pytests/proxy: run test_rehandshake with TLS 1.3 as well

parent 72b34173
Pipeline #44587 passed with stages
in 9 minutes and 41 seconds
......@@ -89,7 +89,8 @@ class TLSProxy(Proxy):
upstream_port: Optional[int] = None,
certname: Optional[str] = 'tt',
close: Optional[int] = None,
rehandshake: bool = False
rehandshake: bool = False,
force_tls13: bool = False
) -> None:
super().__init__(local_ip, local_port, upstream_ip, upstream_port)
if certname is not None:
......@@ -100,6 +101,7 @@ class TLSProxy(Proxy):
self.key_path = None
self.close = close
self.rehandshake = rehandshake
self.force_tls13 = force_tls13
def get_args(self):
args = super().get_args()
......@@ -114,6 +116,8 @@ class TLSProxy(Proxy):
args.append(str(self.close))
if self.rehandshake:
args.append('--rehandshake')
if self.force_tls13:
args.append('--tls13')
return args
......
......@@ -11,12 +11,12 @@ and sent back to the client (this test).
import re
import time
from proxy import HINTS, kresd_tls_client, resolve_hint, TLSProxy
import pytest
from proxy import HINTS, kresd_tls_client, resolve_hint, TLSProxy
def test_proxy_rehandshake(tmpdir):
proxy = TLSProxy(rehandshake=True)
def verify_rehandshake(tmpdir, proxy):
with kresd_tls_client(str(tmpdir), proxy) as kresd:
sock2 = kresd.ip_tcp_socket()
try:
......@@ -36,3 +36,16 @@ def test_proxy_rehandshake(tmpdir):
n_rehandshake += 1
assert n_connecting_to == 1 # should connect exactly once
assert n_rehandshake > 0
def test_proxy_rehandshake_tls12(tmpdir):
proxy = TLSProxy(rehandshake=True)
verify_rehandshake(tmpdir, proxy)
# TODO fix TLS v1.3 proxy / kresd rehandshake
@pytest.mark.xfail(
reason="TLS 1.3 rehandshake isn't properly supported either in tlsproxy or in kresd")
def test_proxy_rehandshake_tls13(tmpdir):
proxy = TLSProxy(rehandshake=True, force_tls13=True)
verify_rehandshake(tmpdir, proxy)
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment