diff options
author | Kazuki Yamaguchi <k@rhe.jp> | 2022-09-20 17:13:37 +0900 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-09-20 17:13:37 +0900 |
commit | 173be6690589120976bd3f8e55eea13eae6aed46 (patch) | |
tree | 777bfa222f103c565fff293a349465615aefa160 /test/openssl | |
parent | f5b82e814ba95f17ba907d107aa9f0bfa93e52c2 (diff) | |
parent | 3b63232cf14115dc1b1ad7ab81bf1d459e2feeb7 (diff) | |
download | ruby-openssl-173be6690589120976bd3f8e55eea13eae6aed46.tar.gz |
Merge pull request #536 from cdelafuente-r7/add_keylog_cb
Add support to SSL_CTX_set_keylog_callback()
Diffstat (limited to 'test/openssl')
-rw-r--r-- | test/openssl/test_ssl.rb | 48 |
1 files changed, 48 insertions, 0 deletions
diff --git a/test/openssl/test_ssl.rb b/test/openssl/test_ssl.rb index 9f5a27ea..945cc7c4 100644 --- a/test/openssl/test_ssl.rb +++ b/test/openssl/test_ssl.rb @@ -804,6 +804,54 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase end end + def test_keylog_cb + pend "Keylog callback is not supported" if !openssl?(1, 1, 1) || libressl? + + prefix = 'CLIENT_RANDOM' + context = OpenSSL::SSL::SSLContext.new + context.min_version = context.max_version = OpenSSL::SSL::TLS1_2_VERSION + + cb_called = false + context.keylog_cb = proc do |_sock, line| + cb_called = true + assert_equal(prefix, line.split.first) + end + + start_server do |port| + server_connect(port, context) do |ssl| + ssl.puts "abc" + assert_equal("abc\n", ssl.gets) + assert_equal(true, cb_called) + end + end + + if tls13_supported? + prefixes = [ + 'SERVER_HANDSHAKE_TRAFFIC_SECRET', + 'EXPORTER_SECRET', + 'SERVER_TRAFFIC_SECRET_0', + 'CLIENT_HANDSHAKE_TRAFFIC_SECRET', + 'CLIENT_TRAFFIC_SECRET_0', + ] + context = OpenSSL::SSL::SSLContext.new + context.min_version = context.max_version = OpenSSL::SSL::TLS1_3_VERSION + cb_called = false + context.keylog_cb = proc do |_sock, line| + cb_called = true + assert_not_nil(prefixes.delete(line.split.first)) + end + + start_server do |port| + server_connect(port, context) do |ssl| + ssl.puts "abc" + assert_equal("abc\n", ssl.gets) + assert_equal(true, cb_called) + end + assert_equal(0, prefixes.size) + end + end + end + def test_tlsext_hostname fooctx = OpenSSL::SSL::SSLContext.new fooctx.cert = @cli_cert |