| Remi Tricot-Le Breton | eb561ce | 2022-02-08 17:45:55 +0100 | [diff] [blame] | 1 | #REGTEST_TYPE=devel |
| 2 | |
| 3 | # This reg-test checks the behaviour of the 'curves' and 'ecdhe' options on a |
| 4 | # bind line. Its main point is to ensure that the default curve used in |
| 5 | # HAProxy is indeed prime256v1 (or P-256 depending on the curve's |
| 6 | # representation). In order to check this, is uses two ssl frontends that have |
| 7 | # different lists of accepted curves, one of them accepting this default curve |
| 8 | # while the other one does not. A backend tries to connect to those two |
| 9 | # frontends by using the default curve, and it should succeed in one case and |
| 10 | # fail in the other. |
| 11 | # For some strange reason, OpenSSL 1.0.2 does not behave the same way as later |
| 12 | # versions when it comes to ECDH and curves related matters. Instead of trying |
| 13 | # to make it work the same way as the other (more used) versions, we will |
| 14 | # ignore it and disable this test on OpenSSL 1.0.2. |
| 15 | # For the same reason, this test is disabled for other SSL libraries as well. |
| 16 | # |
| 17 | |
| 18 | varnishtest "Test the 'curves' and 'ecdhe' options and default curve value" |
| 19 | feature cmd "$HAPROXY_PROGRAM -cc 'feature(OPENSSL) && ssllib_name_startswith(OpenSSL) && openssl_version_atleast(1.1.1)'" |
| 20 | feature ignore_unknown_macro |
| 21 | |
| 22 | server s1 -repeat 2 { |
| 23 | rxreq |
| 24 | txresp |
| 25 | } -start |
| 26 | |
| 27 | barrier b1 cond 2 -cyclic |
| 28 | |
| 29 | syslog Slg_cust_fmt -level info { |
| 30 | recv |
| 31 | expect ~ "ERROR.*conn_status:\"34:SSL handshake failure\" hsk_err:\".*wrong curve\".*" |
| 32 | |
| 33 | barrier b1 sync |
| 34 | |
| 35 | recv |
| 36 | expect ~ "ERROR ECDHE.*conn_status:\"34:SSL handshake failure\" hsk_err:\".*wrong curve\".*" |
| 37 | } -start |
| 38 | |
| 39 | |
| 40 | haproxy h1 -conf { |
| 41 | global |
| 42 | tune.ssl.default-dh-param 2048 |
| 43 | |
| 44 | defaults |
| 45 | mode http |
| 46 | option httpslog |
| 47 | log stderr local0 debug err |
| 48 | option logasap |
| 49 | timeout connect "${HAPROXY_TEST_TIMEOUT-5s}" |
| 50 | timeout client "${HAPROXY_TEST_TIMEOUT-5s}" |
| 51 | timeout server "${HAPROXY_TEST_TIMEOUT-5s}" |
| 52 | retries 0 |
| 53 | |
| 54 | listen clear-lst |
| 55 | bind "fd@${clearlst}" |
| 56 | |
| 57 | use_backend ssl-curves-be if { path /curves } |
| 58 | use_backend ssl-ecdhe-521-be if { path /ecdhe-521 } |
| 59 | use_backend ssl-ecdhe-256-be if { path /ecdhe-256 } |
| 60 | default_backend ssl-be |
| 61 | |
| 62 | backend ssl-be |
| 63 | server s1 "${tmpdir}/ssl1.sock" ssl verify none crt ${testdir}/client.ecdsa.pem force-tlsv12 |
| 64 | |
| 65 | backend ssl-curves-be |
| 66 | server s1 "${tmpdir}/ssl2.sock" ssl verify none crt ${testdir}/client.ecdsa.pem force-tlsv12 |
| 67 | |
| 68 | backend ssl-ecdhe-256-be |
