diff options
| author | jsing <> | 2018-11-06 01:40:57 +0000 |
|---|---|---|
| committer | jsing <> | 2018-11-06 01:40:57 +0000 |
| commit | 18a8420ea8e51c199239c2ef68a9188965089aad (patch) | |
| tree | 3ae4119355686cfa081f173828a58e716aaa9a24 | |
| parent | 2b4e9fdab1569e84d0592bab45d9ba015701e1a9 (diff) | |
| download | openbsd-18a8420ea8e51c199239c2ef68a9188965089aad.tar.gz openbsd-18a8420ea8e51c199239c2ef68a9188965089aad.tar.bz2 openbsd-18a8420ea8e51c199239c2ef68a9188965089aad.zip | |
Add TLSv1.3 to version regress tests.
| -rw-r--r-- | src/regress/lib/libssl/unit/ssl_versions.c | 84 |
1 files changed, 80 insertions, 4 deletions
diff --git a/src/regress/lib/libssl/unit/ssl_versions.c b/src/regress/lib/libssl/unit/ssl_versions.c index d84a7106d5..11519c3732 100644 --- a/src/regress/lib/libssl/unit/ssl_versions.c +++ b/src/regress/lib/libssl/unit/ssl_versions.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_versions.c,v 1.5 2018/03/15 12:27:01 jca Exp $ */ | 1 | /* $OpenBSD: ssl_versions.c,v 1.6 2018/11/06 01:40:57 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2016, 2017 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2016, 2017 Joel Sing <jsing@openbsd.org> |
| 4 | * | 4 | * |
| @@ -31,6 +31,13 @@ static struct version_range_test version_range_tests[] = { | |||
| 31 | { | 31 | { |
| 32 | .options = 0, | 32 | .options = 0, |
| 33 | .minver = TLS1_VERSION, | 33 | .minver = TLS1_VERSION, |
| 34 | .maxver = TLS1_3_VERSION, | ||
| 35 | .want_minver = TLS1_VERSION, | ||
| 36 | .want_maxver = TLS1_3_VERSION, | ||
| 37 | }, | ||
| 38 | { | ||
| 39 | .options = 0, | ||
| 40 | .minver = TLS1_VERSION, | ||
| 34 | .maxver = TLS1_2_VERSION, | 41 | .maxver = TLS1_2_VERSION, |
| 35 | .want_minver = TLS1_VERSION, | 42 | .want_minver = TLS1_VERSION, |
| 36 | .want_maxver = TLS1_2_VERSION, | 43 | .want_maxver = TLS1_2_VERSION, |
| @@ -43,6 +50,13 @@ static struct version_range_test version_range_tests[] = { | |||
| 43 | .want_maxver = TLS1_2_VERSION, | 50 | .want_maxver = TLS1_2_VERSION, |
| 44 | }, | 51 | }, |
| 45 | { | 52 | { |
| 53 | .options = SSL_OP_NO_TLSv1_3, | ||
| 54 | .minver = TLS1_VERSION, | ||
| 55 | .maxver = TLS1_3_VERSION, | ||
| 56 | .want_minver = TLS1_VERSION, | ||
| 57 | .want_maxver = TLS1_2_VERSION, | ||
| 58 | }, | ||
| 59 | { | ||
| 46 | .options = SSL_OP_NO_TLSv1_2, | 60 | .options = SSL_OP_NO_TLSv1_2, |
| 47 | .minver = TLS1_VERSION, | 61 | .minver = TLS1_VERSION, |
| 48 | .maxver = TLS1_2_VERSION, | 62 | .maxver = TLS1_2_VERSION, |
| @@ -78,13 +92,30 @@ static struct version_range_test version_range_tests[] = { | |||
| 78 | .want_maxver = TLS1_1_VERSION, | 92 | .want_maxver = TLS1_1_VERSION, |
| 79 | }, | 93 | }, |
| 80 | { | 94 | { |
