tlsfuzzer: use fixed HTTP response for record_size_limit tests

Previously those tests assumed varying sizes of connection information gnutls-serv sends. This is too brittle and if the default algorithm has changed the tests need to be updated. Signed-off-by: Daiki Ueno <dueno@redhat.com>
author: Daiki Ueno <dueno@redhat.com> 2019-06-07 15:10:36 +0200
committer: Daiki Ueno <dueno@redhat.com> 2019-06-19 15:11:48 +0200
commit: 100d9bcf183f64a61894c728fd32492f46a53c8c (patch)
tree: a5fce28dbfd68e1548adf08109b69907741b5098
parent: 5f8a670e134bb3642d717b1bffcdc49b03e5f744 (diff)
download: gnutls-100d9bcf183f64a61894c728fd32492f46a53c8c.tar.gz
3 files changed, 27 insertions, 20 deletions
diff --git a/tests/suite/tls-fuzzer/gnutls-nocert-tls13.json b/tests/suite/tls-fuzzer/gnutls-nocert-tls13.json
index 806cc17b16..30bbf11e46 100644
--- a/tests/suite/tls-fuzzer/gnutls-nocert-tls13.json
+++ b/tests/suite/tls-fuzzer/gnutls-nocert-tls13.json
@@ -7,6 +7,7 @@
                  "--x509keyfile", "../../../certs/ecc256.pem",
                  "--x509certfile", "../../../certs/cert-ecc256.pem",
                  "--debug=3",
+                 "--httpdata=../http.dat",
                  "--priority=@PRIORITY@",
                  "--disable-client-cert", "--port=@PORT@"],
      "server_hostname": "localhost",
@@ -14,9 +15,8 @@
      "tests" : [
          {"name" : "test-record-size-limit.py",
           "comment" : "changed extension after HRR is not supported #617",
-          "arguments" : ["-p", "@PORT@", "--reply-AD-size", "685",
+          "arguments" : ["-p", "@PORT@", "--reply-AD-size", "1024",
                          "-e", "change size in TLS 1.2 resumption",
-                         "-e", "change size in TLS 1.3 session resumption",
                          "-e", "check if server accepts maximum size in TLS 1.0",
                          "-e", "check if server accepts maximum size in TLS 1.1",
                          "-e", "check if server accepts maximum size in TLS 1.2",
@@ -29,7 +29,6 @@
                          "-e", "check server sent size in TLS 1.1",
                          "-e", "check server sent size in TLS 1.2",
                          "-e", "drop extension in TLS 1.2 resumption",
-                         "-e", "drop extension in TLS 1.3 session resumption",
                          "-e", "modified extension in 2nd CH in HRR handshake",
                          "-e", "renegotiation with changed limit",
                          "-e", "renegotiation with dropped extension",
@@ -38,10 +37,6 @@
                          "-e", "check server sent size in TLS 1.1 with max_fragment_length",
                          "-e", "check server sent size in TLS 1.2 with max_fragment_length",
                          "-e", "removed extension in 2nd CH in HRR handshake"] },
-         {"name" : "test-record-size-limit.py",
-          "arguments" : ["-p", "@PORT@", "--reply-AD-size", "672",
-                         "change size in TLS 1.3 session resumption",
-                         "drop extension in TLS 1.3 session resumption"] },
 	 {"name" : "test-tls13-0rtt-garbage.py",
 	  "arguments": ["-p", "@PORT@"]},
 	 {"name" : "test-tls13-ccs.py",
diff --git a/tests/suite/tls-fuzzer/gnutls-nocert.json b/tests/suite/tls-fuzzer/gnutls-nocert.json
index e610108715..dc3ffd8e85 100644
--- a/tests/suite/tls-fuzzer/gnutls-nocert.json
+++ b/tests/suite/tls-fuzzer/gnutls-nocert.json
@@ -6,6 +6,7 @@
                  "--x509certfile", "../../../certs/cert-ecc256.pem",
                  "--debug=3",
                  "--noticket",
+                 "--httpdata=../http.dat",
                  "--priority=@PRIORITY@",
                  "--disable-client-cert", "--port=@PORT@"],
      "server_hostname": "localhost",
@@ -233,15 +234,13 @@
