Skip to content

Commit

Permalink
Fix tests for 1.1.0-era OpenSSL
Browse files Browse the repository at this point in the history
  • Loading branch information
ctz committed Apr 10, 2017
1 parent bc086c4 commit bf41f9e
Show file tree
Hide file tree
Showing 9 changed files with 92 additions and 42 deletions.
1 change: 1 addition & 0 deletions Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,7 @@ mio = "0.5.1"
docopt = "0.6"
rustc-serialize = "0.3"
webpki-roots = "0.7"
regex = "0.2"

[[example]]
name = "bogo_shim"
Expand Down
52 changes: 52 additions & 0 deletions src/msgs/enums.rs
Original file line number Diff line number Diff line change
Expand Up @@ -320,6 +320,7 @@ pub enum HandshakeType {
ClientHello,
ServerHello,
NewSessionTicket,
EndOfEarlyData,
HelloRetryRequest,
EncryptedExtensions,
Certificate,
Expand All @@ -332,6 +333,7 @@ pub enum HandshakeType {
CertificateURL,
CertificateStatus,
KeyUpdate,
MessageHash,
Unknown(u8),
}

Expand All @@ -352,6 +354,7 @@ impl Codec for HandshakeType {
0x01 => HandshakeType::ClientHello,
0x02 => HandshakeType::ServerHello,
0x04 => HandshakeType::NewSessionTicket,
0x05 => HandshakeType::EndOfEarlyData,
0x06 => HandshakeType::HelloRetryRequest,
0x08 => HandshakeType::EncryptedExtensions,
0x0b => HandshakeType::Certificate,
Expand All @@ -364,6 +367,7 @@ impl Codec for HandshakeType {
0x15 => HandshakeType::CertificateURL,
0x16 => HandshakeType::CertificateStatus,
0x18 => HandshakeType::KeyUpdate,
0xfe => HandshakeType::MessageHash,
x => HandshakeType::Unknown(x),
})
}
Expand All @@ -376,6 +380,7 @@ impl HandshakeType {
HandshakeType::ClientHello => 0x01,
HandshakeType::ServerHello => 0x02,
HandshakeType::NewSessionTicket => 0x04,
HandshakeType::EndOfEarlyData => 0x05,
HandshakeType::HelloRetryRequest => 0x06,
HandshakeType::EncryptedExtensions => 0x08,
HandshakeType::Certificate => 0x0b,
Expand All @@ -388,6 +393,7 @@ impl HandshakeType {
HandshakeType::CertificateURL => 0x15,
HandshakeType::CertificateStatus => 0x16,
HandshakeType::KeyUpdate => 0x18,
HandshakeType::MessageHash => 0xfe,
HandshakeType::Unknown(v) => v,
}
}
Expand Down Expand Up @@ -471,6 +477,7 @@ pub enum AlertDescription {
BadCertificateHashValue,
UnknownPSKIdentity,
CertificateRequired,
NoApplicationProtocol,
Unknown(u8),
}

Expand Down Expand Up @@ -520,6 +527,7 @@ impl Codec for AlertDescription {
0x72 => AlertDescription::BadCertificateHashValue,
0x73 => AlertDescription::UnknownPSKIdentity,
0x74 => AlertDescription::CertificateRequired,
0x78 => AlertDescription::NoApplicationProtocol,
x => AlertDescription::Unknown(x),
})
}
Expand Down Expand Up @@ -561,6 +569,7 @@ impl AlertDescription {
AlertDescription::BadCertificateHashValue => 0x72,
AlertDescription::UnknownPSKIdentity => 0x73,
AlertDescription::CertificateRequired => 0x74,
AlertDescription::NoApplicationProtocol => 0x78,
AlertDescription::Unknown(v) => v,
}
}
Expand Down Expand Up @@ -638,6 +647,8 @@ pub enum ExtensionType {
Cookie,
PSKKeyExchangeModes,
TicketEarlyDataInfo,
CertificateAuthorities,
OIDFilters,
NextProtocolNegotiation,
ChannelId,
RenegotiationInfo,
Expand Down Expand Up @@ -684,6 +695,8 @@ impl Codec for ExtensionType {
0x002c => ExtensionType::Cookie,
0x002d => ExtensionType::PSKKeyExchangeModes,
0x002e => ExtensionType::TicketEarlyDataInfo,
0x002f => ExtensionType::CertificateAuthorities,
0x0030 => ExtensionType::OIDFilters,
0x3374 => ExtensionType::NextProtocolNegotiation,
0x754f => ExtensionType::ChannelId,
0xff01 => ExtensionType::RenegotiationInfo,
Expand Down Expand Up @@ -722,6 +735,8 @@ impl ExtensionType {
ExtensionType::Cookie => 0x002c,
ExtensionType::PSKKeyExchangeModes => 0x002d,
ExtensionType::TicketEarlyDataInfo => 0x002e,
ExtensionType::CertificateAuthorities => 0x002f,
ExtensionType::OIDFilters => 0x0030,
ExtensionType::NextProtocolNegotiation => 0x3374,
ExtensionType::ChannelId => 0x754f,
ExtensionType::RenegotiationInfo => 0xff01,
Expand Down Expand Up @@ -2389,3 +2404,40 @@ impl KeyUpdateRequest {
}
}
}

