X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=test%2Fclienthellotest.c;h=b4563b5beb24344bc20942991d326767e38c5275;hp=f3e9588e5113aa68c79e78cabadb05acbcab7afc;hb=6af1b11848f000c900877f1289a42948d415f21c;hpb=0f41dc0e9e9e6a8c2a43fa6af5fdf5359283e2ba diff --git a/test/clienthellotest.c b/test/clienthellotest.c index f3e9588e51..b4563b5beb 100644 --- a/test/clienthellotest.c +++ b/test/clienthellotest.c @@ -1,7 +1,7 @@ /* - * Copyright 2015-2017 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved. * - * Licensed under the OpenSSL license (the "License"). You may not use + * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy * in the file LICENSE in the source distribution or at * https://www.openssl.org/source/license.html @@ -17,7 +17,7 @@ #include #include -#include "../ssl/packet_locl.h" +#include "internal/packet.h" #include "testutil.h" @@ -58,7 +58,7 @@ static int test_client_hello(int currtest) BIO *wbio; long len; unsigned char *data; - PACKET pkt = {0}, pkt2 = {0}, pkt3 = {0}; + PACKET pkt, pkt2, pkt3; char *dummytick = "Hello World!"; unsigned int type = 0; int testresult = 0; @@ -71,6 +71,10 @@ static int test_client_hello(int currtest) return 1; #endif + memset(&pkt, 0, sizeof(pkt)); + memset(&pkt2, 0, sizeof(pkt2)); + memset(&pkt3, 0, sizeof(pkt3)); + /* * For each test set up an SSL_CTX and SSL and see what ClientHello gets * produced when we try to connect @@ -78,12 +82,20 @@ static int test_client_hello(int currtest) ctx = SSL_CTX_new(TLS_method()); if (!TEST_ptr(ctx)) goto end; + if (!TEST_true(SSL_CTX_set_max_proto_version(ctx, 0))) + goto end; switch(currtest) { case TEST_SET_SESSION_TICK_DATA_VER_NEG: +#if !defined(OPENSSL_NO_TLS1_3) && defined(OPENSSL_NO_TLS1_2) + /* TLSv1.3 is enabled and TLSv1.2 is disabled so can't do this test */ + SSL_CTX_free(ctx); + return 1; +#else /* Testing for session tickets <= TLS1.2; not relevant for 1.3 */ if (!TEST_true(SSL_CTX_set_max_proto_version(ctx, TLS1_2_VERSION))) goto end; +#endif break; case TEST_ADD_PADDING_AND_PSK: @@ -92,9 +104,9 @@ static int test_client_hello(int currtest) * ClientHello is already going to be quite long. To avoid getting one * that is too long for this test we use a restricted ciphersuite list */ - if (!TEST_true(SSL_CTX_set_cipher_list(ctx, - "TLS13-AES-128-GCM-SHA256"))) + if (!TEST_false(SSL_CTX_set_cipher_list(ctx, ""))) goto end; + ERR_clear_error(); /* Fall through */ case TEST_ADD_PADDING: case TEST_PADDING_NOT_NEEDED: @@ -106,12 +118,21 @@ static int test_client_hello(int currtest) * F5_WORKAROUND_MIN_MSG_LEN bytes long - meaning padding will be * needed. */ - if (currtest == TEST_ADD_PADDING - && (!TEST_false(SSL_CTX_set_alpn_protos(ctx, + if (currtest == TEST_ADD_PADDING) { + if (!TEST_false(SSL_CTX_set_alpn_protos(ctx, (unsigned char *)alpn_prots, - sizeof(alpn_prots) - 1)))) + sizeof(alpn_prots) - 1))) + goto end; + /* + * Otherwise we need to make sure we have a small enough message to + * not need padding. + */ + } else if (!TEST_true(SSL_CTX_set_cipher_list(ctx, + "AES128-SHA")) + || !TEST_true(SSL_CTX_set_ciphersuites(ctx, + "TLS_AES_128_GCM_SHA256"))) { goto end; - + } break; default: @@ -225,6 +246,8 @@ end: return testresult; } +OPT_TEST_DECLARE_USAGE("sessionfile\n") + int setup_tests(void) { if (!TEST_ptr(sessionfile = test_get_argument(0)))