summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorjsing <>2020-04-06 16:52:26 +0000
committerjsing <>2020-04-06 16:52:26 +0000
commit0b1475e1f5215e43f5fcc79ad509d32f65a83c6f (patch)
tree205033d3d61932f5a620ece51188245856998603 /src
parentbe66c879415485c87d2569593a12ae42cc24c953 (diff)
downloadopenbsd-0b1475e1f5215e43f5fcc79ad509d32f65a83c6f.tar.gz
openbsd-0b1475e1f5215e43f5fcc79ad509d32f65a83c6f.tar.bz2
openbsd-0b1475e1f5215e43f5fcc79ad509d32f65a83c6f.zip
Add tests that cover TLSv1.2 and disable those that trigger TLSv1.3.
This allows the test to pass again.
Diffstat (limited to 'src')
-rw-r--r--src/regress/lib/libssl/client/clienttest.c35
1 files changed, 32 insertions, 3 deletions
diff --git a/src/regress/lib/libssl/client/clienttest.c b/src/regress/lib/libssl/client/clienttest.c
index 3156ef13aa..3487348c9e 100644
--- a/src/regress/lib/libssl/client/clienttest.c
+++ b/src/regress/lib/libssl/client/clienttest.c
@@ -200,13 +200,22 @@ static struct client_hello_test client_hello_tests[] = {
200 .random_start = SSL3_RANDOM_OFFSET, 200 .random_start = SSL3_RANDOM_OFFSET,
201 .ssl_method = TLSv1_2_client_method, 201 .ssl_method = TLSv1_2_client_method,
202 }, 202 },
203#if 0
203 { 204 {
204 .desc = "SSLv23 default", 205 .desc = "SSLv23 default",
205 .protocol = TLS1_2_VERSION, 206 .protocol = TLS1_3_VERSION,
206 .random_start = SSL3_RANDOM_OFFSET, 207 .random_start = SSL3_RANDOM_OFFSET,
207 .ssl_method = SSLv23_client_method, 208 .ssl_method = SSLv23_client_method,
208 .ssl_options = 0, 209 .ssl_options = 0,
209 }, 210 },
211#endif
212 {
213 .desc = "SSLv23 default (no TLSv1.3)",
214 .protocol = TLS1_2_VERSION,
215 .random_start = SSL3_RANDOM_OFFSET,
216 .ssl_method = SSLv23_client_method,
217 .ssl_options = SSL_OP_NO_TLSv1_3,
218 },
210 { 219 {
211 .desc = "SSLv23 (no TLSv1.2)", 220 .desc = "SSLv23 (no TLSv1.2)",
212 .protocol = TLS1_1_VERSION, 221 .protocol = TLS1_1_VERSION,
@@ -221,13 +230,22 @@ static struct client_hello_test client_hello_tests[] = {
221 .ssl_method = SSLv23_client_method, 230 .ssl_method = SSLv23_client_method,
222 .ssl_options = SSL_OP_NO_TLSv1_1, 231 .ssl_options = SSL_OP_NO_TLSv1_1,
223 }, 232 },
233#if 0
224 { 234 {
225 .desc = "TLS default", 235 .desc = "TLS default",
226 .protocol = TLS1_2_VERSION, 236 .protocol = TLS1_3_VERSION,
227 .random_start = SSL3_RANDOM_OFFSET, 237 .random_start = SSL3_RANDOM_OFFSET,
228 .ssl_method = TLS_client_method, 238 .ssl_method = TLS_client_method,
229 .ssl_options = 0, 239 .ssl_options = 0,
230 }, 240 },
241#endif
242 {
243 .desc = "TLS (no TLSv1.3)",
244 .protocol = TLS1_2_VERSION,
245 .random_start = SSL3_RANDOM_OFFSET,
246 .ssl_method = TLS_client_method,
247 .ssl_options = SSL_OP_NO_TLSv1_3,
248 },
231 { 249 {
232 .desc = "TLS (no TLSv1.2)", 250 .desc = "TLS (no TLSv1.2)",
233 .protocol = TLS1_1_VERSION, 251 .protocol = TLS1_1_VERSION,
@@ -242,13 +260,24 @@ static struct client_hello_test client_hello_tests[] = {
242 .ssl_method = TLS_client_method, 260 .ssl_method = TLS_client_method,
243 .ssl_options = SSL_OP_NO_TLSv1_1, 261 .ssl_options = SSL_OP_NO_TLSv1_1,
244 }, 262 },
263#if 0
245 { 264 {
246 .desc = "TLS (no TLSv1.0, no TLSv1.1)", 265 .desc = "TLS (no TLSv1.0, no TLSv1.1)",
247 .protocol = TLS1_2_VERSION, 266 .protocol = TLS1_3_VERSION,
248 .random_start = SSL3_RANDOM_OFFSET, 267 .random_start = SSL3_RANDOM_OFFSET,
249 .ssl_method = TLS_client_method, 268 .ssl_method = TLS_client_method,
250 .ssl_options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1, 269 .ssl_options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1,
251 }, 270 },
271#endif
272#if 0
273 {
274 .desc = "TLS (no TLSv1.0, no TLSv1.1, no TLSv1.2)",
275 .protocol = TLS1_3_VERSION,
276 .random_start = SSL3_RANDOM_OFFSET,
277 .ssl_method = TLS_client_method,
278 .ssl_options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2,
279 },
280#endif
252}; 281};
253 282
254#define N_CLIENT_HELLO_TESTS \ 283#define N_CLIENT_HELLO_TESTS \
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-21 00:32:50 +0000