gnunet-svn
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[libmicrohttpd] 04/04: test_tls_options: multiple fixes

From: gnunet
Subject: [libmicrohttpd] 04/04: test_tls_options: multiple fixes
Date: Thu, 10 Jun 2021 20:26:11 +0200 
This is an automated email from the git hooks/post-receive script.

karlson2k pushed a commit to branch master
in repository libmicrohttpd.

commit 386b21da1b69be8138e5256b8906a0ea24b07633
Author: Evgeny Grin (Karlson2k) <k2k@narod.ru>
AuthorDate: Thu Jun 10 21:16:26 2021 +0300

    test_tls_options: multiple fixes
    
    * SSLv3 is not supported anymore by TLS libs and CURL
    * libcurl accepts requested and later versions of TLS,
      MHD and CURL TLS versions in second test must be reversed
    * Test works with any TLS backend with a few exceptions
---
 src/testcurl/https/test_tls_options.c | 19 ++++++++++---------
 1 file changed, 10 insertions(+), 9 deletions(-)

diff --git a/src/testcurl/https/test_tls_options.c 
b/src/testcurl/https/test_tls_options.c
index c9d4209c..d5aa8310 100644
--- a/src/testcurl/https/test_tls_options.c
+++ b/src/testcurl/https/test_tls_options.c
@@ -109,6 +109,9 @@ main (int argc, char *const *argv)
   gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0);
 #endif
 #endif /* MHD_HTTPS_REQUIRE_GRYPT */
+  if (! testsuite_curl_global_init ())
+    return 99;
+
   if (curl_check_version (MHD_REQ_CURL_VERSION))
   {
     return 77;
@@ -119,22 +122,20 @@ main (int argc, char *const *argv)
     fprintf (stderr, "Curl does not support SSL.  Cannot run the test.\n");
     return 77;
   }
-  if (0 != strncmp (ssl_version, "GnuTLS", 6))
+
+  if (curl_tls_is_schannel () || curl_tls_is_sectransport ())
   {
-    fprintf (stderr, "This test can be run only with libcurl-gnutls.\n");
+    fprintf (stderr,
+             "libcurl TLS backend does not support this test. Skipping.\n");
     return 77;
   }
 
-  if (! testsuite_curl_global_init ())
-    return 99;
-
   if (curl_tls_is_nss ())
   {
     aes128_sha = "rsa_aes_128_sha";
     aes256_sha = "rsa_aes_256_sha";
   }
 
-
   if (0 !=
       test_wrap ("TLS1.0-AES-SHA1",
                  &test_https_transfer, NULL, port, daemon_flags,
@@ -152,17 +153,17 @@ main (int argc, char *const *argv)
   fprintf (stderr,
            "The following handshake should fail (and print an error 
message)...\n");
   if (0 !=
-      test_wrap ("TLS1.0 vs SSL3",
+      test_wrap ("TLS1.1 vs TLS1.0",
                  &test_unmatching_ssl_version, NULL, port, daemon_flags,
                  aes256_sha,
-                 CURL_SSLVERSION_SSLv3,
+                 CURL_SSLVERSION_TLSv1_1,
                  MHD_OPTION_HTTPS_MEM_KEY, srv_key_pem,
                  MHD_OPTION_HTTPS_MEM_CERT, srv_self_signed_cert_pem,
                  MHD_OPTION_HTTPS_PRIORITIES,
                  "NONE:+VERS-TLS1.0:+AES-256-CBC:+SHA1:+RSA:+COMP-NULL",
                  MHD_OPTION_END))
   {
-    fprintf (stderr, "TLS1.0 vs SSL3 test failed\n");
+    fprintf (stderr, "TLS1.1 vs TLS1.0 test failed\n");
     errorCount++;
   }
   curl_global_cleanup ();

-- 
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]