Skip to content

Commit

Permalink
test: replace s_client in test-https-ci-reneg-attack
Browse files Browse the repository at this point in the history
Replace `s_client` in test-https-ci-reneg-attack with built-in
client calling `tls.renegotiate()`. This also fixes the currently-broken
test. (It is broken due to a change in behavior in a
recently-updated-in-core version of `s_client`.)

PR-URL: #25720
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
  • Loading branch information
Trott authored and addaleax committed Jan 28, 2019
1 parent bc81a68 commit 4b2a1ea
Showing 1 changed file with 34 additions and 38 deletions.
72 changes: 34 additions & 38 deletions test/pummel/test-https-ci-reneg-attack.js
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,6 @@ if (!common.opensslCli)
common.skip('node compiled without OpenSSL CLI.');

const assert = require('assert');
const spawn = require('child_process').spawn;
const tls = require('tls');
const https = require('https');
const fixtures = require('../common/fixtures');
Expand Down Expand Up @@ -63,50 +62,47 @@ function test(next) {
});

server.listen(0, function() {
const cmd = `s_client -connect 127.0.0.1:${server.address().port}`;
const args = cmd.split(' ');
const child = spawn(common.opensslCli, args);

child.stdout.resume();
child.stderr.resume();
const agent = https.Agent({
keepAlive: true,
});

// Count handshakes, start the attack after the initial handshake is done
let handshakes = 0;
let client;
let renegs = 0;

child.stderr.on('data', function(data) {
handshakes += ((String(data)).match(/verify return:1/g) || []).length;
if (handshakes === 2) spam();
renegs += ((String(data)).match(/RENEGOTIATING/g) || []).length;
});
const options = {
rejectUnauthorized: false,
agent
};

child.on('exit', function() {
assert.strictEqual(renegs, tls.CLIENT_RENEG_LIMIT + 1);
server.close();
process.nextTick(next);
});
const { port } = server.address();

https.get(`https://localhost:${port}/`, options, (res) => {
client = res.socket;

let closed = false;
child.stdin.on('error', function(err) {
switch (err.code) {
case 'ECONNRESET':
case 'EPIPE':
break;
default:
assert.strictEqual(err.code, 'ECONNRESET');
break;
client.on('close', function(hadErr) {
assert.strictEqual(hadErr, false);
assert.strictEqual(renegs, tls.CLIENT_RENEG_LIMIT + 1);
server.close();
process.nextTick(next);
});

client.on('error', function(err) {
console.log('CLIENT ERR', err);
throw err;
});

spam();

// simulate renegotiation attack
function spam() {
client.renegotiate({}, (err) => {
assert.ifError(err);
assert.ok(renegs <= tls.CLIENT_RENEG_LIMIT);
setImmediate(spam);
});
renegs++;
}
closed = true;
});
child.stdin.on('close', function() {
closed = true;
});

// simulate renegotiation attack
function spam() {
if (closed) return;
child.stdin.write('R\n');
setTimeout(spam, 50);
}
});
}

0 comments on commit 4b2a1ea

Please sign in to comment.