diff options
author | Frederik Wedel-Heinen <frederik.wedel-heinen@dencrypt.dk> | 2024-05-16 20:04:51 +0200 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2024-06-27 15:01:01 +0100 |
commit | 3d5233ccbd822dc77987e8bb191b2b4b5f835ca4 (patch) | |
tree | 8953501b8ab443a3c56aa4dc37e57c5152b59939 | |
parent | eb2be8986d90683c9857dceb980e59fff6166b7a (diff) | |
download | openssl-3d5233ccbd822dc77987e8bb191b2b4b5f835ca4.zip openssl-3d5233ccbd822dc77987e8bb191b2b4b5f835ca4.tar.gz openssl-3d5233ccbd822dc77987e8bb191b2b4b5f835ca4.tar.bz2 |
Run test_cookie() test with DTLS 1.3
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24425)
-rw-r--r-- | test/dtlstest.c | 13 | ||||
-rw-r--r-- | test/sslapitest.c | 2 |
2 files changed, 5 insertions, 10 deletions
diff --git a/test/dtlstest.c b/test/dtlstest.c index 15aae92..19bd8aa 100644 --- a/test/dtlstest.c +++ b/test/dtlstest.c @@ -323,14 +323,9 @@ static int test_cookie(void) SSL *serverssl = NULL, *clientssl = NULL; int testresult = 0; - /** - * TODO(DTLSv1.3): Tests fails with - * ssl/statem/extensions_clnt.c:624: OpenSSL internal error: - * Assertion failed: s->hello_retry_request == SSL_HRR_PENDING - */ - if (!TEST_true(create_ssl_ctx_pair(NULL, DTLS_server_method(), + if (!TEST_true(create_ssl_ctx_pair(NULL, DTLS_server_method(), DTLS_client_method(), - DTLS1_VERSION, DTLS1_2_VERSION, + DTLS1_VERSION, 0, &sctx, &cctx, cert, privkey))) return 0; @@ -338,7 +333,7 @@ static int test_cookie(void) SSL_CTX_set_cookie_generate_cb(sctx, generate_cookie_cb); SSL_CTX_set_cookie_verify_cb(sctx, verify_cookie_cb); -#ifdef OPENSSL_NO_DTLS1_2 +#if defined(OPENSSL_NO_DTLS1_2) && defined(OPENSSL_NO_DTLS1_3) /* Default sigalgs are SHA1 based in <DTLS1.2 which is in security level 0 */ if (!TEST_true(SSL_CTX_set_cipher_list(sctx, "DEFAULT:@SECLEVEL=0")) || !TEST_true(SSL_CTX_set_cipher_list(cctx, @@ -445,7 +440,7 @@ static int test_just_finished(void) &sctx, NULL, cert, privkey))) return 0; -#ifdef OPENSSL_NO_DTLS1_2 +#if defined(OPENSSL_NO_DTLS1_2) && defined(OPENSSL_NO_DTLS1_3) /* DTLSv1 is not allowed at the default security level */ if (!TEST_true(SSL_CTX_set_cipher_list(sctx, "DEFAULT:@SECLEVEL=0"))) goto end; diff --git a/test/sslapitest.c b/test/sslapitest.c index 7ad12f2..5e521b5 100644 --- a/test/sslapitest.c +++ b/test/sslapitest.c @@ -968,7 +968,7 @@ static int execute_test_large_message(const SSL_METHOD *smeth, privkey))) goto end; -#ifdef OPENSSL_NO_DTLS1_2 +#if defined(OPENSSL_NO_DTLS1_2) && defined(OPENSSL_NO_DTLS1_3) if (smeth == DTLS_server_method()) { /* * Default sigalgs are SHA1 based in <DTLS1.2 which is in security |