| 81 | .options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2, | 95 | .options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 | |
| 96 | SSL_OP_NO_TLSv1_2, | ||
| 82 | .minver = TLS1_VERSION, | 97 | .minver = TLS1_VERSION, |
| 83 | .maxver = TLS1_2_VERSION, | 98 | .maxver = TLS1_2_VERSION, |
| 84 | .want_minver = 0, | 99 | .want_minver = 0, |
| 85 | .want_maxver = 0, | 100 | .want_maxver = 0, |
| 86 | }, | 101 | }, |
| 87 | { | 102 | { |
| 103 | .options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 | | ||
| 104 | SSL_OP_NO_TLSv1_2, | ||
| 105 | .minver = TLS1_VERSION, | ||
| 106 | .maxver = TLS1_3_VERSION, | ||
| 107 | .want_minver = TLS1_3_VERSION, | ||
| 108 | .want_maxver = TLS1_3_VERSION, | ||
| 109 | }, | ||
| 110 | { | ||
| 111 | .options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 | | ||
| 112 | SSL_OP_NO_TLSv1_2 | SSL_OP_NO_TLSv1_3, | ||
| 113 | .minver = TLS1_VERSION, | ||
| 114 | .maxver = TLS1_3_VERSION, | ||
| 115 | .want_minver = 0, | ||
| 116 | .want_maxver = 0, | ||
| 117 | }, | ||
| 118 | { | ||
| 88 | .options = 0, | 119 | .options = 0, |
| 89 | .minver = TLS1_VERSION, | 120 | .minver = TLS1_VERSION, |
| 90 | .maxver = TLS1_2_VERSION, | 121 | .maxver = TLS1_2_VERSION, |
| @@ -108,6 +139,34 @@ static struct version_range_test version_range_tests[] = { | |||
| 108 | { | 139 | { |
| 109 | .options = 0, | 140 | .options = 0, |
| 110 | .minver = TLS1_VERSION, | 141 | .minver = TLS1_VERSION, |
| 142 | .maxver = TLS1_3_VERSION, | ||
| 143 | .want_minver = TLS1_VERSION, | ||
| 144 | .want_maxver = TLS1_3_VERSION, | ||
| 145 | }, | ||
| 146 | { | ||
| 147 | .options = 0, | ||
| 148 | .minver = TLS1_1_VERSION, | ||
| 149 | .maxver = TLS1_3_VERSION, | ||
| 150 | .want_minver = TLS1_1_VERSION, | ||
| 151 | .want_maxver = TLS1_3_VERSION, | ||
| 152 | }, | ||
| 153 | { | ||
| 154 | .options = 0, | ||
| 155 | .minver = TLS1_2_VERSION, | ||
| 156 | .maxver = TLS1_3_VERSION, | ||
| 157 | .want_minver = TLS1_2_VERSION, | ||
| 158 | .want_maxver = TLS1_3_VERSION, | ||
| 159 | }, | ||
| 160 | { | ||
| 161 | .options = 0, | ||
| 162 | .minver = TLS1_3_VERSION, | ||
| 163 | .maxver = TLS1_3_VERSION, | ||
| 164 | .want_minver = TLS1_3_VERSION, | ||
| 165 | .want_maxver = TLS1_3_VERSION, | ||
| 166 | }, | ||
| 167 | { | ||
| 168 | .options = 0, | ||
| 169 | .minver = TLS1_VERSION, | ||
| 111 | .maxver = TLS1_1_VERSION, | 170 | .maxver = TLS1_1_VERSION, |
| 112 | .want_minver = TLS1_VERSION, | 171 | .want_minver = TLS1_VERSION, |
| 113 | .want_maxver = TLS1_1_VERSION, | 172 | .want_maxver = TLS1_1_VERSION, |
| @@ -149,7 +208,7 @@ test_ssl_enabled_version_range(void) | |||
| 149 | vrt = &version_range_tests[i]; | 208 | vrt = &version_range_tests[i]; |
| 150 | 209 | ||
