summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorjsing <>2021-02-20 09:45:14 +0000
committerjsing <>2021-02-20 09:45:14 +0000
commit358f28c9bf9a140b28839513c0a84baed241194c (patch)
tree79100afeb3f79e4749132a070ba714dbf5883fce
parentbd364ca9f4fae8a2b7897e24cf7658d9c8d965d3 (diff)
downloadopenbsd-358f28c9bf9a140b28839513c0a84baed241194c.tar.gz
openbsd-358f28c9bf9a140b28839513c0a84baed241194c.tar.bz2
openbsd-358f28c9bf9a140b28839513c0a84baed241194c.zip
Revise regress to match change in SSL{_CTX,}_get_{min,max}_proto_version().
Diffstat
-rw-r--r--src/regress/lib/libssl/unit/ssl_versions.c79
1 files changed, 45 insertions, 34 deletions
diff --git a/src/regress/lib/libssl/unit/ssl_versions.c b/src/regress/lib/libssl/unit/ssl_versions.c
index 251de789ea..40e026c0c4 100644
--- a/src/regress/lib/libssl/unit/ssl_versions.c
+++ b/src/regress/lib/libssl/unit/ssl_versions.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_versions.c,v 1.10 2021/01/09 12:39:23 tb Exp $ */ 1/* $OpenBSD: ssl_versions.c,v 1.11 2021/02/20 09:45:14 jsing Exp $ */
2/* 2/*
3 * Copyright (c) 2016, 2017 Joel Sing <jsing@openbsd.org> 3 * Copyright (c) 2016, 2017 Joel Sing <jsing@openbsd.org>
4 * 4 *
@@ -193,6 +193,8 @@ test_ssl_enabled_version_range(void)
193 int failed = 1; 193 int failed = 1;
194 size_t i; 194 size_t i;
195 195
196 fprintf(stderr, "INFO: starting enabled version range tests...\n");
197
196 if ((ssl_ctx = SSL_CTX_new(TLS_method())) == NULL) { 198 if ((ssl_ctx = SSL_CTX_new(TLS_method())) == NULL) {
197 fprintf(stderr, "SSL_CTX_new() returned NULL\n"); 199 fprintf(stderr, "SSL_CTX_new() returned NULL\n");
198 goto failure; 200 goto failure;
@@ -437,6 +439,8 @@ test_ssl_max_shared_version(void)
437 439
438 failed = 0; 440 failed = 0;
439 441
442 fprintf(stderr, "INFO: starting max shared version tests...\n");
443
440 for (i = 0; i < N_SHARED_VERSION_TESTS; i++) { 444 for (i = 0; i < N_SHARED_VERSION_TESTS; i++) {
441 svt = &shared_version_tests[i]; 445 svt = &shared_version_tests[i];
442 446
@@ -485,6 +489,8 @@ struct min_max_version_test {
485 const uint16_t maxver; 489 const uint16_t maxver;
486 const uint16_t want_minver; 490 const uint16_t want_minver;
487 const uint16_t want_maxver; 491 const uint16_t want_maxver;
492 const int want_min_fail;
493 const int want_max_fail;
488}; 494};
489 495
490static struct min_max_version_test min_max_version_tests[] = { 496static struct min_max_version_test min_max_version_tests[] = {
@@ -492,28 +498,28 @@ static struct min_max_version_test min_max_version_tests[] = {
492 .ssl_method = TLS_method, 498 .ssl_method = TLS_method,
493 .minver = 0, 499 .minver = 0,
494 .maxver = 0, 500 .maxver = 0,
495 .want_minver = TLS1_VERSION, 501 .want_minver = 0,
496 .want_maxver = TLS1_3_VERSION, 502 .want_maxver = 0,
497 }, 503 },
498 { 504 {
499 .ssl_method = TLS_method, 505 .ssl_method = TLS_method,
500 .minver = TLS1_VERSION, 506 .minver = TLS1_VERSION,
501 .maxver = 0, 507 .maxver = 0,
502 .want_minver = TLS1_VERSION, 508 .want_minver = TLS1_VERSION,
503 .want_maxver = TLS1_3_VERSION, 509 .want_maxver = 0,
