Overview
Comment: | Fix [bb7085cfdc]: Test tlsIO-8.1 breaks on FreeBSD |
---|---|
Downloads: | Tarball | ZIP archive | SQL archive |
Timelines: | family | ancestors | descendants | both | nijtmans |
Files: | files | file ages | folders |
SHA3-256: |
512884129297c59863a388efc9a4af90 |
User & Date: | jan.nijtmans on 2024-02-23 15:25:56 |
Other Links: | branch diff | manifest | tags |
References
2024-02-23
| ||
15:31 | • Closed ticket [bb7085cfdc]: Test tlsIO-8.1 breaks on FreeBSD plus 5 other changes artifact: b0b1c58403 user: jan.nijtmans | |
Context
2024-02-23
| ||
21:27 | REASON() -> GET_ERR_REASON(). Add some more utilities to tlsInt.h (not used yet) check-in: 42f5f29486 user: jan.nijtmans tags: nijtmans | |
15:28 | Merge-mark check-in: 7ef59c838a user: jan.nijtmans tags: bohagan | |
15:25 | Fix [bb7085cfdc]: Test tlsIO-8.1 breaks on FreeBSD check-in: 5128841292 user: jan.nijtmans tags: nijtmans | |
14:48 | Merge "dh" branch from: [https://chiselapp.com/user/bohagan/repository/TCLTLS/timeline?r=dh]. The "gen_dh_params" script is no longer necessary check-in: 6aeb4fa6ee user: jan.nijtmans tags: nijtmans | |
Changes
Modified tests/tlsIO.test
from [08483551ff]
to [5132bf407b].
︙ | ︙ | |||
1101 1102 1103 1104 1105 1106 1107 1108 1109 1110 1111 1112 1113 1114 | # return the channel to line buffering mode (TLS sets it to 'none'). fconfigure $s1 -blocking 0 -buffering line vwait x # TLS handshaking needs one byte from the client... puts $s1 a # need update to complete TLS handshake in-process update set z [gets $s1] close $s close $s1 set z } bye test tlsIO-9.1 {testing spurious events} {socket} { | > | 1101 1102 1103 1104 1105 1106 1107 1108 1109 1110 1111 1112 1113 1114 1115 | # return the channel to line buffering mode (TLS sets it to 'none'). fconfigure $s1 -blocking 0 -buffering line vwait x # TLS handshaking needs one byte from the client... puts $s1 a # need update to complete TLS handshake in-process update fconfigure $s1 -blocking 1 set z [gets $s1] close $s close $s1 set z } bye test tlsIO-9.1 {testing spurious events} {socket} { |
︙ | ︙ | |||
2010 2011 2012 2013 2014 2015 2016 | } } proc accept {s a p} { fconfigure $s -blocking 0 fileevent $s readable [list do_handshake $s readable readlittle \ -buffering none] } | < | < | | 2011 2012 2013 2014 2015 2016 2017 2018 2019 2020 2021 2022 2023 2024 2025 2026 2027 | } } proc accept {s a p} { fconfigure $s -blocking 0 fileevent $s readable [list do_handshake $s readable readlittle \ -buffering none] } set s [tls::socket -certfile $serverCert -cafile $caCert -keyfile $serverKey \ -server accept 8831] set c [tls::socket -certfile $clientCert -cafile $caCert -keyfile $clientKey \ localhost 8831] # only the client gets tls::import set res [tls::unimport $c] list $res [catch {close $c} err] $err \ [catch {close $s} err] $err } {{} 0 {} 0 {}} |
︙ | ︙ | |||
2039 2040 2041 2042 2043 2044 2045 | set ::done $msg } # NOTE: when doing an in-process client/server test, both sides need # to be non-blocking for the TLS handshake # Server - Only accept TLS 1.2 set s [tls::socket \ | | | | | < | < | 2038 2039 2040 2041 2042 2043 2044 2045 2046 2047 2048 2049 2050 2051 2052 2053 2054 2055 2056 2057 | set ::done $msg } # NOTE: when doing an in-process client/server test, both sides need # to be non-blocking for the TLS handshake # Server - Only accept TLS 1.2 set s [tls::socket \ -certfile $serverCert -cafile $caCert -keyfile $serverKey -request 0 \ -require 0 -ssl2 0 -ssl3 0 -tls1 0 -tls1.1 0 -tls1.2 1 \ -server Accept 8831] # Client - Only propose TLS1.0 set c [tls::socket -async -cafile $caCert -request 0 -require 0 \ -ssl2 0 -ssl3 0 -tls1 1 -tls1.1 0 -tls1.2 0 localhost 8831] fconfigure $c -blocking 0 puts $c a ; flush $c after 5000 [list set ::done timeout] vwait ::done switch -exact -- $::done { "handshake failed: wrong ssl version" - "handshake failed: unsupported protocol" { |
︙ | ︙ |