| 69 | server s1 "${tmpdir}/ssl-ecdhe-256.sock" ssl verify none crt ${testdir}/client.ecdsa.pem force-tlsv12 |
| 70 | |
| 71 | backend ssl-ecdhe-521-be |
| 72 | server s1 "${tmpdir}/ssl-ecdhe-521.sock" ssl verify none crt ${testdir}/client.ecdsa.pem force-tlsv12 |
| 73 | |
| 74 | |
| 75 | listen ssl1-lst |
| 76 | bind "${tmpdir}/ssl1.sock" ssl crt ${testdir}/common.pem ca-file ${testdir}/set_cafile_rootCA.crt verify optional curves P-256:P-384 |
| 77 | server s1 ${s1_addr}:${s1_port} |
| 78 | |
| 79 | # The prime256v1 curve, which is used by default by a backend when no |
| 80 | # 'curves' or 'ecdhe' option is specified, is not allowed on this listener |
| 81 | listen ssl2-lst |
| 82 | log ${Slg_cust_fmt_addr}:${Slg_cust_fmt_port} local0 |
| 83 | error-log-format "ERROR conn_status:\"%[fc_err]:%[fc_err_str]\" hsk_err:%{+Q}[ssl_fc_err_str]" |
| 84 | |
| 85 | bind "${tmpdir}/ssl2.sock" ssl crt ${testdir}/common.pem ca-file ${testdir}/set_cafile_rootCA.crt verify optional curves P-384 |
| 86 | server s1 ${s1_addr}:${s1_port} |
| 87 | |
| 88 | listen ssl-ecdhe-521-lst |
| 89 | log ${Slg_cust_fmt_addr}:${Slg_cust_fmt_port} local0 |
| 90 | error-log-format "ERROR ECDHE-521 conn_status:\"%[fc_err]:%[fc_err_str]\" hsk_err:%{+Q}[ssl_fc_err_str]" |
| 91 | |
| 92 | bind "${tmpdir}/ssl-ecdhe-521.sock" ssl crt ${testdir}/common.pem ca-file ${testdir}/set_cafile_rootCA.crt verify optional ecdhe secp521r1 |
| 93 | server s1 ${s1_addr}:${s1_port} |
| 94 | |
| 95 | listen ssl-ecdhe-256-lst |
| 96 | log ${Slg_cust_fmt_addr}:${Slg_cust_fmt_port} local0 |
| 97 | error-log-format "ERROR ECDHE-256 conn_status:\"%[fc_err]:%[fc_err_str]\" hsk_err:%{+Q}[ssl_fc_err_str]" |
| 98 | |
| 99 | bind "${tmpdir}/ssl-ecdhe-256.sock" ssl crt ${testdir}/common.pem ca-file ${testdir}/set_cafile_rootCA.crt verify optional ecdhe prime256v1 |
| 100 | server s1 ${s1_addr}:${s1_port} |
| 101 | |
| 102 | } -start |
| 103 | |
| 104 | client c1 -connect ${h1_clearlst_sock} { |
| 105 | txreq |
| 106 | rxresp |
| 107 | expect resp.status == 200 |
| 108 | } -run |
| 109 | |
| 110 | # The backend tries to use the prime256v1 curve that is not accepted by the |
| 111 | # frontend so the handshake should fail. |
| 112 | client c2 -connect ${h1_clearlst_sock} { |
| 113 | txreq -url "/curves" |
| 114 | rxresp |
| 115 | expect resp.status == 503 |
| 116 | } -run |
| 117 | |
| 118 | barrier b1 sync |
| 119 | |
| 120 | # The backend tries to use the prime256v1 curve that is not accepted by the |
| 121 | # frontend so the handshake should fail. |
| 122 | client c3 -connect ${h1_clearlst_sock} { |
| 123 | txreq -url "/ecdhe-521" |
| 124 | rxresp |
| 125 | expect resp.status == 503 |
| 126 | } -run |
| 127 | |
| 128 | client c4 -connect ${h1_clearlst_sock} { |
| 129 | txreq -url "/ecdhe-256" |
| 130 | rxresp |
| 131 | expect resp.status == 200 |
| 132 | } -run |
| 133 | |
| 134 | syslog Slg_cust_fmt -wait |