diff options
| author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2018-03-13 15:46:16 +0100 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2018-03-19 17:19:18 +0100 |
| commit | 80f182e8c205d3b25fedbc629d71abcd2483739e (patch) | |
| tree | 4958e8376546928ee63f8181fcf8a0342b399927 /tests/mini-x509.c | |
| parent | 671826acc0893f05712266a49dac4851c6523bb7 (diff) | |
| download | gnutls-80f182e8c205d3b25fedbc629d71abcd2483739e.tar.gz | |
tests: updated for TLS1.3 inclusion
This moves the test to use a specific version or test multiple
TLS versions if applicable.
Resolves #413
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Diffstat (limited to 'tests/mini-x509.c')
| -rw-r--r-- | tests/mini-x509.c | 50 |
1 files changed, 26 insertions, 24 deletions
diff --git a/tests/mini-x509.c b/tests/mini-x509.c index 28fae45afe..280ffcbc49 100644 --- a/tests/mini-x509.c +++ b/tests/mini-x509.c @@ -32,6 +32,7 @@ #include "utils.h" #include "eagain-common.h" #include "cert-common.h" +#include <assert.h> const char *side; @@ -50,7 +51,8 @@ static time_t mytime(time_t * t) return then; } -void doit(void) +static +void start(const char *prio) { int exit_code = EXIT_SUCCESS; int ret; @@ -63,6 +65,8 @@ void doit(void) gnutls_session_t client; int cret = GNUTLS_E_AGAIN; + success("trying %s\n", prio); + /* General init. */ global_init(); gnutls_global_set_log_function(tls_log_func); @@ -80,13 +84,7 @@ void doit(void) gnutls_init(&server, GNUTLS_SERVER); gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE, serverx509cred); - gnutls_priority_set_direct(server, -#ifndef ENABLE_FIPS140 - "NORMAL:-CIPHER-ALL:+ARCFOUR-128", -#else - "NORMAL:-CIPHER-ALL:+AES-128-CBC", -#endif - NULL); + assert(gnutls_priority_set_direct(server, prio, NULL)>=0); gnutls_transport_set_push_function(server, server_push); gnutls_transport_set_pull_function(server, server_pull); gnutls_transport_set_ptr(server, server); @@ -109,7 +107,7 @@ void doit(void) if (ret < 0) exit(1); - gnutls_priority_set_direct(client, "NORMAL:+ARCFOUR-128", NULL); + gnutls_priority_set_direct(client, prio, NULL); gnutls_transport_set_push_function(client, client_push); gnutls_transport_set_pull_function(client, client_pull); gnutls_transport_set_ptr(client, client); @@ -225,16 +223,18 @@ void doit(void) } } - ret = gnutls_session_ext_master_secret_status(client); - if (ret != 1) { - fail("Extended master secret wasn't negotiated by default (client ret: %d)\n", ret); - exit(1); - } + if (gnutls_protocol_get_version(client) == GNUTLS_TLS1_2) { + ret = gnutls_session_ext_master_secret_status(client); + if (ret != 1) { + fail("Extended master secret wasn't negotiated by default (client ret: %d)\n", ret); + exit(1); + } - ret = gnutls_session_ext_master_secret_status(server); - if (ret != 1) { - fail("Extended master secret wasn't negotiated by default (server ret: %d)\n", ret); - exit(1); + ret = gnutls_session_ext_master_secret_status(server); + if (ret != 1) { + fail("Extended master secret wasn't negotiated by default (server ret: %d)\n", ret); + exit(1); + } } gnutls_bye(client, GNUTLS_SHUT_RDWR); @@ -248,10 +248,12 @@ void doit(void) gnutls_global_deinit(); - if (debug > 0) { - if (exit_code == 0) - puts("Self-test successful"); - else - puts("Self-test failed"); - } + reset_buffers(); +} + +void doit(void) +{ + start("NORMAL:-VERS-ALL:+VERS-TLS1.2"); + start("NORMAL:-VERS-ALL:+VERS-TLS1.3"); + start("NORMAL"); } |