Warmcat homepage andy@warmcat.com
libwebsockets
{"schema":"libjg2-1", "vpath":"/git/", "avatar":"/git/avatar/", "alang":"", "gen_ut":1749524324, "reponame":"openssl", "desc":"OpenSSL", "owner": { "name": "Andy Green", "email": "andy@warmcat.com", "md5": "c50933ca2aa61e0fe2c43d46bb6b59cb" },"url":"https://warmcat.com/repo/openssl", "f":3, "items": [ {"schema":"libjg2-1", "cid":"43c2a39648f5918e175822c60265558a", "commit": {"type":"commit", "time": 1475050507, "time_ofs": 60, "oid_tree": { "oid": "9c42b292e125666f2cb5d0753928a81c190aaae2", "alias": []}, "oid":{ "oid": "f9b1b6644a3a8fc6d617625ad979ee61cb67d381", "alias": []}, "msg": "Add DTLS renegotiation tests", "sig_commit": { "git_time": { "time": 1475050507, "offset": 60 }, "name": "Matt Caswell", "email": "matt@openssl.org", "md5": "10f7b441a32d5790efad9fc68cae4af2" }, "sig_author": { "git_time": { "time": 1474975487, "offset": 60 }, "name": "Matt Caswell", "email": "matt@openssl.org", "md5": "10f7b441a32d5790efad9fc68cae4af2" }}, "body": "Add DTLS renegotiation tests\n\nReviewed-by: Rich Salz \u003crsalz@openssl.org\u003e\n" , "diff": "diff --git a/test/recipes/80-test_ssl_new.t b/test/recipes/80-test_ssl_new.t\nindex d496f21..54e32bb 100644\n--- a/test/recipes/80-test_ssl_new.t\n+++ b/test/recipes/80-test_ssl_new.t\n@@ -29,7 +29,7 @@ map { s/\u005c.in// } @conf_files;\n \n # We hard-code the number of tests to double-check that the globbing above\n # finds all files as expected.\n-plan tests \u003d\u003e 17; # \u003d scalar @conf_srcs\n+plan tests \u003d\u003e 18; # \u003d scalar @conf_srcs\n \n # Some test results depend on the configuration of enabled protocols. We only\n # verify generated sources in the default configuration.\n@@ -73,6 +73,7 @@ my %skip \u003d (\n \u002214-curves.conf\u0022 \u003d\u003e disabled(\u0022tls1_2\u0022) || $no_ec || $no_ec2m,\n \u002215-certstatus.conf\u0022 \u003d\u003e $no_ocsp,\n \u002216-dtls-certstatus.conf\u0022 \u003d\u003e $no_dtls || $no_ocsp,\n+ \u002218-dtls-renegotiate.conf\u0022 \u003d\u003e $no_dtls,\n );\n \n foreach my $conf (@conf_files) {\ndiff --git a/test/ssl-tests/18-dtls-renegotiate.conf b/test/ssl-tests/18-dtls-renegotiate.conf\nnew file mode 100644\nindex 0000000..32eeaf0\n--- /dev/null\n+++ b/test/ssl-tests/18-dtls-renegotiate.conf\n@@ -0,0 +1,86 @@\n+# Generated with generate_ssl_tests.pl\n+\n+num_tests \u003d 3\n+\n+test-0 \u003d 0-renegotiate-client-no-resume\n+test-1 \u003d 1-renegotiate-client-resume\n+test-2 \u003d 2-renegotiate-server-resume\n+# \u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\n+\n+[0-renegotiate-client-no-resume]\n+ssl_conf \u003d 0-renegotiate-client-no-resume-ssl\n+\n+[0-renegotiate-client-no-resume-ssl]\n+server \u003d 0-renegotiate-client-no-resume-server\n+client \u003d 0-renegotiate-client-no-resume-client\n+\n+[0-renegotiate-client-no-resume-server]\n+Certificate \u003d ${ENV::TEST_CERTS_DIR}/servercert.pem\n+CipherString \u003d DEFAULT\n+Options \u003d NoResumptionOnRenegotiation\n+PrivateKey \u003d ${ENV::TEST_CERTS_DIR}/serverkey.pem\n+\n+[0-renegotiate-client-no-resume-client]\n+CipherString \u003d DEFAULT\n+VerifyCAFile \u003d ${ENV::TEST_CERTS_DIR}/rootcert.pem\n+VerifyMode \u003d Peer\n+\n+[test-0]\n+ExpectedResult \u003d Success\n+HandshakeMode \u003d RenegotiateClient\n+Method \u003d DTLS\n+ResumptionExpected \u003d No\n+\n+\n+# \u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\n+\n+[1-renegotiate-client-resume]\n+ssl_conf \u003d 1-renegotiate-client-resume-ssl\n+\n+[1-renegotiate-client-resume-ssl]\n+server \u003d 1-renegotiate-client-resume-server\n+client \u003d 1-renegotiate-client-resume-client\n+\n+[1-renegotiate-client-resume-server]\n+Certificate \u003d ${ENV::TEST_CERTS_DIR}/servercert.pem\n+CipherString \u003d DEFAULT\n+PrivateKey \u003d ${ENV::TEST_CERTS_DIR}/serverkey.pem\n+\n+[1-renegotiate-client-resume-client]\n+CipherString \u003d DEFAULT\n+VerifyCAFile \u003d ${ENV::TEST_CERTS_DIR}/rootcert.pem\n+VerifyMode \u003d Peer\n+\n+[test-1]\n+ExpectedResult \u003d Success\n+HandshakeMode \u003d RenegotiateClient\n+Method \u003d DTLS\n+ResumptionExpected \u003d Yes\n+\n+\n+# \u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\n+\n+[2-renegotiate-server-resume]\n+ssl_conf \u003d 2-renegotiate-server-resume-ssl\n+\n+[2-renegotiate-server-resume-ssl]\n+server \u003d 2-renegotiate-server-resume-server\n+client \u003d 2-renegotiate-server-resume-client\n+\n+[2-renegotiate-server-resume-server]\n+Certificate \u003d ${ENV::TEST_CERTS_DIR}/servercert.pem\n+CipherString \u003d DEFAULT\n+PrivateKey \u003d ${ENV::TEST_CERTS_DIR}/serverkey.pem\n+\n+[2-renegotiate-server-resume-client]\n+CipherString \u003d DEFAULT\n+VerifyCAFile \u003d ${ENV::TEST_CERTS_DIR}/rootcert.pem\n+VerifyMode \u003d Peer\n+\n+[test-2]\n+ExpectedResult \u003d Success\n+HandshakeMode \u003d RenegotiateServer\n+Method \u003d DTLS\n+ResumptionExpected \u003d No\n+\n+\ndiff --git a/test/ssl-tests/18-dtls-renegotiate.conf.in b/test/ssl-tests/18-dtls-renegotiate.conf.in\nnew file mode 100644\nindex 0000000..440fb25\n--- /dev/null\n+++ b/test/ssl-tests/18-dtls-renegotiate.conf.in\n@@ -0,0 +1,63 @@\n+# -*- mode: perl; -*-\n+# Copyright 2016-2016 The OpenSSL Project Authors. All Rights Reserved.\n+#\n+# Licensed under the OpenSSL license (the \u0022License\u0022). You may not use\n+# this file except in compliance with the License. You can obtain a copy\n+# in the file LICENSE in the source distribution or at\n+# https://www.openssl.org/source/license.html\n+\n+\n+## Test Renegotiation\n+\n+use strict;\n+use warnings;\n+\n+package ssltests;\n+\n+\n+our @tests \u003d (\n+ {\n+ name \u003d\u003e \u0022renegotiate-client-no-resume\u0022,\n+ server \u003d\u003e {\n+ \u0022Options\u0022 \u003d\u003e \u0022NoResumptionOnRenegotiation\u0022\n+ },\n+ client \u003d\u003e {},\n+ test \u003d\u003e {\n+ \u0022Method\u0022 \u003d\u003e \u0022DTLS\u0022,\n+ \u0022HandshakeMode\u0022 \u003d\u003e \u0022RenegotiateClient\u0022,\n+ \u0022ResumptionExpected\u0022 \u003d\u003e \u0022No\u0022,\n+ \u0022ExpectedResult\u0022 \u003d\u003e \u0022Success\u0022\n+ }\n+ },\n+ {\n+ name \u003d\u003e \u0022renegotiate-client-resume\u0022,\n+ server \u003d\u003e {},\n+ client \u003d\u003e {},\n+ test \u003d\u003e {\n+ \u0022Method\u0022 \u003d\u003e \u0022DTLS\u0022,\n+ \u0022HandshakeMode\u0022 \u003d\u003e \u0022RenegotiateClient\u0022,\n+ \u0022ResumptionExpected\u0022 \u003d\u003e \u0022Yes\u0022,\n+ \u0022ExpectedResult\u0022 \u003d\u003e \u0022Success\u0022\n+ }\n+ },\n+# Note: Unlike the TLS tests, we will never do resumption with server\n+# initiated reneg. This is because an OpenSSL DTLS client will always do a full\n+# handshake (i.e. it doesn't supply a session id) when it receives a\n+# HelloRequest. This is different to the OpenSSL TLS implementation where an\n+# OpenSSL client will always try an abbreviated handshake (i.e. it will supply\n+# the session id). This goes all the way to commit 48ae85b6f when abbreviated\n+# handshake support was first added. Neither behaviour is wrong, but the\n+# discrepancy is strange. TODO: Should we harmonise the TLS and DTLS behaviour,\n+# and if so, what to?\n+ {\n+ name \u003d\u003e \u0022renegotiate-server-resume\u0022,\n+ server \u003d\u003e {},\n+ client \u003d\u003e {},\n+ test \u003d\u003e {\n+ \u0022Method\u0022 \u003d\u003e \u0022DTLS\u0022,\n+ \u0022HandshakeMode\u0022 \u003d\u003e \u0022RenegotiateServer\u0022,\n+ \u0022ResumptionExpected\u0022 \u003d\u003e \u0022No\u0022,\n+ \u0022ExpectedResult\u0022 \u003d\u003e \u0022Success\u0022\n+ }\n+ },\n+);\n","s":{"c":1749524324,"u": 14163}} ],"g": 16314,"chitpc": 0,"ehitpc": 0,"indexed":0 , "ab": 0, "si": 0, "db":0, "di":0, "sat":0, "lfc": "0000"}