tests: rehandshake tests were restricted to TLS1.2

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

diff --git a/tests/Makefile.am b/tests/Makefile.am
index 7b95414840fa764e8e5abc69a21ad656ba4d769f..4d3cf074d518c769d1e87e501640dedb6b826ce9 100644 (file)
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -105,9 +105,9 @@ ctests += mini-record-2 simple gnutls_hmac_fast set_pkcs12_cred cert certuniquei
         crq_key_id x509sign-verify sign-verify cve-2009-1415 cve-2009-1416             \
         tls10-server-kx-neg tls11-server-kx-neg tls12-server-kx-neg ssl30-server-kx-neg \
         tls12-cipher-neg tls11-cipher-neg tls10-cipher-neg ssl30-cipher-neg \
-        crq_apis init_roundtrip pkcs12_s2k_pem dn2 mini-eagain tls-rehandshake-cert-3 \
+        crq_apis init_roundtrip pkcs12_s2k_pem dn2 mini-eagain tls12-rehandshake-cert-3 \
         nul-in-x509-names x509_altname pkcs12_encode mini-x509 \
-        tls-rehandshake-cert rng-fork mini-eagain-dtls resume-dtls \
+        tls12-rehandshake-cert rng-fork mini-eagain-dtls resume-dtls \
         x509cert x509cert-tl infoaccess mini-dtls-hello-verify sign-verify-ed25519-rfc8080 \
         trustdb-tofu dtls-rehandshake-anon mini-alpn mini-dtls-large \
         mini-termination mini-x509-cas mini-x509-2 pkcs12_simple \
@@ -121,7 +121,7 @@ ctests += mini-record-2 simple gnutls_hmac_fast set_pkcs12_cred cert certuniquei
         fips-test fips-override-test mini-global-load name-constraints x509-extensions \
         long-session-id mini-x509-callbacks-intr mini-dtls-lowmtu set_x509_key_file-late \
         crlverify mini-dtls-discard init_fds mini-record-failure memset \
-        tls-rehandshake-cert-2 custom-urls set_x509_key_mem set_x509_key_file \
+        tls12-rehandshake-cert-2 custom-urls set_x509_key_mem set_x509_key_file \
         mini-chain-unsorted x509-verify-with-crl mini-dtls-mtu privkey-verify-broken \
         mini-dtls-record-asym key-import-export priority-set priority-set2 \
         pubkey-import-export sign-is-secure spki spki-abstract rsa-rsa-pss \

diff --git a/tests/tls-rehandshake-cert-2.c b/tests/tls12-rehandshake-cert-2.c
similarity index 97%
rename from tests/tls-rehandshake-cert-2.c
rename to tests/tls12-rehandshake-cert-2.c
index cd89b8fe62227a49a5740e0d11c078aaf768cdfd..ab485561107cb80bc44f2994725414ed05f28cac 100644 (file)
--- a/tests/tls-rehandshake-cert-2.c
+++ b/tests/tls12-rehandshake-cert-2.c
@@ -94,7 +94,7 @@ static void client(int fd, unsigned test)
        gnutls_handshake_set_timeout(session, 20 * 1000);
 
        /* Use default priorities */
-       gnutls_priority_set_direct(session, "NORMAL", NULL);
+       gnutls_priority_set_direct(session, "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.1:+VERS-TLS1.2", NULL);
 
        /* put the anonymous credentials to the current session
         */
@@ -235,7 +235,7 @@ static void server(int fd, unsigned test)
        /* avoid calling all the priority functions, since the defaults
         * are adequate.
         */
-       gnutls_priority_set_direct(session, "NORMAL", NULL);
+       gnutls_priority_set_direct(session, "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.1:+VERS-TLS1.2", NULL);
 
        gnutls_credentials_set(session, GNUTLS_CRD_ANON, anoncred);
        gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred);

diff --git a/tests/tls-rehandshake-cert-3.c b/tests/tls12-rehandshake-cert-3.c
similarity index 97%
rename from tests/tls-rehandshake-cert-3.c
rename to tests/tls12-rehandshake-cert-3.c
index 8ca5b39c006fb8400145f8f391f85192cf778dd3..b3c827cfafc306e5aefdc004db4da3bf5c746e6c 100644 (file)
--- a/tests/tls-rehandshake-cert-3.c
+++ b/tests/tls12-rehandshake-cert-3.c
@@ -95,7 +95,7 @@ static void client(int fd)
        gnutls_handshake_set_timeout(session, 20 * 1000);
 
        /* Use default priorities */
-       gnutls_priority_set_direct(session, "NORMAL", NULL);
+       gnutls_priority_set_direct(session, "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.2:+VERS-TLS1.1", NULL);
 
        gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred);
 
@@ -191,7 +191,7 @@ static void server(int fd)
        /* avoid calling all the priority functions, since the defaults
         * are adequate.
         */
-       gnutls_priority_set_direct(session, "NORMAL", NULL);
+       gnutls_priority_set_direct(session, "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.2:+VERS-TLS1.1", NULL);
 
        gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred);
        gnutls_certificate_server_set_request(session, GNUTLS_CERT_REQUIRE);

diff --git a/tests/tls-rehandshake-cert.c b/tests/tls12-rehandshake-cert.c
similarity index 94%
rename from tests/tls-rehandshake-cert.c
rename to tests/tls12-rehandshake-cert.c
index 98e3d12be84f528accd05f05ad59149478f2cebe..00a7d381c5d470cd0e377dfd56cf7dc42cec5ae7 100644 (file)
--- a/tests/tls-rehandshake-cert.c
+++ b/tests/tls12-rehandshake-cert.c
@@ -68,7 +68,7 @@ void doit(void)
        gnutls_init(&server, GNUTLS_SERVER);
        gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE,
                                serverx509cred);
-       gnutls_priority_set_direct(server, "NORMAL", NULL);
+       gnutls_priority_set_direct(server, "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.1:+VERS-TLS1.2", NULL);
        gnutls_transport_set_push_function(server, server_push);
        gnutls_transport_set_pull_function(server, server_pull);
        gnutls_transport_set_ptr(server, server);
@@ -78,7 +78,7 @@ void doit(void)
        gnutls_init(&client, GNUTLS_CLIENT);
        gnutls_credentials_set(client, GNUTLS_CRD_CERTIFICATE,
                                clientx509cred);
-       gnutls_priority_set_direct(client, "NORMAL", NULL);
+       gnutls_priority_set_direct(client, "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.1:+VERS-TLS1.2", NULL);
        gnutls_transport_set_push_function(client, client_push);
        gnutls_transport_set_pull_function(client, client_pull);
        gnutls_transport_set_ptr(client, client);