Merge pull request #536 from cdelafuente-r7/add_keylog_cb

Add support to SSL_CTX_set_keylog_callback()
author: Kazuki Yamaguchi <k@rhe.jp> 2022-09-20 17:13:37 +0900
committer: GitHub <noreply@github.com> 2022-09-20 17:13:37 +0900
commit: 173be6690589120976bd3f8e55eea13eae6aed46 (patch)
tree: 777bfa222f103c565fff293a349465615aefa160 /test
parent: f5b82e814ba95f17ba907d107aa9f0bfa93e52c2 (diff)
parent: 3b63232cf14115dc1b1ad7ab81bf1d459e2feeb7 (diff)
download: ruby-openssl-173be6690589120976bd3f8e55eea13eae6aed46.tar.gz
1 files changed, 48 insertions, 0 deletions
diff --git a/test/openssl/test_ssl.rb b/test/openssl/test_ssl.rb
index 9f5a27ea..945cc7c4 100644
--- a/test/openssl/test_ssl.rb
+++ b/test/openssl/test_ssl.rb
@@ -804,6 +804,54 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase
     end
   end
 
+  def test_keylog_cb
+    pend "Keylog callback is not supported" if !openssl?(1, 1, 1) || libressl?
+
+    prefix = 'CLIENT_RANDOM'
+    context = OpenSSL::SSL::SSLContext.new
+    context.min_version = context.max_version = OpenSSL::SSL::TLS1_2_VERSION
+
+    cb_called = false
+    context.keylog_cb = proc do |_sock, line|
+      cb_called = true
+      assert_equal(prefix, line.split.first)
+    end
+
+    start_server do |port|
+      server_connect(port, context) do |ssl|
+        ssl.puts "abc"
+        assert_equal("abc\n", ssl.gets)
+        assert_equal(true, cb_called)
+      end
+    end
+
+    if tls13_supported?
+      prefixes = [
+        'SERVER_HANDSHAKE_TRAFFIC_SECRET',
+        'EXPORTER_SECRET',
+        'SERVER_TRAFFIC_SECRET_0',
+        'CLIENT_HANDSHAKE_TRAFFIC_SECRET',
+        'CLIENT_TRAFFIC_SECRET_0',
+      ]
+      context = OpenSSL::SSL::SSLContext.new
+      context.min_version = context.max_version = OpenSSL::SSL::TLS1_3_VERSION
+      cb_called = false
+      context.keylog_cb = proc do |_sock, line|
+        cb_called = true
+        assert_not_nil(prefixes.delete(line.split.first))
+      end
+
+      start_server do |port|
+        server_connect(port, context) do |ssl|
+          ssl.puts "abc"
+          assert_equal("abc\n", ssl.gets)
+          assert_equal(true, cb_called)
+        end
+        assert_equal(0, prefixes.size)
+      end
+    end
+  end
+
   def test_tlsext_hostname
     fooctx = OpenSSL::SSL::SSLContext.new
     fooctx.cert = @cli_cert
author	Kazuki Yamaguchi <k@rhe.jp>	2022-09-20 17:13:37 +0900
committer	GitHub <noreply@github.com>	2022-09-20 17:13:37 +0900
commit	173be6690589120976bd3f8e55eea13eae6aed46 (patch)
tree	777bfa222f103c565fff293a349465615aefa160 /test
parent	f5b82e814ba95f17ba907d107aa9f0bfa93e52c2 (diff)
parent	3b63232cf14115dc1b1ad7ab81bf1d459e2feeb7 (diff)
download	ruby-openssl-173be6690589120976bd3f8e55eea13eae6aed46.tar.gz