504 }, 510 },
505 { 511 {
506 .ssl_method = TLS_method, 512 .ssl_method = TLS_method,
507 .minver = 0, 513 .minver = 0,
508 .maxver = TLS1_2_VERSION, 514 .maxver = TLS1_2_VERSION,
509 .want_minver = TLS1_VERSION, 515 .want_minver = 0,
510 .want_maxver = TLS1_2_VERSION, 516 .want_maxver = TLS1_2_VERSION,
511 }, 517 },
512 { 518 {
513 .ssl_method = TLS_method, 519 .ssl_method = TLS_method,
514 .minver = 0, 520 .minver = 0,
515 .maxver = TLS1_3_VERSION, 521 .maxver = TLS1_3_VERSION,
516 .want_minver = TLS1_VERSION, 522 .want_minver = 0,
517 .want_maxver = TLS1_3_VERSION, 523 .want_maxver = TLS1_3_VERSION,
518 }, 524 },
519 { 525 {
@@ -528,56 +534,54 @@ static struct min_max_version_test min_max_version_tests[] = {
528 .minver = TLS1_1_VERSION, 534 .minver = TLS1_1_VERSION,
529 .maxver = 0, 535 .maxver = 0,
530 .want_minver = TLS1_1_VERSION, 536 .want_minver = TLS1_1_VERSION,
531 .want_maxver = TLS1_3_VERSION, 537 .want_maxver = 0,
532 }, 538 },
533 { 539 {
534 .ssl_method = TLS_method, 540 .ssl_method = TLS_method,
535 .minver = TLS1_2_VERSION, 541 .minver = TLS1_2_VERSION,
536 .maxver = 0, 542 .maxver = 0,
537 .want_minver = TLS1_2_VERSION, 543 .want_minver = TLS1_2_VERSION,
538 .want_maxver = TLS1_3_VERSION, 544 .want_maxver = 0,
539 }, 545 },
540 { 546 {
541 .ssl_method = TLS_method, 547 .ssl_method = TLS_method,
542 .minver = 0x0300, 548 .minver = 0x0300,
543 .maxver = 0, 549 .maxver = 0,
544 .want_minver = TLS1_VERSION, 550 .want_minver = TLS1_VERSION,
545 .want_maxver = TLS1_3_VERSION, 551 .want_maxver = 0,
546 }, 552 },
547 { 553 {
548 .ssl_method = TLS_method, 554 .ssl_method = TLS_method,
549 .minver = 0x0305, 555 .minver = 0x0305,
550 .maxver = 0, 556 .maxver = 0,
551 .want_minver = 0, 557 .want_min_fail = 1,
552 .want_maxver = 0,
553 }, 558 },
554 { 559 {
555 .ssl_method = TLS_method, 560 .ssl_method = TLS_method,
556 .minver = 0, 561 .minver = 0,
557 .maxver = 0x0305, 562 .maxver = 0x0305,
558 .want_minver = TLS1_VERSION, 563 .want_minver = 0,
559 .want_maxver = TLS1_3_VERSION, 564 .want_maxver = TLS1_3_VERSION,
560 }, 565 },
561 { 566 {
562 .ssl_method = TLS_method, 567 .ssl_method = TLS_method,
563 .minver = 0, 568 .minver = 0,
564 .maxver = TLS1_1_VERSION, 569 .maxver = TLS1_1_VERSION,
565 .want_minver = TLS1_VERSION, 570 .want_minver = 0,
566 .want_maxver = TLS1_1_VERSION, 571 .want_maxver = TLS1_1_VERSION,
567 }, 572 },
568 { 573 {
569 .ssl_method = TLS_method, 574 .ssl_method = TLS_method,
570 .minver = 0, 575 .minver = 0,
571 .maxver = TLS1_VERSION, 576 .maxver = TLS1_VERSION,
572 .want_minver = TLS1_VERSION, 577 .want_minver = 0,
573 .want_maxver = TLS1_VERSION, 578 .want_maxver = TLS1_VERSION,
574 }, 579 },
575 { 580 {
576 .ssl_method = TLS_method, 581 .ssl_method = TLS_method,
577 .minver = 0, 582 .minver = 0,
578 .maxver = 0x0300, 583 .maxver = 0x0300,
579 .want_minver = 0, 584 .want_max_fail = 1,
580 .want_maxver = 0,
581 }, 585 },
582 { 586 {
583 .ssl_method = TLS_method, 587 .ssl_method = TLS_method,
@@ -585,13 +589,14 @@ static struct min_max_version_test min_max_version_tests[] = {
