Skip to content

Commit 6fcc6c0

Browse files
rheniumrhenium
committed
test/test_ssl: fix test failure with TLS 1.3
SSL_connect() on the client side may return before SSL_accept() on server side returns. This will fix test failures with OpenSSL's current master.
1 parent 13dc364 commit 6fcc6c0

File tree

2 files changed

+31
-15
lines changed

2 files changed

+31
-15
lines changed

test/test_ssl.rb

Lines changed: 30 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -48,6 +48,8 @@ def test_ssl_with_server_cert
4848
assert_equal 2, ssl.peer_cert_chain.size
4949
assert_equal @svr_cert.to_der, ssl.peer_cert_chain[0].to_der
5050
assert_equal @ca_cert.to_der, ssl.peer_cert_chain[1].to_der
51+
52+
ssl.puts "abc"; assert_equal "abc\n", ssl.gets
5153
ensure
5254
ssl&.close
5355
sock&.close
@@ -77,6 +79,7 @@ def test_sync_close
7779
sock = TCPSocket.new("127.0.0.1", port)
7880
ssl = OpenSSL::SSL::SSLSocket.new(sock)
7981
ssl.connect
82+
ssl.puts "abc"; assert_equal "abc\n", ssl.gets
8083
ssl.close
8184
assert_not_predicate sock, :closed?
8285
ensure
@@ -88,6 +91,7 @@ def test_sync_close
8891
ssl = OpenSSL::SSL::SSLSocket.new(sock)
8992
ssl.sync_close = true # !!
9093
ssl.connect
94+
ssl.puts "abc"; assert_equal "abc\n", ssl.gets
9195
ssl.close
9296
assert_predicate sock, :closed?
9397
ensure
@@ -179,7 +183,10 @@ def test_client_ca
179183
client_ca_from_server = sslconn.client_ca
180184
[@cli_cert, @cli_key]
181185
end
182-
server_connect(port, ctx) { |ssl| assert_equal([@ca], client_ca_from_server) }
186+
server_connect(port, ctx) { |ssl|
187+
assert_equal([@ca], client_ca_from_server)
188+
ssl.puts "abc"; assert_equal "abc\n", ssl.gets
189+
}
183190
}
184191
end
185192

@@ -276,21 +283,16 @@ def test_verify_result
276283
}
277284

278285
start_server { |port|
279-
sock = TCPSocket.new("127.0.0.1", port)
280286
ctx = OpenSSL::SSL::SSLContext.new
281287
ctx.verify_mode = OpenSSL::SSL::VERIFY_PEER
282288
ctx.verify_callback = Proc.new do |preverify_ok, store_ctx|
283289
store_ctx.error = OpenSSL::X509::V_OK
284290
true
285291
end
286-
ssl = OpenSSL::SSL::SSLSocket.new(sock, ctx)
287-
ssl.sync_close = true
288-
begin
289-
ssl.connect
292+
server_connect(port, ctx) { |ssl|
290293
assert_equal(OpenSSL::X509::V_OK, ssl.verify_result)
291-
ensure
292-
ssl.close
293-
end
294+
ssl.puts "abc"; assert_equal "abc\n", ssl.gets
295+
}
294296
}
295297

296298
start_server(ignore_listener_error: true) { |port|
@@ -377,6 +379,8 @@ def test_post_connection_check
377379

