[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, master, updated. gnutls_2_9_10-248-gd364fb4
From: |
Nikos Mavrogiannopoulos |
Subject: |
[SCM] GNU gnutls branch, master, updated. gnutls_2_9_10-248-gd364fb4 |
Date: |
Sat, 19 Jun 2010 16:16:07 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=d364fb4e1b4003c240de9b5de79cf50264b82178
The branch, master has been updated
via d364fb4e1b4003c240de9b5de79cf50264b82178 (commit)
via a115f8d21aa546e5647283942f47150da477fc2e (commit)
via 23e76cdee01054b829782b4ab66a835311b1dc4b (commit)
from de2c995d7b6a718e5e74a37e31b14b4a2a9f7203 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit d364fb4e1b4003c240de9b5de79cf50264b82178
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Sat Jun 19 18:15:39 2010 +0200
Corrected some tests. Added test to check whether the %COMPAT option is
required for this server.
commit a115f8d21aa546e5647283942f47150da477fc2e
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Sat Jun 19 18:11:18 2010 +0200
Corrections in the new session packing code. Saving absolute positions in
buffers is no
longer done. Now we store only and offset to allow reallocating the buffer
and still
do the correct reference.
commit 23e76cdee01054b829782b4ab66a835311b1dc4b
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Sat Jun 19 17:42:13 2010 +0200
Fixes in new extensions code that relate to SSL 3.0.
-----------------------------------------------------------------------
Summary of changes:
lib/ext_safe_renegotiation.c | 37 ++++++++++++++++
lib/ext_safe_renegotiation.h | 1 +
lib/ext_signature.c | 7 +---
lib/gnutls_extensions.c | 7 +--
lib/gnutls_handshake.c | 7 +++
lib/gnutls_session_pack.c | 35 ++++++---------
src/tests.c | 98 ++++++++++++++++++++++++++----------------
src/tests.h | 1 +
src/tls_test.c | 21 +++++----
9 files changed, 137 insertions(+), 77 deletions(-)
diff --git a/lib/ext_safe_renegotiation.c b/lib/ext_safe_renegotiation.c
index e7ba2d4..099402c 100644
--- a/lib/ext_safe_renegotiation.c
+++ b/lib/ext_safe_renegotiation.c
@@ -237,6 +237,43 @@ int _gnutls_ext_sr_recv_cs(gnutls_session_t session)
return 0;
}
+int _gnutls_ext_sr_send_cs(gnutls_session_t session)
+{
+ int ret, set = 0;
+ sr_ext_st* priv;
+ extension_priv_data_t epriv;
+
+ ret = _gnutls_ext_get_session_data( session,
+ GNUTLS_EXTENSION_SAFE_RENEGOTIATION, &epriv);
+ if (ret < 0)
+ {
+ set = 1;
+ }
+ else if (ret < 0)
+ {
+ gnutls_assert();
+ return ret;
+ }
+
+ if (set != 0)
+ {
+ priv = gnutls_calloc(1, sizeof(*priv));
+ if (priv == NULL)
+ {
+ gnutls_assert();
+ return GNUTLS_E_MEMORY_ERROR;
+ }
+ epriv.ptr = priv;
+ }
+ else
+ priv = epriv.ptr;
+
+ if (set != 0)
+ _gnutls_ext_set_session_data( session,
GNUTLS_EXTENSION_SAFE_RENEGOTIATION, epriv);
+
+ return 0;
+}
+
static int
_gnutls_sr_recv_params (gnutls_session_t session,
const opaque * data,
diff --git a/lib/ext_safe_renegotiation.h b/lib/ext_safe_renegotiation.h
index f79cca3..bc1635d 100644
--- a/lib/ext_safe_renegotiation.h
+++ b/lib/ext_safe_renegotiation.h
@@ -46,5 +46,6 @@ int _gnutls_ext_sr_finished( gnutls_session_t session, void*
vdata,
size_t vdata_size, int dir);
int _gnutls_ext_sr_recv_cs(gnutls_session_t session);
int _gnutls_ext_sr_verify(gnutls_session_t session);
+int _gnutls_ext_sr_send_cs(gnutls_session_t);
#endif /* EXT_SAFE_RENEGOTIATION_H */
diff --git a/lib/ext_signature.c b/lib/ext_signature.c
index e1263ae..9d52303 100644
