probes with server_authz extension from RFC 5878

prober.py

@@ -176,7 +176,13 @@
     ClientAuthzNull12PFS(),
     ClientAuthzOverflow(),
     ClientAuthzOverflow12(),
-    ClientAuthzOverflow12PFS()
+    ClientAuthzOverflow12PFS(),
+    ServerAuthzNull(),
+    ServerAuthzNull12(),
+    ServerAuthzNull12PFS(),
+    ServerAuthzOverflow(),
+    ServerAuthzOverflow12(),
+    ServerAuthzOverflow12PFS()
 ]
 
 def probe(ipaddress, port, starttls, specified_probe):

probes.py

@@ -1674,3 +1674,38 @@ class ClientAuthzOverflow12(ClientAuthzOverflow, NormalHandshake12):
 class ClientAuthzOverflow12PFS(ClientAuthzOverflow, NormalHandshake12PFS):
     '''As with ClientAuthzOverflow but in PFS TLSv1.3 hello'''
     pass
+
+
+class ServerAuthzNull(ClientAuthzNull):
+    '''Send empty server authz extension in hello'''
+
+    def make_client_authz_hello(self, value):
+        server_authz_ext = Extension.create(
+            extension_type=8,
+            data=value)
+        return self.make_hello([server_authz_ext])
+
+
+class ServerAuthzNull12(ServerAuthzNull, NormalHandshake12):
+    '''Send empty server authz extension in TLSv1.2 hello'''
+    pass
+
+
+class ServerAuthzNull12PFS(ServerAuthzNull, NormalHandshake12PFS):
+    '''Send empty server authz extension in PFS TLSv1.2 hello'''
+    pass
+
+
+class ServerAuthzOverflow(ServerAuthzNull, ClientAuthzOverflow):
+    '''Send server authz extension with length longer than data in hello'''
+    pass
+
+
+class ServerAuthzOverflow12(ServerAuthzOverflow, NormalHandshake12):
+    '''As with ServerAuthzOverflow but in TLSv1.2 hello'''
+    pass
+
+
+class ServerAuthzOverflow12PFS(ServerAuthzOverflow, NormalHandshake12PFS):
+    '''As with ServerAuthzOverflow but in PFS TLSv1.2 hello'''
+    pass

tests/test_probes.py

@@ -3265,3 +3265,129 @@ def test_test(self):
                           b'\x00\x07'
                           b'\x00\x07\x00\x03'
                           b'\x04\x00\x01'])
+
+
+class TestServerAuthzNull(unittest.TestCase):
+    def test_test(self):
+        probe = ServerAuthzNull()
+        sock = MockSock()
+
+        probe.test(sock)
+
+        self.assertEqual(sock.sent_data,
+                         [b'\x16\x03\x01\x00?'
+                          b'\x01\x00\x00;'
+                          b'\x03\x01' +
+                          RANDOM_STR +
+                          b'\x00'
+                          b'\x00\x0e' +
+                          DEFAULT_CIPHERS_STR +
+                          b'\x01\x00'
+                          b'\x00\x04'
+                          b'\x00\x08\x00\x00'])
+
+
+class TestServerAuthzNull12(unittest.TestCase):
+    def test_test(self):
+        probe = ServerAuthzNull12()
+        sock = MockSock()
+
+        probe.test(sock)
+
+        self.assertEqual(sock.sent_data,
+                         [b'\x16\x03\x01\x00W'
+                          b'\x01\x00\x00S'
+                          b'\x03\x03' +
+                          RANDOM_STR +
+                          b'\x00'
+                          b'\x00&' +
+                          DEFAULT_12_CIPHERS_STR +
+                          b'\x01\x00'
+                          b'\x00\x04'
+                          b'\x00\x08\x00\x00'])
+
+
+class TestServerAuthzNull12PFS(unittest.TestCase):
+    def test_test(self):
+        probe = ServerAuthzNull12PFS()
+        sock = MockSock()
+
+        probe.test(sock)
+
+        self.maxDiff = None
+        self.assertEqual(sock.sent_data,
+                         [b"\x16\x03\x01\x00\x8f"
+                          b"\x01\x00\x00\x8b"
+                          b"\x03\x03" +
+                          RANDOM_STR +
+                          b"\x00"
+                          b"\x00^" +
+                          DEFAULT_PFS_CIPHERS_STR +
+                          b"\x01\x00"
+                          b'\x00\x04'
+                          b'\x00\x08\x00\x00'])
+
+
+class TestServerAuthzOverflow(unittest.TestCase):
+    def test_test(self):
+        probe = ServerAuthzOverflow()
+        sock = MockSock()
+
+        probe.test(sock)
+
+        self.maxDiff = None
+        self.assertEqual(sock.sent_data,
+                         [b'\x16\x03\x01\x00B'
+                          b'\x01\x00\x00>'
+                          b'\x03\x01' +
+                          RANDOM_STR +
+                          b'\x00'
+                          b'\x00\x0e' +
+                          DEFAULT_CIPHERS_STR +
+                          b'\x01\x00'
+                          b'\x00\x07'
+                          b'\x00\x08\x00\x03'
+                          b'\x04\x00\x01'])
+
+
+class TestServerAuthzOverflow12(unittest.TestCase):
+    def test_test(self):
+        probe = ServerAuthzOverflow12()
+        sock = MockSock()
+
+        probe.test(sock)
+
+        self.assertEqual(sock.sent_data,
+                         [b'\x16\x03\x01\x00Z'
+                          b'\x01\x00\x00V'
+                          b'\x03\x03' +
+                          RANDOM_STR +
+                          b'\x00'
+                          b'\x00&' +
+                          DEFAULT_12_CIPHERS_STR +
+                          b'\x01\x00'
+                          b'\x00\x07'
+                          b'\x00\x08\x00\x03'
+                          b'\x04\x00\x01'])
+
+
+class TestServerAuthzOverflow12FS(unittest.TestCase):
+    def test_test(self):
+        probe = ServerAuthzOverflow12PFS()
+        sock = MockSock()
+
+        probe.test(sock)
+
+        self.maxDiff = None
+        self.assertEqual(sock.sent_data,
+                         [b"\x16\x03\x01\x00\x92"
+                          b"\x01\x00\x00\x8e"
+                          b"\x03\x03" +
+                          RANDOM_STR +
+                          b"\x00"
+                          b"\x00^" +
+                          DEFAULT_PFS_CIPHERS_STR +
+                          b"\x01\x00"
+                          b'\x00\x07'
+                          b'\x00\x08\x00\x03'
+                          b'\x04\x00\x01'])