Bridge Testing: Vanilla TLS Handshake

The bridge testing suite will need a module with normal TLS helpers.

added bridge component::archived/ooni owner::isis parent::6865 priority::medium reachability resolution::fixed status::closed type::task labels

This was completed in #8044 (closed) and #8353 (closed). It implements asynchronous handling of OpenSSL's memory BIO state machine to manually transverse TLS/SSL handshaking steps, and it includes methods for setting the client ciphersuite list, the TLS/SSL context method, and includes reporting for whether the connection or the handshake failed.

The handshake steps, because they are manually handled, could potentially include reported of the number of SSL_ERROR_WANT_READs or SSL_ERROR_WANT_WRITES we have on a connection, but I've not implemented this yet (though there is reporting on the number of TLS/SSL renegotiations) and it would not be too difficult to add.

I am marking this as 'needs review' until the code attached to #8044 (closed) and #8353 (closed) gets reviewed and merged.

Trac:
Status: new to needs_review

This was merged in commit 4fdbd6214a8f09d56de0598146d3f6ce760e8d77, and the tls_handshake.py test has multiple switches for testing different SSL/TLS contexts, and providing a custom ciphersuite list (by default it tests TLSv1 with TBB's current ciphersuite list).

Trac:
Status: needs_review to closed
Resolution: N/A to fixed
Milestone: Deliverable-Nov2011 to N/A

Replying to isis:

This was merged in commit 4fdbd6214a8f09d56de0598146d3f6ce760e8d77,

Oopsies daisies, make that be "commit 875dc22d85d8391b81f6fe988f080a2cb41d65e3".

closed