--- a/lib/ext_signature.c
+++ b/lib/ext_signature.c
@@ -237,14 +237,9 @@ _gnutls_session_get_sign_algo (gnutls_session_t session,
ret = _gnutls_ext_get_session_data(session,
GNUTLS_EXTENSION_SIGNATURE_ALGORITHMS,
&epriv);
- if (ret < 0)
- {
- gnutls_assert();
- return ret;
- }
priv = epriv.ptr;
- if (!_gnutls_version_has_selectable_sighash (ver)
+ if (ret < 0 || !_gnutls_version_has_selectable_sighash (ver)
|| priv->sign_algorithms_size == 0)
/* none set, allow all */
{
diff --git a/lib/gnutls_extensions.c b/lib/gnutls_extensions.c
index f316d5c..cd5d0a2 100644
--- a/lib/gnutls_extensions.c
+++ b/lib/gnutls_extensions.c
@@ -430,7 +430,7 @@ int _gnutls_ext_pack(gnutls_session_t session,
gnutls_buffer_st* packed)
int i, ret;
extension_priv_data_t data;
int cur_size;
-void* size_pos;
+int size_offset;
void* total_exts_pos;
int exts = 0;
@@ -445,8 +445,7 @@ int exts = 0;
{
BUFFER_APPEND_NUM(packed, extfunc[i].type);
- size_pos = packed->data + packed->length;
-
+ size_offset = packed->length;
BUFFER_APPEND_NUM(packed, 0);
cur_size = packed->length;
@@ -460,7 +459,7 @@ int exts = 0;
exts++;
/* write the actual size */
- _gnutls_write_uint32(packed->length-cur_size, size_pos);
+ _gnutls_write_uint32(packed->length-cur_size,
packed->data+size_offset);
}
}
diff --git a/lib/gnutls_handshake.c b/lib/gnutls_handshake.c
index 8a8a3f1..790861a 100644
--- a/lib/gnutls_handshake.c
+++ b/lib/gnutls_handshake.c
@@ -1861,6 +1861,13 @@ _gnutls_copy_ciphersuites (gnutls_session_t session,
/* Safe renegotiation signalling CS value is { 0x00, 0xff } */
ret_data[pos++] = 0x00;
ret_data[pos++] = 0xff;
+ ret = _gnutls_ext_sr_send_cs(session);
+ if (ret < 0)
+ {
+ gnutls_assert();
+ gnutls_free (cipher_suites);
+ return ret;
+ }
}
gnutls_free (cipher_suites);
diff --git a/lib/gnutls_session_pack.c b/lib/gnutls_session_pack.c
index 03e7909..6ad507f 100644
--- a/lib/gnutls_session_pack.c
+++ b/lib/gnutls_session_pack.c
@@ -302,10 +302,9 @@ pack_certificate_auth_info (gnutls_session_t session,
unsigned int i;
int cur_size, ret;
cert_auth_info_t info = _gnutls_get_auth_info (session);
- void* size_pos;
-
- size_pos = ps->data + ps->length;
+ int size_offset;
+ size_offset = ps->length;
BUFFER_APPEND_NUM(ps, 0);
cur_size = ps->length;
@@ -326,7 +325,7 @@ pack_certificate_auth_info (gnutls_session_t session,
}
/* write the real size */
- _gnutls_write_uint32(ps->length-cur_size, size_pos);
+ _gnutls_write_uint32(ps->length-cur_size, ps->data+size_offset);
return 0;
}
@@ -428,7 +427,7 @@ pack_srp_auth_info (gnutls_session_t session,
gnutls_buffer_st * ps)
{
srp_server_auth_info_t info = _gnutls_get_auth_info (session);
int len, ret;
- void* size_pos;
+ int size_offset;
size_t cur_size;
if (info && info->username)
@@ -436,15 +435,14 @@ pack_srp_auth_info (gnutls_session_t session,
gnutls_buffer_st * ps)
else
len = 0;
- size_pos = ps->data + ps->length;
-
+ size_offset = ps->length;
BUFFER_APPEND_NUM(ps, 0);
cur_size = ps->length;
BUFFER_APPEND_PFX(ps, info->username, len);
/* write the real size */
- _gnutls_write_uint32(ps->length-cur_size, size_pos);
+ _gnutls_write_uint32(ps->length-cur_size, ps->data+size_offset);
return 0;
}
@@ -513,10 +511,9 @@ pack_anon_auth_info (gnutls_session_t session,
{
int cur_size, ret;
anon_auth_info_t info = _gnutls_get_auth_info (session);
- void* size_pos;
-
- size_pos = ps->data + ps->length;
+ int size_offset;
+ size_offset = ps->length;
