[openssl-commits] [openssl] master update
Matt Caswell
matt at openssl.org
Mon Dec 11 09:45:05 UTC 2017
The branch master has been updated
via a8ea8018fa187e22fb4989450b550589e20f62c2 (commit)
via ef178b4eabe7183c5c85a961f4855c277ee7e220 (commit)
via 3b69eb302e237e6e6d75df6325b844e9a7fd0e27 (commit)
from b7ab4eeed9c0f245cfd0cd884f95bcb3474f0435 (commit)
- Log -----------------------------------------------------------------
commit a8ea8018fa187e22fb4989450b550589e20f62c2
Author: Matt Caswell <matt at openssl.org>
Date: Sun Dec 10 11:41:30 2017 +0000
Fix no-chacha
Reviewed-by: Tim Hudson <tjh at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4891)
commit ef178b4eabe7183c5c85a961f4855c277ee7e220
Author: Matt Caswell <matt at openssl.org>
Date: Sun Dec 10 11:05:19 2017 +0000
Don't expect a POLY1305 ciphersuite when using no-poly1305
Reviewed-by: Tim Hudson <tjh at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4891)
commit 3b69eb302e237e6e6d75df6325b844e9a7fd0e27
Author: Matt Caswell <matt at openssl.org>
Date: Sun Dec 10 11:01:00 2017 +0000
Replace tabs with spaces in 25-cipher.conf.in
Reviewed-by: Tim Hudson <tjh at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4891)
-----------------------------------------------------------------------
Summary of changes:
test/recipes/80-test_ssl_new.t | 1 +
test/ssl-tests/25-cipher.conf | 8 +--
test/ssl-tests/25-cipher.conf.in | 113 ++++++++++++++++++++-------------------
3 files changed, 64 insertions(+), 58 deletions(-)
diff --git a/test/recipes/80-test_ssl_new.t b/test/recipes/80-test_ssl_new.t
index c5472eb..d1388d9 100644
--- a/test/recipes/80-test_ssl_new.t
+++ b/test/recipes/80-test_ssl_new.t
@@ -66,6 +66,7 @@ my %conf_dependent_tests = (
"19-mac-then-encrypt.conf" => !$is_default_tls,
"20-cert-select.conf" => !$is_default_tls || $no_dh || $no_dsa,
"22-compression.conf" => !$is_default_tls,
+ "25-cipher.conf" => disabled("poly1305") || disabled("chacha"),
);
# Add your test here if it should be skipped for some compile-time
diff --git a/test/ssl-tests/25-cipher.conf b/test/ssl-tests/25-cipher.conf
index 101ee7c..a28c1f7 100644
--- a/test/ssl-tests/25-cipher.conf
+++ b/test/ssl-tests/25-cipher.conf
@@ -207,13 +207,13 @@ Options = ServerPreference,PrioritizeChaCha
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[7-cipher-server-pref-mobile-client]
-CipherString = ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384
+CipherString = ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-CHACHA20-POLY1305
MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-7]
-ExpectedCipher = ECDHE-RSA-CHACHA20-POLY1305
+ExpectedCipher = ECDHE-RSA-AES256-SHA384
# ===========================================================
@@ -233,12 +233,12 @@ Options = ServerPreference,PrioritizeChaCha
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[8-cipher-server-pref-mobile2-client]
-CipherString = ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-CHACHA20-POLY1305
+CipherString = ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384
MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-8]
-ExpectedCipher = ECDHE-RSA-AES256-SHA384
+ExpectedCipher = ECDHE-RSA-CHACHA20-POLY1305
diff --git a/test/ssl-tests/25-cipher.conf.in b/test/ssl-tests/25-cipher.conf.in
index c4b0b05..8d3917e 100644
--- a/test/ssl-tests/25-cipher.conf.in
+++ b/test/ssl-tests/25-cipher.conf.in
@@ -13,18 +13,18 @@ use strict;
use warnings;
package ssltests;
-
+use OpenSSL::Test::Utils;
our @tests = (
{
name => "cipher-server-1",
server => {
- "MaxProtocol" => "TLSv1.2",
- "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256",
- },
+ "MaxProtocol" => "TLSv1.2",
+ "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256",
+ },
client => {
- "MaxProtocol" => "TLSv1.2",
- "CipherString" => "ECDHE-RSA-AES256-SHA384"
+ "MaxProtocol" => "TLSv1.2",
+ "CipherString" => "ECDHE-RSA-AES256-SHA384"
},
test => {
"ExpectedCipher" => "ECDHE-RSA-AES256-SHA384",
@@ -33,12 +33,12 @@ our @tests = (
{
name => "cipher-server-2",
server => {
- "MaxProtocol" => "TLSv1.2",
- "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256",
- },
+ "MaxProtocol" => "TLSv1.2",
+ "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256",
+ },
client => {
- "MaxProtocol" => "TLSv1.2",
- "CipherString" => "ECDHE-RSA-AES128-SHA256"
+ "MaxProtocol" => "TLSv1.2",
+ "CipherString" => "ECDHE-RSA-AES128-SHA256"
},
test => {
"ExpectedCipher" => "ECDHE-RSA-AES128-SHA256",
@@ -47,12 +47,12 @@ our @tests = (
{
name => "cipher-server-client-list",
server => {
- "MaxProtocol" => "TLSv1.2",
- "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256",
