diff options
| author | Daiki Ueno <dueno@redhat.com> | 2019-01-31 13:39:35 +0100 |
|---|---|---|
| committer | Daiki Ueno <dueno@redhat.com> | 2019-02-14 16:58:39 +0100 |
| commit | aa83791e046e637794cc651d05297a58af4f63b0 (patch) | |
| tree | 22fb576b628471b2b50fe74f459d93e618d2929d | |
| parent | 3fc7d37dd81a1f415afffbf5f733c13296e74824 (diff) | |
| download | gnutls-aa83791e046e637794cc651d05297a58af4f63b0.tar.gz | |
tlsfuzzer: update to the latest upstream for record_size_limit test
Signed-off-by: Daiki Ueno <dueno@redhat.com>
| -rw-r--r-- | tests/suite/tls-fuzzer/gnutls-nocert-tls13.json | 27 | ||||
| -rw-r--r-- | tests/suite/tls-fuzzer/gnutls-nocert.json | 31 | ||||
| m--------- | tests/suite/tls-fuzzer/tlsfuzzer | 0 |
3 files changed, 46 insertions, 12 deletions
diff --git a/tests/suite/tls-fuzzer/gnutls-nocert-tls13.json b/tests/suite/tls-fuzzer/gnutls-nocert-tls13.json index 06fbf92351..c764130306 100644 --- a/tests/suite/tls-fuzzer/gnutls-nocert-tls13.json +++ b/tests/suite/tls-fuzzer/gnutls-nocert-tls13.json @@ -12,6 +12,33 @@ "server_hostname": "localhost", "server_port": @PORT@, "tests" : [ + {"name" : "test-record-size-limit.py", + "comment" : "changed extension after HRR is not supported #617", + "arguments" : ["-p", "@PORT@", "--reply-AD-size", "685", + "--minimal-size", "512", + "-e", "change size in TLS 1.2 resumption", + "-e", "change size in TLS 1.3 session resumption", + "-e", "check if server accepts maximum size in TLS 1.0", + "-e", "check if server accepts maximum size in TLS 1.1", + "-e", "check if server accepts maximum size in TLS 1.2", + "-e", "check if server accepts minimal size in TLS 1.0", + "-e", "check if server accepts minimal size in TLS 1.1", + "-e", "check if server accepts minimal size in TLS 1.2", + "-e", "check interaction with sha256 prf", + "-e", "check interaction with sha384 prf", + "-e", "check server sent size in TLS 1.0", + "-e", "check server sent size in TLS 1.1", + "-e", "check server sent size in TLS 1.2", + "-e", "drop extension in TLS 1.2 resumption", + "-e", "drop extension in TLS 1.3 session resumption", + "-e", "modified extension in 2nd CH in HRR handshake", + "-e", "renegotiation with changed limit", + "-e", "renegotiation with dropped extension"] }, + {"name" : "test-record-size-limit.py", + "arguments" : ["-p", "@PORT@", "--reply-AD-size", "672", + "--minimal-size", "512", + "change size in TLS 1.3 session resumption", + "drop extension in TLS 1.3 session resumption"] }, {"name" : "test-tls13-0rtt-garbage.py", "arguments": ["-p", "@PORT@"]}, {"name" : "test-tls13-ccs.py", diff --git a/tests/suite/tls-fuzzer/gnutls-nocert.json b/tests/suite/tls-fuzzer/gnutls-nocert.json index 04376f40ea..fe7a6fff17 100644 --- a/tests/suite/tls-fuzzer/gnutls-nocert.json +++ b/tests/suite/tls-fuzzer/gnutls-nocert.json @@ -231,27 +231,34 @@ "-e", "small, maximum fragmentation: 1 fragment - 20B extension", "-e", "medium, maximum fragmentation: 1 fragment - 1024B extension"]}, {"name" : "test-record-size-limit.py", - "comment" : "These tests rely on too small lower limit we don't support; TLS 1.3 high limit is not what we expect; 1/n-1 splitting is not supported in TLS 1.0; we don't reject too large appliation_data records in TLS 1.2 #676", - "arguments" : ["-p", "@PORT@", "--reply-AD-size", "{expected_size}", - "-e", "change size in TLS 1.2 resumption", - "-e", "change size in TLS 1.3 session resumption", + "comment" : "TLS 1.3 tests are done separately; 1/n-1 splitting is not supported in TLS 1.0", + "arguments" : ["-p", "@PORT@", "--reply-AD-size", "821", + "--minimal-size", "512", "-e", "check if server accepts maximum size in TLS 1.0", "-e", "check if server accepts maximum size in TLS 1.3", "-e", "check if server accepts minimal size in TLS 1.0", - "-e", "check if server accepts minimal size in TLS 1.1", - "-e", "check if server accepts minimal size in TLS 1.2", "-e", "check if server accepts minimal size in TLS 1.3", + "-e", "check if server omits extension for unrecognized size 64 in TLS 1.3", + "-e", "check if server omits extension for unrecognized size 511 in TLS 1.3", "-e", "check interaction with sha256 prf", "-e", "check interaction with sha384 prf", "-e", "check server sent size in TLS 1.0", "-e", "check server sent size in TLS 1.3", - "-e", "drop extension in TLS 1.3 session resumption", "-e", "HRR sanity", - "-e", "modified extension in 2nd CH in HRR handshake", - "-e", "renegotiation with changed limit", - "-e", "renegotiation with dropped extension", - "-e", "too large record in TLS 1.2", - "-e", "too large record payload in TLS 1.3"] }, + "-e", "too large record payload in TLS 1.3", + "-e", "change size in TLS 1.3 session resumption", + "-e", "drop extension in TLS 1.3 session resumption", + "-e", "modified extension in 2nd CH in HRR handshake"] }, + {"name" : "test-record-size-limit.py", + "comment" : "The reply includes PRF algorithm and affects the AD size", + "arguments" : ["-p", "@PORT@", "--reply-AD-size", "827", + "--minimal-size", "512", + "check interaction with sha256 prf"] }, + {"name" : "test-record-size-limit.py", + "comment" : "The reply includes PRF algorithm and affects the AD size", + "arguments" : ["-p", "@PORT@", "--reply-AD-size", "816", + "--minimal-size", "512", + "check interaction with sha384 prf"] }, {"name" : "test-sessionID-resumption.py", "arguments" : ["-p", "@PORT@"] }, {"name" : "test-serverhello-random.py", diff --git a/tests/suite/tls-fuzzer/tlsfuzzer b/tests/suite/tls-fuzzer/tlsfuzzer -Subproject 7b2ebe4c8bd06e5a1059a8aeb5bfe2b014e2b52 +Subproject a520d50cf84aba0126d1e09b12fd0038af0944b |