diff --git a/tests/gold_tests/pluginTest/stek_share/stek_share.test.py b/tests/gold_tests/pluginTest/stek_share/stek_share.test.py index fc6a3a63f7b..a3359aed050 100644 --- a/tests/gold_tests/pluginTest/stek_share/stek_share.test.py +++ b/tests/gold_tests/pluginTest/stek_share/stek_share.test.py @@ -303,12 +303,12 @@ def check_session(ev, test): tr2 = Test.AddTestRun("TLSv1.2 Session Ticket") tr2.Command = \ - 'echo -e "GET / HTTP/1.1\r\n" | openssl s_client -tls1_2 -connect 127.0.0.1:{0} -sess_out {5} && ' \ - 'echo -e "GET / HTTP/1.1\r\n" | openssl s_client -tls1_2 -connect 127.0.0.1:{0} -sess_in {5} && ' \ - 'echo -e "GET / HTTP/1.1\r\n" | openssl s_client -tls1_2 -connect 127.0.0.1:{1} -sess_in {5} && ' \ - 'echo -e "GET / HTTP/1.1\r\n" | openssl s_client -tls1_2 -connect 127.0.0.1:{2} -sess_in {5} && ' \ - 'echo -e "GET / HTTP/1.1\r\n" | openssl s_client -tls1_2 -connect 127.0.0.1:{3} -sess_in {5} && ' \ - 'echo -e "GET / HTTP/1.1\r\n" | openssl s_client -tls1_2 -connect 127.0.0.1:{4} -sess_in {5}' \ + 'printf "GET / HTTP/1.1\r\n" | openssl s_client -tls1_2 -connect 127.0.0.1:{0} -sess_out {5} && ' \ + 'printf "GET / HTTP/1.1\r\n" | openssl s_client -tls1_2 -connect 127.0.0.1:{0} -sess_in {5} && ' \ + 'printf "GET / HTTP/1.1\r\n" | openssl s_client -tls1_2 -connect 127.0.0.1:{1} -sess_in {5} && ' \ + 'printf "GET / HTTP/1.1\r\n" | openssl s_client -tls1_2 -connect 127.0.0.1:{2} -sess_in {5} && ' \ + 'printf "GET / HTTP/1.1\r\n" | openssl s_client -tls1_2 -connect 127.0.0.1:{3} -sess_in {5} && ' \ + 'printf "GET / HTTP/1.1\r\n" | openssl s_client -tls1_2 -connect 127.0.0.1:{4} -sess_in {5}' \ .format( ts1.Variables.ssl_port, ts2.Variables.ssl_port, diff --git a/tests/gold_tests/tls/test-nc-s_client.sh b/tests/gold_tests/tls/test-nc-s_client.sh index 58ddaf743ab..6e98ac0a43a 100644 --- a/tests/gold_tests/tls/test-nc-s_client.sh +++ b/tests/gold_tests/tls/test-nc-s_client.sh @@ -23,5 +23,5 @@ if openssl s_client --help 2>&1 | grep -q ignore_unexpected_eof then ignore_unexpected_eof='-ignore_unexpected_eof' fi -echo -e "This is a reply" | nc -l "$1" > test.out & +printf "This is a reply" | nc -l "$1" > test.out & echo "This is a test" | openssl s_client -servername bar.com -connect "localhost:$2" -ign_eof ${ignore_unexpected_eof} diff --git a/tests/gold_tests/tls/tls_session_reuse.test.py b/tests/gold_tests/tls/tls_session_reuse.test.py index 2d368483137..7e641a0a8b9 100644 --- a/tests/gold_tests/tls/tls_session_reuse.test.py +++ b/tests/gold_tests/tls/tls_session_reuse.test.py @@ -136,12 +136,12 @@ def check_session(ev, test): tr1 = Test.AddTestRun("TLSv1.2 Session Ticket") tr1.Command = \ - 'echo -e "GET / HTTP/1.1\r\n" | openssl s_client -tls1_2 -connect 127.0.0.1:{0} -sess_out {1} && ' \ - 'echo -e "GET / HTTP/1.1\r\n" | openssl s_client -tls1_2 -connect 127.0.0.1:{0} -sess_in {1} && ' \ - 'echo -e "GET / HTTP/1.1\r\n" | openssl s_client -tls1_2 -connect 127.0.0.1:{0} -sess_in {1} && ' \ - 'echo -e "GET / HTTP/1.1\r\n" | openssl s_client -tls1_2 -connect 127.0.0.1:{0} -sess_in {1} && ' \ - 'echo -e "GET / HTTP/1.1\r\n" | openssl s_client -tls1_2 -connect 127.0.0.1:{0} -sess_in {1} && ' \ - 'echo -e "GET / HTTP/1.1\r\n" | openssl s_client -tls1_2 -connect 127.0.0.1:{0} -sess_in {1}' \ + 'printf "GET / HTTP/1.1\r\n" | openssl s_client -tls1_2 -connect 