blob: 5cc70df1449069d96d8a3806fb8ebb2b1b0ba74d (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
|
#REGTEST_TYPE=devel
# This reg-test checks the behaviour of the 'curves' and 'ecdhe' options on a
# bind line. Its main point is to ensure that the default curve used in
# HAProxy is indeed prime256v1 (or P-256 depending on the curve's
# representation). In order to check this, is uses two ssl frontends that have
# different lists of accepted curves, one of them accepting this default curve
# while the other one does not. A backend tries to connect to those two
# frontends by using the default curve, and it should succeed in one case and
# fail in the other.
# For some strange reason, OpenSSL 1.0.2 does not behave the same way as later
# versions when it comes to ECDH and curves related matters. Instead of trying
# to make it work the same way as the other (more used) versions, we will
# ignore it and disable this test on OpenSSL 1.0.2.
# For the same reason, this test is disabled for other SSL libraries as well.
#
varnishtest "Test the 'curves' and 'ecdhe' options and default curve value"
feature cmd "$HAPROXY_PROGRAM -cc 'feature(OPENSSL) && ssllib_name_startswith(OpenSSL) && openssl_version_atleast(1.1.1)'"
feature ignore_unknown_macro
server s1 -repeat 2 {
rxreq
txresp
} -start
barrier b1 cond 2 -cyclic
syslog Slg_cust_fmt -level info {
recv
expect ~ "ERROR.*conn_status:\"34:SSL handshake failure\" hsk_err:\".*wrong curve\".*"
barrier b1 sync
recv
expect ~ "ERROR ECDHE.*conn_status:\"34:SSL handshake failure\" hsk_err:\".*wrong curve\".*"
} -start
haproxy h1 -conf {
global
tune.ssl.default-dh-param 2048
defaults
mode http
option httpslog
log stderr local0 debug err
option logasap
timeout connect "${HAPROXY_TEST_TIMEOUT-5s}"
timeout client "${HAPROXY_TEST_TIMEOUT-5s}"
timeout server "${HAPROXY_TEST_TIMEOUT-5s}"
retries 0
listen clear-lst
bind "fd@${clearlst}"
use_backend ssl-curves-be if { path /curves }
use_backend ssl-ecdhe-521-be if { path /ecdhe-521 }
use_backend ssl-ecdhe-256-be if { path /ecdhe-256 }
default_backend ssl-be
backend ssl-be
server s1 "${tmpdir}/ssl1.sock" ssl verify none crt ${testdir}/client.ecdsa.pem force-tlsv12
backend ssl-curves-be
server s1 "${tmpdir}/ssl2.sock" ssl verify none crt ${testdir}/client.ecdsa.pem force-tlsv12
backend ssl-ecdhe-256-be
server s1 "${tmpdir}/ssl-ecdhe-256.sock" ssl verify none crt ${testdir}/client.ecdsa.pem force-tlsv12
backend ssl-ecdhe-521-be
server s1 "${tmpdir}/ssl-ecdhe-521.sock" ssl verify none crt ${testdir}/client.ecdsa.pem force-tlsv12
listen ssl1-lst
bind "${tmpdir}/ssl1.sock" ssl crt ${testdir}/common.pem ca-file ${testdir}/set_cafile_rootCA.crt verify optional curves P-256:P-384
server s1 ${s1_addr}:${s1_port}
# The prime256v1 curve, which is used by default by a backend when no
# 'curves' or 'ecdhe' option is specified, is not allowed on this listener
listen ssl2-lst
log ${Slg_cust_fmt_addr}:${Slg_cust_fmt_port} local0
error-log-format "ERROR conn_status:\"%[fc_err]:%[fc_err_str]\" hsk_err:%{+Q}[ssl_fc_err_str]"
bind "${tmpdir}/ssl2.sock" ssl crt ${testdir}/common.pem ca-file ${testdir}/set_cafile_rootCA.crt verify optional curves P-384
server s1 ${s1_addr}:${s1_port}
listen ssl-ecdhe-521-lst
log ${Slg_cust_fmt_addr}:${Slg_cust_fmt_port} local0
error-log-format "ERROR ECDHE-521 conn_status:\"%[fc_err]:%[fc_err_str]\" hsk_err:%{+Q}[ssl_fc_err_str]"
bind "${tmpdir}/ssl-ecdhe-521.sock" ssl crt ${testdir}/common.pem ca-file ${testdir}/set_cafile_rootCA.crt verify optional ecdhe secp521r1
server s1 ${s1_addr}:${s1_port}
listen ssl-ecdhe-256-lst
log ${Slg_cust_fmt_addr}:${Slg_cust_fmt_port} local0
error-log-format "ERROR ECDHE-256 conn_status:\"%[fc_err]:%[fc_err_str]\" hsk_err:%{+Q}[ssl_fc_err_str]"
bind "${tmpdir}/ssl-ecdhe-256.sock" ssl crt ${testdir}/common.pem ca-file ${testdir}/set_cafile_rootCA.crt verify optional ecdhe prime256v1
server s1 ${s1_addr}:${s1_port}
} -start
client c1 -connect ${h1_clearlst_sock} {
txreq
rxresp
expect resp.status == 200
} -run
# The backend tries to use the prime256v1 curve that is not accepted by the
# frontend so the handshake should fail.
client c2 -connect ${h1_clearlst_sock} {
txreq -url "/curves"
rxresp
expect resp.status == 503
} -run
barrier b1 sync
# The backend tries to use the prime256v1 curve that is not accepted by the
# frontend so the handshake should fail.
client c3 -connect ${h1_clearlst_sock} {
txreq -url "/ecdhe-521"
rxresp
expect resp.status == 503
} -run
client c4 -connect ${h1_clearlst_sock} {
txreq -url "/ecdhe-256"
rxresp
expect resp.status == 200
} -run
syslog Slg_cust_fmt -wait
|