- },
+ "MaxProtocol" => "TLSv1.2",
+ "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256",
+ },
client => {
- "MaxProtocol" => "TLSv1.2",
- "CipherString" => "ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384",
+ "MaxProtocol" => "TLSv1.2",
+ "CipherString" => "ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384",
},
test => {
"ExpectedCipher" => "ECDHE-RSA-AES128-SHA256",
@@ -61,13 +61,13 @@ our @tests = (
{
name => "cipher-server-pref-1",
server => {
- "MaxProtocol" => "TLSv1.2",
- "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256",
- "Options" => "ServerPreference",
- },
+ "MaxProtocol" => "TLSv1.2",
+ "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256",
+ "Options" => "ServerPreference",
+ },
client => {
- "MaxProtocol" => "TLSv1.2",
- "CipherString" => "ECDHE-RSA-AES256-SHA384"
+ "MaxProtocol" => "TLSv1.2",
+ "CipherString" => "ECDHE-RSA-AES256-SHA384"
},
test => {
"ExpectedCipher" => "ECDHE-RSA-AES256-SHA384",
@@ -76,13 +76,13 @@ our @tests = (
{
name => "cipher-server-pref-2",
server => {
- "MaxProtocol" => "TLSv1.2",
- "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256",
- "Options" => "ServerPreference",
- },
+ "MaxProtocol" => "TLSv1.2",
+ "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256",
+ "Options" => "ServerPreference",
+ },
client => {
- "MaxProtocol" => "TLSv1.2",
- "CipherString" => "ECDHE-RSA-AES128-SHA256"
+ "MaxProtocol" => "TLSv1.2",
+ "CipherString" => "ECDHE-RSA-AES128-SHA256"
},
test => {
"ExpectedCipher" => "ECDHE-RSA-AES128-SHA256",
@@ -91,13 +91,13 @@ our @tests = (
{
name => "cipher-server-pref-client-list",
server => {
- "MaxProtocol" => "TLSv1.2",
- "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256",
- "Options" => "ServerPreference",
- },
+ "MaxProtocol" => "TLSv1.2",
+ "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256",
+ "Options" => "ServerPreference",
+ },
client => {
- "MaxProtocol" => "TLSv1.2",
- "CipherString" => "ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384",
+ "MaxProtocol" => "TLSv1.2",
+ "CipherString" => "ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384",
},
test => {
"ExpectedCipher" => "ECDHE-RSA-AES256-SHA384",
@@ -106,13 +106,13 @@ our @tests = (
{
name => "cipher-server-pref-not-mobile",
server => {
- "MaxProtocol" => "TLSv1.2",
- "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-CHACHA20-POLY1305",
- "Options" => "ServerPreference",
- },
+ "MaxProtocol" => "TLSv1.2",
+ "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-CHACHA20-POLY1305",
+ "Options" => "ServerPreference",
+ },
client => {
- "MaxProtocol" => "TLSv1.2",
- "CipherString" => "ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384",
+ "MaxProtocol" => "TLSv1.2",
+ "CipherString" => "ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384",
},
test => {
"ExpectedCipher" => "ECDHE-RSA-AES256-SHA384",
@@ -121,31 +121,36 @@ our @tests = (
{
name => "cipher-server-pref-mobile",
server => {
- "MaxProtocol" => "TLSv1.2",
- "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-CHACHA20-POLY1305",
- "Options" => "ServerPreference,PrioritizeChaCha",
- },
+ "MaxProtocol" => "TLSv1.2",
+ "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-CHACHA20-POLY1305",
+ "Options" => "ServerPreference,PrioritizeChaCha",
+ },
client => {
- "MaxProtocol" => "TLSv1.2",
- "CipherString" => "ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384",
+ "MaxProtocol" => "TLSv1.2",
+ "CipherString" => "ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-CHACHA20-POLY1305",
},
test => {
- "ExpectedCipher" => "ECDHE-RSA-CHACHA20-POLY1305",
+ "ExpectedCipher" => "ECDHE-RSA-AES256-SHA384",
},
},
+);
+
+my @tests_poly1305 = (
{
name => "cipher-server-pref-mobile2",
server => {
- "MaxProtocol" => "TLSv1.2",
- "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-CHACHA20-POLY1305",
- "Options" => "ServerPreference,PrioritizeChaCha",
- },
+ "MaxProtocol" => "TLSv1.2",
+ "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-CHACHA20-POLY1305",
+ "Options" => "ServerPreference,PrioritizeChaCha",
+ },
client => {
- "MaxProtocol" => "TLSv1.2",
- "CipherString" => "ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-CHACHA20-POLY1305",
+ "MaxProtocol" => "TLSv1.2",
+ "CipherString" => "ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384",
},
test => {
- "ExpectedCipher" => "ECDHE-RSA-AES256-SHA384",
+ "ExpectedCipher" => "ECDHE-RSA-CHACHA20-POLY1305",
},
},
);
+
+push @tests, @tests_poly1305 unless disabled("poly1305") || disabled("chacha");
More information about the openssl-commits
mailing list