                          "-e", "medium, maximum fragmentation: 1 fragment - 1024B extension"]},
          {"name" : "test-record-size-limit.py",
 	  "comment" : "TLS 1.3 tests are done separately; 1/n-1 splitting is not supported in TLS 1.0",
-          "arguments" : ["-p", "@PORT@", "--reply-AD-size", "821",
+          "arguments" : ["-p", "@PORT@", "--reply-AD-size", "1024",
                          "-e", "check if server accepts maximum size in TLS 1.0",
                          "-e", "check if server accepts maximum size in TLS 1.3",
                          "-e", "check if server accepts minimal size in TLS 1.0",
                          "-e", "check if server accepts minimal size in TLS 1.3",
                          "-e", "check if server omits extension for unrecognized size 64 in TLS 1.3",
                          "-e", "check if server omits extension for unrecognized size 511 in TLS 1.3",
-                         "-e", "check interaction with sha256 prf",
-                         "-e", "check interaction with sha384 prf",
                          "-e", "check server sent size in TLS 1.0",
                          "-e", "check server sent size in TLS 1.3",
                          "-e", "HRR sanity",
@@ -253,16 +252,6 @@
                          "-e", "check server sent size in TLS 1.0 with max_fragment_length",
                          "-e", "check server sent size in TLS 1.3 with max_fragment_length",
                          "-e", "removed extension in 2nd CH in HRR handshake"] },
-         {"name" : "test-record-size-limit.py",
-          "comment" : "The reply includes PRF algorithm and affects the AD size",
-          "arguments" : ["-p", "@PORT@", "--reply-AD-size", "827",
-                         "--minimal-size", "512",
-                         "check interaction with sha256 prf"] },
-         {"name" : "test-record-size-limit.py",
-          "comment" : "The reply includes PRF algorithm and affects the AD size",
-          "arguments" : ["-p", "@PORT@", "--reply-AD-size", "816",
-                         "--minimal-size", "512",
-                         "check interaction with sha384 prf"] },
          {"name" : "test-sessionID-resumption.py",
           "arguments" : ["-p", "@PORT@"] },
          {"name" : "test-serverhello-random.py",
diff --git a/tests/suite/tls-fuzzer/http.dat b/tests/suite/tls-fuzzer/http.dat
new file mode 100644
index 0000000000..12dda9467f
--- /dev/null
+++ b/tests/suite/tls-fuzzer/http.dat
@@ -0,0 +1,23 @@
+7 bottles of beer on the wall, 7 bottles of beer.
+Take one down and pass it around, 6 bottles of beer on the wall.
+
+6 bottles of beer on the wall, 6 bottles of beer.
+Take one down and pass it around, 5 bottles of beer on the wall.
+
+5 bottles of beer on the wall, 5 bottles of beer.
+Take one down and pass it around, 4 bottles of beer on the wall.
+
+4 bottles of beer on the wall, 4 bottles of beer.
+Take one down and pass it around, 3 bottles of beer on the wall.
+
+3 bottles of beer on the wall, 3 bottles of beer.
+Take one down and pass it around, 2 bottles of beer on the wall.
+
+2 bottles of beer on the wall, 2 bottles of beer.
+Take one down and pass it around, 1 bottle of beer on the wall.
+
+1 bottle of beer on the wall, 1 bottle of beer.
+Take one down and pass it around, no more bottles of beer on the wall.
+
+No more bottles of beer on the wall, no more bottles of beer.
+Go to the store and buy some more, 99 bottles of beer on the wall.
author	Daiki Ueno <dueno@redhat.com>	2019-06-07 15:10:36 +0200
committer	Daiki Ueno <dueno@redhat.com>	2019-06-19 15:11:48 +0200
commit	100d9bcf183f64a61894c728fd32492f46a53c8c (patch)
tree	a5fce28dbfd68e1548adf08109b69907741b5098
parent	5f8a670e134bb3642d717b1bffcdc49b03e5f744 (diff)
download	gnutls-100d9bcf183f64a61894c728fd32492f46a53c8c.tar.gz