diff options
| author | tb <> | 2024-08-02 15:02:22 +0000 |
|---|---|---|
| committer | tb <> | 2024-08-02 15:02:22 +0000 |
| commit | 3d1118fa05274d1f3789ca743e76aba59045acf7 (patch) | |
| tree | 0986a54a0b80c08ce3b8c36c055c022024b67639 | |
| parent | 69b88701f563e2efc9523720168674a54f6bc069 (diff) | |
| download | openbsd-3d1118fa05274d1f3789ca743e76aba59045acf7.tar.gz openbsd-3d1118fa05274d1f3789ca743e76aba59045acf7.tar.bz2 openbsd-3d1118fa05274d1f3789ca743e76aba59045acf7.zip | |
Adjust tls regress for protocol parsing fixes
This mostly reverts what was done by beck in Tallinn and adjust tlstest
to add new test cases and now failing connection tests.
| -rw-r--r-- | src/regress/lib/libtls/config/configtest.c | 23 | ||||
| -rw-r--r-- | src/regress/lib/libtls/gotls/tls.go | 2 | ||||
| -rw-r--r-- | src/regress/lib/libtls/tls/tlstest.c | 13 |
3 files changed, 22 insertions, 16 deletions
diff --git a/src/regress/lib/libtls/config/configtest.c b/src/regress/lib/libtls/config/configtest.c index 5af5b56ffd..9e0df8a5eb 100644 --- a/src/regress/lib/libtls/config/configtest.c +++ b/src/regress/lib/libtls/config/configtest.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: configtest.c,v 1.3 2023/07/02 06:37:27 beck Exp $ */ | 1 | /* $OpenBSD: configtest.c,v 1.4 2024/08/02 15:02:22 tb Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2017 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2017 Joel Sing <jsing@openbsd.org> |
| 4 | * | 4 | * |
| @@ -71,27 +71,30 @@ struct parse_protocols_test parse_protocols_tests[] = { | |||
| 71 | { | 71 | { |
| 72 | .protostr = "tlsv1.0:tlsv1.1:tlsv1.2:tlsv1.3", | 72 | .protostr = "tlsv1.0:tlsv1.1:tlsv1.2:tlsv1.3", |
| 73 | .want_return = 0, | 73 | .want_return = 0, |
| 74 | .want_protocols = TLS_PROTOCOL_TLSv1_2 | TLS_PROTOCOL_TLSv1_3, | 74 | .want_protocols = TLS_PROTOCOL_TLSv1_0 | TLS_PROTOCOL_TLSv1_1 | |
| 75 | TLS_PROTOCOL_TLSv1_2 | TLS_PROTOCOL_TLSv1_3, | ||
| 75 | }, | 76 | }, |
| 76 | { | 77 | { |
| 77 | .protostr = "tlsv1.0,tlsv1.1,tlsv1.2,tlsv1.3", | 78 | .protostr = "tlsv1.0,tlsv1.1,tlsv1.2,tlsv1.3", |
| 78 | .want_return = 0, | 79 | .want_return = 0, |
| 79 | .want_protocols = TLS_PROTOCOL_TLSv1_2 | TLS_PROTOCOL_TLSv1_3, | 80 | .want_protocols = TLS_PROTOCOL_TLSv1_0 | TLS_PROTOCOL_TLSv1_1 | |
| 81 | TLS_PROTOCOL_TLSv1_2 | TLS_PROTOCOL_TLSv1_3, | ||
| 80 | }, | 82 | }, |
| 81 | { | 83 | { |
| 82 | .protostr = "tlsv1.1,tlsv1.2,tlsv1.0", | 84 | .protostr = "tlsv1.1,tlsv1.2,tlsv1.0", |
| 83 | .want_return = 0, | 85 | .want_return = 0, |
| 84 | .want_protocols = TLS_PROTOCOL_TLSv1_2, | 86 | .want_protocols = TLS_PROTOCOL_TLSv1_0 | TLS_PROTOCOL_TLSv1_1 | |
| 87 | TLS_PROTOCOL_TLSv1_2, | ||
| 85 | }, | 88 | }, |
| 86 | { | 89 | { |
| 87 | .protostr = "tlsv1.1,tlsv1.2,tlsv1.1", | 90 | .protostr = "tlsv1.1,tlsv1.2,tlsv1.1", |
| 88 | .want_return = 0, | 91 | .want_return = 0, |
| 89 | .want_protocols = TLS_PROTOCOL_TLSv1_2, | 92 | .want_protocols = TLS_PROTOCOL_TLSv1_1 | TLS_PROTOCOL_TLSv1_2, |
| 90 | }, | 93 | }, |
| 91 | { | 94 | { |
| 92 | .protostr = "tlsv1.1,tlsv1.2,!tlsv1.1", | 95 | .protostr = "tlsv1.1,tlsv1.2,!tlsv1.1", |
| 93 | .want_return = 0, | 96 | .want_return = 0, |
| 94 | .want_protocols = 0, | 97 | .want_protocols = TLS_PROTOCOL_TLSv1_2, |
| 95 | }, | 98 | }, |
| 96 | { | 99 | { |
| 97 | .protostr = "unknown", | 100 | .protostr = "unknown", |
| @@ -111,17 +114,19 @@ struct parse_protocols_test parse_protocols_tests[] = { | |||