378380
start_server { |port|
379381
server_connect(port) { |ssl|
382+
ssl.puts "abc"; assert_equal "abc\n", ssl.gets
383+
380384
assert_raise(sslerr){ssl.post_connection_check("localhost.localdomain")}
381385
assert_raise(sslerr){ssl.post_connection_check("127.0.0.1")}
382386
assert(ssl.post_connection_check("localhost"))
@@ -398,6 +402,8 @@ def test_post_connection_check
398402
@svr_cert = issue_cert(@svr, @svr_key, 4, exts, @ca_cert, @ca_key)
399403
start_server { |port|
400404
server_connect(port) { |ssl|
405+
ssl.puts "abc"; assert_equal "abc\n", ssl.gets
406+
401407
assert(ssl.post_connection_check("localhost.localdomain"))
402408
assert(ssl.post_connection_check("127.0.0.1"))
403409
assert_raise(sslerr){ssl.post_connection_check("localhost")}
@@ -418,6 +424,8 @@ def test_post_connection_check
418424
@svr_cert = issue_cert(@svr, @svr_key, 5, exts, @ca_cert, @ca_key)
419425
start_server { |port|
420426
server_connect(port) { |ssl|
427+
ssl.puts "abc"; assert_equal "abc\n", ssl.gets
428+
421429
assert(ssl.post_connection_check("localhost.localdomain"))
422430
assert_raise(sslerr){ssl.post_connection_check("127.0.0.1")}
423431
assert_raise(sslerr){ssl.post_connection_check("localhost")}
@@ -644,6 +652,8 @@ def test_tlsext_hostname
644652
ssl.connect
645653
assert_equal @cli_cert.serial, ssl.peer_cert.serial
646654
assert_predicate fooctx, :frozen?
655+
656+
ssl.puts "abc"; assert_equal "abc\n", ssl.gets
647657
ensure
648658
ssl&.close
649659
sock.close
@@ -655,6 +665,8 @@ def test_tlsext_hostname
655665
ssl.hostname = "bar.example.com"
656666
ssl.connect
657667
assert_equal @svr_cert.serial, ssl.peer_cert.serial
668+
669+
ssl.puts "abc"; assert_equal "abc\n", ssl.gets
658670
ensure
659671
ssl&.close
660672
sock.close
@@ -727,7 +739,8 @@ def test_verify_hostname_on_connect
727739
ssl = OpenSSL::SSL::SSLSocket.new(sock, ctx)
728740
ssl.hostname = name
729741
if expected_ok
730-
assert_nothing_raised { ssl.connect }
742+
ssl.connect
743+
ssl.puts "abc"; assert_equal "abc\n", ssl.gets
731744
else
732745
assert_handshake_error { ssl.connect }
733746
end
@@ -856,6 +869,7 @@ def test_renegotiation_cb
856869
start_server_version(:SSLv23, ctx_proc) { |port|
857870
server_connect(port) { |ssl|
858871
assert_equal(1, num_handshakes)
872+
ssl.puts "abc"; assert_equal "abc\n", ssl.gets
859873
}
860874
}
861875
end
@@ -874,6 +888,7 @@ def test_alpn_protocol_selection_ary
874888
ctx.alpn_protocols = advertised
875889
server_connect(port, ctx) { |ssl|
876890
assert_equal(advertised.first, ssl.alpn_protocol)
891+
ssl.puts "abc"; assert_equal "abc\n", ssl.gets
877892
}
878893
}
879894
end
@@ -996,14 +1011,11 @@ def test_npn_selected_protocol_too_long
9961011
end
9971012

9981013
def test_close_after_socket_close
999-
server_proc = proc { |ctx, ssl|
1000-
# Do nothing
1001-
}
1002-
start_server(server_proc: server_proc) { |port|
1014+
start_server { |port|
10031015
sock = TCPSocket.new("127.0.0.1", port)
10041016
ssl = OpenSSL::SSL::SSLSocket.new(sock)
1005-
ssl.sync_close = true
10061017
ssl.connect
1018+
ssl.puts "abc"; assert_equal "abc\n", ssl.gets
10071019
sock.close
10081020
assert_nothing_raised do
10091021
ssl.close
@@ -1068,6 +1080,7 @@ def test_get_ephemeral_key
10681080
ctx.ciphers = "DEFAULT:!kRSA:!kEDH"
10691081
server_connect(port, ctx) { |ssl|
10701082
assert_instance_of OpenSSL::PKey::EC, ssl.tmp_key
1083+
ssl.puts "abc"; assert_equal "abc\n", ssl.gets
10711084
}
10721085
end
10731086
end
@@ -1158,6 +1171,7 @@ def test_ecdh_curves
11581171
assert_equal "secp384r1", ssl.tmp_key.group.curve_name
11591172
end
11601173
end
1174+
ssl.puts "abc"; assert_equal "abc\n", ssl.gets
11611175
}
11621176

11631177
if openssl?(1, 0, 2) || libressl?(2, 5, 1)
@@ -1173,6 +1187,7 @@ def test_ecdh_curves
11731187

11741188
server_connect(port, ctx) { |ssl|
11751189
assert_equal "secp521r1", ssl.tmp_key.group.curve_name
1190+
ssl.puts "abc"; assert_equal "abc\n", ssl.gets
11761191
}
11771192
end
11781193
end

test/test_ssl_session.rb

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -113,6 +113,7 @@ def test_resumption
113113
non_resumable = nil
114114
start_server { |port|
115115
server_connect_with_session(port, nil, nil) { |ssl|
116+
ssl.puts "abc"; assert_equal "abc\n", ssl.gets
116117
non_resumable = ssl.session
117118
}
118119
}

0 commit comments

Comments
 (0)