summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNatanael Copa <ncopa@alpinelinux.org>2022-11-02 13:26:53 +0100
committerMarge Bot <marge-bot@gnome.org>2022-11-02 13:50:39 +0000
commit205b578c6de0a6b42dd24d97f08ab47d0347431a (patch)
tree9d02f0f68e568b717a217862ddc65467f0086895
parenta2f206dcbd38ce79e8f5ee957056048e65dcf69b (diff)
downloadglib-networking-205b578c6de0a6b42dd24d97f08ab47d0347431a.tar.gz
tests: skip tls-exporter test for TLS 1.2
TLS exporter does not exist before TLS 1.3 so skip the tls-exporter test for TLS 1.2. Fixes https://gitlab.gnome.org/GNOME/glib-networking/-/issues/201 Part-of: <https://gitlab.gnome.org/GNOME/glib-networking/-/merge_requests/227>
Diffstat
-rw-r--r--tls/tests/connection.c49
1 files changed, 31 insertions, 18 deletions
diff --git a/tls/tests/connection.c b/tls/tests/connection.c
index 94b335c..7800644 100644
--- a/tls/tests/connection.c
+++ b/tls/tests/connection.c
@@ -2988,6 +2988,8 @@ test_connection_binding_match_tls_exporter (TestConnection *test,
GByteArray *client_cb, *server_cb;
gchar *client_b64, *server_b64;
GError *error = NULL;
+ gboolean client_supports_tls_exporter;
+ gboolean server_supports_tls_exporter;
test->database = g_tls_file_database_new (tls_test_file_path ("ca-roots.pem"), &error);
g_assert_no_error (error);
@@ -3016,27 +3018,38 @@ test_connection_binding_match_tls_exporter (TestConnection *test,
g_main_loop_run (test->loop);
/* Smoke test: ensure both sides support tls-exporter */
- g_assert_true (g_tls_connection_get_channel_binding_data (G_TLS_CONNECTION (test->client_connection),
- G_TLS_CHANNEL_BINDING_TLS_EXPORTER, NULL, NULL));
- g_assert_true (g_tls_connection_get_channel_binding_data (G_TLS_CONNECTION (test->server_connection),
- G_TLS_CHANNEL_BINDING_TLS_EXPORTER, NULL, NULL));
+ client_supports_tls_exporter = g_tls_connection_get_channel_binding_data (G_TLS_CONNECTION (test->client_connection),
+ G_TLS_CHANNEL_BINDING_TLS_EXPORTER, NULL, NULL);
+ server_supports_tls_exporter = g_tls_connection_get_channel_binding_data (G_TLS_CONNECTION (test->server_connection),
+ G_TLS_CHANNEL_BINDING_TLS_EXPORTER, NULL, NULL);
- /* Real test: retrieve bindings and compare */
- client_cb = g_byte_array_new ();
- server_cb = g_byte_array_new ();
- g_assert_true (g_tls_connection_get_channel_binding_data (G_TLS_CONNECTION (test->client_connection),
- G_TLS_CHANNEL_BINDING_TLS_EXPORTER, client_cb, NULL));
- g_assert_true (g_tls_connection_get_channel_binding_data (G_TLS_CONNECTION (test->server_connection),
- G_TLS_CHANNEL_BINDING_TLS_EXPORTER, server_cb, NULL));
+ g_assert_true (client_supports_tls_exporter == server_supports_tls_exporter);
- client_b64 = g_base64_encode (client_cb->data, client_cb->len);
- server_b64 = g_base64_encode (server_cb->data, server_cb->len);
- g_assert_cmpstr (client_b64, ==, server_b64);
+ if (client_supports_tls_exporter)
+ {
+ /* Real test: retrieve bindings and compare */
+ client_cb = g_byte_array_new ();
+ server_cb = g_byte_array_new ();
+ g_assert_true (g_tls_connection_get_channel_binding_data (G_TLS_CONNECTION (test->client_connection),
+ G_TLS_CHANNEL_BINDING_TLS_EXPORTER, client_cb, NULL));
+ g_assert_true (g_tls_connection_get_channel_binding_data (G_TLS_CONNECTION (test->server_connection),
+ G_TLS_CHANNEL_BINDING_TLS_EXPORTER, server_cb, NULL));
- g_free (client_b64);
- g_free (server_b64);
- g_byte_array_unref (client_cb);
- g_byte_array_unref (server_cb);
+ client_b64 = g_base64_encode (client_cb->data, client_cb->len);
+ server_b64 = g_base64_encode (server_cb->data, server_cb->len);
+ g_assert_cmpstr (client_b64, ==, server_b64);
+
+ g_free (client_b64);
+ g_free (server_b64);
+ g_byte_array_unref (client_cb);
+ g_byte_array_unref (server_cb);
+ }
+ else
+ {
+ g_assert_true (g_tls_connection_get_protocol_version (
+ G_TLS_CONNECTION (test->client_connection)) == G_TLS_PROTOCOL_VERSION_TLS_1_2);
+ g_test_skip ("tls-exporter is not supported before TLS 1.3");
+ }
/* drop the mic */
close_server_connection (test);
View Lorry Controller Status