BUFFER_APPEND_NUM(ps, 0);
cur_size = ps->length;
@@ -529,7 +526,7 @@ pack_anon_auth_info (gnutls_session_t session,
}
/* write the real size */
- _gnutls_write_uint32(ps->length-cur_size, size_pos);
+ _gnutls_write_uint32(ps->length-cur_size, ps->data+size_offset);
return 0;
}
@@ -610,7 +607,7 @@ pack_psk_auth_info (gnutls_session_t session,
gnutls_buffer_st * ps)
psk_auth_info_t info;
int username_len;
int hint_len, ret;
- void* size_pos;
+ int size_offset;
size_t cur_size;
info = _gnutls_get_auth_info (session);
@@ -625,8 +622,7 @@ pack_psk_auth_info (gnutls_session_t session,
gnutls_buffer_st * ps)
else
hint_len = 0;
- size_pos = ps->data + ps->length;
-
+ size_offset = ps->length;
BUFFER_APPEND_NUM(ps, 0);
cur_size = ps->length;
@@ -639,7 +635,7 @@ pack_psk_auth_info (gnutls_session_t session,
gnutls_buffer_st * ps)
BUFFER_APPEND_PFX( ps, info->dh.public_key.data, info->dh.public_key.size);
/* write the real size */
- _gnutls_write_uint32(ps->length-cur_size, size_pos);
+ _gnutls_write_uint32(ps->length-cur_size, ps->data+size_offset);
return 0;
}
@@ -742,13 +738,12 @@ pack_security_parameters (gnutls_session_t session,
{
int ret;
- void* size_pos;
+ int size_offset;
size_t cur_size;
/* move after the auth info stuff.
*/
- size_pos = ps->data + ps->length;
-
+ size_offset = ps->length;
BUFFER_APPEND_NUM(ps, 0);
cur_size = ps->length;
@@ -776,7 +771,7 @@ pack_security_parameters (gnutls_session_t session,
BUFFER_APPEND_NUM(ps, session->security_parameters.timestamp);
- _gnutls_write_uint32(ps->length-cur_size, size_pos);
+ _gnutls_write_uint32(ps->length-cur_size, ps->data+size_offset);
return 0;
}
diff --git a/src/tests.c b/src/tests.c
index 49c1f0d..ff814ec 100644
--- a/src/tests.c
+++ b/src/tests.c
@@ -109,12 +109,13 @@ char protocol_str[] = "+VERS-TLS1.0:+VERS-SSL3.0";
char prio_str[256] = "";
#define ALL_CIPHERS "+3DES-CBC:+ARCFOUR-128:+ARCFOUR-40"
+#define BLOCK_CIPHERS "+3DES-CBC"
#define ALL_COMP "+COMP-NULL"
#define ALL_MACS "+SHA1:+MD5"
#define ALL_CERTTYPES "+CTYPE-X509"
-#define REST "%%UNSAFE_RENEGOTIATION"
#define ALL_KX "+RSA:+DHE-RSA:+DHE-DSS:+ANON-DH:+RSA-EXPORT"
#define INIT_STR "NONE:"
+char rest[128] = "%UNSAFE_RENEGOTIATION";
static inline void
_gnutls_priority_set_direct (gnutls_session_t session, const char *str)
@@ -124,7 +125,8 @@ _gnutls_priority_set_direct (gnutls_session_t session,
const char *str)
if (ret < 0)
{
- fprintf (stderr, "Error in %s\n", err);
+ fprintf (stderr, "Error with string %s\n", str);
+ fprintf (stderr, "Error at %s: %s\n", err, gnutls_strerror(ret));
exit (1);
}
}
@@ -144,7 +146,7 @@ test_server (gnutls_session_t session)
sprintf (prio_str, INIT_STR
ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS ":"
- ALL_KX ":" REST, protocol_str);
+ ALL_KX ":" "%s", protocol_str, rest);
_gnutls_priority_set_direct (session, prio_str);
gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred);
@@ -191,7 +193,7 @@ test_export (gnutls_session_t session)
sprintf (prio_str, INIT_STR
"+ARCFOUR-40:+RSA-EXPORT:" ALL_COMP ":" ALL_CERTTYPES ":%s:"
- ALL_MACS ":" ALL_KX ":" REST, protocol_str);
+ ALL_MACS ":" ALL_KX ":%s" , protocol_str, rest);
_gnutls_priority_set_direct (session, prio_str);
gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred);
@@ -219,7 +221,7 @@ test_export_info (gnutls_session_t session)
sprintf (prio_str, INIT_STR
"+ARCFOUR-40:+RSA-EXPORT:" ALL_COMP ":" ALL_CERTTYPES ":%s:"