585 .maxver = TLS1_1_VERSION, 589 .maxver = TLS1_1_VERSION,
586 .want_minver = TLS1_2_VERSION, 590 .want_minver = TLS1_2_VERSION,
587 .want_maxver = 0, 591 .want_maxver = 0,
592 .want_max_fail = 1,
588 }, 593 },
589 { 594 {
590 .ssl_method = TLSv1_1_method, 595 .ssl_method = TLSv1_1_method,
591 .minver = 0, 596 .minver = 0,
592 .maxver = 0, 597 .maxver = 0,
593 .want_minver = TLS1_1_VERSION, 598 .want_minver = 0,
594 .want_maxver = TLS1_1_VERSION, 599 .want_maxver = 0,
595 }, 600 },
596 { 601 {
597 .ssl_method = TLSv1_1_method, 602 .ssl_method = TLSv1_1_method,
@@ -606,6 +611,7 @@ static struct min_max_version_test min_max_version_tests[] = {
606 .maxver = 0, 611 .maxver = 0,
607 .want_minver = 0, 612 .want_minver = 0,
608 .want_maxver = 0, 613 .want_maxver = 0,
614 .want_min_fail = 1,
609 }, 615 },
610 { 616 {
611 .ssl_method = TLSv1_1_method, 617 .ssl_method = TLSv1_1_method,
@@ -613,26 +619,27 @@ static struct min_max_version_test min_max_version_tests[] = {
613 .maxver = TLS1_VERSION, 619 .maxver = TLS1_VERSION,
614 .want_minver = 0, 620 .want_minver = 0,
615 .want_maxver = 0, 621 .want_maxver = 0,
622 .want_max_fail = 1,
616 }, 623 },
617 { 624 {
618 .ssl_method = DTLSv1_method, 625 .ssl_method = DTLSv1_method,
619 .minver = 0, 626 .minver = 0,
620 .maxver = 0, 627 .maxver = 0,
621 .want_minver = DTLS1_VERSION, 628 .want_minver = 0,
622 .want_maxver = DTLS1_VERSION, 629 .want_maxver = 0,
623 }, 630 },
624 { 631 {
625 .ssl_method = DTLSv1_method, 632 .ssl_method = DTLSv1_method,
626 .minver = DTLS1_VERSION, 633 .minver = DTLS1_VERSION,
627 .maxver = 0, 634 .maxver = 0,
628 .want_minver = DTLS1_VERSION, 635 .want_minver = DTLS1_VERSION,
629 .want_maxver = DTLS1_VERSION, 636 .want_maxver = 0,
630 }, 637 },
631 { 638 {
632 .ssl_method = DTLSv1_method, 639 .ssl_method = DTLSv1_method,
633 .minver = 0, 640 .minver = 0,
634 .maxver = DTLS1_VERSION, 641 .maxver = DTLS1_VERSION,
635 .want_minver = DTLS1_VERSION, 642 .want_minver = 0,
636 .want_maxver = DTLS1_VERSION, 643 .want_maxver = DTLS1_VERSION,
637 }, 644 },
638 { 645 {
@@ -641,6 +648,8 @@ static struct min_max_version_test min_max_version_tests[] = {
641 .maxver = TLS1_2_VERSION, 648 .maxver = TLS1_2_VERSION,
642 .want_minver = 0, 649 .want_minver = 0,
643 .want_maxver = 0, 650 .want_maxver = 0,
651 .want_min_fail = 1,
652 .want_max_fail = 1,
644 }, 653 },
645}; 654};
646 655
@@ -658,6 +667,8 @@ test_ssl_min_max_version(void)
658 667
659 failed = 0; 668 failed = 0;
660 669
670 fprintf(stderr, "INFO: starting min max version tests...\n");
671
661 for (i = 0; i < N_MIN_MAX_VERSION_TESTS; i++) { 672 for (i = 0; i < N_MIN_MAX_VERSION_TESTS; i++) {
662 mmvt = &min_max_version_tests[i]; 673 mmvt = &min_max_version_tests[i];
663 674
@@ -666,16 +677,16 @@ test_ssl_min_max_version(void)
666 return 1; 677 return 1;
667 } 678 }
668 679
669 if (SSL_CTX_set_min_proto_version(ssl_ctx, mmvt->minver) != 1) { 680 if (!SSL_CTX_set_min_proto_version(ssl_ctx, mmvt->minver)) {
670 if (mmvt->want_minver != 0) { 681 if (!mmvt->want_min_fail) {
671 fprintf(stderr, "FAIL: test %zu - failed to set " 682 fprintf(stderr, "FAIL: test %zu - failed to set "
