eec908bb6e
revert f6cb3c63 #14338
Setting SSLHonorCipherOrder to on means it honors the server cipher
order. From the documentation: "When choosing a cipher during an SSLv3
or TLSv1 handshake, normally the client's preference is used. If this
directive is enabled, the server's preference will be used instead."
Also the commit inhibits test_17_07_ssl_ciphers. The test tries to
tests if all the ciphers specified, and only those, are properly set
in curl. For that to work we need have cases where some or all ciphers
do no intersect with the cipher-set of the server. We need to be able
to assert a failed connection based on a cipher set mismatch.
That is why a restricted set of ciphers is used on the server. This
set is so chosen that it contains the well known most secure ciphers.
Except with the slower aes256 variant intentionally left out, to be
able to test above described.
As test_17_07_ssl_ciphers is currently the only test that tests the
functioning of the --ciphers and --tls13-ciphers options, it is
important that its coverage is as good as possible.
Closes #14381
260 lines
12 KiB
Python
260 lines
12 KiB
Python
#!/usr/bin/env python3
|
|
# -*- coding: utf-8 -*-
|
|
#***************************************************************************
|
|
# _ _ ____ _
|
|
# Project ___| | | | _ \| |
|
|
# / __| | | | |_) | |
|
|
# | (__| |_| | _ <| |___
|
|
# \___|\___/|_| \_\_____|
|
|
#
|
|
# Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
|
|
#
|
|
# This software is licensed as described in the file COPYING, which
|
|
# you should have received as part of this distribution. The terms
|
|
# are also available at https://curl.se/docs/copyright.html.
|
|
#
|
|
# You may opt to use, copy, modify, merge, publish, distribute and/or sell
|
|
# copies of the Software, and permit persons to whom the Software is
|
|
# furnished to do so, under the terms of the COPYING file.
|
|
#
|
|
# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
|
|
# KIND, either express or implied.
|
|
#
|
|
# SPDX-License-Identifier: curl
|
|
#
|
|
###########################################################################
|
|
#
|
|
import difflib
|
|
import filecmp
|
|
import json
|
|
import logging
|
|
import os
|
|
from datetime import timedelta
|
|
import pytest
|
|
|
|
from testenv import Env, CurlClient, LocalClient, ExecResult
|
|
|
|
|
|
log = logging.getLogger(__name__)
|
|
|
|
|
|
class TestSSLUse:
|
|
|
|
@pytest.fixture(autouse=True, scope='class')
|
|
def _class_scope(self, env, httpd, nghttpx):
|
|
if env.have_h3():
|
|
nghttpx.start_if_needed()
|
|
httpd.clear_extra_configs()
|
|
httpd.reload()
|
|
|
|
def test_17_01_sslinfo_plain(self, env: Env, httpd, nghttpx, repeat):
|
|
proto = 'http/1.1'
|
|
curl = CurlClient(env=env)
|
|
url = f'https://{env.authority_for(env.domain1, proto)}/curltest/sslinfo'
|
|
r = curl.http_get(url=url, alpn_proto=proto)
|
|
assert r.json['HTTPS'] == 'on', f'{r.json}'
|
|
assert 'SSL_SESSION_ID' in r.json, f'{r.json}'
|
|
assert 'SSL_SESSION_RESUMED' in r.json, f'{r.json}'
|
|
assert r.json['SSL_SESSION_RESUMED'] == 'Initial', f'{r.json}'
|
|
|
|
