提交 885e601d 编写于 作者: K Kurt Roeckx

Use version flexible method instead of fixed version

Reviewed-by: NViktor Dukhovni <viktor@openssl.org>

MR: #1824
上级 0d5301af
......@@ -72,19 +72,13 @@
#define EXTENSION_SIZE_LEN 2
#define TOTAL_NUM_TESTS 2
/*
* Test that explicitly setting ticket data results in it appearing in the
* ClientHello for TLS1.2
*/
#define TEST_SET_SESSION_TICK_DATA_TLS_1_2 0
#define TOTAL_NUM_TESTS 1
/*
* Test that explicitly setting ticket data results in it appearing in the
* ClientHello for a negotiated SSL/TLS version
*/
#define TEST_SET_SESSION_TICK_DATA_VER_NEG 1
#define TEST_SET_SESSION_TICK_DATA_VER_NEG 0
int main(int argc, char *argv[])
{
......@@ -114,16 +108,7 @@ int main(int argc, char *argv[])
*/
for (; currtest < TOTAL_NUM_TESTS; currtest++) {
testresult = 0;
if (currtest == TEST_SET_SESSION_TICK_DATA_TLS_1_2) {
#ifndef OPENSSL_NO_TLS1_2_METHOD
ctx = SSL_CTX_new(TLSv1_2_method());
#else
testresult = 1;
continue;
#endif
} else {
ctx = SSL_CTX_new(TLS_method());
}
ctx = SSL_CTX_new(TLS_method());
con = SSL_new(ctx);
rbio = BIO_new(BIO_s_mem());
......@@ -131,8 +116,7 @@ int main(int argc, char *argv[])
SSL_set_bio(con, rbio, wbio);
SSL_set_connect_state(con);
if (currtest == TEST_SET_SESSION_TICK_DATA_TLS_1_2
|| currtest == TEST_SET_SESSION_TICK_DATA_VER_NEG) {
if (currtest == TEST_SET_SESSION_TICK_DATA_VER_NEG) {
if (!SSL_set_session_ticket_ext(con, dummytick, strlen(dummytick)))
goto end;
}
......@@ -184,8 +168,7 @@ int main(int argc, char *argv[])
goto end;
if (type == TLSEXT_TYPE_session_ticket) {
if (currtest == TEST_SET_SESSION_TICK_DATA_TLS_1_2
|| currtest == TEST_SET_SESSION_TICK_DATA_VER_NEG) {
if (currtest == TEST_SET_SESSION_TICK_DATA_VER_NEG) {
if (size == strlen(dummytick)
&& memcmp(data, dummytick, size) == 0) {
/* Ticket data is as we expected */
......
......@@ -124,7 +124,7 @@ static HEARTBEAT_TEST_FIXTURE set_up(const char *const test_case_name,
static HEARTBEAT_TEST_FIXTURE set_up_dtls(const char *const test_case_name)
{
HEARTBEAT_TEST_FIXTURE fixture = set_up(test_case_name,
DTLSv1_server_method());
DTLS_server_method());
fixture.process_heartbeat = dtls1_process_heartbeat;
/*
......
......@@ -3557,7 +3557,7 @@ static unsigned int psk_server_callback(SSL *ssl, const char *identity,
static int do_test_cipherlist(void)
{
#if !defined(OPENSSL_NO_SSL3_METHOD) || !defined(OPENSSL_NO_TLS1_METHOD)
#ifndef OPENSSL_NO_TLS
int i = 0;
const SSL_METHOD *meth;
const SSL_CIPHER *ci, *tci = NULL;
......@@ -3567,10 +3567,8 @@ static int do_test_cipherlist(void)
* call functions, thus avoiding auto-init
*/
OPENSSL_init_crypto(0, NULL);
#endif
#ifndef OPENSSL_NO_SSL3_METHOD
meth = SSLv3_method();
meth = TLS_method();
tci = NULL;
while ((ci = meth->get_cipher(i++)) != NULL) {
if (tci != NULL)
......@@ -3582,19 +3580,6 @@ static int do_test_cipherlist(void)
tci = ci;
}
#endif
#ifndef OPENSSL_NO_TLS1_METHOD
meth = TLSv1_method();
tci = NULL;
while ((ci = meth->get_cipher(i++)) != NULL) {
if (tci != NULL)
if (ci->id >= tci->id) {
fprintf(stderr, "testing TLSv1 cipher list order: ");
fprintf(stderr, "failed %x vs. %x\n", ci->id, tci->id);
return 0;
}
tci = ci;
}
#endif
return 1;
}
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册