/// The `CertificateStatusType` TLS protocol enum. Values in this enum are taken
/// from the various RFCs covering TLS, and are listed by IANA.
/// The `Unknown` item is used when processing unrecognised ordinals.
#[derive(Debug, PartialEq, Eq, Clone, Copy)]
pub enum CertificateStatusType {
OCSP,
Unknown(u8),
}

impl Codec for CertificateStatusType {
fn encode(&self, bytes: &mut Vec<u8>) {
encode_u8(self.get_u8(), bytes);
}

fn read(r: &mut Reader) -> Option<CertificateStatusType> {
let u = read_u8(r);

if u.is_none() {
return None;
}

Some(match u.unwrap() {
0x01 => CertificateStatusType::OCSP,
x => CertificateStatusType::Unknown(x),
})
}
}

impl CertificateStatusType {
pub fn get_u8(&self) -> u8 {
match *self {
CertificateStatusType::OCSP => 0x01,
CertificateStatusType::Unknown(v) => v,
}
}
}
2 changes: 1 addition & 1 deletion src/msgs/enums_test.rs
Original file line number Diff line number Diff line change
Expand Up @@ -56,7 +56,7 @@ fn test_enums() {
test_enum8::<HandshakeType>(HandshakeType::HelloRequest, HandshakeType::KeyUpdate);
test_enum8::<AlertLevel>(AlertLevel::Warning, AlertLevel::Fatal);
test_enum8::<AlertDescription>(AlertDescription::CloseNotify,
AlertDescription::CertificateRequired);
AlertDescription::NoApplicationProtocol);
test_enum8::<HeartbeatMessageType>(HeartbeatMessageType::Request,
HeartbeatMessageType::Response);
test_enum16::<ExtensionType>(ExtensionType::ServerName, ExtensionType::RenegotiationInfo);
Expand Down
16 changes: 8 additions & 8 deletions tests/badssl.rs
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ mod online {
polite();
connect("cbc.badssl.com")
.fails()
.expect("TLS error: AlertReceived(HandshakeFailure)")
.expect(r"TLS error: AlertReceived\(HandshakeFailure\)")
.go()
.unwrap();
}
Expand All @@ -28,7 +28,7 @@ mod online {
polite();
connect("rc4.badssl.com")
.fails()
.expect("TLS error: AlertReceived(HandshakeFailure)")
.expect(r"TLS error: AlertReceived\(HandshakeFailure\)")
.go()
.unwrap();
}
Expand All @@ -38,7 +38,7 @@ mod online {
polite();
connect("expired.badssl.com")
.fails()
.expect("TLS error: WebPKIError(CertExpired)")
.expect(r"TLS error: WebPKIError\(CertExpired\)")
.go()
.unwrap();
}
Expand All @@ -48,7 +48,7 @@ mod online {
polite();
connect("wrong.host.badssl.com")
.fails()
.expect("TLS error: WebPKIError(CertNotValidForName)")
.expect(r"TLS error: WebPKIError\(CertNotValidForName\)")
.go()
.unwrap();
}
Expand All @@ -58,7 +58,7 @@ mod online {
polite();
connect("self-signed.badssl.com")
.fails()
.expect("TLS error: WebPKIError(UnknownIssuer)")
.expect(r"TLS error: WebPKIError\(UnknownIssuer\)")
.go()
.unwrap();
}
Expand All @@ -68,7 +68,7 @@ mod online {
polite();
connect("dh2048.badssl.com")
.fails()
.expect("TLS error: AlertReceived(HandshakeFailure)")
.expect(r"TLS error: AlertReceived\(HandshakeFailure\)")
.go()
.unwrap();
}
Expand Down Expand Up @@ -124,7 +124,7 @@ mod online {
polite();
connect("10000-sans.badssl.com")
.fails()
.expect("TLS error: CorruptMessagePayload(Handshake)")
.expect(r"TLS error: CorruptMessagePayload\(Handshake\)")
.go()
.unwrap();
}
Expand All @@ -143,7 +143,7 @@ mod online {
polite();
connect("sha1-2016.badssl.com")
.fails()
.expect("TLS error: WebPKIError(CertExpired)")
.expect(r"TLS error: WebPKIError\(CertExpired\)")
.go()
.unwrap();
}
Expand Down
15 changes: 11 additions & 4 deletions tests/common/mod.rs
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,9 @@ use std::time;
use std::net;
use std::env;

