diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2018-06-29 22:40:27 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2018-06-29 23:01:11 +0200 |
commit | 5acae52b4ad3e2079c5dfac975badde51289e762 (patch) | |
tree | a2b7e0304207e38e3205066aa10f7e30febdf3a0 | |
parent | 3f1c94bab2cb6ddadff42da4b22d61385ef3e049 (diff) | |
download | gnutls-5acae52b4ad3e2079c5dfac975badde51289e762.tar.gz |
tests: verify whether GNUTLS_TLS_VERSION_MAX is negotiated on default mode
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
-rw-r--r-- | lib/includes/gnutls/gnutls.h.in | 3 | ||||
-rw-r--r-- | tests/mini-x509.c | 16 |
2 files changed, 12 insertions, 7 deletions
diff --git a/lib/includes/gnutls/gnutls.h.in b/lib/includes/gnutls/gnutls.h.in index 7a0a63188d..9111dfb557 100644 --- a/lib/includes/gnutls/gnutls.h.in +++ b/lib/includes/gnutls/gnutls.h.in @@ -686,7 +686,8 @@ typedef enum { * @GNUTLS_DTLS1_0: DTLS version 1.0. * @GNUTLS_DTLS1_2: DTLS version 1.2. * @GNUTLS_DTLS0_9: DTLS version 0.9 (Cisco AnyConnect / OpenSSL 0.9.8e). - * @GNUTLS_VERSION_MAX: Maps to the highest supported TLS version. + * @GNUTLS_TLS_VERSION_MAX: Maps to the highest supported TLS version. + * @GNUTLS_DTLS_VERSION_MAX: Maps to the highest supported DTLS version. * @GNUTLS_VERSION_UNKNOWN: Unknown SSL/TLS version. * * Enumeration of different SSL/TLS protocol versions. diff --git a/tests/mini-x509.c b/tests/mini-x509.c index 4e9d27b639..52c650aa7f 100644 --- a/tests/mini-x509.c +++ b/tests/mini-x509.c @@ -52,7 +52,7 @@ static time_t mytime(time_t * t) } static -void start(const char *prio) +void start(const char *prio, unsigned expect_max) { int ret; /* Server stuff. */ @@ -222,17 +222,21 @@ void start(const char *prio) } } + if (expect_max) { + if (gnutls_protocol_get_version(client) != GNUTLS_TLS_VERSION_MAX) { + fail("The negotiated TLS protocol is not the maximum supported\n"); + } + } + if (gnutls_protocol_get_version(client) == GNUTLS_TLS1_2) { ret = gnutls_session_ext_master_secret_status(client); if (ret != 1) { fail("Extended master secret wasn't negotiated by default (client ret: %d)\n", ret); - exit(1); } ret = gnutls_session_ext_master_secret_status(server); if (ret != 1) { fail("Extended master secret wasn't negotiated by default (server ret: %d)\n", ret); - exit(1); } } @@ -252,7 +256,7 @@ void start(const char *prio) void doit(void) { - start("NORMAL:-VERS-ALL:+VERS-TLS1.2"); - start("NORMAL:-VERS-ALL:+VERS-TLS1.3"); - start("NORMAL"); + start("NORMAL:-VERS-ALL:+VERS-TLS1.2", 0); + start("NORMAL:-VERS-ALL:+VERS-TLS1.3", 0); + start("NORMAL", 1); } |