- ALL_MACS ":" ALL_KX ":" REST, protocol_str);
+ ALL_MACS ":" ALL_KX ":%s", protocol_str, rest);
_gnutls_priority_set_direct (session, prio_str);
gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred);
@@ -264,7 +266,7 @@ test_dhe (gnutls_session_t session)
sprintf (prio_str, INIT_STR
ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS
- ":+DHE-RSA:+DHE-DSS:" REST, protocol_str);
+ ":+DHE-RSA:+DHE-DSS:%s", protocol_str, rest);
_gnutls_priority_set_direct (session, prio_str);
gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred);
@@ -323,7 +325,7 @@ test_dhe_group (gnutls_session_t session)
sprintf (prio_str, INIT_STR
ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS
- ":+DHE-RSA:+DHE-DSS:" REST, protocol_str);
+ ":+DHE-RSA:+DHE-DSS:%s", protocol_str, rest);
gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred);
@@ -362,7 +364,7 @@ test_ssl3 (gnutls_session_t session)
int ret;
sprintf (prio_str, INIT_STR
ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":+VERS-SSL3.0:"
- ALL_MACS ":" ALL_KX ":" REST);
+ ALL_MACS ":" ALL_KX ":%s", rest);
_gnutls_priority_set_direct (session, prio_str);
gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred);
@@ -394,7 +396,7 @@ test_bye (gnutls_session_t session)
sprintf (prio_str, INIT_STR
ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS ":"
- ALL_KX ":" REST, protocol_str);
+ ALL_KX ":%s", protocol_str, rest);
_gnutls_priority_set_direct (session, prio_str);
gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred);
@@ -445,8 +447,8 @@ test_aes (gnutls_session_t session)
int ret;
sprintf (prio_str, INIT_STR
- INIT_STR "+AES-128-CBC:" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS
- ":" ALL_KX ":" REST, protocol_str);
+ "+AES-128-CBC:" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS
+ ":" ALL_KX ":%s", protocol_str, rest);
_gnutls_priority_set_direct (session, prio_str);
gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred);
@@ -463,7 +465,7 @@ test_camellia (gnutls_session_t session)
sprintf (prio_str,
INIT_STR "+CAMELLIA-128-CBC:" ALL_COMP ":" ALL_CERTTYPES ":%s:"
- ALL_MACS ":" ALL_KX ":" REST, protocol_str);
+ ALL_MACS ":" ALL_KX ":%s", protocol_str, rest);
_gnutls_priority_set_direct (session, prio_str);
gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred);
@@ -480,7 +482,7 @@ test_openpgp1 (gnutls_session_t session)
sprintf (prio_str,
INIT_STR ALL_CIPHERS ":" ALL_COMP ":+CTYPE-OPENPGP:%s:" ALL_MACS
- ":" ALL_KX ":" REST, protocol_str);
+ ":" ALL_KX ":%s", protocol_str, rest);
_gnutls_priority_set_direct (session, prio_str);
gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred);
@@ -504,12 +506,12 @@ test_unknown_ciphersuites (gnutls_session_t session)
#ifdef ENABLE_CAMELLIA
sprintf (prio_str,
INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS
- ":" ALL_KX ":" REST, protocol_str);
+ ":" ALL_KX ":%s", protocol_str, rest);
_gnutls_priority_set_direct (session, prio_str);
#else
sprintf (prio_str,
INIT_STR "+AES-128-CBC:" ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES
- ":%s:" ALL_MACS ":" ALL_KX ":" REST, protocol_str);
+ ":%s:" ALL_MACS ":" ALL_KX ":%s", protocol_str, rest);
_gnutls_priority_set_direct (session, prio_str);
#endif
@@ -526,7 +528,7 @@ test_md5 (gnutls_session_t session)
sprintf (prio_str,
INIT_STR "+AES-128-CBC:" ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES
- ":%s:+MD5:" ALL_KX ":" REST, protocol_str);
