diff options
| author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2018-07-03 08:49:06 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2018-07-04 08:11:55 +0200 |
| commit | 08678ee7a9ee6967a7671d1cf14b3ab0d6fcab0d (patch) | |
| tree | 205d59b347aa0e495cf67ab40188b870268ad026 /tests/psk-file.c | |
| parent | 482b2ebc0f08ff2b87de656ff8d1b620d60582bf (diff) | |
| download | gnutls-tmp-enable-tls13-by-default.tar.gz | |
configure: added option --enable-tls13-supporttmp-enable-tls13-by-default
The new option enables TLS1.3 draft-28 support unconditionally.
Updated the test suite to run when TLS1.3 is enabled by default,
and added a CI run with TLS1.3 enabled.
Resolves #424
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Diffstat (limited to 'tests/psk-file.c')
| -rw-r--r-- | tests/psk-file.c | 13 |
1 files changed, 8 insertions, 5 deletions
diff --git a/tests/psk-file.c b/tests/psk-file.c index 5bd01e42ce..3defa28275 100644 --- a/tests/psk-file.c +++ b/tests/psk-file.c @@ -85,11 +85,8 @@ static void client(int sd, const char *prio, const char *user, const gnutls_datu gnutls_psk_set_client_credentials(pskcred, user, key, GNUTLS_PSK_KEY_HEX); - /* Initialize TLS session - */ - gnutls_init(&session, GNUTLS_CLIENT|GNUTLS_KEY_SHARE_TOP); + assert(gnutls_init(&session, GNUTLS_CLIENT|GNUTLS_KEY_SHARE_TOP)>=0); - /* Use default priorities */ assert(gnutls_priority_set_direct(session, prio, NULL)>=0); /* put the anonymous credentials to the current session @@ -366,9 +363,15 @@ void doit(void) run_test2("NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+PSK", NULL, "jas", &wrong_key, 1, 0, GNUTLS_E_FATAL_ALERT_RECEIVED, GNUTLS_E_DECRYPTION_FAILED); run_test2("NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+PSK", NULL, "non-hex", &key, 1, 0, GNUTLS_E_FATAL_ALERT_RECEIVED, GNUTLS_E_KEYFILE_ERROR); - run_test_ok("NORMAL:-KX-ALL:+PSK", "jas", &key, 1, 0); + run_test_ok("NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+PSK", "jas", &key, 1, 0); + run_test_ok("NORMAL:-KX-ALL:+PSK", "jas", &key, 0, 0); +#ifdef ENABLE_TLS13 + run_test2("NORMAL:+PSK", NULL, "unknown", &key, 1, 0, GNUTLS_E_FATAL_ALERT_RECEIVED, GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER); + run_test2("NORMAL:+PSK", NULL, "jas", &wrong_key, 1, 0, GNUTLS_E_FATAL_ALERT_RECEIVED, GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER); +#else run_test2("NORMAL:+PSK", NULL, "unknown", &key, 1, 0, GNUTLS_E_FATAL_ALERT_RECEIVED, GNUTLS_E_DECRYPTION_FAILED); run_test2("NORMAL:+PSK", NULL, "jas", &wrong_key, 1, 0, GNUTLS_E_FATAL_ALERT_RECEIVED, GNUTLS_E_DECRYPTION_FAILED); +#endif run_test2("NORMAL:-KX-ALL:+PSK", NULL, "non-hex", &key, 1, 0, GNUTLS_E_FATAL_ALERT_RECEIVED, GNUTLS_E_KEYFILE_ERROR); run_dhtest_ok("NORMAL:-VERS-ALL:+VERS-TLS1.3:+DHE-PSK:-GROUP-EC-ALL", "jas", &key, 0, 0); |