commit 9c62daf3bda1584a162ced5a97dcc6df953d1feb
parent 2280a1ec75eae826f125c473b00dfd97e43b7882
Author: kyle <kyle@0x30.net>
Date: Sun, 10 Jan 2016 14:31:09 -0700
tests: add new no ssl test
- make sure that a connection that doesn't offer ssl fails
- use server logging instead of die'ing
Diffstat:
4 files changed, 40 insertions(+), 2 deletions(-)
diff --git a/server/sl b/server/sl
@@ -60,11 +60,15 @@ while (my $client_sock = $listen_sock->accept()) {
log_print("new connection (pid = '$$')\n");
# unconditionally upgrade connection to SSL
- IO::Socket::SSL->start_SSL($client_sock,
+ my $ret = IO::Socket::SSL->start_SSL($client_sock,
SSL_server => 1,
SSL_cert_file => 'ssl/cert_chain.pem',
SSL_key_file => 'ssl/privkey.pem'
- ) or die "failed ssl handshake: $SSL_ERROR";
+ );
+ unless ($ret) {
+ log_print("error: $SSL_ERROR\n");
+ exit 0;
+ }
my $ssl_ver = $client_sock->get_sslversion();
my $ssl_cipher = $client_sock->get_cipher();
diff --git a/server/tests/no_ssl_fails/Makefile b/server/tests/no_ssl_fails/Makefile
@@ -0,0 +1 @@
+include ../test.mk
diff --git a/server/tests/no_ssl_fails/server.log.good b/server/tests/no_ssl_fails/server.log.good
@@ -0,0 +1,3 @@
+accepting connections on <ip>:<port> (pid = <digits>)
+new connection (pid = <digits>)
+error: SSL accept attempt failed because of handshake problems
diff --git a/server/tests/no_ssl_fails/test.pl b/server/tests/no_ssl_fails/test.pl
@@ -0,0 +1,30 @@
+#!/usr/bin/perl -I../
+use strict;
+use warnings;
+
+use IO::Socket::INET;
+use Time::HiRes qw(usleep);
+use test;
+
+# check that a non-ssl connection isn't accepted
+my $socket;
+my $timeout = time + 5;
+while (1) {
+ $socket = new IO::Socket::INET(
+ PeerHost => 'localhost',
+ PeerPort => $ENV{PORT} || 5437,
+ );
+
+ if ($!{ECONNREFUSED}) {
+ if (time > $timeout) {
+ fail "server not ready after 5 seconds";
+ }
+ usleep(50 * 1000);
+ next;
+ }
+
+ last;
+}
+
+my $good_errno = 'Illegal seek';
+fail "expected errno '$good_errno' but got '$!'" if ($! ne $good_errno);