extern crate regex;
use self::regex::Regex;

// For tests which connect to internet servers, don't go crazy.
pub fn polite() {
thread::sleep(time::Duration::from_secs(1));
Expand Down Expand Up @@ -266,15 +269,17 @@ impl TlsClient {
let stderr_str = unsafe { String::from_utf8_unchecked(output.stderr.clone()) };

for expect in &self.expect_output {
if stdout_str.find(expect).is_none() {
let re = Regex::new(expect).unwrap();
if re.find(&stdout_str).is_none() {
println!("We expected to find '{}' in the following output:", expect);
println!("{:?}", output);
panic!("Test failed");
}
}

for expect in &self.expect_log {
if stderr_str.find(expect).is_none() {
let re = Regex::new(expect).unwrap();
if re.find(&stderr_str).is_none() {
println!("We expected to find '{}' in the following output:", expect);
println!("{:?}", output);
panic!("Test failed");
Expand Down Expand Up @@ -648,15 +653,17 @@ impl OpenSSLClient {
print!("{}", stderr_str);

for expect in &self.expect_output {
if stdout_str.find(expect).is_none() {
let re = Regex::new(expect).unwrap();
if re.find(&stdout_str).is_none() {
println!("We expected to find '{}' in the following output:", expect);
println!("{:?}", output);
panic!("Test failed");
}
}

for expect in &self.expect_log {
if stderr_str.find(expect).is_none() {
let re = Regex::new(expect).unwrap();
if re.find(&stderr_str).is_none() {
println!("We expected to find '{}' in the following output:", expect);
println!("{:?}", output);
panic!("Test failed");
Expand Down
6 changes: 2 additions & 4 deletions tests/curves.rs
Original file line number Diff line number Diff line change
Expand Up @@ -11,8 +11,7 @@ fn curve_nistp256() {
server.run();
server.client()
.verbose()
.expect_log("ECDHE curve is ECParameters { curve_type: NamedCurve, named_group: \
secp256r1 }")
.expect_log(r"ECDHE curve is ECParameters \{ curve_type: NamedCurve, named_group: secp256r1 \}")
.go();
server.kill();
}
Expand All @@ -24,8 +23,7 @@ fn curve_nistp384() {
server.run();
server.client()
.verbose()
.expect_log("ECDHE curve is ECParameters { curve_type: NamedCurve, named_group: \
secp384r1 }")
.expect_log(r"ECDHE curve is ECParameters \{ curve_type: NamedCurve, named_group: secp384r1 \}")
.go();
server.kill();
}
6 changes: 3 additions & 3 deletions tests/errors.rs
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ fn no_tls12() {
.verbose()
.fails()
.expect_log("TLS alert received:")
.expect("TLS error: AlertReceived(HandshakeFailure)")
.expect(r"TLS error: AlertReceived\(HandshakeFailure\)")
.go();
}

Expand All @@ -33,7 +33,7 @@ fn no_ecdhe() {
.verbose()
.fails()
.expect_log("TLS alert received:")
.expect("TLS error: AlertReceived(HandshakeFailure)")
.expect(r"TLS error: AlertReceived\(HandshakeFailure\)")
.go();
}

Expand All @@ -47,6 +47,6 @@ fn tls11_only() {
.verbose()
.fails()
.expect_log("TLS alert received:")
.expect("TLS error: AlertReceived(HandshakeFailure)")
.expect(r"TLS error: AlertReceived\(HandshakeFailure\)")
.go();
}

0 comments on commit bf41f9e

Please sign in to comment.