Mirror/aports
1
0
Fork 0
mirror of https://gitlab.alpinelinux.org/alpine/aports.git synced 2025-07-21 02:05:16 +03:00
Code Issues Wiki Activity
aports/community/glib-networking/skip-test-tls-exporter-for-1.2.patch
Natanael Copa 04760a2911 community/glib-networking: skip test of TLS exporter for TLS 1.2 
TLS exporter does not exist before TLS 1.3 so drop it for the 1.2 test.

The test failure was introduced with GnuTLS 3.7.8.

Ref: https://gitlab.gnome.org/GNOME/glib-networking/-/issues/201
2022-10-26 12:04:59 +02:00

72 lines
3.7 KiB
Diff
Raw Blame History

ref: https://gitlab.gnome.org/GNOME/glib-networking/-/issues/201
diff --git a/tls/tests/connection.c b/tls/tests/connection.c
index 0f8aa2d..d0dd4af 100644
--- a/tls/tests/connection.c
+++ b/tls/tests/connection.c
@@ -2723,6 +2723,8 @@ test_connection_binding_match_tls_exporter (TestConnection *test,
GByteArray *client_cb, *server_cb;
gchar *client_b64, *server_b64;
GError *error = NULL;
+ gboolean client_supports_tls_exporter;
+ gboolean server_supports_tls_exporter;
test->database = g_tls_file_database_new (tls_test_file_path ("ca-roots.pem"), &error);
g_assert_no_error (error);
@@ -2751,27 +2753,38 @@ test_connection_binding_match_tls_exporter (TestConnection *test,
g_main_loop_run (test->loop);
/* Smoke test: ensure both sides support tls-exporter */
- g_assert_true (g_tls_connection_get_channel_binding_data (G_TLS_CONNECTION (test->client_connection),
- G_TLS_CHANNEL_BINDING_TLS_EXPORTER, NULL, NULL));
- g_assert_true (g_tls_connection_get_channel_binding_data (G_TLS_CONNECTION (test->server_connection),
- G_TLS_CHANNEL_BINDING_TLS_EXPORTER, NULL, NULL));
+ client_supports_tls_exporter = g_tls_connection_get_channel_binding_data (G_TLS_CONNECTION (test->client_connection),
+ G_TLS_CHANNEL_BINDING_TLS_EXPORTER, NULL, NULL);
+ server_supports_tls_exporter = g_tls_connection_get_channel_binding_data (G_TLS_CONNECTION (test->server_connection),
+ G_TLS_CHANNEL_BINDING_TLS_EXPORTER, NULL, NULL);
- /* Real test: retrieve bindings and compare */
- client_cb = g_byte_array_new ();
- server_cb = g_byte_array_new ();
- g_assert_true (g_tls_connection_get_channel_binding_data (G_TLS_CONNECTION (test->client_connection),
- G_TLS_CHANNEL_BINDING_TLS_EXPORTER, client_cb, NULL));
- g_assert_true (g_tls_connection_get_channel_binding_data (G_TLS_CONNECTION (test->server_connection),
- G_TLS_CHANNEL_BINDING_TLS_EXPORTER, server_cb, NULL));
+ g_assert_true (client_supports_tls_exporter == server_supports_tls_exporter);
- client_b64 = g_base64_encode (client_cb->data, client_cb->len);
- server_b64 = g_base64_encode (server_cb->data, server_cb->len);
- g_assert_cmpstr (client_b64, ==, server_b64);
+ if (client_supports_tls_exporter)
+ {
+ /* Real test: retrieve bindings and compare */
+ client_cb = g_byte_array_new ();
+ server_cb = g_byte_array_new ();
+ g_assert_true (g_tls_connection_get_channel_binding_data (G_TLS_CONNECTION (test->client_connection),
+ G_TLS_CHANNEL_BINDING_TLS_EXPORTER, client_cb, NULL));
+ g_assert_true (g_tls_connection_get_channel_binding_data (G_TLS_CONNECTION (test->server_connection),
+ G_TLS_CHANNEL_BINDING_TLS_EXPORTER, server_cb, NULL));
- g_free (client_b64);
- g_free (server_b64);
- g_byte_array_unref (client_cb);
- g_byte_array_unref (server_cb);
+ client_b64 = g_base64_encode (client_cb->data, client_cb->len);
+ server_b64 = g_base64_encode (server_cb->data, server_cb->len);
+ g_assert_cmpstr (client_b64, ==, server_b64);
+
+ g_free (client_b64);
+ g_free (server_b64);
+ g_byte_array_unref (client_cb);
+ g_byte_array_unref (server_cb);
+ }
+ else
+ {
+ g_assert_true (g_tls_connection_get_protocol_version (
+ G_TLS_CONNECTION (test->client_connection)) == G_TLS_PROTOCOL_VERSION_TLS_1_2);
+ g_test_skip ("tls-exporter is not supported");
+ }
/* drop the mic */
close_server_connection (test);
Reference in a new issue View git blame Copy permalink