diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-06-30 16:17:12 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-08-02 08:45:38 +0200 |
commit | aa842f8d6430cf93b35cc0f3b85c6642b0979ff3 (patch) | |
tree | 0334adc2581f4061f2cdb8d09dca97455409ae58 /tests/tls11-server-kx-neg.c | |
parent | 1f6616507096a0d0b11f98bd1e762bd6b6f53a9b (diff) | |
download | gnutls-aa842f8d6430cf93b35cc0f3b85c6642b0979ff3.tar.gz |
tests: updated for post-RFC7919 behavior of library
That is, it is no longer necessary to set DH parameters on a
credentials structure, and thus previously expected to fail
connections may succeed even without DH parameters.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Diffstat (limited to 'tests/tls11-server-kx-neg.c')
-rw-r--r-- | tests/tls11-server-kx-neg.c | 18 |
1 files changed, 9 insertions, 9 deletions
diff --git a/tests/tls11-server-kx-neg.c b/tests/tls11-server-kx-neg.c index 46a29ddffd..fee785ab95 100644 --- a/tests/tls11-server-kx-neg.c +++ b/tests/tls11-server-kx-neg.c @@ -41,14 +41,14 @@ test_case_st tests[] = { { .name = "TLS 1.1 ANON-DH without cred", .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, .server_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.1", .client_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.1" }, { .name = "TLS 1.1 ANON-DH with cred but no DH params", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .server_ret = 0, + .client_ret = 0, .have_anon_cred = 1, .server_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.1", .client_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.1" @@ -65,7 +65,7 @@ test_case_st tests[] = { { .name = "TLS 1.1 DHE-RSA without cred", .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, .server_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.1", .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.1" }, @@ -79,8 +79,8 @@ test_case_st tests[] = { }, { .name = "TLS 1.1 DHE-RSA with cred and cert but no DH params", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .server_ret = 0, + .client_ret = 0, .have_cert_cred = 1, .have_rsa_sign_cert = 1, .server_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.1", @@ -131,14 +131,14 @@ test_case_st tests[] = { { .name = "TLS 1.1 DHE-PSK without cred", .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, .server_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.1", .client_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.1" }, { .name = "TLS 1.1 DHE-PSK with cred but no DH params", - .client_ret = GNUTLS_E_AGAIN, - .server_ret = GNUTLS_E_NO_CIPHER_SUITES, + .server_ret = 0, + .client_ret = 0, .have_psk_cred = 1, .server_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.1", .client_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.1" |