]> git.ipfire.org Git - thirdparty/gnutls.git/commitdiff
tests: account for disabling of ARCFOUR where needed
authorNikos Mavrogiannopoulos <nmav@redhat.com>
Mon, 5 Jan 2015 13:40:51 +0000 (14:40 +0100)
committerNikos Mavrogiannopoulos <nmav@redhat.com>
Mon, 5 Jan 2015 13:46:46 +0000 (14:46 +0100)
tests/mini-global-load.c
tests/mini-x509.c
tests/priorities.c
tests/record-sizes.c

index 68615f72af0ca06d876077d95e2c6eb5daad189f..f10814e7faf9e0fdf58d3cd148ba71f99356828c 100644 (file)
@@ -109,11 +109,7 @@ void doit(void)
        gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE,
                               serverx509cred);
        gnutls_priority_set_direct(server,
-#ifndef ENABLE_FIPS140
-                                  "NORMAL:-CIPHER-ALL:+ARCFOUR-128",
-#else
                                   "NORMAL:-CIPHER-ALL:+AES-128-CBC",
-#endif
                                   NULL);
        gnutls_transport_set_push_function(server, server_push);
        gnutls_transport_set_pull_function(server, server_pull);
index ba578f145adda4284846e9c95c62f1d82c7be91f..610da49620d7a1eb7743294f60e35f7f73413859 100644 (file)
@@ -157,7 +157,7 @@ void doit(void)
        global_init();
        gnutls_global_set_log_function(tls_log_func);
        if (debug)
-               gnutls_global_set_log_level(2);
+               gnutls_global_set_log_level(6);
 
        /* Init server */
        gnutls_certificate_allocate_credentials(&serverx509cred);
@@ -197,7 +197,7 @@ void doit(void)
        if (ret < 0)
                exit(1);
 
-       gnutls_priority_set_direct(client, "NORMAL", NULL);
+       gnutls_priority_set_direct(client, "NORMAL:+ARCFOUR-128", NULL);
        gnutls_transport_set_push_function(client, client_push);
        gnutls_transport_set_pull_function(client, client_pull);
        gnutls_transport_set_ptr(client, client);
index ce46955dd597e728ba1ac2181f5b82c0ebc2f0d1..21fd098d768340bcb316694a912675e1a94d2472 100644 (file)
@@ -40,7 +40,7 @@ void doit(void)
 #else
 
 static void
-try_prio(const char *prio, unsigned expected_cs, unsigned expected_ciphers)
+try_prio(const char *prio, unsigned expected_cs, unsigned expected_ciphers, unsigned line)
 {
        int ret;
        gnutls_priority_t p;
@@ -79,7 +79,7 @@ try_prio(const char *prio, unsigned expected_cs, unsigned expected_ciphers)
                        fprintf(stderr, "%s\n",
                                gnutls_cipher_get_name(t[i]));
 #endif
-               fail("%s: expected %d ciphers, found %d\n", prio, expected_ciphers,
+               fail("%s:%d: expected %d ciphers, found %d\n", prio, line, expected_ciphers,
                     ret);
                exit(1);
        }
@@ -92,7 +92,7 @@ try_prio(const char *prio, unsigned expected_cs, unsigned expected_ciphers)
                success("finished: %s\n", prio);
 
        if (count != expected_cs) {
-               fail("%s: expected %d ciphersuites, found %d\n", prio, expected_cs,
+               fail("%s:%d: expected %d ciphersuites, found %d\n", prio, line, expected_cs,
                     count);
                exit(1);
        }
@@ -100,22 +100,22 @@ try_prio(const char *prio, unsigned expected_cs, unsigned expected_ciphers)
 
 void doit(void)
 {
-       const int normal = 72;
+       const int normal = 67;
        const int null = 5;
        const int sec128 = 62;
 
-       try_prio("NORMAL", normal, 12);
-       try_prio("NORMAL:-MAC-ALL:+MD5:+MAC-ALL", normal, 12);
-       try_prio("NORMAL:+CIPHER-ALL", normal, 12);     /* all (except null) */
-       try_prio("NORMAL:-CIPHER-ALL:+NULL", null, 1);  /* null */
-       try_prio("NORMAL:-CIPHER-ALL:+NULL:+CIPHER-ALL", normal + null, 13);    /* should be null + all */
-       try_prio("NORMAL:-CIPHER-ALL:+NULL:+CIPHER-ALL:-CIPHER-ALL:+AES-128-CBC", 10, 1);       /* should be null + all */
-       try_prio("PERFORMANCE", normal, 12);
-       try_prio("SECURE256", 23, 5);
-       try_prio("SECURE128", sec128, 10);
-       try_prio("SECURE128:+SECURE256", sec128, 10);   /* should be the same as SECURE128 */
-       try_prio("SECURE128:+SECURE256:+NORMAL", normal, 12);   /* should be the same as NORMAL */
-       try_prio("SUITEB192", 1, 1);
+       try_prio("NORMAL", normal, 11, __LINE__);
+       try_prio("NORMAL:-MAC-ALL:+MD5:+MAC-ALL", normal, 11, __LINE__);
+       try_prio("NORMAL:+CIPHER-ALL", normal, 11, __LINE__);   /* all (except null) */
+       try_prio("NORMAL:-CIPHER-ALL:+NULL", null, 1, __LINE__);        /* null */
+       try_prio("NORMAL:-CIPHER-ALL:+NULL:+CIPHER-ALL", normal + null, 12, __LINE__);  /* should be null + all */
+       try_prio("NORMAL:-CIPHER-ALL:+NULL:+CIPHER-ALL:-CIPHER-ALL:+AES-128-CBC", 10, 1, __LINE__);     /* should be null + all */
+       try_prio("PERFORMANCE", normal, 11, __LINE__);
+       try_prio("SECURE256", 23, 5, __LINE__);
+       try_prio("SECURE128", sec128, 10, __LINE__);
+       try_prio("SECURE128:+SECURE256", sec128, 10, __LINE__); /* should be the same as SECURE128 */
+       try_prio("SECURE128:+SECURE256:+NORMAL", normal, 11, __LINE__); /* should be the same as NORMAL */
+       try_prio("SUITEB192", 1, 1, __LINE__);
 }
 
 #endif
index 4f52e54a02f0871e2d47b27c2355cecf089b1082..1683da14f2025c2b164063c4b4be9c4418d2de0a 100644 (file)
@@ -90,7 +90,7 @@ void doit(void)
        gnutls_anon_allocate_client_credentials(&c_anoncred);
        gnutls_init(&client, GNUTLS_CLIENT);
        gnutls_priority_set_direct(client,
-                                  "NONE:+VERS-TLS-ALL:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-NULL:+ANON-DH",
+                                  "NONE:+VERS-TLS-ALL:+CIPHER-ALL:+ARCFOUR-128:+MAC-ALL:+SIGN-ALL:+COMP-NULL:+ANON-DH",
                                   NULL);
        gnutls_credentials_set(client, GNUTLS_CRD_ANON, c_anoncred);
        gnutls_transport_set_push_function(client, client_push);