From 990fd2f30afa6fcfa66ef1f73cecc2da9910836c Mon Sep 17 00:00:00 2001 From: Daiki Ueno Date: Wed, 22 May 2019 11:51:57 +0200 Subject: tlsfuzzer: use %ALLOW_SMALL_RECORDS for testing Signed-off-by: Daiki Ueno --- tests/suite/tls-fuzzer/gnutls-nocert-tls13.json | 2 -- tests/suite/tls-fuzzer/gnutls-nocert.json | 1 - tests/suite/tls-fuzzer/tls-fuzzer-nocert-tls13.sh | 2 +- tests/suite/tls-fuzzer/tls-fuzzer-nocert.sh | 4 ++-- 4 files changed, 3 insertions(+), 6 deletions(-) diff --git a/tests/suite/tls-fuzzer/gnutls-nocert-tls13.json b/tests/suite/tls-fuzzer/gnutls-nocert-tls13.json index 5a10d615ec..806cc17b16 100644 --- a/tests/suite/tls-fuzzer/gnutls-nocert-tls13.json +++ b/tests/suite/tls-fuzzer/gnutls-nocert-tls13.json @@ -15,7 +15,6 @@ {"name" : "test-record-size-limit.py", "comment" : "changed extension after HRR is not supported #617", "arguments" : ["-p", "@PORT@", "--reply-AD-size", "685", - "--minimal-size", "512", "-e", "change size in TLS 1.2 resumption", "-e", "change size in TLS 1.3 session resumption", "-e", "check if server accepts maximum size in TLS 1.0", @@ -41,7 +40,6 @@ "-e", "removed extension in 2nd CH in HRR handshake"] }, {"name" : "test-record-size-limit.py", "arguments" : ["-p", "@PORT@", "--reply-AD-size", "672", - "--minimal-size", "512", "change size in TLS 1.3 session resumption", "drop extension in TLS 1.3 session resumption"] }, {"name" : "test-tls13-0rtt-garbage.py", diff --git a/tests/suite/tls-fuzzer/gnutls-nocert.json b/tests/suite/tls-fuzzer/gnutls-nocert.json index e25b6b3613..416eae6ba7 100644 --- a/tests/suite/tls-fuzzer/gnutls-nocert.json +++ b/tests/suite/tls-fuzzer/gnutls-nocert.json @@ -233,7 +233,6 @@ {"name" : "test-record-size-limit.py", "comment" : "TLS 1.3 tests are done separately; 1/n-1 splitting is not supported in TLS 1.0", "arguments" : ["-p", "@PORT@", "--reply-AD-size", "821", - "--minimal-size", "512", "-e", "check if server accepts maximum size in TLS 1.0", "-e", "check if server accepts maximum size in TLS 1.3", "-e", "check if server accepts minimal size in TLS 1.0", diff --git a/tests/suite/tls-fuzzer/tls-fuzzer-nocert-tls13.sh b/tests/suite/tls-fuzzer/tls-fuzzer-nocert-tls13.sh index 1b9b0f1765..d1fe2ed100 100755 --- a/tests/suite/tls-fuzzer/tls-fuzzer-nocert-tls13.sh +++ b/tests/suite/tls-fuzzer/tls-fuzzer-nocert-tls13.sh @@ -21,7 +21,7 @@ srcdir="${srcdir:-.}" tls_fuzzer_prepare() { -PRIORITY="NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+VERS-TLS1.1" +PRIORITY="NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+VERS-TLS1.1:%ALLOW_SMALL_RECORDS" sed -e "s|@SERVER@|$SERV|g" -e "s/@PORT@/$PORT/g" -e "s/@PRIORITY@/$PRIORITY/g" ../gnutls-nocert-tls13.json >${TMPFILE} } diff --git a/tests/suite/tls-fuzzer/tls-fuzzer-nocert.sh b/tests/suite/tls-fuzzer/tls-fuzzer-nocert.sh index 77a1d050cd..1d23e98c61 100755 --- a/tests/suite/tls-fuzzer/tls-fuzzer-nocert.sh +++ b/tests/suite/tls-fuzzer/tls-fuzzer-nocert.sh @@ -22,10 +22,10 @@ srcdir="${srcdir:-.}" tls_fuzzer_prepare() { VERSIONS="-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0" -PRIORITY="NORMAL:%VERIFY_ALLOW_SIGN_WITH_SHA1:+ARCFOUR-128:+3DES-CBC:+DHE-DSS:+SIGN-DSA-SHA256:+SIGN-DSA-SHA1:-CURVE-SECP192R1:${VERSIONS}:+SHA256" +PRIORITY="NORMAL:%VERIFY_ALLOW_SIGN_WITH_SHA1:+ARCFOUR-128:+3DES-CBC:+DHE-DSS:+SIGN-DSA-SHA256:+SIGN-DSA-SHA1:-CURVE-SECP192R1:${VERSIONS}:+SHA256:%ALLOW_SMALL_RECORDS" ${CLI} --list --priority "${PRIORITY}" >/dev/null 2>&1 if test $? != 0;then - PRIORITY="NORMAL:%VERIFY_ALLOW_SIGN_WITH_SHA1:+ARCFOUR-128:+3DES-CBC:+DHE-DSS:+SIGN-DSA-SHA256:+SIGN-DSA-SHA1:${VERSIONS}:+SHA256" + PRIORITY="NORMAL:%VERIFY_ALLOW_SIGN_WITH_SHA1:+ARCFOUR-128:+3DES-CBC:+DHE-DSS:+SIGN-DSA-SHA256:+SIGN-DSA-SHA1:${VERSIONS}:+SHA256:%ALLOW_SMALL_RECORDS" fi sed -e "s|@SERVER@|$SERV|g" -e "s/@PORT@/$PORT/g" -e "s/@PRIORITY@/$PRIORITY/g" ../gnutls-nocert.json >${TMPFILE} -- cgit v1.2.1