sonertari / testproxy Goto Github PK
View Code? Open in Web Editor NEWTool for end-to-end testing of proxy servers
License: GNU General Public License v3.0
testproxy's People
Contributors
Stargazers
Watchers
testproxy's Issues
Test 1 failed: Configures ssl cert, proto, cipher_list correctly
I want to test the SSLProxy with this tool, but whenever I want to run a test. I get the following errors I do not know if I'm doing something wrong or if it's a bug or something else.
With the ssl_testset_1.json
[16:00:21] [WARN] testproxy: SSLproxy tests
[16:00:21] [WARN] testproxy: Start test harness 1: SSL tests
[16:00:21] [WARN] MGR.h1.s1.c1: Start test set 1 for test config 1: Tests for SSL configuration
[16:00:21] [ERROR] MGR.h1.s1.c1: Test 1 failed: Configures ssl cert, proto, cipher_list correctly
[16:00:21] [ERROR] testproxy: Test set h1.s1 failed
[16:00:21] [ERROR] testproxy: Test harness 1 failed: SSL tests
With the http_testset_1.json
[15:53:05] [ERROR] SRV.h1.s1.c1.t1.0: TCP stream connect timed out
[15:53:05] [ERROR] MGR.h1.s1.c1: Test 1 failed: Removes any extra SSLproxy line, and appends Connection: close
[15:53:05] [ERROR] testproxy: Test set h1.s1 failed
[15:53:05] [ERROR] testproxy: Test harness 1 failed: SSL tests
This is the harness.json file i use
{
"comment": "SSLproxy tests",
"testharnesses": {
"1": {
"comment": "SSL tests",
"testsets": {
"1": "ssl_testset_1.json"
}
}
}
}
I used the ssl and http test in the examples folder to try it out
{
"comment": "Tests for SSL configuration",
"configs": {
"1": {
"proto": {
"proto": "ssl",
"tcp_nodelay": "yes",
"ip_ttl": "15",
"connect_timeout": "1000",
"read_timeout": "50",
"write_timeout": "50",
"verify_peer": "no",
"cipher_list": "MEDIUM:HIGH",
"no_ssl2": "yes",
"no_ssl3": "yes",
"no_tls10": "yes",
"no_tls11": "yes",
"no_tls12": "yes",
"no_tls13": "yes",
"min_proto_version": "ssl3",
"max_proto_version": "tls13",
"ecdhcurve": "prime256v1",
"use_sni": "no",
"verify_hostname": "no",
"compression": "no"
},
"client": {
"ip": "127.0.0.1",
"port": "8443",
"crt": "/TestProxy/target/debug/server.crt",
"key": "/TestProxy/target/debug/server.key",
"cipher_list": "MEDIUM",
"use_sni": "yes",
"sni_servername": "comixwall.org",
"verify_hostname": "yes",
"no_tls10": "no",
"max_proto_version": "tls11"
},
"server": {
"ip": "127.0.0.1",
"port": "9443",
"crt": "/TestProxy/target/debug/server.crt",
"key": "/TestProxy/target/debug/server.key",
"cipher_list": "HIGH",
"no_tls12": "no",
"min_proto_version": "tls12",
"compression": "yes"
}
}
},
"tests": {
"1": {
"comment": "Configures ssl cert, proto, cipher_list correctly",
"states": {
"1": {
"testend": "client",
"cmd": "send",
"payload": "GET / HTTP/1.1\r\nHost: comixwall.org\r\n\r\n",
"assert": {
"current_cipher_name": {
"match": [
"^DHE-\\w+-\\w+-\\w+",
"\\w+-\\w+-SEED-\\w+",
"\\w+-\\w+-\\w+-SHA$"
],
"!match": [
"ECDHE-[A-Z0-9]+-[A-Z0-9]+-[A-Z0-9]+-[A-Z0-9]+",
"[A-Z0-9]+-[A-Z0-9]+-AES256-[A-Z0-9]+-[A-Z0-9]+",
"[A-Z0-9]+-[A-Z0-9]+-[A-Z0-9]+-[A-Z0-9]+-SHA384"
]
},
"current_cipher_version": {
"==": [
"SSLv3",
"TLSv1"
],
"!match": [
"^TLSv1\\.[1-3]?$"
]
},
"ssl_proto_version": {
"==": [
"TLSv1"
],
"!=": [
"SSLv3"
],
"!match": [
"^TLSv1\\.[1-3]?$"
]
},
"ssl_state": {
"==": [
"SSLOK "
]
},
"peer_certificate": {
"==": [
"TR, Antalya, Serik, ComixWall, SSLproxy, comixwall.org, [email protected]"
]
},
"peer_certificate_not_before": {
">=": [
"-2"
],
"<=": [
"0"
]
},
"peer_certificate_not_after": {
">=": [
"363"
],
"<=": [
"365"
]
}
}
},
"2": {
"testend": "server",
"cmd": "recv",
"payload": "GET / HTTP/1.1\r\nHost: comixwall.org\r\nConnection: close\r\n\r\n",
"assert": {
"current_cipher_name": {
"match": [
"ECDHE-[A-Z0-9]+-[A-Z0-9]+-[A-Z0-9]+-[A-Z0-9]+",
"[A-Z0-9]+-[A-Z0-9]+-AES256-[A-Z0-9]+-[A-Z0-9]+",
"[A-Z0-9]+-[A-Z0-9]+-[A-Z0-9]+-[A-Z0-9]+-SHA384"
],
"!match": [
"^DHE-\\w+-\\w+-\\w+",
"\\w+-\\w+-SEED-\\w+",
"\\w+-\\w+-\\w+-SHA$"
]
},
"current_cipher_version": {
"==": [
"TLSv1.2"
],
"!match": [
"^(SSLv3|TLSv1|TLSv1\\.[13]?)$"
]
},
"ssl_proto_version": {
"==": [
"TLSv1.2"
],
"!match": [
"^(SSLv3|TLSv1|TLSv1\\.[13]?)$"
]
},
"ssl_state": {
"==": [
"SSLOK "
]
},
"sni_servername": {
"==": [
"comixwall.org"
]
}
}
}
}
}
}
}
This is how i start the sslproxy
sudo sslproxy -D4 -k /SSLproxy/server.key -c /SSLproxy/server.crt -l connect.log -J -S /SSLproxy/log -Y /SSLproxy/pcap ssl 127.0.0.1 8443 up:1212
for the lp i you use that on in the test dir.
At least the output of the proxy says that it has received something.
EOF on outbound connection before connection establishment
SSL_free() in state 0000000c = 000c = TWCH (SSLv3/TLS write client hello) [connect socket]
EOF on outbound connection before connection establishment
SSL_free() in state 0000000c = 000c = TWCH (SSLv3/TLS write client hello) [connect socket]
EOF on outbound connection before connection establishment
SSL_free() in state 0000000c = 000c = TWCH (SSLv3/TLS write client hello) [connect socket]
EOF on outbound connection before connection establishment
SSL_free() in state 0000000c = 000c = TWCH (SSLv3/TLS write client hello) [connect socket]
EOF on outbound connection before connection establishment
SSL_free() in state 0000000c = 000c = TWCH (SSLv3/TLS write client hello) [connect socket]
EOF on outbound connection before connection establishment
SSL_free() in state 0000000c = 000c = TWCH (SSLv3/TLS write client hello) [connect socket]
EOF on outbound connection before connection establishment
SSL_free() in state 0000000c = 000c = TWCH (SSLv3/TLS write client hello) [connect socket]
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.