From c34de2c3490495ca1d9afcbc43593161c810b669 Mon Sep 17 00:00:00 2001 From: tb <> Date: Wed, 3 Jun 2020 04:47:03 +0000 Subject: Enable the record layer limits test and mark two finished test cases as xfail for now. Arguably, the expected decode_error is more appropriate than the decrypt_error that we send at the moment. --- src/regress/lib/libssl/tlsfuzzer/tlsfuzzer.py | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) (limited to 'src') diff --git a/src/regress/lib/libssl/tlsfuzzer/tlsfuzzer.py b/src/regress/lib/libssl/tlsfuzzer/tlsfuzzer.py index ef037aec9a..c1e89bd43b 100644 --- a/src/regress/lib/libssl/tlsfuzzer/tlsfuzzer.py +++ b/src/regress/lib/libssl/tlsfuzzer/tlsfuzzer.py @@ -1,4 +1,4 @@ -# $OpenBSD: tlsfuzzer.py,v 1.5 2020/06/01 10:46:45 tb Exp $ +# $OpenBSD: tlsfuzzer.py,v 1.6 2020/06/03 04:47:03 tb Exp $ # # Copyright (c) 2020 Theo Buehler # @@ -98,6 +98,13 @@ tls13_slow_tests = TestGroup("slow TLSv1.3 tests", [ Test("test-tls13-invalid-ciphers.py"), Test("test-tls13-serverhello-random.py", tls13_unsupported_ciphers), + + # Mark two tests cases as xfail for now. The tests expect an arguably + # correct decode_error while we send a decrypt_error (like fizz/boring). + Test("test-tls13-record-layer-limits.py", [ + "-x", "max size payload (2**14) of Finished msg, with 16348 bytes of left padding, cipher TLS_AES_128_GCM_SHA256", + "-x", "max size payload (2**14) of Finished msg, with 16348 bytes of left padding, cipher TLS_CHACHA20_POLY1305_SHA256", + ]), ]) tls13_extra_cert_tests = TestGroup("TLSv1.3 certificate tests", [ @@ -137,10 +144,6 @@ tls13_failing_tests = TestGroup("failing TLSv1.3 tests", [ ]) tls13_slow_failing_tests = TestGroup("slow, failing TLSv1.3 tests", [ - # After adding record overflow alert, 14 tests fail because - # they expect ExpectNewSessionTicket(). - Test("test-tls13-record-layer-limits.py" ), - # Other test failures bugs in keyshare/tlsext negotiation? Test("test-tls13-shuffled-extentions.py"), # should reject 2nd CH Test("test-tls13-unrecognised-groups.py"), # unexpected closure -- cgit v1.2.3-55-g6feb