summaryrefslogtreecommitdiffstats
path: root/reg-tests/ssl/ssl_dh.vtc
blob: 5fe7c88aa2fb192e0b2f13262997dbc5b942ea52 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
#REGTEST_TYPE=devel

# This reg-tests checks that the DH-related mechanisms works properly.
# When no DH is specified, either directly in the server's PEM or through a
# ssl-dh-param-file global option, and no tune.ssl.default-dh-param is defined,
# DHE ciphers are disabled.
# If a default-dh-param is defined, we will use DH parameters of the same size
# as the server's RSA or DSA key, or default-dh-param if it is smaller.
# This test has three distinct HAProxy instances, one with no DH-related option
# used, one with the tune.ssl.default-dh-param global parameter set, and one
# with an ssl-dh-param-file global option.
# We use "openssl s_client" calls in order to check the size of the "Server
# Temp Key" (which will be the same as the DH parameters in case a DHE cipher
# is used).
#
# The main goal of this test was to check that the newly added OpenSSLv3
# specific DH code worked as before, since it needed to be created in order to
# stop using deprecated APIs.

varnishtest "Test the DH related SSL options"
# AWS-LC does not support any FFDH ciphersuites
feature cmd "$HAPROXY_PROGRAM -cc 'feature(OPENSSL) && !ssllib_name_startswith(AWS-LC)' && !ssllib_name_startswith(wolfSSL)'"
feature cmd "command -v openssl && command -v grep && command -v socat"
feature ignore_unknown_macro

server s1 -repeat 8 {
  rxreq
  txresp
} -start


haproxy h1 -conf {
    global
        stats socket "${tmpdir}/h1/stats" level admin

    defaults
        mode http
        option httpslog
        log stderr local0 debug err
        option logasap
        timeout connect "${HAPROXY_TEST_TIMEOUT-5s}"
        timeout client  "${HAPROXY_TEST_TIMEOUT-5s}"
        timeout server  "${HAPROXY_TEST_TIMEOUT-5s}"
        retries 0

    frontend clear-fe
        bind "fd@${clearlst}"
        use_backend gen_cert_be if { path /gencert }
        default_backend dflt_be

    backend dflt_be
        server s1 "${tmpdir}/ssl_dflt.sock" ssl verify none ssl-max-ver TLSv1.2

    backend gen_cert_be
        server s1 "${tmpdir}/ssl_dflt_gencert.sock" ssl verify none ssl-max-ver TLSv1.2

    listen ssl-dflt-lst
        bind "${tmpdir}/ssl_dflt.sock" ssl crt ${testdir}/common.pem ca-file ${testdir}/set_cafile_rootCA.crt verify optional ciphers "DHE-RSA-AES256-GCM-SHA384" ssl-max-ver TLSv1.2
        http-response set-header x-ssl-cipher %[ssl_fc_cipher]
        server s1 ${s1_addr}:${s1_port}

    listen ssl-dflt-gencert-lst
        bind "${tmpdir}/ssl_dflt_gencert.sock" ssl generate-certificates crt ${testdir}/common.pem ca-file ${testdir}/set_cafile_rootCA.crt ca-sign-file ${testdir}/generate_certificates/gen_cert_ca.pem verify optional ciphers "DHE-RSA-AES256-GCM-SHA384" ssl-max-ver TLSv1.2
        http-response set-header x-ssl-cipher %[ssl_fc_cipher]
        server s1 ${s1_addr}:${s1_port}
} -start

haproxy h2 -conf {
    global
        stats socket "${tmpdir}/h2/stats" level admin

    global
        tune.ssl.default-dh-param 4096

    defaults
        mode http
        option httpslog
        log stderr local0 debug err
        option logasap
        timeout connect "${HAPROXY_TEST_TIMEOUT-5s}"
        timeout client  "${HAPROXY_TEST_TIMEOUT-5s}"
        timeout server  "${HAPROXY_TEST_TIMEOUT-5s}"
        retries 0

    listen clear-lst
        bind "fd@${clearlst_dfltdh}"
        server s1 "${tmpdir}/ssl_dfltdh.sock" ssl verify none ssl-max-ver TLSv1.2

    listen ssl-4096dh-dflt-lst
        bind "${tmpdir}/ssl_dfltdh.sock" ssl crt ${testdir}/common.pem ca-file ${testdir}/set_cafile_rootCA.crt verify optional ciphers "DHE-RSA-AES256-GCM-SHA384" ssl-max-ver TLSv1.2
        http-response set-header x-ssl-cipher %[ssl_fc_cipher]
        server s1 ${s1_addr}:${s1_port}
} -start

haproxy h3 -conf {
    global
        stats socket "${tmpdir}/h3/stats" level admin

    global
        ssl-dh-param-file ${testdir}/common.4096.dh

    defaults
        mode http
        option httpslog
        log stderr local0 debug err
        option logasap
        timeout connect "${HAPROXY_TEST_TIMEOUT-5s}"
        timeout client  "${HAPROXY_TEST_TIMEOUT-5s}"
        timeout server  "${HAPROXY_TEST_TIMEOUT-5s}"
        retries 0

    listen clear-lst
        bind "fd@${clearlst_dhfile}"
        server s1 "${tmpdir}/ssl_dhfile.sock" ssl verify none ssl-max-ver TLSv1.2

    listen ssl-dhfile-lst
        bind "${tmpdir}/ssl_dhfile.sock" ssl crt ${testdir}/common.pem ca-file ${testdir}/set_cafile_rootCA.crt verify optional ciphers "DHE-RSA-AES256-GCM-SHA384" ssl-max-ver TLSv1.2
        http-response set-header x-ssl-cipher %[ssl_fc_cipher]
        server s1 ${s1_addr}:${s1_port}
} -start

