2 # Before `make install' is performed this script should be runnable with
3 # `make test'. After `make install' it should work as `perl t/core.t'
10 eval {require "t/ssl_settings.req";} ||
11 eval {require "ssl_settings.req";};
13 $GUARANTEED_TO_HAVE_NONBLOCKING_SOCKETS = eval "use 5.006; use IO::Select; return 1";
14 $NET_SSLEAY_VERSION = $Net::SSLeay::VERSION;
16 $OPENSSL_VERSION = &Net::SSLeay::OPENSSL_VERSION_NUMBER if ($NET_SSLEAY_VERSION>=1.19);
17 $CAN_PEEK = ($OPENSSL_VERSION >= 0x0090601f) ? 1 : 0;
23 if (/MacOS/ or /VOS/ or /vmesa/ or /riscos/ or /amigaos/) {
24 print "1..0 # Skipped: fork not implemented on this platform\n";
29 if ($GUARANTEED_TO_HAVE_NONBLOCKING_SOCKETS) {
31 $numtests+=4 if ($NET_SSLEAY_VERSION>=1.16)
34 if ($NET_SSLEAY_VERSION>=1.16) {
38 #We can only test SSL_peek if OpenSSL is v0.9.6a or better
43 print "1..$numtests\n";
45 %extra_options = ($Net::SSLeay::VERSION>=1.16) ?
46 (SSL_key_file => "certs/client-key.enc", SSL_passwd_cb => sub { return "opossum" }) :
47 (SSL_key_file => "certs/client-key.pem");
50 my $server = IO::Socket::SSL->new(
51 LocalAddr => $SSL_SERVER_ADDR,
55 SSL_verify_mode => 0x00,
56 SSL_ca_file => "certs/test-ca.pem",
58 SSL_cert_file => "certs/client-cert.pem",
59 SSL_version => 'TLSv1',
60 SSL_cipher_list => 'HIGH',
61 SSL_error_trap => \&error_trap,
69 &ok("Server Initialization");
71 print "not " if (!defined fileno($server));
72 &ok("Server Fileno Check");
74 my ($SSL_SERVER_PORT) = unpack_sockaddr_in( $server->sockname );
80 %extra_options = ($Net::SSLeay::VERSION>=1.16) ?
81 (SSL_key_file => "certs/server-key.enc", SSL_passwd_cb => sub { return "bluebell" },
82 SSL_verify_callback => \&verify_sub) :
83 (SSL_key_file => "certs/server-key.pem");
86 my $client = new IO::Socket::INET(PeerAddr => $SSL_SERVER_ADDR,
87 PeerPort => $SSL_SERVER_PORT);
89 print $client "Test\n";
90 (<$client> eq "This server is SSL only") || print "not ";
91 &ok("Client non-SSL connection");
94 $client = new IO::Socket::SSL(PeerAddr => $SSL_SERVER_ADDR,
95 PeerPort => $SSL_SERVER_PORT,
96 SSL_verify_mode => 0x01,
97 SSL_ca_file => "certs/test-ca.pem",
99 SSL_cert_file => "certs/server-cert.pem",
100 SSL_version => 'TLSv1',
101 SSL_cipher_list => 'HIGH',
106 my ($ok, $ctx_store, $cert, $error) = @_;
107 unless ($ok && $ctx_store && $cert && !$error)
108 { print("not ok #client failure\n") && exit; }
109 ($cert =~ /IO::Socket::SSL Test CA/) || print "not";
110 &ok("Client Verify-sub Check");
115 $client || (print("not ok #client failure\n") && exit);
116 &ok("Client Initialization");
118 $client->fileno() || print "not ";
119 &ok("Client Fileno Check");
121 # $client->untaint() if ($HAVE_SCALAR_UTIL); # In the future...
123 $client->dump_peer_certificate() || print "not ";
124 &ok("Client Peer Certificate Check");
126 $client->peer_certificate("issuer") || print "not ";
127 &ok("Client Peer Certificate Issuer Check");
129 $client->get_cipher() || print "not ";
130 &ok("Client Cipher Check");
132 $client->syswrite('00waaaanf00', 7, 2);
136 $client->read($buffer,2);
137 print "not " if ($buffer ne 'ok');
138 &ok("Client Peek Check");
141 $client->print("Test\n");
142 send($client, "Test\n", 0);
143 $client->printf("\$%.2f\n%d\n%c\n%s", 1.0444442342, 4.0, ord("y"), "Test\nBeaver\nBeaver\n");
144 shutdown($client, 1);
146 my $buffer="\0\0aaaaaaaaaaaaaaaaaaaa";
147 $client->sysread($buffer, 7, 2);
148 print "not " if ($buffer ne "\0\0waaaanf");
149 &ok("Client Sysread Check");
153 # if ($HAVE_SCALAR_UTIL) {
154 # print "not " if (is_tainted($buffer));
158 my @array = $client->getline();
159 print "not " if (@array != 1 or $array[0] ne "Test\n");
160 &ok("Client Getline Check");
162 print "not " if ($client->getc ne "\$");
163 &ok("Client Getc Check");
165 @array = $client->getlines;
166 print "not " if (@array != 6);
167 &ok("Client Getlines Check 1");
169 print "not " if ($array[0] != "1.04\n");
170 &ok("Client Getlines Check 2");
172 print "not " if ($array[1] ne "4\n");
173 &ok("Client Getlines Check 3");
175 print "not " if ($array[2] ne "y\n");
176 &ok("Client Getlines Check 4");
178 print "not " if (join("", @array[3..5]) ne "Test\nBeaver\nBeaver\n");
179 &ok("Client Getlines Check 5");
181 print "not " if (defined(<$client>));
182 &ok("Client Finished Reading Check");
184 $client->close(SSL_no_shutdown => 1);
186 my $client_2 = new IO::Socket::INET(PeerAddr => $SSL_SERVER_ADDR,