@pytest.mark.parametrize("tls_max", ['1.2', '1.3'])
|
|
def test_17_02_sslinfo_reconnect(self, env: Env, httpd, nghttpx, tls_max, repeat):
|
|
proto = 'http/1.1'
|
|
count = 3
|
|
exp_resumed = 'Resumed'
|
|
xargs = ['--sessionid', '--tls-max', tls_max, f'--tlsv{tls_max}']
|
|
if env.curl_uses_lib('gnutls'):
|
|
if tls_max == '1.3':
|
|
exp_resumed = 'Initial' # 1.2 works in GnuTLS, but 1.3 does not, TODO
|
|
if env.curl_uses_lib('libressl'):
|
|
if tls_max == '1.3':
|
|
exp_resumed = 'Initial' # 1.2 works in LibreSSL, but 1.3 does not, TODO
|
|
if env.curl_uses_lib('wolfssl'):
|
|
xargs = ['--sessionid', f'--tlsv{tls_max}']
|
|
if tls_max == '1.3':
|
|
exp_resumed = 'Initial' # 1.2 works in wolfSSL, but 1.3 does not, TODO
|
|
if env.curl_uses_lib('rustls-ffi'):
|
|
exp_resumed = 'Initial' # rustls does not support sessions, TODO
|
|
if env.curl_uses_lib('bearssl') and tls_max == '1.3':
|
|
pytest.skip('BearSSL does not support TLSv1.3')
|
|
if env.curl_uses_lib('mbedtls') and tls_max == '1.3':
|
|
pytest.skip('mbedtls TLSv1.3 session resume not working in 3.6.0')
|
|
|
|
curl = CurlClient(env=env)
|
|
# tell the server to close the connection after each request
|
|
urln = f'https://{env.authority_for(env.domain1, proto)}/curltest/sslinfo?'\
|
|
f'id=[0-{count-1}]&close'
|
|
r = curl.http_download(urls=[urln], alpn_proto=proto, with_stats=True,
|
|
extra_args=xargs)
|
|
r.check_response(count=count, http_status=200)
|
|
# should have used one connection for each request, sessions after
|
|
# first should have been resumed
|
|
assert r.total_connects == count, r.dump_logs()
|
|
for i in range(count):
|
|
dfile = curl.download_file(i)
|
|
assert os.path.exists(dfile)
|
|
with open(dfile) as f:
|
|
djson = json.load(f)
|
|
assert djson['HTTPS'] == 'on', f'{i}: {djson}'
|
|
if i == 0:
|
|
assert djson['SSL_SESSION_RESUMED'] == 'Initial', f'{i}: {djson}'
|
|
else:
|
|
assert djson['SSL_SESSION_RESUMED'] == exp_resumed, f'{i}: {djson}'
|
|
|
|
# use host name with trailing dot, verify handshake
|
|
@pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
|
|
def test_17_03_trailing_dot(self, env: Env, httpd, nghttpx, repeat, proto):
|
|
if proto == 'h3' and not env.have_h3():
|
|
pytest.skip("h3 not supported")
|
|
curl = CurlClient(env=env)
|
|
domain = f'{env.domain1}.'
|
|
url = f'https://{env.authority_for(domain, proto)}/curltest/sslinfo'
|
|
r = curl.http_get(url=url, alpn_proto=proto)
|
|
assert r.exit_code == 0, f'{r}'
|
|
assert r.json, f'{r}'
|
|
if proto != 'h3': # we proxy h3
|
|
# the SNI the server received is without trailing dot
|
|
assert r.json['SSL_TLS_SNI'] == env.domain1, f'{r.json}'
|
|
|
|
# use host name with double trailing dot, verify handshake
|
|
@pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
|
|
def test_17_04_double_dot(self, env: Env, httpd, nghttpx, repeat, proto):
|
|
if proto == 'h3' and not env.have_h3():
|
|
pytest.skip("h3 not supported")
|
|
if proto == 'h3' and env.curl_uses_lib('wolfssl'):
|
|
pytest.skip("wolfSSL HTTP/3 peer verification does not properly check")
|
|
curl = CurlClient(env=env)
|
|
domain = f'{env.domain1}..'
