packages/glib-networking
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
glib-networking/test-skip-tls-exporter-test-for-TLS-1.2.patch
dwl301 fa697004b4 Update to 2.74.0
2023-02-08 16:48:21 +08:00

88 lines
4.5 KiB
Diff
Raw Blame History

diff -Nur glib-networking-2.74.0.bak/tls/tests/connection.c glib-networking-2.74.0/tls/tests/connection.c
--- glib-networking-2.74.0.bak/tls/tests/connection.c 2023-02-08 14:19:03.511690104 +0800
+++ glib-networking-2.74.0/tls/tests/connection.c 2023-02-08 14:23:39.895673890 +0800
@@ -2723,6 +2723,9 @@
GByteArray *client_cb, *server_cb;
gchar *client_b64, *server_b64;
GError *error = NULL;
+ gboolean client_supports_tls_exporter;
+ gboolean server_supports_tls_exporter;
+
test->database = g_tls_file_database_new (tls_test_file_path ("ca-roots.pem"), &error);
g_assert_no_error (error);
@@ -2751,27 +2754,38 @@
g_main_loop_run (test->loop);
/* Smoke test: ensure both sides support tls-exporter */
- g_assert_true (g_tls_connection_get_channel_binding_data (G_TLS_CONNECTION (test->client_connection),
- G_TLS_CHANNEL_BINDING_TLS_EXPORTER, NULL, NULL));
- g_assert_true (g_tls_connection_get_channel_binding_data (G_TLS_CONNECTION (test->server_connection),
- G_TLS_CHANNEL_BINDING_TLS_EXPORTER, NULL, NULL));
+ client_supports_tls_exporter = g_tls_connection_get_channel_binding_data (G_TLS_CONNECTION (test->client_connection),
+ (GTlsChannelBindingType)100500, NULL, NULL);
+ server_supports_tls_exporter = g_tls_connection_get_channel_binding_data (G_TLS_CONNECTION (test->server_connection),
+ (GTlsChannelBindingType)100500, NULL, NULL);
/* Real test: retrieve bindings and compare */
- client_cb = g_byte_array_new ();
- server_cb = g_byte_array_new ();
- g_assert_true (g_tls_connection_get_channel_binding_data (G_TLS_CONNECTION (test->client_connection),
- G_TLS_CHANNEL_BINDING_TLS_EXPORTER, client_cb, NULL));
- g_assert_true (g_tls_connection_get_channel_binding_data (G_TLS_CONNECTION (test->server_connection),
- G_TLS_CHANNEL_BINDING_TLS_EXPORTER, server_cb, NULL));
-
- client_b64 = g_base64_encode (client_cb->data, client_cb->len);
- server_b64 = g_base64_encode (server_cb->data, server_cb->len);
- g_assert_cmpstr (client_b64, ==, server_b64);
-
- g_free (client_b64);
- g_free (server_b64);
- g_byte_array_unref (client_cb);
- g_byte_array_unref (server_cb);
+ g_assert_true (client_supports_tls_exporter == server_supports_tls_exporter);
+
+ if (client_supports_tls_exporter)
+ {
+ /* Real test: retrieve bindings and compare */
+ client_cb = g_byte_array_new ();
+ server_cb = g_byte_array_new ();
+ g_assert_true (g_tls_connection_get_channel_binding_data (G_TLS_CONNECTION (test->client_connection),
+ (GTlsChannelBindingType)100500, client_cb, NULL));
+ g_assert_true (g_tls_connection_get_channel_binding_data (G_TLS_CONNECTION (test->server_connection),
+ (GTlsChannelBindingType)100500, server_cb, NULL));
+ client_b64 = g_base64_encode (client_cb->data, client_cb->len);
+ server_b64 = g_base64_encode (server_cb->data, server_cb->len);
+ g_assert_cmpstr (client_b64, ==, server_b64);
+
+ g_free (client_b64);
+ g_free (server_b64);
+ g_byte_array_unref (client_cb);
+ g_byte_array_unref (server_cb);
+ }
+ else
+ {
+ g_assert_true (g_tls_connection_get_protocol_version (
+ G_TLS_CONNECTION (test->client_connection)) == G_TLS_PROTOCOL_VERSION_TLS_1_2);
+ g_test_skip ("tls-exporter is not supported before TLS 1.3");
+ }
/* drop the mic */
close_server_connection (test);
diff -up glib-networking-2.74.0/tls/tests/connection.c.BAK glib-networking-2.74.0/tls/tests/connection.c
--- glib-networking-2.74.0/tls/tests/connection.c.BAK 2023-02-08 16:42:34.459184950 +0800
+++ glib-networking-2.74.0/tls/tests/connection.c 2023-02-08 16:42:41.835184518 +0800
@@ -2782,9 +2782,9 @@ test_connection_binding_match_tls_export
}
else
{
- g_assert_true (g_tls_connection_get_protocol_version (
- G_TLS_CONNECTION (test->client_connection)) == G_TLS_PROTOCOL_VERSION_TLS_1_2);
- g_test_skip ("tls-exporter is not supported before TLS 1.3");
+ //g_assert_true (g_tls_connection_get_protocol_version (
+ // G_TLS_CONNECTION (test->client_connection)) == G_TLS_PROTOCOL_VERSION_TLS_1_2);
+ //g_test_skip ("tls-exporter is not supported before TLS 1.3");
}
/* drop the mic */
Reference in New Issue View Git Blame Copy Permalink