Skip to content

Commit

Permalink
Move SSL_CIPHER_get_version test to SSLVersionTest.Version (#1631)
Browse files Browse the repository at this point in the history 
@andrewhop noticed that this test didn't cover TLSv1.3 although we'd
expected it to. This is because the previous test case [guards against
TLSv1.3][1] for unrelated reasons. So, we move the test to another case
that does cover TLSv1.3.

[1]: https://github.com/aws/aws-lc/blob/main/ssl/ssl_test.cc#L7786-L7789
  • Loading branch information
@WillChilds-Klein
WillChilds-Klein authored Jun 11, 2024
1 parent 4e54dd8 commit 31e078a
Showing 1 changed file with 14 additions and 9 deletions.
23 changes: 14 additions & 9 deletions ssl/ssl_test.cc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5003,6 +5003,20 @@ TEST_P(SSLVersionTest, Version) {
SSL_SESSION_get_version(SSL_get_session(server_.get()));
EXPECT_EQ(strcmp(version_name, client_name), 0);
EXPECT_EQ(strcmp(version_name, server_name), 0);

// Client/server version equality asserted above, assert equality for cipher here.
ASSERT_TRUE(SSL_get_current_cipher(client_.get()));
ASSERT_TRUE(SSL_get_current_cipher(server_.get()));
EXPECT_EQ(SSL_get_current_cipher(client_.get())->id, SSL_get_current_cipher(server_.get())->id);
const uint16_t version = SSL_version(client_.get());
if (version == TLS1_2_VERSION || version == TLS1_3_VERSION) {
const char *version_str = SSL_get_version(client_.get());
EXPECT_STREQ(version_str, SSL_CIPHER_get_version(SSL_get_current_cipher(client_.get())));
} else if (version == DTLS1_2_VERSION) { // ciphers don't differentiate D/TLS
EXPECT_STREQ("TLSv1.2", SSL_CIPHER_get_version(SSL_get_current_cipher(client_.get())));
} else {
EXPECT_STREQ("TLSv1/SSLv3", SSL_CIPHER_get_version(SSL_get_current_cipher(client_.get())));
}
}

// Tests that that |SSL_get_pending_cipher| is available during the ALPN
Expand Down Expand Up @@ -7828,15 +7842,6 @@ TEST_P(SSLVersionTest, SessionPropertiesThreads) {
EXPECT_FALSE(verified_chain);
EXPECT_TRUE(SSL_get_current_cipher(ssl));
EXPECT_TRUE(SSL_get_group_id(ssl));
const uint16_t version = SSL_version(ssl);
if (version == TLS1_2_VERSION || version == TLS1_3_VERSION) {
const char *version_str = SSL_get_version(ssl);
EXPECT_STREQ(version_str, SSL_CIPHER_get_version(SSL_get_current_cipher(ssl)));
} else if (version == DTLS1_2_VERSION) { // ciphers don't differentiate D/TLS
EXPECT_STREQ("TLSv1.2", SSL_CIPHER_get_version(SSL_get_current_cipher(ssl)));
} else {
EXPECT_STREQ("TLSv1/SSLv3", SSL_CIPHER_get_version(SSL_get_current_cipher(ssl)));
}
};

std::vector<std::thread> threads;
Expand Down

0 comments on commit 31e078a

Please sign in to comment.