| 111 | { | 114 | { |
| 112 | .protostr = "all,!tlsv1.0", | 115 | .protostr = "all,!tlsv1.0", |
| 113 | .want_return = 0, | 116 | .want_return = 0, |
| 114 | .want_protocols = TLS_PROTOCOL_TLSv1_3, | 117 | .want_protocols = TLS_PROTOCOL_TLSv1_1 | TLS_PROTOCOL_TLSv1_2 | \ |
| 118 | TLS_PROTOCOL_TLSv1_3, | ||
| 115 | }, | 119 | }, |
| 116 | { | 120 | { |
| 117 | .protostr = "!tlsv1.0", | 121 | .protostr = "!tlsv1.0", |
| 118 | .want_return = 0, | 122 | .want_return = 0, |
| 119 | .want_protocols = TLS_PROTOCOL_TLSv1_3, | 123 | .want_protocols = TLS_PROTOCOL_TLSv1_1 | TLS_PROTOCOL_TLSv1_2 | \ |
| 124 | TLS_PROTOCOL_TLSv1_3, | ||
| 120 | }, | 125 | }, |
| 121 | { | 126 | { |
| 122 | .protostr = "!tlsv1.0,!tlsv1.1,!tlsv1.3", | 127 | .protostr = "!tlsv1.0,!tlsv1.1,!tlsv1.3", |
| 123 | .want_return = 0, | 128 | .want_return = 0, |
| 124 | .want_protocols = 0, | 129 | .want_protocols = TLS_PROTOCOL_TLSv1_2, |
| 125 | }, | 130 | }, |
| 126 | { | 131 | { |
| 127 | .protostr = "!tlsv1.0,!tlsv1.1,tlsv1.2,!tlsv1.3", | 132 | .protostr = "!tlsv1.0,!tlsv1.1,tlsv1.2,!tlsv1.3", |
diff --git a/src/regress/lib/libtls/gotls/tls.go b/src/regress/lib/libtls/gotls/tls.go index 3029d58c35..cf3e84c030 100644 --- a/src/regress/lib/libtls/gotls/tls.go +++ b/src/regress/lib/libtls/gotls/tls.go | |||
| @@ -45,6 +45,8 @@ const ( | |||
| 45 | ) | 45 | ) |
| 46 | 46 | ||
| 47 | var protocolNames = map[ProtocolVersion]string{ | 47 | var protocolNames = map[ProtocolVersion]string{ |
| 48 | ProtocolTLSv10: "TLSv1", | ||
| 49 | ProtocolTLSv11: "TLSv1.1", | ||
| 48 | ProtocolTLSv12: "TLSv1.2", | 50 | ProtocolTLSv12: "TLSv1.2", |
| 49 | ProtocolTLSv13: "TLSv1.3", | 51 | ProtocolTLSv13: "TLSv1.3", |
| 50 | ProtocolsAll: "all", | 52 | ProtocolsAll: "all", |
diff --git a/src/regress/lib/libtls/tls/tlstest.c b/src/regress/lib/libtls/tls/tlstest.c index fb6649e83f..b675c798b4 100644 --- a/src/regress/lib/libtls/tls/tlstest.c +++ b/src/regress/lib/libtls/tls/tlstest.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: tlstest.c,v 1.15 2022/07/16 07:46:08 tb Exp $ */ | 1 | /* $OpenBSD: tlstest.c,v 1.16 2024/08/02 15:02:22 tb Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2017 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2017 Joel Sing <jsing@openbsd.org> |
| 4 | * | 4 | * |
| @@ -497,16 +497,15 @@ struct test_versions { | |||
| 497 | static struct test_versions tls_test_versions[] = { | 497 | static struct test_versions tls_test_versions[] = { |
| 498 | {"tlsv1.3", "all"}, | 498 | {"tlsv1.3", "all"}, |
| 499 | {"tlsv1.2", "all"}, | 499 | {"tlsv1.2", "all"}, |
| 500 | {"tlsv1.1", "all"}, | ||
| 501 | {"tlsv1.0", "all"}, | ||
| 502 | {"all", "tlsv1.3"}, | 500 | {"all", "tlsv1.3"}, |
| 503 | {"all", "tlsv1.2"}, | 501 | {"all", "tlsv1.2"}, |
| 504 | {"all", "tlsv1.1"}, | 502 | {"all:!tlsv1.1", "tlsv1.2"}, |
| 505 | {"all", "tlsv1.0"}, | 503 | {"all:!tlsv1.2", "tlsv1.3"}, |
| 504 | {"all:!tlsv1.3", "tlsv1.2"}, | ||
| 505 | {"all:!tlsv1.2:!tlsv1.1", "tlsv1.3"}, | ||
| 506 | {"all:!tlsv1.2:!tlsv1.1:!tlsv1.0", "tlsv1.3"}, | ||
| 506 | {"tlsv1.3", "tlsv1.3"}, | 507 | {"tlsv1.3", "tlsv1.3"}, |
| 507 | {"tlsv1.2", "tlsv1.2"}, | 508 | {"tlsv1.2", "tlsv1.2"}, |
| 508 | {"tlsv1.1", "tlsv1.1"}, | ||
| 509 | {"tlsv1.0", "tlsv1.0"}, | ||
| 510 | }; | 509 | }; |
| 511 | 510 | ||
| 512 | #define N_TLS_VERSION_TESTS \ | 511 | #define N_TLS_VERSION_TESTS \ |