127.0.0.1:{0} -sess_out {1} && ' \ + 'printf "GET / HTTP/1.1\r\n" | openssl s_client -tls1_2 -connect 127.0.0.1:{0} -sess_in {1} && ' \ + 'printf "GET / HTTP/1.1\r\n" | openssl s_client -tls1_2 -connect 127.0.0.1:{0} -sess_in {1} && ' \ + 'printf "GET / HTTP/1.1\r\n" | openssl s_client -tls1_2 -connect 127.0.0.1:{0} -sess_in {1} && ' \ + 'printf "GET / HTTP/1.1\r\n" | openssl s_client -tls1_2 -connect 127.0.0.1:{0} -sess_in {1} && ' \ + 'printf "GET / HTTP/1.1\r\n" | openssl s_client -tls1_2 -connect 127.0.0.1:{0} -sess_in {1}' \ .format(ts2.Variables.ssl_port, os.path.join(Test.RunDirectory, 'sess.dat')) tr1.ReturnCode = 0 tr1.Processes.Default.StartBefore(ts2) @@ -150,12 +150,12 @@ def check_session(ev, test): tr2 = Test.AddTestRun("Disabled Session Cache") tr2.Command = \ - 'echo -e "GET / HTTP/1.1\r\n" | openssl s_client -tls1_2 -connect 127.0.0.1:{0} -no_ticket -sess_out {1} && ' \ - 'echo -e "GET / HTTP/1.1\r\n" | openssl s_client -tls1_2 -connect 127.0.0.1:{0} -no_ticket -sess_in {1} && ' \ - 'echo -e "GET / HTTP/1.1\r\n" | openssl s_client -tls1_2 -connect 127.0.0.1:{0} -no_ticket -sess_in {1} && ' \ - 'echo -e "GET / HTTP/1.1\r\n" | openssl s_client -tls1_2 -connect 127.0.0.1:{0} -no_ticket -sess_in {1} && ' \ - 'echo -e "GET / HTTP/1.1\r\n" | openssl s_client -tls1_2 -connect 127.0.0.1:{0} -no_ticket -sess_in {1} && ' \ - 'echo -e "GET / HTTP/1.1\r\n" | openssl s_client -tls1_2 -connect 127.0.0.1:{0} -no_ticket -sess_in {1}' \ + 'printf "GET / HTTP/1.1\r\n" | openssl s_client -tls1_2 -connect 127.0.0.1:{0} -no_ticket -sess_out {1} && ' \ + 'printf "GET / HTTP/1.1\r\n" | openssl s_client -tls1_2 -connect 127.0.0.1:{0} -no_ticket -sess_in {1} && ' \ + 'printf "GET / HTTP/1.1\r\n" | openssl s_client -tls1_2 -connect 127.0.0.1:{0} -no_ticket -sess_in {1} && ' \ + 'printf "GET / HTTP/1.1\r\n" | openssl s_client -tls1_2 -connect 127.0.0.1:{0} -no_ticket -sess_in {1} && ' \ + 'printf "GET / HTTP/1.1\r\n" | openssl s_client -tls1_2 -connect 127.0.0.1:{0} -no_ticket -sess_in {1} && ' \ + 'printf "GET / HTTP/1.1\r\n" | openssl s_client -tls1_2 -connect 127.0.0.1:{0} -no_ticket -sess_in {1}' \ .format(ts3.Variables.ssl_port, os.path.join(Test.RunDirectory, 'sess.dat')) tr2.ReturnCode = 0 tr2.Processes.Default.StartBefore(ts3) diff --git a/tests/gold_tests/tls/tls_sni_ticket.test.py b/tests/gold_tests/tls/tls_sni_ticket.test.py index e5aec91f1bf..c42a35925ab 100644 --- a/tests/gold_tests/tls/tls_sni_ticket.test.py +++ b/tests/gold_tests/tls/tls_sni_ticket.test.py @@ -88,6 +88,8 @@ def setupTS( ts.Disk.records_config.update( { + 'proxy.config.diags.debug.enabled': 1, + 'proxy.config.diags.debug.tags': 'ssl|http', 'proxy.config.ssl.server.cert.path': f'{ts.Variables.SSLDir}', 'proxy.config.ssl.server.private_key.path': f'{ts.Variables.SSLDir}', 'proxy.config.exec_thread.autoconfig.scale': 1.0, @@ -172,17 +174,17 @@ def session_reuse_command(port: int, servername: str) -> str: """ return ( f'session_path=`mktemp` && ' - f'echo -e "GET / HTTP/1.1\\r\\nHost: {servername}\\r\\n\\r\\n" | ' + f'printf "GET / HTTP/1.1\\r\\nHost: {servername}\\r\\n\\r\\n" | ' f'openssl s_client -connect 127.0.0.1:{port} -servername {servername} -sess_out "$$session_path" -tls1_2 && ' - f'echo -e "GET / HTTP/1.1\\r\\nHost: {servername}\\r\\n\\r\\n" | ' + f'printf "GET / HTTP/1.1\\r\\nHost: {servername}\\r\\n\\r\\n" | ' f'openssl s_client -connect 127.0.0.1:{port} -servername {servername} -sess_in "$$session_path" -tls1_2 && ' - f'echo -e "GET / HTTP/1.1\\r\\nHost: {servername}\\r\\n\\r\\n" | ' + f'printf "GET / HTTP/1.1\\r\\nHost: {servername}\\r\\n\\r\\n" | ' f'openssl s_client -connect 127.0.0.1:{port} -servername {servername} -sess_in "$$session_path" -tls1_2 && ' - f'echo -e "GET / HTTP/1.1\\r\\nHost: {servername}\\r\\n\\r\\n" | ' + f'printf "GET / HTTP/1.1\\r\\nHost: {servername}\\r\\n\\r\\n" | ' f'openssl s_client -connect 127.0.0.1:{port} -servername {servername} -sess_in "$$session_path" -tls1_2 && ' - f'echo -e "GET / HTTP/1.1\\r\\nHost: {servername}\\r\\n\\r\\n" | ' + f'printf "GET / HTTP/1.1\\r\\nHost: {servername}\\r\\n\\r\\n" | ' f'openssl s_client -connect 127.0.0.1:{port} -servername {servername} -sess_in "$$session_path" -tls1_2 && ' - f'echo -e "GET / HTTP/1.1\\r\\nHost: {servername}\\r\\n\\r\\n" | ' + f'printf "GET / HTTP/1.1\\r\\nHost: {servername}\\r\\n\\r\\n" | ' f'openssl s_client -connect 127.0.0.1:{port} -servername {servername} -sess_in "$$session_path" -tls1_2') def add_tls12_enabled_run(self) -> None: @@ -206,7 +208,7 @@ def add_tls13_enabled_run(self) -> None: """ tr = Test.AddTestRun('sni.yaml sets TLSv1.3 ticket count') tr.Command = ( - f'echo -e "GET / HTTP/1.1\\r\\nHost: tickets-on.com\\r\\nConnection: close\\r\\n\\r\\n" | ' + f'printf "GET / HTTP/1.1\\r\\nHost: tickets-on.com\\r\\nConnection: close\\r\\n\\r\\n" | ' f'openssl s_client -connect 127.0.0.1:{self.ts_on.Variables.ssl_port} -servername tickets-on.com -tls1_3 -msg -ign_eof') tr.ReturnCode = 0 self.start_processes_if_needed(tr, start_server=True, start_ts_on=True) @@ -246,7 +248,7 @@ def add_tls13_disabled_run(self) -> None: """ tr = Test.AddTestRun('sni.yaml disables TLSv1.3 ticket issuance') tr.Command = ( - f'echo -e "GET / HTTP/1.1\\r\\nHost: tickets-off.com\\r\\nConnection: close\\r\\n\\r\\n" | ' + f'printf "GET / HTTP/1.1\\r\\nHost: tickets-off.com\\r\\nConnection: close\\r\\n\\r\\n" | ' f'openssl s_client -connect 127.0.0.1:{self.ts_off.Variables.ssl_port} -servername tickets-off.com -tls1_3 -msg -ign_eof' ) self.start_processes_if_needed(tr, start_server=True, start_ts_off=True) diff --git a/tests/gold_tests/tls/tls_ticket.test.py b/tests/gold_tests/tls/tls_ticket.test.py index d49421b219c..fa0e65d7546 100644 --- a/tests/gold_tests/tls/tls_ticket.test.py +++ b/tests/gold_tests/tls/tls_ticket.test.py @@ -63,7 +63,7 @@ tr = Test.AddTestRun("Create ticket") tr.Setup.Copy('file.ticket') -tr.Command = 'echo -e "GET / HTTP/1.0\r\n" | openssl s_client -tls1_2 -connect 127.0.0.1:{0} -sess_out ticket.out'.format( +tr.Command = 'printf "GET / HTTP/1.0\r\n" | openssl s_client -tls1_2 -connect 127.0.0.1:{0} -sess_out ticket.out'.format( ts.Variables.ssl_port) tr.ReturnCode = 0 tr.Processes.Default.StartBefore(server) @@ -101,7 +101,7 @@ def checkSession(ev): tr2 = Test.AddTestRun("Test ticket") tr2.Setup.Copy('file.ticket') -tr2.Command = 'echo -e "GET / HTTP/1.0\r\n" | openssl s_client -tls1_2 -connect 127.0.0.1:{0} -sess_in ticket.out'.format( +tr2.Command = 'printf "GET / HTTP/1.0\r\n" | openssl s_client -tls1_2 -connect 127.0.0.1:{0} -sess_in ticket.out'.format( ts2.Variables.ssl_port) tr2.Processes.Default.StartBefore(Test.Processes.ts2) tr2.ReturnCode = 0