|
|
url = f'https://{env.authority_for(domain, proto)}/curltest/sslinfo'
|
|
r = curl.http_get(url=url, alpn_proto=proto, extra_args=[
|
|
'-H', f'Host: {env.domain1}',
|
|
])
|
|
if r.exit_code == 0:
|
|
assert r.json, f'{r.stdout}'
|
|
# the SNI the server received is without trailing dot
|
|
if proto != 'h3': # we proxy h3
|
|
assert r.json['SSL_TLS_SNI'] == env.domain1, f'{r.json}'
|
|
assert False, f'should not have succeeded: {r.json}'
|
|
# 7 - rustls rejects a servername with .. during setup
|
|
# 35 - LibreSSL rejects setting an SNI name with trailing dot
|
|
# 60 - peer name matching failed against certificate
|
|
assert r.exit_code in [7, 35, 60], f'{r}'
|
|
|
|
# use ip address for connect
|
|
@pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
|
|
def test_17_05_ip_addr(self, env: Env, httpd, nghttpx, repeat, proto):
|
|
if env.curl_uses_lib('bearssl'):
|
|
pytest.skip("BearSSL does not support cert verification with IP addresses")
|
|
if env.curl_uses_lib('mbedtls'):
|
|
pytest.skip("mbedTLS does not support cert verification with IP addresses")
|
|
if proto == 'h3' and not env.have_h3():
|
|
pytest.skip("h3 not supported")
|
|
curl = CurlClient(env=env)
|
|
domain = f'127.0.0.1'
|
|
url = f'https://{env.authority_for(domain, proto)}/curltest/sslinfo'
|
|
r = curl.http_get(url=url, alpn_proto=proto)
|
|
assert r.exit_code == 0, f'{r}'
|
|
assert r.json, f'{r}'
|
|
if proto != 'h3': # we proxy h3
|
|
# the SNI should not have been used
|
|
assert 'SSL_TLS_SNI' not in r.json, f'{r.json}'
|
|
|
|
# use localhost for connect
|
|
@pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
|
|
def test_17_06_localhost(self, env: Env, httpd, nghttpx, repeat, proto):
|
|
if proto == 'h3' and not env.have_h3():
|
|
pytest.skip("h3 not supported")
|
|
curl = CurlClient(env=env)
|
|
domain = f'localhost'
|
|
url = f'https://{env.authority_for(domain, proto)}/curltest/sslinfo'
|
|
r = curl.http_get(url=url, alpn_proto=proto)
|
|
assert r.exit_code == 0, f'{r}'
|
|
assert r.json, f'{r}'
|
|
if proto != 'h3': # we proxy h3
|
|
assert r.json['SSL_TLS_SNI'] == domain, f'{r.json}'
|
|
|
|
# test setting cipher suites, the AES 256 ciphers are disabled in the test server
|
|
@pytest.mark.parametrize("ciphers, succeed", [
|
|
[[0x1301], True],
|
|
[[0x1302], False],
|
|
[[0x1303], True],
|
|
[[0x1302, 0x1303], True],
|
|
[[0xC02B, 0xC02F], True],
|
|
[[0xC02C, 0xC030], False],
|
|
[[0xCCA9, 0xCCA8], True],
|
|
[[0xC02C, 0xC030, 0xCCA9, 0xCCA8], True],
|
|
])
|
|
def test_17_07_ssl_ciphers(self, env: Env, httpd, nghttpx, ciphers, succeed, repeat):
|
|
cipher_table = {
|
|
0x1301: 'TLS_AES_128_GCM_SHA256',
|
|
0x1302: 'TLS_AES_256_GCM_SHA384',
|
|
0x1303: 'TLS_CHACHA20_POLY1305_SHA256',
|
|
0xC02B: 'ECDHE-ECDSA-AES128-GCM-SHA256',
|
|
0xC02F: 'ECDHE-RSA-AES128-GCM-SHA256',
|
|
0xC02C: 'ECDHE-ECDSA-AES256-GCM-SHA384',
|
|
0xC030: 'ECDHE-RSA-AES256-GCM-SHA384',