672 "SSL_CTX min version\n", i); 683 "SSL_CTX min version\n", i);
673 failed++; 684 failed++;
674 } 685 }
675 goto next; 686 goto next;
676 } 687 }
677 if (SSL_CTX_set_max_proto_version(ssl_ctx, mmvt->maxver) != 1) { 688 if (!SSL_CTX_set_max_proto_version(ssl_ctx, mmvt->maxver)) {
678 if (mmvt->want_maxver != 0) { 689 if (!mmvt->want_max_fail) {
679 fprintf(stderr, "FAIL: test %zu - failed to set " 690 fprintf(stderr, "FAIL: test %zu - failed to set "
680 "SSL_CTX min version\n", i); 691 "SSL_CTX min version\n", i);
681 failed++; 692 failed++;
@@ -683,13 +694,13 @@ test_ssl_min_max_version(void)
683 goto next; 694 goto next;
684 } 695 }
685 696
686 if (mmvt->want_minver == 0) { 697 if (mmvt->want_min_fail) {
687 fprintf(stderr, "FAIL: test %zu - successfully set " 698 fprintf(stderr, "FAIL: test %zu - successfully set "
688 "SSL_CTX min version, should have failed\n", i); 699 "SSL_CTX min version, should have failed\n", i);
689 failed++; 700 failed++;
690 goto next; 701 goto next;
691 } 702 }
692 if (mmvt->want_maxver == 0) { 703 if (mmvt->want_max_fail) {
693 fprintf(stderr, "FAIL: test %zu - successfully set " 704 fprintf(stderr, "FAIL: test %zu - successfully set "
694 "SSL_CTX max version, should have failed\n", i); 705 "SSL_CTX max version, should have failed\n", i);
695 failed++; 706 failed++;
@@ -731,16 +742,16 @@ test_ssl_min_max_version(void)
731 goto next; 742 goto next;
732 } 743 }
733 744
734 if (SSL_set_min_proto_version(ssl, mmvt->minver) != 1) { 745 if (!SSL_set_min_proto_version(ssl, mmvt->minver)) {
735 if (mmvt->want_minver != 0) { 746 if (mmvt->want_min_fail) {
736 fprintf(stderr, "FAIL: test %zu - failed to set " 747 fprintf(stderr, "FAIL: test %zu - failed to set "
737 "SSL min version\n", i); 748 "SSL min version\n", i);
738 failed++; 749 failed++;
739 } 750 }
740 goto next; 751 goto next;
741 } 752 }
742 if (SSL_set_max_proto_version(ssl, mmvt->maxver) != 1) { 753 if (!SSL_set_max_proto_version(ssl, mmvt->maxver)) {
743 if (mmvt->want_maxver != 0) { 754 if (mmvt->want_max_fail) {
744 fprintf(stderr, "FAIL: test %zu - failed to set " 755 fprintf(stderr, "FAIL: test %zu - failed to set "
745 "SSL min version\n", i); 756 "SSL min version\n", i);
746 failed++; 757 failed++;
@@ -748,13 +759,13 @@ test_ssl_min_max_version(void)
748 goto next; 759 goto next;
749 } 760 }
750 761
751 if (mmvt->want_minver == 0) { 762 if (mmvt->want_min_fail) {
752 fprintf(stderr, "FAIL: test %zu - successfully set SSL " 763 fprintf(stderr, "FAIL: test %zu - successfully set SSL "
753 "min version, should have failed\n", i); 764 "min version, should have failed\n", i);
754 failed++; 765 failed++;
755 goto next; 766 goto next;
756 } 767 }
757 if (mmvt->want_maxver == 0) { 768 if (mmvt->want_max_fail) {
758 fprintf(stderr, "FAIL: test %zu - successfully set SSL " 769 fprintf(stderr, "FAIL: test %zu - successfully set SSL "
759 "max version, should have failed\n", i); 770 "max version, should have failed\n", i);
760 failed++; 771 failed++;
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-22 11:22:25 +0000