PROV: Refactor the RSA DER support

[openssl.git] / test / cipherlist_test.c

diff --git a/test/cipherlist_test.c b/test/cipherlist_test.c
index b224983a3454641ba07f4aa4de274a26cdf44b0d..3bc103c7370e7d7e9f691605b7a2fb95ee3d4583 100644 (file)
--- a/test/cipherlist_test.c
+++ b/test/cipherlist_test.c
@@ -1,7 +1,7 @@
 /*
  * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
  *
- * Licensed under the OpenSSL licenses, (the "License");
+ * Licensed under the Apache License 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  * https://www.openssl.org/source/license.html
@@ -21,6 +21,8 @@
 #include "internal/nelem.h"
 #include "testutil.h"
 
+DEFINE_STACK_OF_CONST(SSL_CIPHER)
+
 typedef struct cipherlist_test_fixture {
     const char *test_case_name;
     SSL_CTX *server;
@@ -215,9 +217,44 @@ static int test_default_cipherlist_explicit(void)
     return result;
 }
 
-int setup_tests()
+/* SSL_CTX_set_cipher_list() should fail if it clears all TLSv1.2 ciphers. */
+static int test_default_cipherlist_clear(void)
+{
+    SETUP_CIPHERLIST_TEST_FIXTURE();
+    SSL *s = NULL;
+
+    if (fixture == NULL)
+        return 0;
+
+    if (!TEST_int_eq(SSL_CTX_set_cipher_list(fixture->server, "no-such"), 0))
+        goto end;
+
+    if (!TEST_int_eq(ERR_GET_REASON(ERR_get_error()), SSL_R_NO_CIPHER_MATCH))
+        goto end;
+
+    s = SSL_new(fixture->client);
+
+    if (!TEST_ptr(s))
+      goto end;
+
+    if (!TEST_int_eq(SSL_set_cipher_list(s, "no-such"), 0))
+        goto end;
+
+    if (!TEST_int_eq(ERR_GET_REASON(ERR_get_error()),
+                SSL_R_NO_CIPHER_MATCH))
+        goto end;
+
+    result = 1;
+end:
+    SSL_free(s);
+    tear_down(fixture);
+    return result;
+}
+
+int setup_tests(void)
 {
     ADD_TEST(test_default_cipherlist_implicit);
     ADD_TEST(test_default_cipherlist_explicit);
+    ADD_TEST(test_default_cipherlist_clear);
     return 1;
 }