diff options
| author | Joel Sing <jsing@cvs.openbsd.org> | 2020-04-06 16:52:27 +0000 |
|---|---|---|
| committer | Joel Sing <jsing@cvs.openbsd.org> | 2020-04-06 16:52:27 +0000 |
| commit | 63a8abe23b38915d14c0d53f32dd4d6de9aca1f0 (patch) | |
| tree | 02886fbaac97ee4088e5e431d68c9c75fdf88c3d /regress/lib/libssl | |
| parent | 448186854a4d3fba014a57808825d0cb30eaab54 (diff) | |
Add tests that cover TLSv1.2 and disable those that trigger TLSv1.3.
This allows the test to pass again.
Diffstat (limited to 'regress/lib/libssl')
| -rw-r--r-- | regress/lib/libssl/client/clienttest.c | 35 |
1 files changed, 32 insertions, 3 deletions
diff --git a/regress/lib/libssl/client/clienttest.c b/regress/lib/libssl/client/clienttest.c index 3156ef13aa2..3487348c9e3 100644 --- a/regress/lib/libssl/client/clienttest.c +++ b/regress/lib/libssl/client/clienttest.c @@ -200,13 +200,22 @@ static struct client_hello_test client_hello_tests[] = { .random_start = SSL3_RANDOM_OFFSET, .ssl_method = TLSv1_2_client_method, }, +#if 0 { .desc = "SSLv23 default", - .protocol = TLS1_2_VERSION, + .protocol = TLS1_3_VERSION, .random_start = SSL3_RANDOM_OFFSET, .ssl_method = SSLv23_client_method, .ssl_options = 0, }, +#endif + { + .desc = "SSLv23 default (no TLSv1.3)", + .protocol = TLS1_2_VERSION, + .random_start = SSL3_RANDOM_OFFSET, + .ssl_method = SSLv23_client_method, + .ssl_options = SSL_OP_NO_TLSv1_3, + }, { .desc = "SSLv23 (no TLSv1.2)", .protocol = TLS1_1_VERSION, @@ -221,13 +230,22 @@ static struct client_hello_test client_hello_tests[] = { .ssl_method = SSLv23_client_method, .ssl_options = SSL_OP_NO_TLSv1_1, }, +#if 0 { .desc = "TLS default", - .protocol = TLS1_2_VERSION, + .protocol = TLS1_3_VERSION, .random_start = SSL3_RANDOM_OFFSET, .ssl_method = TLS_client_method, .ssl_options = 0, }, +#endif + { + .desc = "TLS (no TLSv1.3)", + .protocol = TLS1_2_VERSION, + .random_start = SSL3_RANDOM_OFFSET, + .ssl_method = TLS_client_method, + .ssl_options = SSL_OP_NO_TLSv1_3, + }, { .desc = "TLS (no TLSv1.2)", .protocol = TLS1_1_VERSION, @@ -242,13 +260,24 @@ static struct client_hello_test client_hello_tests[] = { .ssl_method = TLS_client_method, .ssl_options = SSL_OP_NO_TLSv1_1, }, +#if 0 { .desc = "TLS (no TLSv1.0, no TLSv1.1)", - .protocol = TLS1_2_VERSION, + .protocol = TLS1_3_VERSION, .random_start = SSL3_RANDOM_OFFSET, .ssl_method = TLS_client_method, .ssl_options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1, }, +#endif +#if 0 + { + .desc = "TLS (no TLSv1.0, no TLSv1.1, no TLSv1.2)", + .protocol = TLS1_3_VERSION, + .random_start = SSL3_RANDOM_OFFSET, + .ssl_method = TLS_client_method, + .ssl_options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2, + }, +#endif }; #define N_CLIENT_HELLO_TESTS \ |