187 PeerPort => $SSL_SERVER_PORT);
189 print "not " if (!$client_2);
190 &ok("Second Client Initialization");
192 $client_2 = IO::Socket::SSL->new_from_fd($client_2->fileno, '+<>',
193 SSL_reuse_ctx => $client,
194 SSL_cipher_list => 'HIGH');
195 print "not " if (!$client_2);
196 &ok("Client Init from Fileno Check");
197 $buffer = <$client_2>;
199 print "not " unless ($buffer eq "Boojums\n");
200 &ok("Client (fileno) Readline Check");
202 $client_2->close(SSL_ctx_free => 1);
204 if ($GUARANTEED_TO_HAVE_NONBLOCKING_SOCKETS) {
205 my $client_3 = new IO::Socket::SSL(PeerAddr => $SSL_SERVER_ADDR,
206 PeerPort => $SSL_SERVER_PORT,
207 SSL_verify_mode => 0x01,
208 SSL_ca_file => "certs/test-ca.pem",
210 SSL_cert_file => "certs/server-cert.pem",
211 SSL_version => 'TLSv1',
212 SSL_cipher_list => 'HIGH',
216 print "not " if (!$client_3);
217 &ok("Client Nonblocking Check 1");
220 my $client_4 = new IO::Socket::SSL(PeerAddr => $SSL_SERVER_ADDR,
221 PeerPort => $SSL_SERVER_PORT,
222 SSL_reuse_ctx => $client_3,
224 SSL_cipher_list => 'HIGH');
225 print "not " if (!$client_4);
226 &ok("Client Nonblocking Check 2");
227 $client_3->close(SSL_ctx_free => 1);
233 my $client = $server->accept;
237 print $self "This server is SSL only";
242 $error_trapped or print "not ";
243 &ok("Server non-SSL Client Check");
245 if ($client && $client->opened) {
246 print "not ok # client stayed alive!\n";
249 &ok("Server Kill-client Check");
251 ($client, $peer) = $server->accept;
254 print "not ok # no client\n";
257 &ok("Server Client Accept Check");
259 print "not " unless defined $peer;
260 &ok("Accept returning peer address check.");
263 fileno($client) || print "not ";
264 &ok("Server Client Fileno Check");
269 $client->peek($buffer, 7, 2);
270 print "not " if ($buffer ne "\0\0waaaanf");
271 &ok("Server Peek Check");
273 print "not " if ($client->pending() != 7);
274 &ok("Server Pending Check");
283 sysread($client, $buffer, 7, 2);
284 print "not " if ($buffer ne "\0\0waaaanf");
285 &ok("Server Sysread Check");
288 my @array = scalar <$client>;
289 print "not " if ($array[0] ne "Test\n");
290 &ok("Server Getline Check");
293 recv($client, my $recv_buffer, 5, 0);
294 print "not " if ($recv_buffer ne "Test\n");
295 &ok("Server Recv Check");
297 print "not " if (getc($client) ne "\$");
298 &ok("Server Getc Check");
302 print "not " if (@array != 6);
303 &ok("Server Getlines Check 1");
305 print "not " if ($array[0] != "1.04\n");
306 &ok("Server Getlines Check 2");
308 print "not " if ($array[1] ne "4\n");
309 &ok("Server Getlines Check 3");
311 print "not " if ($array[2] ne "y\n");
312 &ok("Server Getlines Check 4");
314 print "not " if (join("", @array[3..5]) ne "Test\nBeaver\nBeaver\n");
315 &ok("Server Getlines Check 5");
318 syswrite($client, '00waaaanf00', 7, 2);
319 print($client "Test\n");
320 printf $client "\$%.2f\n%d\n%c\n%s", (1.0444442342, 4.0, ord("y"), "Test\nBeaver\nBeaver\n");
324 ($client, $packed) = $server->accept;
325 &bail unless $client;
326 print "not " unless (inet_ntoa((unpack_sockaddr_in($packed))[1]) eq "127.0.0.1");
327 &ok("Peer address check");
329 if ($GUARANTEED_TO_HAVE_NONBLOCKING_SOCKETS) {
330 $client->blocking(0);
331 $client->read($buffer, 20, 0);
332 print "not " if $SSL_ERROR != SSL_WANT_READ;
333 &ok("Server Nonblocking Check 1");
336 print "not " unless ($client->opened);
337 &ok("Server Client Opened Check 1");
339 print $client "Boojums\n";
343 ${*$client}{'_SSL_opened'} = 1;
344 print "not " if ($client->opened);
345 &ok("Server Client Opened Check 2");
346 ${*$client}{'_SSL_opened'} = 0;
349 if ($GUARANTEED_TO_HAVE_NONBLOCKING_SOCKETS) {
350 $client = $server->accept;
351 print "not " if (!$client->opened);
352 &ok("Server Nonblocking Check 2");
355 $server->blocking(0);
356 IO::Select->new($server)->can_read(30);
357 $client = $server->accept;
358 while ( ! $client ) {
359 #DEBUG( "$!,$SSL_ERROR" );
360 if ( $! == EAGAIN ) {
361 if ( $SSL_ERROR == SSL_WANT_WRITE ) {
362 IO::Select->new( $server->opening )->can_write(30);
364 IO::Select->new( $server->opening )->can_read(30);
369 $client = $server->accept;
372 print "not " unless ($client && $client->opened);
373 &ok("Server Nonblocking Check 3");
377 $server->close(SSL_ctx_free => 1);
385 print "Bail Out! $IO::Socket::SSL::ERROR";
391 # my $nada = substr($arg, 0, 0);
393 # eval {eval "# $nada"};