summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNikos Mavrogiannopoulos <nmav@gnutls.org>2020-01-17 21:34:45 +0100
committerNikos Mavrogiannopoulos <nmav@gnutls.org>2020-01-18 07:45:04 +0100
commit6f11aaffb420bbf58f631cb4a210e7fdc9a218c7 (patch)
tree23f7f9f92ecba82470d0dd892d8a3300e49da601
parent4023d63f0b2795c0c0447282c808671ae8503ac3 (diff)
downloadgnutls-6f11aaffb420bbf58f631cb4a210e7fdc9a218c7.tar.gz
gnutls-cli-debug: ignore tests when algorithms are unavailable
When gnutls-cli-debug is run on systems where a particular algorithm is disabled, ensure that we don't stop the testing; in that case we ignore the test. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Diffstat
-rw-r--r--src/tests.c15
-rwxr-xr-xtests/gnutls-cli-debug.sh30
2 files changed, 43 insertions, 2 deletions
diff --git a/src/tests.c b/src/tests.c
index 9b608119f5..82474b0995 100644
--- a/src/tests.c
+++ b/src/tests.c
@@ -134,20 +134,31 @@ char prio_str[768] = "";
#define INIT_STR "NONE:"
char rest[384] = "%UNSAFE_RENEGOTIATION:+SIGN-ALL:+GROUP-ALL" GOST_REST;
-#define _gnutls_priority_set_direct(s, str) __gnutls_priority_set_direct(s, str, __LINE__)
+#define _gnutls_priority_set_direct(s, str) { \
+ int _ret; \
+ if ((_ret=__gnutls_priority_set_direct(s, str, __LINE__)) != TEST_SUCCEED) { \
+ return _ret; \
+ } \
+ }
-static inline void
+static inline int
__gnutls_priority_set_direct(gnutls_session_t session, const char *str, int line)
{
const char *err;
int ret = gnutls_priority_set_direct(session, str, &err);
if (ret < 0) {
+ /* this can happen when some cipher is disabled system-wide */
+ if (ret == GNUTLS_E_NO_PRIORITIES_WERE_SET)
+ return TEST_IGNORE;
+
fprintf(stderr, "Error at %d with string %s\n", line, str);
fprintf(stderr, "Error at %s: %s\n", err,
gnutls_strerror(ret));
exit(1);
}
+
+ return TEST_SUCCEED;
}
test_code_t test_server(gnutls_session_t session)
diff --git a/tests/gnutls-cli-debug.sh b/tests/gnutls-cli-debug.sh
index 51f77bb565..0ab6069b8f 100755
--- a/tests/gnutls-cli-debug.sh
+++ b/tests/gnutls-cli-debug.sh
@@ -24,6 +24,7 @@ srcdir="${srcdir:-.}"
SERV="${SERV:-../src/gnutls-serv${EXEEXT}}"
DCLI="${DCLI:-../src/gnutls-cli-debug${EXEEXT}}"
OUTFILE=cli-debug.$$.tmp
+TMPFILE=config.$$.tmp
unset RETCODE
if ! test -x "${SERV}"; then
@@ -169,7 +170,36 @@ check_text "whether the server accepts default record size (512 bytes)... no"
check_text "whether %ALLOW_SMALL_RECORDS is required... yes"
check_text "for RSA key exchange support... no"
+echo ""
+echo "Checking output of gnutls-cli-debug when algorithms are disabled"
+eval "${GETPORT}"
+launch_server $$ --echo --priority "NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2" --x509keyfile ${KEY1} --x509certfile ${CERT1} \
+ --x509keyfile ${KEY2} --x509certfile ${CERT2} --x509keyfile ${KEY3} --x509certfile ${CERT3} >/dev/null 2>&1
+PID=$!
+wait_server ${PID}
+
+cat <<_EOF_ > ${TMPFILE}
+[overrides]
+
+tls-disabled-cipher = CAMELLIA-128-CBC
+tls-disabled-cipher = CAMELLIA-256-CBC
+_EOF_
+export GNUTLS_SYSTEM_PRIORITY_FILE="${TMPFILE}"
+
+timeout 1800 datefudge "2017-08-9" \
+"${DCLI}" -p "${PORT}" localhost >$OUTFILE 2>&1 || fail ${PID} "gnutls-cli-debug run should have succeeded!"
+
+unset GNUTLS_SYSTEM_PRIORITY_FILE
+
+kill ${PID}
+wait
+
+check_text "for AES-GCM cipher (RFC5288) support... yes"
+check_text "for RSA key exchange support... yes"
+check_text "for SHA1 MAC support... yes"
+
rm -f ${OUTFILE}
+rm -f ${TMPFILE}
if test "${ENABLE_GOST}" = "1" && test "${GNUTLS_FORCE_FIPS_MODE}" != 1 ; then
# GOST_CNT test
View Lorry Controller Status