| 151 | SSL_clear_options(ssl, SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 | | 210 | SSL_clear_options(ssl, SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 | |
| 152 | SSL_OP_NO_TLSv1_2); | 211 | SSL_OP_NO_TLSv1_2 | SSL_OP_NO_TLSv1_3); |
| 153 | SSL_set_options(ssl, vrt->options); | 212 | SSL_set_options(ssl, vrt->options); |
| 154 | 213 | ||
| 155 | minver = maxver = 0xffff; | 214 | minver = maxver = 0xffff; |
| @@ -238,6 +297,14 @@ static struct shared_version_test shared_version_tests[] = { | |||
| 238 | .options = 0, | 297 | .options = 0, |
| 239 | .minver = TLS1_VERSION, | 298 | .minver = TLS1_VERSION, |
| 240 | .maxver = TLS1_2_VERSION, | 299 | .maxver = TLS1_2_VERSION, |
| 300 | .peerver = TLS1_3_VERSION, | ||
| 301 | .want_maxver = TLS1_2_VERSION, | ||
| 302 | }, | ||
| 303 | { | ||
| 304 | .ssl_method = TLS_method, | ||
| 305 | .options = 0, | ||
| 306 | .minver = TLS1_VERSION, | ||
| 307 | .maxver = TLS1_2_VERSION, | ||
| 241 | .peerver = 0x7f12, | 308 | .peerver = 0x7f12, |
| 242 | .want_maxver = TLS1_2_VERSION, | 309 | .want_maxver = TLS1_2_VERSION, |
| 243 | }, | 310 | }, |
| @@ -383,7 +450,7 @@ test_ssl_max_shared_version(void) | |||
| 383 | } | 450 | } |
| 384 | 451 | ||
| 385 | SSL_clear_options(ssl, SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 | | 452 | SSL_clear_options(ssl, SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 | |
| 386 | SSL_OP_NO_TLSv1_2); | 453 | SSL_OP_NO_TLSv1_2 | SSL_OP_NO_TLSv1_3); |
| 387 | SSL_set_options(ssl, svt->options); | 454 | SSL_set_options(ssl, svt->options); |
| 388 | 455 | ||
| 389 | maxver = 0; | 456 | maxver = 0; |
| @@ -444,6 +511,13 @@ static struct min_max_version_test min_max_version_tests[] = { | |||
| 444 | }, | 511 | }, |
| 445 | { | 512 | { |
| 446 | .ssl_method = TLS_method, | 513 | .ssl_method = TLS_method, |
| 514 | .minver = 0, | ||
| 515 | .maxver = TLS1_3_VERSION, | ||
| 516 | .want_minver = TLS1_VERSION, | ||
| 517 | .want_maxver = TLS1_2_VERSION, | ||
| 518 | }, | ||
| 519 | { | ||
| 520 | .ssl_method = TLS_method, | ||
| 447 | .minver = TLS1_VERSION, | 521 | .minver = TLS1_VERSION, |
| 448 | .maxver = TLS1_2_VERSION, | 522 | .maxver = TLS1_2_VERSION, |
| 449 | .want_minver = TLS1_VERSION, | 523 | .want_minver = TLS1_VERSION, |
| @@ -710,6 +784,8 @@ main(int argc, char **argv) | |||
| 710 | 784 | ||
| 711 | SSL_library_init(); | 785 | SSL_library_init(); |
| 712 | 786 | ||
| 787 | /* XXX - Test ssl_supported_version_range() */ | ||
| 788 | |||
| 713 | failed |= test_ssl_enabled_version_range(); | 789 | failed |= test_ssl_enabled_version_range(); |
| 714 | failed |= test_ssl_max_shared_version(); | 790 | failed |= test_ssl_max_shared_version(); |
| 715 | failed |= test_ssl_min_max_version(); | 791 | failed |= test_ssl_min_max_version(); |