+ ":%s:+MD5:" ALL_KX ":%s", protocol_str, rest);
_gnutls_priority_set_direct (session, prio_str);
gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred);
@@ -543,7 +545,7 @@ test_zlib (gnutls_session_t session)
sprintf (prio_str,
INIT_STR ALL_CIPHERS ":+COMP-ZLIB:" ALL_CERTTYPES ":%s:" ALL_MACS
- ":" ALL_KX ":" REST, protocol_str);
+ ":" ALL_KX ":%s", protocol_str, rest);
_gnutls_priority_set_direct (session, prio_str);
gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred);
@@ -560,7 +562,7 @@ test_sha (gnutls_session_t session)
sprintf (prio_str,
INIT_STR "+AES-128-CBC:" ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES
- ":%s:+SHA1:" ALL_KX ":" REST, protocol_str);
+ ":%s:+SHA1:" ALL_KX ":%s", protocol_str, rest);
_gnutls_priority_set_direct (session, prio_str);
gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred);
@@ -575,7 +577,7 @@ test_3des (gnutls_session_t session)
sprintf (prio_str,
INIT_STR "+3DES-CBC:" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS
- ":" ALL_KX ":" REST, protocol_str);
+ ":" ALL_KX ":%s", protocol_str, rest);
_gnutls_priority_set_direct (session, prio_str);
gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred);
@@ -590,7 +592,7 @@ test_arcfour (gnutls_session_t session)
sprintf (prio_str,
INIT_STR "+ARCFOUR-128:" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS
- ":" ALL_KX ":" REST, protocol_str);
+ ":" ALL_KX ":%s", protocol_str, rest);
_gnutls_priority_set_direct (session, prio_str);
gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred);
@@ -605,7 +607,7 @@ test_arcfour_40 (gnutls_session_t session)
sprintf (prio_str,
INIT_STR "+ARCFOUR-40:" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS
- ":" "+RSA-EXPORT" ":" REST, protocol_str);
+ ":" "+RSA-EXPORT" ":%s", protocol_str, rest);
_gnutls_priority_set_direct (session, prio_str);
gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred);
@@ -621,7 +623,7 @@ test_tls1 (gnutls_session_t session)
sprintf (prio_str,
INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES
- ":+VERS-TLS1.0:" ALL_MACS ":" ALL_KX ":" REST);
+ ":+VERS-TLS1.0:" ALL_MACS ":" ALL_KX ":%s", rest);
_gnutls_priority_set_direct (session, prio_str);
gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred);
@@ -635,13 +637,35 @@ test_tls1 (gnutls_session_t session)
}
test_code_t
+test_record_padding (gnutls_session_t session)
+{
+ int ret;
+
+ sprintf (prio_str,
+ INIT_STR BLOCK_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES
+ ":+VERS-TLS1.0:" ALL_MACS ":" ALL_KX ":%s", rest);
+ _gnutls_priority_set_direct (session, prio_str);
+
+ gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred);
+
+ ret = do_handshake (session);
+ if (ret == TEST_SUCCEED)
+ tls1_ok = 1;
+ else
+ strcat(rest, ":%COMPAT");
+
+ return ret;
+
+}
+
+test_code_t
test_tls1_2 (gnutls_session_t session)
{
int ret;
sprintf (prio_str,
INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES
- ":+VERS-TLS1.2:" ALL_MACS ":" ALL_KX ":" REST);
+ ":+VERS-TLS1.2:" ALL_MACS ":" ALL_KX ":%s", rest);
_gnutls_priority_set_direct (session, prio_str);
gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred);
@@ -661,7 +685,7 @@ test_tls1_1 (gnutls_session_t session)
sprintf (prio_str,
INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES
- ":+VERS-TLS1.1:" ALL_MACS ":" ALL_KX ":" REST);
+ ":+VERS-TLS1.1:" ALL_MACS ":" ALL_KX ":%s", rest);