#
# Check that all the SSL backend <-> SSL frontend connections work
#
client c1 -connect ${h1_clearlst_sock} {
  txreq
  rxresp
  # No DH parameters are defined, DHE ciphers are unavailable
  expect resp.status == 503
} -run

client c2 -connect ${h2_clearlst_dfltdh_sock} {
  txreq
  rxresp
  expect resp.status == 200
  expect resp.http.x-ssl-cipher == "DHE-RSA-AES256-GCM-SHA384"
} -run

client c3 -connect ${h3_clearlst_dhfile_sock} {
  txreq
  rxresp
  expect resp.status == 200
  expect resp.http.x-ssl-cipher == "DHE-RSA-AES256-GCM-SHA384"
} -run

client c4 -connect ${h1_clearlst_sock} {
  txreq -url "/gencert"
  rxresp
  # No DH parameters are defined, DHE ciphers are unavailable
  expect resp.status == 503
} -run


# On the second HAProxy instance, even if default-dh-param is set to 4096, this
# value is only considered as a maximum DH key length and we will always try to
# match the server's certificate key length in our DHE key exchange (2048 bits
# in the case of common.pem).
shell {
    echo "Q" | openssl s_client -unix "${tmpdir}/ssl_dfltdh.sock" -tls1_2 2>/dev/null | grep -E "Server Temp Key: DH, 2048 bits"
}

shell {
    echo "Q" | openssl s_client -unix "${tmpdir}/ssl_dhfile.sock" -tls1_2 2>/dev/null | grep -E "Server Temp Key: DH, 4096 bits"
}


#
# Add a custom DH to the server's PEM certificate
#
shell {
    printf "set ssl cert ${testdir}/common.pem <<\n$(cat ${testdir}/common.pem)\n$(cat ${testdir}/common.4096.dh)\n\n" | socat "${tmpdir}/h1/stats" -
    echo "commit ssl cert ${testdir}/common.pem" | socat "${tmpdir}/h1/stats" -

    printf "set ssl cert ${testdir}/common.pem <<\n$(cat ${testdir}/common.pem)\n$(cat ${testdir}/common.4096.dh)\n\n" | socat "${tmpdir}/h2/stats" -
    echo "commit ssl cert ${testdir}/common.pem" | socat "${tmpdir}/h2/stats" -

    printf "set ssl cert ${testdir}/common.pem <<\n$(cat ${testdir}/common.pem)\n$(cat ${testdir}/common.4096.dh)\n\n" | socat "${tmpdir}/h3/stats" -
    echo "commit ssl cert ${testdir}/common.pem" | socat "${tmpdir}/h3/stats" -
}


#
# Check that all the SSL backend <-> SSL frontend connections still work
# Common.pem now contains DH parameters so the first instance's frontends
# can now use DHE ciphers.
#
client c5 -connect ${h1_clearlst_sock} {
  txreq
  rxresp
  expect resp.status == 200
  expect resp.http.x-ssl-cipher == "DHE-RSA-AES256-GCM-SHA384"
} -run

client c6 -connect ${h2_clearlst_dfltdh_sock} {
  txreq
  rxresp
  expect resp.status == 200
  expect resp.http.x-ssl-cipher == "DHE-RSA-AES256-GCM-SHA384"
} -run

client c7 -connect ${h3_clearlst_dhfile_sock} {
  txreq
  rxresp
  expect resp.status == 200
  expect resp.http.x-ssl-cipher == "DHE-RSA-AES256-GCM-SHA384"
} -run

client c8 -connect ${h1_clearlst_sock} {
  txreq -url "/gencert"
  rxresp
  expect resp.status == 200
  expect resp.http.x-ssl-cipher == "DHE-RSA-AES256-GCM-SHA384"
} -run



#
# Check the new size of the DH key
#
shell {
    echo "Q" | openssl s_client -unix "${tmpdir}/ssl_dflt.sock" -tls1_2 2>/dev/null | grep -E "Server Temp Key: DH, 4096 bits"
}

shell {
    echo "Q" | openssl s_client -unix "${tmpdir}/ssl_dfltdh.sock" -tls1_2 2>/dev/null | grep -E "Server Temp Key: DH, 4096 bits"
}

shell {
    echo "Q" | openssl s_client -unix "${tmpdir}/ssl_dhfile.sock" -tls1_2 2>/dev/null | grep -E "Server Temp Key: DH, 4096 bits"
}

shell {
    echo "Q" | openssl s_client -unix "${tmpdir}/ssl_dflt_gencert.sock" -tls1_2 2>/dev/null | grep -E "Server Temp Key: DH, 4096 bits"
}