Add ALPN tests to ssl-opt.sh

Only self-op for now, required peer versions are a bit high:
- OpenSSL 1.0.2-beta
- GnuTLS 3.2.0 (released 2013-05-10) (gnutls-cli only)

library/ssl_cli.c

@@ -396,7 +396,7 @@ static void ssl_write_alpn_ext( ssl_context *ssl,
         return;
     }
 
-    SSL_DEBUG_MSG( 3, ( "client hello, adding ALPN extension" ) );
+    SSL_DEBUG_MSG( 3, ( "client hello, adding alpn extension" ) );
 
     *p++ = (unsigned char)( ( TLS_EXT_ALPN >> 8 ) & 0xFF );
     *p++ = (unsigned char)( ( TLS_EXT_ALPN      ) & 0xFF );

library/ssl_srv.c

@@ -1450,7 +1450,7 @@ static int ssl_parse_client_hello( ssl_context *ssl )
 
 #if defined(POLARSSL_SSL_ALPN)
         case TLS_EXT_ALPN:
-            SSL_DEBUG_MSG( 3, ( "found ALPN extension" ) );
+            SSL_DEBUG_MSG( 3, ( "found alpn extension" ) );
 
             ret = ssl_parse_alpn_ext( ssl, ext + 4, ext_size );
             if( ret != 0 )
@@ -1708,7 +1708,7 @@ static void ssl_write_alpn_ext( ssl_context *ssl,
         return;
     }
 
-    SSL_DEBUG_MSG( 3, ( "server hello, alpn extension" ) );
+    SSL_DEBUG_MSG( 3, ( "server hello, adding alpn extension" ) );
 
     /*
      * 0 . 1    ext identifier

tests/ssl-opt.sh

@@ -804,6 +804,8 @@ run_test    "Non-blocking I/O #7 (session-id resume)" \
             -C "ssl_handshake returned" \
             -c "Read from server: .* bytes read"
 
+# Tests for version negotiation
+
 run_test    "Version check #1 (all -> 1.2)" \
             "$P_SRV" \
             "$P_CLI" \
@@ -874,6 +876,92 @@ run_test    "Version check #8 (srv min 1.2, cli max 1.1 -> fail)" \
             -c "ssl_handshake returned" \
             -s "SSL - Handshake protocol not within min/max boundaries"
 
+# Tests for ALPN extension
+
+run_test    "ALPN #0 (none)" \
+            "$P_SRV debug_level=4" \
+            "$P_CLI debug_level=4" \
+            0 \
+            -C "client hello, adding alpn extension" \
+            -S "found alpn extension" \
+            -C "got an alert message, type: \\[2:120]" \
+            -S "server hello, adding alpn extension" \
+            -C "found alpn extension " \
+            -C "Application Layer Protocol is" \
+            -S "Application Layer Protocol is"
+
+run_test    "ALPN #1 (client only)" \
+            "$P_SRV debug_level=4" \
+            "$P_CLI debug_level=4 alpn=abc,1234" \
+            0 \
+            -c "client hello, adding alpn extension" \
+            -s "found alpn extension" \
+            -C "got an alert message, type: \\[2:120]" \
+            -S "server hello, adding alpn extension" \
+            -C "found alpn extension " \
+            -c "Application Layer Protocol is (none)" \
+            -S "Application Layer Protocol is"
+
+run_test    "ALPN #2 (server only)" \
+            "$P_SRV debug_level=4 alpn=abc,1234" \
+            "$P_CLI debug_level=4" \
+            0 \
+            -C "client hello, adding alpn extension" \
+            -S "found alpn extension" \
+            -C "got an alert message, type: \\[2:120]" \
+            -S "server hello, adding alpn extension" \
+            -C "found alpn extension " \
+            -C "Application Layer Protocol is" \
+            -s "Application Layer Protocol is (none)"
+
+run_test    "ALPN #3 (both, common cli1-srv1)" \
+            "$P_SRV debug_level=4 alpn=abc,1234" \
+            "$P_CLI debug_level=4 alpn=abc,1234" \
+            0 \
+            -c "client hello, adding alpn extension" \
+            -s "found alpn extension" \
+            -C "got an alert message, type: \\[2:120]" \
+            -s "server hello, adding alpn extension" \
+            -c "found alpn extension" \
+            -c "Application Layer Protocol is abc" \
+            -s "Application Layer Protocol is abc"
+
+run_test    "ALPN #4 (both, common cli2-srv1)" \
+            "$P_SRV debug_level=4 alpn=abc,1234" \
+            "$P_CLI debug_level=4 alpn=1234,abc" \
+            0 \
+            -c "client hello, adding alpn extension" \
+            -s "found alpn extension" \
+            -C "got an alert message, type: \\[2:120]" \
+            -s "server hello, adding alpn extension" \
+            -c "found alpn extension" \
+            -c "Application Layer Protocol is abc" \
+            -s "Application Layer Protocol is abc"
+
+run_test    "ALPN #5 (both, common cli1-srv2)" \
+            "$P_SRV debug_level=4 alpn=abc,1234" \
+            "$P_CLI debug_level=4 alpn=1234,abcde" \
+            0 \
+            -c "client hello, adding alpn extension" \
+            -s "found alpn extension" \
+            -C "got an alert message, type: \\[2:120]" \
+            -s "server hello, adding alpn extension" \
+            -c "found alpn extension" \
+            -c "Application Layer Protocol is 1234" \
+            -s "Application Layer Protocol is 1234"
+
+run_test    "ALPN #6 (both, no common)" \
+            "$P_SRV debug_level=4 alpn=abc,123" \
+            "$P_CLI debug_level=4 alpn=1234,abcde" \
+            1 \
+            -c "client hello, adding alpn extension" \
+            -s "found alpn extension" \
+            -c "got an alert message, type: \\[2:120]" \
+            -S "server hello, adding alpn extension" \
+            -C "found alpn extension" \
+            -C "Application Layer Protocol is 1234" \
+            -S "Application Layer Protocol is 1234"
+
 # Final report
 
 echo "------------------------------------------------------------------------"