_gnutls_priority_set_direct (session, prio_str);
gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred);
@@ -683,8 +707,8 @@ test_tls1_1_fallback (gnutls_session_t session)
sprintf (prio_str,
INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES
- ":+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0:" ALL_MACS ":" ALL_KX ":"
- REST);
+ ":+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0:" ALL_MACS ":" ALL_KX ":%s",
+ rest);
_gnutls_priority_set_direct (session, prio_str);
gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred);
@@ -714,7 +738,7 @@ test_tls_disable (gnutls_session_t session)
sprintf (prio_str,
INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS
- ":" ALL_KX ":" REST, protocol_str);
+ ":" ALL_KX ":%s", protocol_str, rest);
_gnutls_priority_set_direct (session, prio_str);
gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred);
@@ -744,7 +768,7 @@ test_rsa_pms (gnutls_session_t session)
*/
sprintf (prio_str,
INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS
- ":+RSA:" REST, protocol_str);
+ ":+RSA:%s", protocol_str, rest);
_gnutls_priority_set_direct (session, prio_str);
gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred);
@@ -763,7 +787,7 @@ test_max_record_size (gnutls_session_t session)
int ret;
sprintf (prio_str,
INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS
- ":" ALL_KX ":" REST, protocol_str);
+ ":" ALL_KX ":%s", protocol_str, rest);
_gnutls_priority_set_direct (session, prio_str);
gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred);
gnutls_record_set_max_size (session, 512);
@@ -786,7 +810,7 @@ test_hello_extension (gnutls_session_t session)
sprintf (prio_str,
INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS
- ":" ALL_KX ":" REST, protocol_str);
+ ":" ALL_KX ":%s", protocol_str, rest);
_gnutls_priority_set_direct (session, prio_str);
gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred);
gnutls_record_set_max_size (session, 512);
@@ -815,7 +839,7 @@ test_version_rollback (gnutls_session_t session)
*/
sprintf (prio_str,
INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS
- ":" ALL_KX ":" REST, protocol_str);
+ ":" ALL_KX ":%s", protocol_str, rest);
_gnutls_priority_set_direct (session, prio_str);
gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred);
_gnutls_record_set_default_version (session, 3, 0);
@@ -843,7 +867,7 @@ test_version_oob (gnutls_session_t session)
*/
sprintf (prio_str,
INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS
- ":" ALL_KX ":" REST, protocol_str);
+ ":" ALL_KX ":%s", protocol_str, rest);
_gnutls_priority_set_direct (session, prio_str);
gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred);
_gnutls_record_set_default_version (session, 5, 5);
@@ -866,7 +890,7 @@ test_rsa_pms_version_check (gnutls_session_t session)
*/
sprintf (prio_str,
INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS
- ":" ALL_KX ":" REST, protocol_str);
+ ":" ALL_KX ":%s", protocol_str, rest);
_gnutls_priority_set_direct (session, prio_str);
gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred);
_gnutls_rsa_pms_set_version (session, 5, 5); /* use SSL 5.5 version */
@@ -884,7 +908,7 @@ test_anonymous (gnutls_session_t session)
sprintf (prio_str,
INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS
- ":+ANON-DH:" REST, protocol_str);
+ ":+ANON-DH:%s", protocol_str, rest);
_gnutls_priority_set_direct (session, prio_str);
