Add support for arbitrary TLS extensions.

Contributed by Trevor Perrin.
2013-05-12 18:55:27 -07:00
parent 6d84daa5d6
commit a398f821fa
17 changed files with 791 additions and 5 deletions
--- a/test/Makefile
+++ b/test/Makefile
@@ -331,7 +331,7 @@ test_engine: $(ENGINETEST)

 test_ssl: keyU.ss certU.ss certCA.ss certP1.ss keyP1.ss certP2.ss keyP2.ss \
 		intP1.ss intP2.ss $(SSLTEST) testssl testsslproxy \
-		../apps/server2.pem
+		../apps/server2.pem serverinfo.pem
 	@echo "test SSL protocol"
 	../util/shlib_wrap.sh ./$(SSLTEST) -test_cipherlist
 	@sh ./testssl keyU.ss certU.ss certCA.ss
--- a/test/serverinfo.pem
+++ b/test/serverinfo.pem
@@ -0,0 +1,16 @@
+-----BEGIN SCT-----
+ABIAZMevsj4TC5rgwjZNciLGwh15YXoIK9t5aypGJIG4QzyMowmwwDdqxudkUcGa
+DvuqlYL7psO5j4/BIHTe677CAZBBH3Ho2NOM5q1zub4AbfUMlKeufuQgeQ2Tj1oe
+LJLRzrwDnPs=
+-----END SCT-----
+
+-----BEGIN TACK EXTENSION-----
+8wABTwFMh1Dz+3W6zULWJKjav5TNaFEXL1h98YtCXeyZnORYg4mbKpxH5CMbjpgx
+To3amSqUPF4Ntjc/i9+poutxebYkbgAAAkMcxb8+RaM9YEywaJEGViKJJmpYG/gJ
+HgfGaefI9kKbXSDmP9ntg8dLvDzuyYw14ktM2850Q9WvBiltpekilZxVuT2bFtfs
+cmS++SAK9YOM8RrKhL1TLmrktoBEJZ6z5GTukYdQ8/t1us1C1iSo2r+UzWhRFy9Y
+ffGLQl3smZzkWIOJmyqcR+QjG46YMU6N2pkqlDxeDbY3P4vfqaLrcXm2JG4AAAGN
+xXQJPbdniI9rEydVXb1Cu1yT/t7FBEx6hLxuoypXjCI1wCGpXsd8zEnloR0Ank5h
+VO/874E/BZlItzSPpcmDKl5Def6BrAJTErQlE9npo52S05YWORxJw1+VYBdqQ09A
+x3wA
+-----END TACK EXTENSION-----
--- a/test/testssl
+++ b/test/testssl
@@ -30,6 +30,8 @@ else
  extra="$4"
 fi

+serverinfo="./serverinfo.pem"
+
 #############################################################################

 echo test sslv2
@@ -176,6 +178,14 @@ $ssltest -bio_pair -tls1 -npn_client -npn_server || exit 1
 $ssltest -bio_pair -tls1 -npn_client -npn_server -num 2 || exit 1
 $ssltest -bio_pair -tls1 -npn_client -npn_server -num 2 -reuse || exit 1

+#############################################################################
+# Serverinfo tests
+
+$ssltest -bio_pair -tls1 -serverinfo_file $serverinfo || exit 1
+$ssltest -bio_pair -tls1 -serverinfo_file $serverinfo -serverinfo_sct || exit 1
+$ssltest -bio_pair -tls1 -serverinfo_file $serverinfo -serverinfo_tack || exit 1
+$ssltest -bio_pair -tls1 -serverinfo_file $serverinfo -serverinfo_sct -serverinfo_tack || exit 1
+
 if ../util/shlib_wrap.sh ../apps/openssl no-srp; then
  echo skipping SRP tests
 else