From: tb Date: Fri, 2 Aug 2024 15:02:22 +0000 (+0000) Subject: Adjust tls regress for protocol parsing fixes X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=0c5dcecc66318b2dbe970b0c714ad357b0f912cf;p=openbsd Adjust tls regress for protocol parsing fixes This mostly reverts what was done by beck in Tallinn and adjust tlstest to add new test cases and now failing connection tests. --- diff --git a/regress/lib/libtls/config/configtest.c b/regress/lib/libtls/config/configtest.c index 5af5b56ffd4..9e0df8a5ebc 100644 --- a/regress/lib/libtls/config/configtest.c +++ b/regress/lib/libtls/config/configtest.c @@ -1,4 +1,4 @@ -/* $OpenBSD: configtest.c,v 1.3 2023/07/02 06:37:27 beck Exp $ */ +/* $OpenBSD: configtest.c,v 1.4 2024/08/02 15:02:22 tb Exp $ */ /* * Copyright (c) 2017 Joel Sing * @@ -71,27 +71,30 @@ struct parse_protocols_test parse_protocols_tests[] = { { .protostr = "tlsv1.0:tlsv1.1:tlsv1.2:tlsv1.3", .want_return = 0, - .want_protocols = TLS_PROTOCOL_TLSv1_2 | TLS_PROTOCOL_TLSv1_3, + .want_protocols = TLS_PROTOCOL_TLSv1_0 | TLS_PROTOCOL_TLSv1_1 | + TLS_PROTOCOL_TLSv1_2 | TLS_PROTOCOL_TLSv1_3, }, { .protostr = "tlsv1.0,tlsv1.1,tlsv1.2,tlsv1.3", .want_return = 0, - .want_protocols = TLS_PROTOCOL_TLSv1_2 | TLS_PROTOCOL_TLSv1_3, + .want_protocols = TLS_PROTOCOL_TLSv1_0 | TLS_PROTOCOL_TLSv1_1 | + TLS_PROTOCOL_TLSv1_2 | TLS_PROTOCOL_TLSv1_3, }, { .protostr = "tlsv1.1,tlsv1.2,tlsv1.0", .want_return = 0, - .want_protocols = TLS_PROTOCOL_TLSv1_2, + .want_protocols = TLS_PROTOCOL_TLSv1_0 | TLS_PROTOCOL_TLSv1_1 | + TLS_PROTOCOL_TLSv1_2, }, { .protostr = "tlsv1.1,tlsv1.2,tlsv1.1", .want_return = 0, - .want_protocols = TLS_PROTOCOL_TLSv1_2, + .want_protocols = TLS_PROTOCOL_TLSv1_1 | TLS_PROTOCOL_TLSv1_2, }, { .protostr = "tlsv1.1,tlsv1.2,!tlsv1.1", .want_return = 0, - .want_protocols = 0, + .want_protocols = TLS_PROTOCOL_TLSv1_2, }, { .protostr = "unknown", @@ -111,17 +114,19 @@ struct parse_protocols_test parse_protocols_tests[] = { { .protostr = "all,!tlsv1.0", .want_return = 0, - .want_protocols = TLS_PROTOCOL_TLSv1_3, + .want_protocols = TLS_PROTOCOL_TLSv1_1 | TLS_PROTOCOL_TLSv1_2 | \ + TLS_PROTOCOL_TLSv1_3, }, { .protostr = "!tlsv1.0", .want_return = 0, - .want_protocols = TLS_PROTOCOL_TLSv1_3, + .want_protocols = TLS_PROTOCOL_TLSv1_1 | TLS_PROTOCOL_TLSv1_2 | \ + TLS_PROTOCOL_TLSv1_3, }, { .protostr = "!tlsv1.0,!tlsv1.1,!tlsv1.3", .want_return = 0, - .want_protocols = 0, + .want_protocols = TLS_PROTOCOL_TLSv1_2, }, { .protostr = "!tlsv1.0,!tlsv1.1,tlsv1.2,!tlsv1.3", diff --git a/regress/lib/libtls/gotls/tls.go b/regress/lib/libtls/gotls/tls.go index 3029d58c357..cf3e84c0309 100644 --- a/regress/lib/libtls/gotls/tls.go +++ b/regress/lib/libtls/gotls/tls.go @@ -45,6 +45,8 @@ const ( ) var protocolNames = map[ProtocolVersion]string{ + ProtocolTLSv10: "TLSv1", + ProtocolTLSv11: "TLSv1.1", ProtocolTLSv12: "TLSv1.2", ProtocolTLSv13: "TLSv1.3", ProtocolsAll: "all", diff --git a/regress/lib/libtls/tls/tlstest.c b/regress/lib/libtls/tls/tlstest.c index fb6649e83fa..b675c798b42 100644 --- a/regress/lib/libtls/tls/tlstest.c +++ b/regress/lib/libtls/tls/tlstest.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tlstest.c,v 1.15 2022/07/16 07:46:08 tb Exp $ */ +/* $OpenBSD: tlstest.c,v 1.16 2024/08/02 15:02:22 tb Exp $ */ /* * Copyright (c) 2017 Joel Sing * @@ -497,16 +497,15 @@ struct test_versions { static struct test_versions tls_test_versions[] = { {"tlsv1.3", "all"}, {"tlsv1.2", "all"}, - {"tlsv1.1", "all"}, - {"tlsv1.0", "all"}, {"all", "tlsv1.3"}, {"all", "tlsv1.2"}, - {"all", "tlsv1.1"}, - {"all", "tlsv1.0"}, + {"all:!tlsv1.1", "tlsv1.2"}, + {"all:!tlsv1.2", "tlsv1.3"}, + {"all:!tlsv1.3", "tlsv1.2"}, + {"all:!tlsv1.2:!tlsv1.1", "tlsv1.3"}, + {"all:!tlsv1.2:!tlsv1.1:!tlsv1.0", "tlsv1.3"}, {"tlsv1.3", "tlsv1.3"}, {"tlsv1.2", "tlsv1.2"}, - {"tlsv1.1", "tlsv1.1"}, - {"tlsv1.0", "tlsv1.0"}, }; #define N_TLS_VERSION_TESTS \