionExpected" => "No",
		"ExpectedResult" => "Success"
		}
		},
		{
		name => "tlsv1_3-client-compress",
		server => {
		},
		client => {
		"Options" => "Compression"
		},
		test => {
		"CompressionExpected" => "No",
		"ExpectedResult" => "Success"
		}
		},
		{
		name => "tlsv1_3-server-compress",
		server => {
		"Options" => "Compression"
		},
		client => {
		},
		test => {
		"CompressionExpected" => "No",
		"ExpectedResult" => "Success"
		}
		},
		{
		name => "tlsv1_3-neither-compress",
		server => {
		},
		client => {
		},
		test => {
		"CompressionExpected" => "No",
		"ExpectedResult" => "Success"
		}
		},
		);
		our @tests_tls1_2 = (
		{
		name => "tlsv1_2-both-compress",
		server => {
		"Options" => "Compression"
		},
		client => {
		"Options" => "Compression",
		"MaxProtocol" => "TLSv1.2"
		},
		test => {
		"CompressionExpected" => "Yes",
		"ExpectedResult" => "Success"
		}
		},
		{
		name => "tlsv1_2-client-compress",
		server => {
		},
		client => {
		"Options" => "Compression",
		"MaxProtocol" => "TLSv1.2"
		},
		test => {
		"CompressionExpected" => "No",
		"ExpectedResult" => "Success"
		}
		},
		{
		name => "tlsv1_2-server-compress",
		server => {
		"Options" => "Compression"
		},
		client => {
		"MaxProtocol" => "TLSv1.2"
		},
		test => {
		"CompressionExpected" => "No",
		"ExpectedResult" => "Success"
		}
		},
		{
		name => "tlsv1_2-neither-compress",
		server => {
		},
		client => {
		"MaxProtocol" => "TLSv1.2"
		},
		test => {
		"CompressionExpected" => "No",
		"ExpectedResult" => "Success"
		}
		},
		);

		push @tests, @tests_tls1_3 unless disabled("tls1_3");
		push @tests, @tests_tls1_2 unless alldisabled(("tls1_2", "tls1_1", "tls1",
		"ssl3"));