diff options
author | Ingela Anderton Andin <ingela@erlang.org> | 2022-07-05 15:28:23 +0200 |
---|---|---|
committer | Ingela Anderton Andin <ingela@erlang.org> | 2022-08-02 16:04:23 +0200 |
commit | c1f8dd07522f86052249463bd62deeff9d73cf53 (patch) | |
tree | 4d8721b54ee80e62e8a0a36c5bf9142f3a43a9b6 /lib/ssl/test | |
parent | 33e7570e075e0b84efef91b2f307fcf938517b1c (diff) | |
download | erlang-c1f8dd07522f86052249463bd62deeff9d73cf53.tar.gz |
ssl: Add TLS-1.3 unxpected application data check
Diffstat (limited to 'lib/ssl/test')
-rw-r--r-- | lib/ssl/test/ssl_session_ticket_SUITE.erl | 2 | ||||
-rw-r--r-- | lib/ssl/test/tls_api_SUITE.erl | 17 |
2 files changed, 9 insertions, 10 deletions
diff --git a/lib/ssl/test/ssl_session_ticket_SUITE.erl b/lib/ssl/test/ssl_session_ticket_SUITE.erl index 8056b40d72..2363eb64f7 100644 --- a/lib/ssl/test/ssl_session_ticket_SUITE.erl +++ b/lib/ssl/test/ssl_session_ticket_SUITE.erl @@ -792,7 +792,7 @@ early_data_trial_decryption_failure(Config) when is_list(Config) -> ssl_test_lib:close(Client0), %% Use ticket - Client1 = ssl_test_lib:start_client_error([{node, ClientNode}, + _Client1 = ssl_test_lib:start_client_error([{node, ClientNode}, {port, Port0}, {host, Hostname}, {mfa, {ssl_test_lib, %% Short handshake verify_active_session_resumption, diff --git a/lib/ssl/test/tls_api_SUITE.erl b/lib/ssl/test/tls_api_SUITE.erl index 4dd32ab0dc..7e5f312152 100644 --- a/lib/ssl/test/tls_api_SUITE.erl +++ b/lib/ssl/test/tls_api_SUITE.erl @@ -750,7 +750,7 @@ tls_app_data_in_initial_hs_state() -> tls_app_data_in_initial_hs_state(Config) when is_list(Config) -> ServerOpts = ssl_test_lib:ssl_options(server_rsa_opts, Config), {_ClientNode, ServerNode, _Hostname} = ssl_test_lib:run_where(Config), - Version = ssl_test_lib:protocol_version(Config, tuple), + Version = ssl_test_lib:protocol_version(Config, tuple), {Major, Minor} = case Version of {3,4} -> {3,3}; @@ -763,15 +763,14 @@ tls_app_data_in_initial_hs_state(Config) when is_list(Config) -> {options, [{versions, [ssl_test_lib:protocol_version(Config)]} | ServerOpts]}]), Port = ssl_test_lib:inet_port(Server), {ok, Socket} = gen_tcp:connect("localhost", Port, [{active, false}, binary]), - AppData = <<?BYTE(?APPLICATION_DATA), ?BYTE(Major), ?BYTE(Minor), ?UINT16(3), ?BYTE($F), ?BYTE($O), ?BYTE($O)>>, + AppData = case Version of + {3, 4} -> + <<?BYTE(?APPLICATION_DATA), ?BYTE(3), ?BYTE(3), ?UINT16(4), ?BYTE($F), ?BYTE($O), ?BYTE($O), ?BYTE(?APPLICATION_DATA)>>; + _ -> + <<?BYTE(?APPLICATION_DATA), ?BYTE(Major), ?BYTE(Minor), ?UINT16(3), ?BYTE($F), ?BYTE($O), ?BYTE($O)>> + end, gen_tcp:send(Socket, AppData), - UnexpectedMsgAlert = - case Version of - {_, 4} -> - <<?BYTE(?ALERT), ?BYTE(Major), ?BYTE(Minor), ?UINT16(2), ?BYTE(?FATAL), ?BYTE(?DECODE_ERROR)>>; - _ -> - <<?BYTE(?ALERT), ?BYTE(Major), ?BYTE(Minor), ?UINT16(2), ?BYTE(?FATAL), ?BYTE(?UNEXPECTED_MESSAGE)>> - end, + UnexpectedMsgAlert = <<?BYTE(?ALERT), ?BYTE(Major), ?BYTE(Minor), ?UINT16(2), ?BYTE(?FATAL), ?BYTE(?UNEXPECTED_MESSAGE)>>, {ok, UnexpectedMsgAlert} = gen_tcp:recv(Socket, 7), {error, closed} = gen_tcp:recv(Socket, 0). |