Run test_cookie() test with DTLS 1.3

author Frederik Wedel-Heinen <frederik.wedel-heinen@dencrypt.dk>

Thu, 16 May 2024 18:04:51 +0000 (20:04 +0200)

committer Tomas Mraz <tomas@openssl.org>

Thu, 9 Jan 2025 16:06:56 +0000 (17:06 +0100)
author Frederik Wedel-Heinen <frederik.wedel-heinen@dencrypt.dk>
Thu, 16 May 2024 18:04:51 +0000 (20:04 +0200)
committer Tomas Mraz <tomas@openssl.org>
Thu, 9 Jan 2025 16:06:56 +0000 (17:06 +0100)
diff --git a/test/dtlstest.c b/test/dtlstest.c

index 15aae92df9f91f1e39cccfb9acea9ac6460542cf..19bd8aab8c47da5f0c1a83a22cc874a17f9eca0f 100644 (file)
--- a/test/dtlstest.c
+++ b/test/dtlstest.c
@@ -323,14 +323,9 @@ static int test_cookie(void)
      SSL *serverssl = NULL, *clientssl = NULL;
      int testresult = 0;
  
-    /**
-     * TODO(DTLSv1.3): Tests fails with
-     *  ssl/statem/extensions_clnt.c:624: OpenSSL internal error:
-     *      Assertion failed: s->hello_retry_request == SSL_HRR_PENDING
-     */
-     if (!TEST_true(create_ssl_ctx_pair(NULL, DTLS_server_method(),
+    if (!TEST_true(create_ssl_ctx_pair(NULL, DTLS_server_method(),
                                         DTLS_client_method(),
-                                       DTLS1_VERSION, DTLS1_2_VERSION,
+                                       DTLS1_VERSION, 0,
                                         &sctx, &cctx, cert, privkey)))
          return 0;
  
@@ -338,7 +333,7 @@ static int test_cookie(void)
      SSL_CTX_set_cookie_generate_cb(sctx, generate_cookie_cb);
      SSL_CTX_set_cookie_verify_cb(sctx, verify_cookie_cb);
  
-#ifdef OPENSSL_NO_DTLS1_2
+#if defined(OPENSSL_NO_DTLS1_2) && defined(OPENSSL_NO_DTLS1_3)
      /* Default sigalgs are SHA1 based in <DTLS1.2 which is in security level 0 */
      if (!TEST_true(SSL_CTX_set_cipher_list(sctx, "DEFAULT:@SECLEVEL=0"))
              || !TEST_true(SSL_CTX_set_cipher_list(cctx,
@@ -445,7 +440,7 @@ static int test_just_finished(void)
                                         &sctx, NULL, cert, privkey)))
          return 0;
  
-#ifdef OPENSSL_NO_DTLS1_2
+#if defined(OPENSSL_NO_DTLS1_2) && defined(OPENSSL_NO_DTLS1_3)
      /* DTLSv1 is not allowed at the default security level */
      if (!TEST_true(SSL_CTX_set_cipher_list(sctx, "DEFAULT:@SECLEVEL=0")))
          goto end;
diff --git a/test/sslapitest.c b/test/sslapitest.c

index a6b979bceb5ff6537333b27007401e3782e4f576..fccdea2d29742b60731666d9768f7ac566b9941a 100644 (file)
--- a/test/sslapitest.c
+++ b/test/sslapitest.c
@@ -969,7 +969,7 @@ static int execute_test_large_message(const SSL_METHOD *smeth,
                                         privkey)))
          goto end;
  
-#ifdef OPENSSL_NO_DTLS1_2
+#if defined(OPENSSL_NO_DTLS1_2) && defined(OPENSSL_NO_DTLS1_3)
      if (smeth == DTLS_server_method()) {
          /*
           * Default sigalgs are SHA1 based in <DTLS1.2 which is in security
author	Frederik Wedel-Heinen <frederik.wedel-heinen@dencrypt.dk>
	Thu, 16 May 2024 18:04:51 +0000 (20:04 +0200)
committer	Tomas Mraz <tomas@openssl.org>
	Thu, 9 Jan 2025 16:06:56 +0000 (17:06 +0100)
test/dtlstest.c		patch \| blob \| blame \| history
test/sslapitest.c		patch \| blob \| blame \| history