From 5c5463afc09ad28dc5717f3c90e5fb9e9f4ffa60 Mon Sep 17 00:00:00 2001 From: beck <> Date: Sat, 6 Jun 2020 01:40:09 +0000 Subject: Implement a rolling hash of the ClientHello message, Enforce RFC 8446 section 4.1.2 to ensure subsequent ClientHello messages after a HelloRetryRequest messages must be unchanged from the initial ClientHello. ok tb@ jsing@ --- src/regress/lib/libssl/tlsfuzzer/tlsfuzzer.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'src/regress/lib/libssl/tlsfuzzer/tlsfuzzer.py') diff --git a/src/regress/lib/libssl/tlsfuzzer/tlsfuzzer.py b/src/regress/lib/libssl/tlsfuzzer/tlsfuzzer.py index c1e89bd43b..f81bf558f4 100644 --- a/src/regress/lib/libssl/tlsfuzzer/tlsfuzzer.py +++ b/src/regress/lib/libssl/tlsfuzzer/tlsfuzzer.py @@ -1,4 +1,4 @@ -# $OpenBSD: tlsfuzzer.py,v 1.6 2020/06/03 04:47:03 tb Exp $ +# $OpenBSD: tlsfuzzer.py,v 1.7 2020/06/06 01:40:08 beck Exp $ # # Copyright (c) 2020 Theo Buehler # @@ -79,6 +79,7 @@ tls13_tests = TestGroup("TLSv1.3 tests", [ Test("test-tls13-legacy-version.py"), Test("test-tls13-nociphers.py"), Test("test-tls13-record-padding.py"), + Test("test-tls13-shuffled-extentions.py"), # The skipped tests fail due to a bug in BIO_gets() which masks the retry # signalled from an SSL_read() failure. Testing with httpd(8) shows we're @@ -145,7 +146,6 @@ tls13_failing_tests = TestGroup("failing TLSv1.3 tests", [ tls13_slow_failing_tests = TestGroup("slow, failing TLSv1.3 tests", [ # Other test failures bugs in keyshare/tlsext negotiation? - Test("test-tls13-shuffled-extentions.py"), # should reject 2nd CH Test("test-tls13-unrecognised-groups.py"), # unexpected closure # 5 failures: -- cgit v1.2.3-55-g6feb