gnutls_credentials_set (session, GNUTLS_CRD_ANON, anon_cred);
@@ -909,7 +933,7 @@ test_session_resume2 (gnutls_session_t session)
sprintf (prio_str,
INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS
- ":" ALL_KX ":" REST, protocol_str);
+ ":" ALL_KX ":%s", protocol_str, rest);
_gnutls_priority_set_direct (session, prio_str);
gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred);
@@ -954,7 +978,7 @@ test_certificate (gnutls_session_t session)
sprintf (prio_str,
INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS
- ":" ALL_KX ":" REST, protocol_str);
+ ":" ALL_KX ":%s", protocol_str, rest);
_gnutls_priority_set_direct (session, prio_str);
gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred);
@@ -1021,7 +1045,7 @@ test_server_cas (gnutls_session_t session)
sprintf (prio_str,
INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS
- ":" ALL_KX ":" REST, protocol_str);
+ ":" ALL_KX ":%s", protocol_str, rest);
_gnutls_priority_set_direct (session, prio_str);
gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred);
diff --git a/src/tests.h b/src/tests.h
index 7687fb1..426dcde 100644
--- a/src/tests.h
+++ b/src/tests.h
@@ -4,6 +4,7 @@ typedef enum
} test_code_t;
test_code_t test_server (gnutls_session_t state);
+test_code_t test_record_padding (gnutls_session_t state);
test_code_t test_export (gnutls_session_t state);
test_code_t test_export_info (gnutls_session_t state);
test_code_t test_hello_extension (gnutls_session_t state);
diff --git a/src/tls_test.c b/src/tls_test.c
index 70338d7..825d455 100644
--- a/src/tls_test.c
+++ b/src/tls_test.c
@@ -80,26 +80,27 @@ typedef struct
} TLS_TEST;
static const TLS_TEST tls_tests[] = {
+ {"for SSL 3.0 support", test_ssl3, "yes", "no", "dunno"},
+ {"whether \%COMPAT is required", test_record_padding, "no", "yes", "dunno"},
+ {"for TLS 1.0 support", test_tls1, "yes", "no", "dunno"},
+ {"for TLS 1.1 support", test_tls1_1, "yes", "no", "dunno"},
+ {"fallback from TLS 1.1 to", test_tls1_1_fallback, "TLS 1.0", "failed",
+ "SSL 3.0"},
+ {"for TLS 1.2 support", test_tls1_2, "yes", "no", "dunno"},
+ /* this test will disable TLS 1.0 if the server is
+ * buggy */
+ {"whether we need to disable TLS 1.0", test_tls_disable, "no", "yes",
+ "dunno"},
{"for Safe renegotiation support", test_safe_renegotiation, "yes", "no",
"dunno"},
{"for Safe renegotiation support (SCSV)", test_safe_renegotiation_scsv,
"yes", "no", "dunno"},
- {"for TLS 1.2 support", test_tls1_2, "yes", "no", "dunno"},
- {"for TLS 1.1 support", test_tls1_1, "yes", "no", "dunno"},
- {"fallback from TLS 1.1 to", test_tls1_1_fallback, "TLS 1.0", "failed",
- "SSL 3.0"},
- {"for TLS 1.0 support", test_tls1, "yes", "no", "dunno"},
- {"for SSL 3.0 support", test_ssl3, "yes", "no", "dunno"},
{"for HTTPS server name", test_server, "", "failed", "not checked"},
{"for version rollback bug in RSA PMS", test_rsa_pms, "no", "yes",
"dunno"},
{"for version rollback bug in Client Hello", test_version_rollback,
"no", "yes", "dunno"},
- /* this test will disable TLS 1.0 if the server is
- * buggy */
- {"whether we need to disable TLS 1.0", test_tls_disable, "no", "yes",
- "dunno"},
{"whether the server ignores the RSA PMS version",
test_rsa_pms_version_check, "yes", "no", "dunno"},
hooks/post-receive
--
GNU gnutls
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gnutls branch, master, updated. gnutls_2_9_10-248-gd364fb4,
Nikos Mavrogiannopoulos <=