|
|
0xCCA9: 'ECDHE-ECDSA-CHACHA20-POLY1305',
|
|
0xCCA8: 'ECDHE-RSA-CHACHA20-POLY1305',
|
|
}
|
|
cipher_names = list(map(cipher_table.get, ciphers))
|
|
proto = 'http/1.1'
|
|
curl = CurlClient(env=env)
|
|
url = f'https://{env.authority_for(env.domain1, proto)}/curltest/sslinfo'
|
|
extra_args = []
|
|
if env.curl_uses_lib('gnutls'):
|
|
pytest.skip('GnuTLS does not support setting ciphers by name')
|
|
if env.curl_uses_lib('rustls-ffi'):
|
|
pytest.skip('rustls-ffi does not support setting ciphers')
|
|
if ciphers[0] & 0xFF00 == 0x1300:
|
|
# test setting TLSv1.3 ciphers
|
|
if env.curl_uses_lib('bearssl'):
|
|
pytest.skip('BearSSL does not support TLSv1.3')
|
|
elif env.curl_uses_lib('sectransp'):
|
|
pytest.skip('SecureTransport does not support TLSv1.3')
|
|
elif env.curl_uses_lib('boringssl'):
|
|
pytest.skip('BoringSSL does not support setting TLSv1.3 ciphers')
|
|
elif env.curl_uses_lib('mbedtls'):
|
|
if not env.curl_lib_version_at_least('mbedtls', '3.6.0'):
|
|
pytest.skip('mbedTLS TLSv1.3 support requires at least 3.6.0')
|
|
extra_args = ['--ciphers', ':'.join(cipher_names)]
|
|
elif env.curl_uses_lib('wolfssl'):
|
|
extra_args = ['--ciphers', ':'.join(cipher_names)]
|
|
else:
|
|
extra_args = ['--tls13-ciphers', ':'.join(cipher_names)]
|
|
else:
|
|
# test setting TLSv1.2 ciphers
|
|
if env.curl_uses_lib('schannel'):
|
|
pytest.skip('Schannel does not support setting TLSv1.2 ciphers by name')
|
|
elif env.curl_uses_lib('wolfssl'):
|
|
# setting tls version is botched with wolfssl: setting max (--tls-max)
|
|
# is not supported, setting min (--tlsv1.*) actually also sets max
|
|
extra_args = ['--tlsv1.2', '--ciphers', ':'.join(cipher_names)]
|
|
else:
|
|
# the server supports TLSv1.3, so to test TLSv1.2 ciphers we set tls-max
|
|
extra_args = ['--tls-max', '1.2', '--ciphers', ':'.join(cipher_names)]
|
|
r = curl.http_get(url=url, alpn_proto=proto, extra_args=extra_args)
|
|
if succeed:
|
|
assert r.exit_code == 0, f'{r}'
|
|
assert r.json['HTTPS'] == 'on', f'{r.json}'
|
|
assert 'SSL_CIPHER' in r.json, f'{r.json}'
|
|
assert r.json['SSL_CIPHER'] in cipher_names, f'{r.json}'
|
|
else:
|
|
assert r.exit_code != 0, f'{r}'
|
|
|
|
@pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
|
|
def test_17_08_cert_status(self, env: Env, httpd, nghttpx, repeat, proto):
|
|
if proto == 'h3' and not env.have_h3():
|
|
pytest.skip("h3 not supported")
|
|
if not env.curl_uses_lib('openssl') and \
|
|
not env.curl_uses_lib('gnutls') and \
|
|
not env.curl_uses_lib('quictls'):
|
|
pytest.skip("TLS library does not support --cert-status")
|
|
curl = CurlClient(env=env)
|
|
domain = f'localhost'
|
|
url = f'https://{env.authority_for(domain, proto)}/'
|
|
r = curl.http_get(url=url, alpn_proto=proto, extra_args=[
|
|
'--cert-status'
|
|
])
|
|
# CURLE_SSL_INVALIDCERTSTATUS, our certs have no OCSP info
|
|
assert r.exit_code == 91, f'{r}'
|