[openssl] master update
tomas at openssl.org
tomas at openssl.org
Thu Apr 22 15:48:17 UTC 2021
The branch master has been updated
via 64c609e71ef1f0c759dfdf65719e650d04dd5f29 (commit)
from bf6aeeb481f97e2b7088f151546b9957eaaf44ef (commit)
- Log -----------------------------------------------------------------
commit 64c609e71ef1f0c759dfdf65719e650d04dd5f29
Author: Tomas Mraz <tomas at openssl.org>
Date: Wed Apr 21 08:29:28 2021 +0200
test_sslextension: skip tests that cannot work with no-tls1_2
Fixes runchecker failure of no-tls1_2 build.
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14955)
-----------------------------------------------------------------------
Summary of changes:
test/recipes/70-test_sslextension.t | 42 +++++++++++++++++++------------------
1 file changed, 22 insertions(+), 20 deletions(-)
diff --git a/test/recipes/70-test_sslextension.t b/test/recipes/70-test_sslextension.t
index 451ffa671f..c1893b8f06 100644
--- a/test/recipes/70-test_sslextension.t
+++ b/test/recipes/70-test_sslextension.t
@@ -194,15 +194,15 @@ $proxy->start() or plan skip_all => "Unable to start up Proxy for tests";
plan tests => 8;
ok($fatal_alert, "Duplicate ClientHello extension");
-$fatal_alert = 0;
-$proxy->clear();
-$proxy->filter(\&inject_duplicate_extension_serverhello);
-$proxy->clientflags("-no_tls1_3");
-$proxy->start();
-ok($fatal_alert, "Duplicate ServerHello extension");
-
SKIP: {
- skip "TLS <= 1.2 disabled", 2 if $no_below_tls13;
+ skip "TLS <= 1.2 disabled", 4 if $no_below_tls13;
+
+ $fatal_alert = 0;
+ $proxy->clear();
+ $proxy->filter(\&inject_duplicate_extension_serverhello);
+ $proxy->clientflags("-no_tls1_3");
+ $proxy->start();
+ ok($fatal_alert, "Duplicate ServerHello extension");
#Test 3: Sending a zero length extension block should pass
$proxy->clear();
@@ -220,11 +220,21 @@ SKIP: {
$proxy->clientflags("-no_tls1_3 -noservername");
$proxy->start();
ok($fatal_alert, "Unsolicited server name extension");
+
+ #Test 5: Send the cryptopro extension in a ClientHello. Normally this is an
+ # unsolicited extension only ever seen in the ServerHello. We should
+ # ignore it in a ClientHello
+ $proxy->clear();
+ $proxy->filter(\&inject_cryptopro_extension);
+ $proxy->clientflags("-no_tls1_3");
+ $proxy->start();
+ ok(TLSProxy::Message->success(), "Cryptopro extension in ClientHello");
}
+
SKIP: {
skip "TLS <= 1.2 disabled or EC disabled", 1
if $no_below_tls13 || disabled("ec");
- #Test 5: Inject a noncompliant supported_groups extension (<= TLSv1.2)
+ #Test 6: Inject a noncompliant supported_groups extension (<= TLSv1.2)
$proxy->clear();
$proxy->filter(\&inject_unsolicited_extension);
$testtype = NONCOMPLIANT_SUPPORTED_GROUPS;
@@ -236,9 +246,10 @@ SKIP: {
SKIP: {
skip "TLS <= 1.2 or CT disabled", 1
if $no_below_tls13 || disabled("ct");
- #Test 6: Same as above for the SCT extension which has special handling
+ #Test 7: Same as above for the SCT extension which has special handling
$fatal_alert = 0;
$proxy->clear();
+ $proxy->filter(\&inject_unsolicited_extension);
$testtype = UNSOLICITED_SCT;
$proxy->clientflags("-no_tls1_3");
$proxy->start();
@@ -248,7 +259,7 @@ SKIP: {
SKIP: {
skip "TLS 1.3 disabled", 1
if disabled("tls1_3") || (disabled("ec") && disabled("dh"));
- #Test 7: Inject an unsolicited extension (TLSv1.3)
+ #Test 8: Inject an unsolicited extension (TLSv1.3)
$fatal_alert = 0;
$proxy->clear();
$proxy->filter(\&inject_unsolicited_extension);
@@ -257,12 +268,3 @@ SKIP: {
$proxy->start();
ok($fatal_alert, "Unsolicited server name extension (TLSv1.3)");
}
-
-#Test 8: Send the cryptopro extension in a ClientHello. Normally this is an
-# unsolicited extension only ever seen in the ServerHello. We should
-# ignore it in a ClientHello
-$proxy->clear();
-$proxy->filter(\&inject_cryptopro_extension);
-$proxy->clientflags("-no_tls1_3");
-$proxy->start();
-ok(TLSProxy::Message->success(), "Cryptopro extension in ClientHello");
More information about the openssl-commits
mailing list