[openssl-commits] [openssl] master update
Matt Caswell
matt at openssl.org
Tue Mar 14 14:29:56 UTC 2017
The branch master has been updated
via 64e2b23ce3b75fc6c73ac8c979894e190c9e78d1 (commit)
from 49619ab008a651e49e7524c73ba6fb4b3c96f67f (commit)
- Log -----------------------------------------------------------------
commit 64e2b23ce3b75fc6c73ac8c979894e190c9e78d1
Author: Matt Caswell <matt at openssl.org>
Date: Tue Mar 14 14:16:19 2017 +0000
Fix 12 Boring tests involving NULL-SHA ciphersuites
The Boring runner attempts to enable the NULL-SHA ciphersuite using the
cipherstring "DEFAULT:NULL-SHA". However in OpenSSL DEFAULT permanently
switches off NULL ciphersuites, so we fix this up to be "ALL:NULL-SHA"
instead. We can't change the runner so we have to change the shim to
detect this.
(Merged from https://github.com/openssl/openssl/pull/2933)
Reviewed-by: Rich Salz <rsalz at openssl.org>
Reviewed-by: Emilia Käsper <emilia at openssl.org>
-----------------------------------------------------------------------
Summary of changes:
test/ossl_shim/ossl_config.json | 20 ++++----------------
test/ossl_shim/test_config.cc | 16 +++++++++++++++-
2 files changed, 19 insertions(+), 17 deletions(-)
diff --git a/test/ossl_shim/ossl_config.json b/test/ossl_shim/ossl_config.json
index e342082..cdde095 100644
--- a/test/ossl_shim/ossl_config.json
+++ b/test/ossl_shim/ossl_config.json
@@ -36,22 +36,10 @@
"KeyUpdate-Server":"Test failure - reason unknown",
"SSL3-ECDHE-PSK-AES128-CBC-SHA-server":"Test failure - reason unknown",
"SSL3-ECDHE-PSK-AES256-CBC-SHA-server":"Test failure - reason unknown",
- "SSL3-NULL-SHA-server":"Test failure - reason unknown",
- "SSL3-NULL-SHA-client":"Test failure - reason unknown",
- "SSL3-NULL-SHA-LargeRecord":"Test failure - reason unknown",
- "SSL3-NULL-SHA-BadRecord":"Test failure - reason unknown",
- "TLS1-NULL-SHA-server":"Test failure - reason unknown",
- "TLS1-NULL-SHA-LargeRecord":"Test failure - reason unknown",
- "TLS1-NULL-SHA-BadRecord":"Test failure - reason unknown",
- "TLS11-NULL-SHA-server":"Test failure - reason unknown",
- "TLS1-NULL-SHA-client":"Test failure - reason unknown",
- "TLS11-NULL-SHA-client":"Test failure - reason unknown",
- "TLS11-NULL-SHA-LargeRecord":"Test failure - reason unknown",
- "TLS12-NULL-SHA-client":"Test failure - reason unknown",
- "TLS12-NULL-SHA-server":"Test failure - reason unknown",
- "TLS12-NULL-SHA-LargeRecord":"Test failure - reason unknown",
- "TLS11-NULL-SHA-BadRecord":"Test failure - reason unknown",
- "TLS12-NULL-SHA-BadRecord":"Test failure - reason unknown",
+ "DTLS1-NULL-SHA-server":"Test failure - reason unknown",
+ "DTLS1-NULL-SHA-client":"Test failure - reason unknown",
+ "DTLS12-NULL-SHA-client":"Test failure - reason unknown",
+ "DTLS12-NULL-SHA-server":"Test failure - reason unknown",
"BadECDSA-1-4":"Test failure - reason unknown",
"BadECDSA-3-4":"Test failure - reason unknown",
"BadECDSA-4-1":"Test failure - reason unknown",
diff --git a/test/ossl_shim/test_config.cc b/test/ossl_shim/test_config.cc
index 0fe7ba8..6e43c8d 100644
--- a/test/ossl_shim/test_config.cc
+++ b/test/ossl_shim/test_config.cc
@@ -133,12 +133,26 @@ bool ParseConfig(int argc, char **argv, TestConfig *out_config) {
std::string *string_field = FindField(out_config, kStringFlags, argv[i]);
if (string_field != NULL) {
+ const char *val;
+
i++;
if (i >= argc) {
fprintf(stderr, "Missing parameter\n");
return false;
}
- string_field->assign(argv[i]);
+
+ /*
+ * Fix up the -cipher argument. runner uses "DEFAULT:NULL-SHA" to enable
+ * the NULL-SHA cipher. However in OpenSSL "DEFAULT" permanently switches
+ * off NULL ciphers, so we use "ALL:NULL-SHA" instead.
+ */
+ if (strcmp(argv[i - 1], "-cipher") == 0
+ && strcmp(argv[i], "DEFAULT:NULL-SHA") == 0)
+ val = "ALL:NULL-SHA";
+ else
+ val = argv[i];
+
+ string_field->assign(val);
continue;
}
More information about the openssl-commits
mailing list