From 0b1475e1f5215e43f5fcc79ad509d32f65a83c6f Mon Sep 17 00:00:00 2001 From: jsing <> Date: Mon, 6 Apr 2020 16:52:26 +0000 Subject: Add tests that cover TLSv1.2 and disable those that trigger TLSv1.3. This allows the test to pass again. --- src/regress/lib/libssl/client/clienttest.c | 35 +++++++++++++++++++++++++++--- 1 file changed, 32 insertions(+), 3 deletions(-) (limited to 'src') diff --git a/src/regress/lib/libssl/client/clienttest.c b/src/regress/lib/libssl/client/clienttest.c index 3156ef13aa..3487348c9e 100644 --- a/src/regress/lib/libssl/client/clienttest.c +++ b/src/regress/lib/libssl/client/clienttest.c @@ -200,13 +200,22 @@ static struct client_hello_test client_hello_tests[] = { .random_start = SSL3_RANDOM_OFFSET, .ssl_method = TLSv1_2_client_method, }, +#if 0 { .desc = "SSLv23 default", - .protocol = TLS1_2_VERSION, + .protocol = TLS1_3_VERSION, .random_start = SSL3_RANDOM_OFFSET, .ssl_method = SSLv23_client_method, .ssl_options = 0, }, +#endif + { + .desc = "SSLv23 default (no TLSv1.3)", + .protocol = TLS1_2_VERSION, + .random_start = SSL3_RANDOM_OFFSET, + .ssl_method = SSLv23_client_method, + .ssl_options = SSL_OP_NO_TLSv1_3, + }, { .desc = "SSLv23 (no TLSv1.2)", .protocol = TLS1_1_VERSION, @@ -221,13 +230,22 @@ static struct client_hello_test client_hello_tests[] = { .ssl_method = SSLv23_client_method, .ssl_options = SSL_OP_NO_TLSv1_1, }, +#if 0 { .desc = "TLS default", - .protocol = TLS1_2_VERSION, + .protocol = TLS1_3_VERSION, .random_start = SSL3_RANDOM_OFFSET, .ssl_method = TLS_client_method, .ssl_options = 0, }, +#endif + { + .desc = "TLS (no TLSv1.3)", + .protocol = TLS1_2_VERSION, + .random_start = SSL3_RANDOM_OFFSET, + .ssl_method = TLS_client_method, + .ssl_options = SSL_OP_NO_TLSv1_3, + }, { .desc = "TLS (no TLSv1.2)", .protocol = TLS1_1_VERSION, @@ -242,13 +260,24 @@ static struct client_hello_test client_hello_tests[] = { .ssl_method = TLS_client_method, .ssl_options = SSL_OP_NO_TLSv1_1, }, +#if 0 { .desc = "TLS (no TLSv1.0, no TLSv1.1)", - .protocol = TLS1_2_VERSION, + .protocol = TLS1_3_VERSION, .random_start = SSL3_RANDOM_OFFSET, .ssl_method = TLS_client_method, .ssl_options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1, }, +#endif +#if 0 + { + .desc = "TLS (no TLSv1.0, no TLSv1.1, no TLSv1.2)", + .protocol = TLS1_3_VERSION, + .random_start = SSL3_RANDOM_OFFSET, + .ssl_method = TLS_client_method, + .ssl_options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2, + }, +#endif }; #define N_CLIENT_HELLO_TESTS \ -- cgit v1.2.3-55-g6feb