src - OpenBSD base system

diff options


context:
space:
mode:

author	Joel Sing <jsing@cvs.openbsd.org>	2018-11-06 01:40:58 +0000
committer	Joel Sing <jsing@cvs.openbsd.org>	2018-11-06 01:40:58 +0000
commit	5579f178d1907d804e7d7a10d9b4cb0564f5650e (patch)
tree	57bf3394ee5bf2019037c326c9f5ac9672ef4387 /regress/lib
parent	67f994a1f97780a5ef29238e47d8668f684a0ba7 (diff)

Add TLSv1.3 to version regress tests.

Diffstat (limited to 'regress/lib')

-rw-r--r--

regress/lib/libssl/unit/ssl_versions.c

1 files changed, 80 insertions, 4 deletions

diff --git a/regress/lib/libssl/unit/ssl_versions.c b/regress/lib/libssl/unit/ssl_versions.c
index d84a7106d58..11519c37322 100644
--- a/regress/lib/libssl/unit/ssl_versions.c
+++ b/regress/lib/libssl/unit/ssl_versions.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: ssl_versions.c,v 1.5 2018/03/15 12:27:01 jca Exp $ */

+/* $OpenBSD: ssl_versions.c,v 1.6 2018/11/06 01:40:57 jsing Exp $ */

@@ -31,6 +31,13 @@ static struct version_range_test version_range_tests[] = {

{

.options = 0,

.minver = TLS1_VERSION,

+ .maxver = TLS1_3_VERSION,

+ .want_minver = TLS1_VERSION,

+ .want_maxver = TLS1_3_VERSION,

+ },

+ {

+ .options = 0,

+ .minver = TLS1_VERSION,

.maxver = TLS1_2_VERSION,

.want_minver = TLS1_VERSION,

.want_maxver = TLS1_2_VERSION,

@@ -43,6 +50,13 @@ static struct version_range_test version_range_tests[] = {

.want_maxver = TLS1_2_VERSION,

{

+ .options = SSL_OP_NO_TLSv1_3,

+ .minver = TLS1_VERSION,

+ .maxver = TLS1_3_VERSION,

+ .want_minver = TLS1_VERSION,

+ .want_maxver = TLS1_2_VERSION,

+ },

+ {

.options = SSL_OP_NO_TLSv1_2,

.minver = TLS1_VERSION,

.maxver = TLS1_2_VERSION,

@@ -78,13 +92,30 @@ static struct version_range_test version_range_tests[] = {

.want_maxver = TLS1_1_VERSION,

{

- .options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2,

+ .options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 |

+ SSL_OP_NO_TLSv1_2,

.minver = TLS1_VERSION,

.maxver = TLS1_2_VERSION,

.want_minver = 0,

.want_maxver = 0,

{

+ .options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 |

+ SSL_OP_NO_TLSv1_2,

+ .minver = TLS1_VERSION,

+ .maxver = TLS1_3_VERSION,

+ .want_minver = TLS1_3_VERSION,

+ .want_maxver = TLS1_3_VERSION,

+ },

+ {

+ .options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 |

+ SSL_OP_NO_TLSv1_2 | SSL_OP_NO_TLSv1_3,

+ .minver = TLS1_VERSION,

+ .maxver = TLS1_3_VERSION,

+ .want_minver = 0,

+ .want_maxver = 0,

+ },

+ {

.options = 0,

.minver = TLS1_VERSION,

.maxver = TLS1_2_VERSION,

@@ -108,6 +139,34 @@ static struct version_range_test version_range_tests[] = {

{

.options = 0,

.minver = TLS1_VERSION,

+ .maxver = TLS1_3_VERSION,

+ .want_minver = TLS1_VERSION,

+ .want_maxver = TLS1_3_VERSION,

+ },

+ {

+ .options = 0,

+ .minver = TLS1_1_VERSION,

+ .maxver = TLS1_3_VERSION,

+ .want_minver = TLS1_1_VERSION,

+ .want_maxver = TLS1_3_VERSION,

+ },

+ {

+ .options = 0,

+ .minver = TLS1_2_VERSION,

+ .maxver = TLS1_3_VERSION,

+ .want_minver = TLS1_2_VERSION,

+ .want_maxver = TLS1_3_VERSION,

+ },

+ {

+ .options = 0,

+ .minver = TLS1_3_VERSION,

+ .maxver = TLS1_3_VERSION,

+ .want_minver = TLS1_3_VERSION,

+ .want_maxver = TLS1_3_VERSION,

+ },

+ {

+ .options = 0,

+ .minver = TLS1_VERSION,

.maxver = TLS1_1_VERSION,

.want_minver = TLS1_VERSION,

.want_maxver = TLS1_1_VERSION,

@@ -149,7 +208,7 @@ test_ssl_enabled_version_range(void)

vrt = &version_range_tests[i];

SSL_clear_options(ssl, SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 |

- SSL_OP_NO_TLSv1_2);

+ SSL_OP_NO_TLSv1_2 | SSL_OP_NO_TLSv1_3);

SSL_set_options(ssl, vrt->options);

minver = maxver = 0xffff;

@@ -238,6 +297,14 @@ static struct shared_version_test shared_version_tests[] = {

.options = 0,

.minver = TLS1_VERSION,

.maxver = TLS1_2_VERSION,

+ .peerver = TLS1_3_VERSION,

+ .want_maxver = TLS1_2_VERSION,

+ },

+ {

+ .ssl_method = TLS_method,

+ .options = 0,

+ .minver = TLS1_VERSION,

+ .maxver = TLS1_2_VERSION,

.peerver = 0x7f12,

.want_maxver = TLS1_2_VERSION,

@@ -383,7 +450,7 @@ test_ssl_max_shared_version(void)

}

SSL_clear_options(ssl, SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 |

- SSL_OP_NO_TLSv1_2);

+ SSL_OP_NO_TLSv1_2 | SSL_OP_NO_TLSv1_3);

SSL_set_options(ssl, svt->options);

maxver = 0;

@@ -444,6 +511,13 @@ static struct min_max_version_test min_max_version_tests[] = {

{

.ssl_method = TLS_method,

+ .minver = 0,

+ .maxver = TLS1_3_VERSION,

+ .want_minver = TLS1_VERSION,

+ .want_maxver = TLS1_2_VERSION,

+ },

+ {

+ .ssl_method = TLS_method,

.minver = TLS1_VERSION,

.maxver = TLS1_2_VERSION,

.want_minver = TLS1_VERSION,

@@ -710,6 +784,8 @@ main(int argc, char **argv)

SSL_library_init();

+ /* XXX - Test ssl_supported_version_range() */

failed |= test_ssl_enabled_version_range();

failed |= test_ssl_max_shared_version();

failed |= test_ssl_min_max_version();