From def41e93bdcce741c7eb87a06690fb36a133b8bb Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Sun, 6 Nov 2016 20:23:40 -0500 Subject: [PATCH] In test_tortls_classify_client_ciphers(), s/ECDH/ECDHE/ (We weren't actually using these ciphers; we were just requing that ciphers of that name existed.) Patch from rubiate. Fixes 20460 --- changes/20460 | 4 ++++ src/test/test_tortls.c | 8 ++++---- 2 files changed, 8 insertions(+), 4 deletions(-) create mode 100644 changes/20460 diff --git a/changes/20460 b/changes/20460 new file mode 100644 index 000000000..d51ec3ad9 --- /dev/null +++ b/changes/20460 @@ -0,0 +1,4 @@ + o Minor bugfixes (testing) + - Use ECDHE ciphers instead of ECDH in tortls tests. LibreSSL has + removed the ECDH ciphers which caused the tests to fail on + platforms which use it. Closes ticket 20460. diff --git a/src/test/test_tortls.c b/src/test/test_tortls.c index 8efcac242..1cba617a3 100644 --- a/src/test/test_tortls.c +++ b/src/test/test_tortls.c @@ -834,9 +834,9 @@ test_tortls_classify_client_ciphers(void *ignored) sk_SSL_CIPHER_zero(ciphers); - one = get_cipher_by_name("ECDH-RSA-AES256-GCM-SHA384"); + one = get_cipher_by_name("ECDHE-RSA-AES256-GCM-SHA384"); one->id = 0x00ff; - two = get_cipher_by_name("ECDH-RSA-AES128-GCM-SHA256"); + two = get_cipher_by_name("ECDHE-RSA-AES128-GCM-SHA256"); two->id = 0x0000; sk_SSL_CIPHER_push(ciphers, one); tls->client_cipher_list_type = 0; @@ -906,7 +906,7 @@ test_tortls_client_is_using_v2_ciphers(void *ignored) tt_int_op(ret, OP_EQ, 0); ciphers = sk_SSL_CIPHER_new_null(); - SSL_CIPHER *one = get_cipher_by_name("ECDH-RSA-AES256-GCM-SHA384"); + SSL_CIPHER *one = get_cipher_by_name("ECDHE-RSA-AES256-GCM-SHA384"); one->id = 0x00ff; sk_SSL_CIPHER_push(ciphers, one); sess->ciphers = ciphers; @@ -1551,7 +1551,7 @@ test_tortls_session_secret_cb(void *ignored) tor_tls_session_secret_cb(tls->ssl, NULL, NULL, NULL, NULL, NULL); tt_assert(!tls->ssl->tls_session_secret_cb); - one = get_cipher_by_name("ECDH-RSA-AES256-GCM-SHA384"); + one = get_cipher_by_name("ECDHE-RSA-AES256-GCM-SHA384"); one->id = 0x00ff; ciphers = sk_SSL_CIPHER_new_null(); sk_SSL_CIPHER_push(ciphers, one);