From 0c5dcecc66318b2dbe970b0c714ad357b0f912cf Mon Sep 17 00:00:00 2001 From: tb Date: Fri, 2 Aug 2024 15:02:22 +0000 Subject: [PATCH] Adjust tls regress for protocol parsing fixes This mostly reverts what was done by beck in Tallinn and adjust tlstest to add new test cases and now failing connection tests. --- regress/lib/libtls/config/configtest.c | 23 ++++++++++++++--------- regress/lib/libtls/gotls/tls.go | 2 ++ regress/lib/libtls/tls/tlstest.c | 13 ++++++------- 3 files changed, 22 insertions(+), 16 deletions(-) diff --git a/regress/lib/libtls/config/configtest.c b/regress/lib/libtls/config/configtest.c index 5af5b56ffd4..9e0df8a5ebc 100644 --- a/regress/lib/libtls/config/configtest.c +++ b/regress/lib/libtls/config/configtest.c @@ -1,4 +1,4 @@ -/* $OpenBSD: configtest.c,v 1.3 2023/07/02 06:37:27 beck Exp $ */ +/* $OpenBSD: configtest.c,v 1.4 2024/08/02 15:02:22 tb Exp $ */ /* * Copyright (c) 2017 Joel Sing * @@ -71,27 +71,30 @@ struct parse_protocols_test parse_protocols_tests[] = { { .protostr = "tlsv1.0:tlsv1.1:tlsv1.2:tlsv1.3", .want_return = 0, - .want_protocols = TLS_PROTOCOL_TLSv1_2 | TLS_PROTOCOL_TLSv1_3, + .want_protocols = TLS_PROTOCOL_TLSv1_0 | TLS_PROTOCOL_TLSv1_1 | + TLS_PROTOCOL_TLSv1_2 | TLS_PROTOCOL_TLSv1_3, }, { .protostr = "tlsv1.0,tlsv1.1,tlsv1.2,tlsv1.3", .want_return = 0, - .want_protocols = TLS_PROTOCOL_TLSv1_2 | TLS_PROTOCOL_TLSv1_3, + .want_protocols = TLS_PROTOCOL_TLSv1_0 | TLS_PROTOCOL_TLSv1_1 | + TLS_PROTOCOL_TLSv1_2 | TLS_PROTOCOL_TLSv1_3, }, { .protostr = "tlsv1.1,tlsv1.2,tlsv1.0", .want_return = 0, - .want_protocols = TLS_PROTOCOL_TLSv1_2, + .want_protocols = TLS_PROTOCOL_TLSv1_0 | TLS_PROTOCOL_TLSv1_1 | + TLS_PROTOCOL_TLSv1_2, }, { .protostr = "tlsv1.1,tlsv1.2,tlsv1.1", .want_return = 0, - .want_protocols = TLS_PROTOCOL_TLSv1_2, + .want_protocols = TLS_PROTOCOL_TLSv1_1 | TLS_PROTOCOL_TLSv1_2, }, { .protostr = "tlsv1.1,tlsv1.2,!tlsv1.1", .want_return = 0, - .want_protocols = 0, + .want_protocols = TLS_PROTOCOL_TLSv1_2, }, { .protostr = "unknown", @@ -111,17 +114,19 @@ struct parse_protocols_test parse_protocols_tests[] = { { .protostr = "all,!tlsv1.0", .want_return = 0, - .want_protocols = TLS_PROTOCOL_TLSv1_3, + .want_protocols = TLS_PROTOCOL_TLSv1_1 | TLS_PROTOCOL_TLSv1_2 | \ + TLS_PROTOCOL_TLSv1_3, }, { .protostr = "!tlsv1.0", .want_return = 0, - .want_protocols = TLS_PROTOCOL_TLSv1_3, + .want_protocols = TLS_PROTOCOL_TLSv1_1 | TLS_PROTOCOL_TLSv1_2 | \ + TLS_PROTOCOL_TLSv1_3, }, { .protostr = "!tlsv1.0,!tlsv1.1,!tlsv1.3", .want_return = 0, - .want_protocols = 0, + .want_protocols = TLS_PROTOCOL_TLSv1_2, }, { .protostr = "!tlsv1.0,!tlsv1.1,tlsv1.2,!tlsv1.3", diff --git a/regress/lib/libtls/gotls/tls.go b/regress/lib/libtls/gotls/tls.go index 3029d58c357..cf3e84c0309 100644 --- a/regress/lib/libtls/gotls/tls.go +++ b/regress/lib/libtls/gotls/tls.go @@ -45,6 +45,8 @@ const ( ) var protocolNames = map[ProtocolVersion]string{ + ProtocolTLSv10: "TLSv1", + ProtocolTLSv11: "TLSv1.1", ProtocolTLSv12: "TLSv1.2", ProtocolTLSv13: "TLSv1.3", ProtocolsAll: "all", diff --git a/regress/lib/libtls/tls/tlstest.c b/regress/lib/libtls/tls/tlstest.c index fb6649e83fa..b675c798b42 100644 --- a/regress/lib/libtls/tls/tlstest.c +++ b/regress/lib/libtls/tls/tlstest.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tlstest.c,v 1.15 2022/07/16 07:46:08 tb Exp $ */ +/* $OpenBSD: tlstest.c,v 1.16 2024/08/02 15:02:22 tb Exp $ */ /* * Copyright (c) 2017 Joel Sing * @@ -497,16 +497,15 @@ struct test_versions { static struct test_versions tls_test_versions[] = { {"tlsv1.3", "all"}, {"tlsv1.2", "all"}, - {"tlsv1.1", "all"}, - {"tlsv1.0", "all"}, {"all", "tlsv1.3"}, {"all", "tlsv1.2"}, - {"all", "tlsv1.1"}, - {"all", "tlsv1.0"}, + {"all:!tlsv1.1", "tlsv1.2"}, + {"all:!tlsv1.2", "tlsv1.3"}, + {"all:!tlsv1.3", "tlsv1.2"}, + {"all:!tlsv1.2:!tlsv1.1", "tlsv1.3"}, + {"all:!tlsv1.2:!tlsv1.1:!tlsv1.0", "tlsv1.3"}, {"tlsv1.3", "tlsv1.3"}, {"tlsv1.2", "tlsv1.2"}, - {"tlsv1.1", "tlsv1.1"}, - {"tlsv1.0", "tlsv1.0"}, }; #define N_TLS_VERSION_TESTS \ -- 2.20.1