Check-in [5128841292]
Overview
Comment:Fix [bb7085cfdc]: Test tlsIO-8.1 breaks on FreeBSD
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | nijtmans
Files: files | file ages | folders
SHA3-256: 512884129297c59863a388efc9a4af90ca6402fb71a9e270a60e0ab0ee5017a8
User & Date: jan.nijtmans on 2024-02-23 15:25:56
Other Links: branch diff | manifest | tags
References
2024-02-23
15:31 Closed ticket [bb7085cfdc]: Test tlsIO-8.1 breaks on FreeBSD plus 5 other changes artifact: b0b1c58403 user: jan.nijtmans
Context
2024-02-23
21:27
REASON() -> GET_ERR_REASON(). Add some more utilities to tlsInt.h (not used yet) check-in: 42f5f29486 user: jan.nijtmans tags: nijtmans
15:28
Merge-mark check-in: 7ef59c838a user: jan.nijtmans tags: bohagan
15:25
Fix [bb7085cfdc]: Test tlsIO-8.1 breaks on FreeBSD check-in: 5128841292 user: jan.nijtmans tags: nijtmans
14:48
Merge "dh" branch from: [https://chiselapp.com/user/bohagan/repository/TCLTLS/timeline?r=dh]. The "gen_dh_params" script is no longer necessary check-in: 6aeb4fa6ee user: jan.nijtmans tags: nijtmans
Changes
1101
1102
1103
1104
1105
1106
1107

1108
1109
1110
1111
1112
1113
1114
    # return the channel to line buffering mode (TLS sets it to 'none').
    fconfigure $s1 -blocking 0 -buffering line
    vwait x
    # TLS handshaking needs one byte from the client...
    puts $s1 a
    # need update to complete TLS handshake in-process
    update

    set z [gets $s1]
    close $s
    close $s1
    set z
} bye

test tlsIO-9.1 {testing spurious events} {socket} {







>







1101
1102
1103
1104
1105
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
    # return the channel to line buffering mode (TLS sets it to 'none').
    fconfigure $s1 -blocking 0 -buffering line
    vwait x
    # TLS handshaking needs one byte from the client...
    puts $s1 a
    # need update to complete TLS handshake in-process
    update
    fconfigure $s1 -blocking 1
    set z [gets $s1]
    close $s
    close $s1
    set z
} bye

test tlsIO-9.1 {testing spurious events} {socket} {
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
2025
2026
2027
2028
	}
    }
    proc accept {s a p} {
	fconfigure $s -blocking 0
	fileevent $s readable [list do_handshake $s readable readlittle \
		-buffering none]
    }
    set s [tls::socket \
	    -certfile $serverCert -cafile $caCert -keyfile $serverKey \
	    -server accept 8831]
    set c [tls::socket \
	    -certfile $clientCert -cafile $caCert -keyfile $clientKey \
	    localhost 8831]
    # only the client gets tls::import
    set res [tls::unimport $c]
    list $res [catch {close $c} err] $err \
	[catch {close $s} err] $err
} {{} 0 {} 0 {}}








<
|

<
|







2011
2012
2013
2014
2015
2016
2017

2018
2019

2020
2021
2022
2023
2024
2025
2026
2027
	}
    }
    proc accept {s a p} {
	fconfigure $s -blocking 0
	fileevent $s readable [list do_handshake $s readable readlittle \
		-buffering none]
    }

    set s [tls::socket -certfile $serverCert -cafile $caCert -keyfile $serverKey \
	    -server accept 8831]

    set c [tls::socket -certfile $clientCert -cafile $caCert -keyfile $clientKey \
	    localhost 8831]
    # only the client gets tls::import
    set res [tls::unimport $c]
    list $res [catch {close $c} err] $err \
	[catch {close $s} err] $err
} {{} 0 {} 0 {}}

2039
2040
2041
2042
2043
2044
2045
2046
2047
2048
2049
2050
2051
2052
2053
2054
2055
2056
2057
2058
2059
2060
        set ::done $msg
    }
    # NOTE: when doing an in-process client/server test, both sides need
    # to be non-blocking for the TLS handshake

    # Server - Only accept TLS 1.2
    set s [tls::socket \
               -certfile $serverCert -cafile $caCert -keyfile $serverKey \
               -request 0 -require 0 -ssl2 0 -ssl3 0 -tls1 0 -tls1.1 0 -tls1.2 1 \
               -server Accept 8831]
    # Client - Only propose TLS1.0
    set c [tls::socket -async \
               -cafile $caCert \
               -request 0 -require 0 -ssl2 0 -ssl3 0 -tls1 1 -tls1.1 0 -tls1.2 0 \
               localhost 8831]
    fconfigure $c -blocking 0
    puts $c a ; flush $c
    after 5000 [list set ::done timeout]
    vwait ::done
    switch -exact -- $::done {
        "handshake failed: wrong ssl version" -
        "handshake failed: unsupported protocol" {







|
|
|

|
<
|
<







2038
2039
2040
2041
2042
2043
2044
2045
2046
2047
2048
2049

2050

2051
2052
2053
2054
2055
2056
2057
        set ::done $msg
    }
    # NOTE: when doing an in-process client/server test, both sides need
    # to be non-blocking for the TLS handshake

    # Server - Only accept TLS 1.2
    set s [tls::socket \
	    -certfile $serverCert -cafile $caCert -keyfile $serverKey -request 0 \
	    -require 0 -ssl2 0 -ssl3 0 -tls1 0 -tls1.1 0 -tls1.2 1 \
	    -server Accept 8831]
    # Client - Only propose TLS1.0
    set c [tls::socket -async -cafile $caCert -request 0 -require 0 \

	    -ssl2 0 -ssl3 0 -tls1 1 -tls1.1 0 -tls1.2 0 localhost 8831]

    fconfigure $c -blocking 0
    puts $c a ; flush $c
    after 5000 [list set ::done timeout]
    vwait ::done
    switch -exact -- $::done {
        "handshake failed: wrong ssl version" -
        "handshake failed: unsupported protocol" {