mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-26 06:05:44 +01:00
Fix failure in SSLv3 per-version suites test
The test used 3DES as the suite for SSLv3, which now makes the handshake fails with "no ciphersuite in common", failing the test as well. Use Camellia instead (as there are not enough AES ciphersuites before TLS 1.2 to distinguish between the 3 versions). Document some dependencies, but not all. Just trying to avoid introducing new issues by using a new cipher here, not trying to make it perfect, which is a much larger task out of scope of this commit.
This commit is contained in:
parent
37e0a8c455
commit
f1e62e8e1e
@ -3993,26 +3993,37 @@ run_test "ECJPAKE: working, DTLS, nolog" \
|
||||
# Tests for ciphersuites per version
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
|
||||
requires_config_enabled MBEDTLS_CAMELLIA_C
|
||||
requires_config_enabled MBEDTLS_AES_C
|
||||
run_test "Per-version suites: SSL3" \
|
||||
"$P_SRV min_version=ssl3 version_suites=TLS-RSA-WITH-3DES-EDE-CBC-SHA,TLS-RSA-WITH-AES-256-CBC-SHA,TLS-RSA-WITH-AES-128-CBC-SHA,TLS-RSA-WITH-AES-128-GCM-SHA256" \
|
||||
"$P_SRV min_version=ssl3 version_suites=TLS-RSA-WITH-CAMELLIA-128-CBC-SHA,TLS-RSA-WITH-AES-256-CBC-SHA,TLS-RSA-WITH-AES-128-CBC-SHA,TLS-RSA-WITH-AES-128-GCM-SHA256" \
|
||||
"$P_CLI force_version=ssl3" \
|
||||
0 \
|
||||
-c "Ciphersuite is TLS-RSA-WITH-3DES-EDE-CBC-SHA"
|
||||
-c "Ciphersuite is TLS-RSA-WITH-CAMELLIA-128-CBC-SHA"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1
|
||||
requires_config_enabled MBEDTLS_CAMELLIA_C
|
||||
requires_config_enabled MBEDTLS_AES_C
|
||||
run_test "Per-version suites: TLS 1.0" \
|
||||
"$P_SRV arc4=1 version_suites=TLS-RSA-WITH-3DES-EDE-CBC-SHA,TLS-RSA-WITH-AES-256-CBC-SHA,TLS-RSA-WITH-AES-128-CBC-SHA,TLS-RSA-WITH-AES-128-GCM-SHA256" \
|
||||
"$P_SRV version_suites=TLS-RSA-WITH-CAMELLIA-128-CBC-SHA,TLS-RSA-WITH-AES-256-CBC-SHA,TLS-RSA-WITH-AES-128-CBC-SHA,TLS-RSA-WITH-AES-128-GCM-SHA256" \
|
||||
"$P_CLI force_version=tls1 arc4=1" \
|
||||
0 \
|
||||
-c "Ciphersuite is TLS-RSA-WITH-AES-256-CBC-SHA"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
|
||||
requires_config_enabled MBEDTLS_CAMELLIA_C
|
||||
requires_config_enabled MBEDTLS_AES_C
|
||||
run_test "Per-version suites: TLS 1.1" \
|
||||
"$P_SRV version_suites=TLS-RSA-WITH-3DES-EDE-CBC-SHA,TLS-RSA-WITH-AES-256-CBC-SHA,TLS-RSA-WITH-AES-128-CBC-SHA,TLS-RSA-WITH-AES-128-GCM-SHA256" \
|
||||
"$P_SRV version_suites=TLS-RSA-WITH-CAMELLIA-128-CBC-SHA,TLS-RSA-WITH-AES-256-CBC-SHA,TLS-RSA-WITH-AES-128-CBC-SHA,TLS-RSA-WITH-AES-128-GCM-SHA256" \
|
||||
"$P_CLI force_version=tls1_1" \
|
||||
0 \
|
||||
-c "Ciphersuite is TLS-RSA-WITH-AES-128-CBC-SHA"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_config_enabled MBEDTLS_CAMELLIA_C
|
||||
requires_config_enabled MBEDTLS_AES_C
|
||||
run_test "Per-version suites: TLS 1.2" \
|
||||
"$P_SRV version_suites=TLS-RSA-WITH-3DES-EDE-CBC-SHA,TLS-RSA-WITH-AES-256-CBC-SHA,TLS-RSA-WITH-AES-128-CBC-SHA,TLS-RSA-WITH-AES-128-GCM-SHA256" \
|
||||
"$P_SRV version_suites=TLS-RSA-WITH-CAMELLIA-128-CBC-SHA,TLS-RSA-WITH-AES-256-CBC-SHA,TLS-RSA-WITH-AES-128-CBC-SHA,TLS-RSA-WITH-AES-128-GCM-SHA256" \
|
||||
"$P_CLI force_version=tls1_2" \
|
||||
0 \
|
||||
-c "Ciphersuite is TLS-RSA-WITH-AES-128-GCM-SHA256"
|
||||
|
Loading…
Reference in New Issue
Block a user