[glib-networking] Fallback tests should not expect SSLv3 to be available
- From: Michael Catanzaro <mcatanzaro src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [glib-networking] Fallback tests should not expect SSLv3 to be available
- Date: Sun, 7 Jan 2018 21:41:19 +0000 (UTC)
commit 806d703983d266597980f02ab526947c050d695e
Author: Michael Catanzaro <mcatanzaro igalia com>
Date: Thu Jan 4 13:37:46 2018 -0600
Fallback tests should not expect SSLv3 to be available
Our SSLv3 fallback test does not work if GnuTLS is built without SSLv3
support.
Currently we run the test twice, with two different priorities:
#define PRIORITY_SSL_FALLBACK "NORMAL:+VERS-SSL3.0"
#define PRIORITY_TLS_FALLBACK "NORMAL:+VERS-TLS-ALL:-VERS-SSL3.0"
PRIORITY_SSL_FALLBACK is guaranteed to be broken with newer GnuTLS, and
PRIORITY_TLS_FALLBACK is effectively the default case, so neither is
interesting. We should just not set custom priority strings for the
test. That will avoid the problem entirely, and allow us to simplify
the test by getting rid of the subprocess stuff. The priority strings
are not supposed to be API anyway; our main concern is to make sure that
GTlsClientConnection:use-ssl3 works as "expected" (to force use of the
lowest-supported protocol version, which should be TLS 1.0).
https://bugzilla.gnome.org/show_bug.cgi?id=782853
tls/tests/connection.c | 49 +++--------------------------------------------
1 files changed, 4 insertions(+), 45 deletions(-)
---
diff --git a/tls/tests/connection.c b/tls/tests/connection.c
index 2da37c5..db8562b 100644
--- a/tls/tests/connection.c
+++ b/tls/tests/connection.c
@@ -1941,24 +1941,9 @@ quit_on_handshake_complete (GObject *object,
return;
}
-#define PRIORITY_SSL_FALLBACK "NORMAL:+VERS-SSL3.0"
-#define PRIORITY_TLS_FALLBACK "NORMAL:+VERS-TLS-ALL:-VERS-SSL3.0"
-
static void
-test_fallback (gconstpointer data)
-{
- const char *priority_string = (const char *) data;
- char *test_name;
-
- test_name = g_strdup_printf ("/tls/connection/fallback/subprocess/%s", priority_string);
- g_test_trap_subprocess (test_name, 0, 0);
- g_test_trap_assert_passed ();
- g_free (test_name);
-}
-
-static void
-test_fallback_subprocess (TestConnection *test,
- gconstpointer data)
+test_fallback (TestConnection *test,
+ gconstpointer data)
{
GIOStream *connection;
GTlsConnection *tlsconn;
@@ -2049,25 +2034,6 @@ main (int argc,
char *argv[])
{
int ret;
- int i;
-
- /* Check if this is a subprocess, and set G_TLS_GNUTLS_PRIORITY
- * appropriately if so.
- */
- for (i = 1; i < argc - 1; i++)
- {
- if (!strcmp (argv[i], "-p"))
- {
- const char *priority = argv[i + 1];
-
- priority = strrchr (priority, '/');
- if (priority++ &&
- (g_str_has_prefix (priority, "NORMAL:") ||
- g_str_has_prefix (priority, "NONE:")))
- g_setenv ("G_TLS_GNUTLS_PRIORITY", priority, TRUE);
- break;
- }
- }
g_test_init (&argc, &argv, NULL);
g_test_bug_base ("http://bugzilla.gnome.org/");
@@ -2132,15 +2098,8 @@ main (int argc,
setup_connection, test_async_implicit_handshake, teardown_connection);
g_test_add ("/tls/connection/output-stream-close", TestConnection, NULL,
setup_connection, test_output_stream_close, teardown_connection);
-
- g_test_add_data_func ("/tls/connection/fallback/SSL", PRIORITY_SSL_FALLBACK, test_fallback);
- g_test_add ("/tls/connection/fallback/subprocess/" PRIORITY_SSL_FALLBACK,
- TestConnection, NULL,
- setup_connection, test_fallback_subprocess, teardown_connection);
- g_test_add_data_func ("/tls/connection/fallback/TLS", PRIORITY_TLS_FALLBACK, test_fallback);
- g_test_add ("/tls/connection/fallback/subprocess/" PRIORITY_TLS_FALLBACK,
- TestConnection, NULL,
- setup_connection, test_fallback_subprocess, teardown_connection);
+ g_test_add ("/tls/connection/fallback", TestConnection, NULL,
+ setup_connection, test_fallback, teardown_connection);
ret = g_test_run();
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]