diff options
| author | Nick Mathewson <nickm@torproject.org> | 2015-10-07 10:04:12 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2015-10-07 10:04:12 -0400 |
| commit | bd1a1378933815456cf8dc614be0281c5f085ef6 (patch) | |
| tree | afde7d135fdb2d0b87cd0e5511136a7df618873d /src/test/test_tortls.c | |
| parent | 4e34ef87a48421e9b90bea30c5b1110ab0df81c2 (diff) | |
| download | tor-bd1a1378933815456cf8dc614be0281c5f085ef6.tar.gz tor-bd1a1378933815456cf8dc614be0281c5f085ef6.zip | |
Remove the client-side code for the v1 and v2 tls handshakes.
(This is safe since super-old Tor servers are no longer allowed on
the network.)
Closes the client-side part of 11150.
Diffstat (limited to 'src/test/test_tortls.c')
| -rw-r--r-- | src/test/test_tortls.c | 139 |
1 files changed, 0 insertions, 139 deletions
diff --git a/src/test/test_tortls.c b/src/test/test_tortls.c index 2e53293373..5f202698ef 100644 --- a/src/test/test_tortls.c +++ b/src/test/test_tortls.c @@ -1195,143 +1195,6 @@ test_tortls_used_v1_handshake(void *ignored) } static void -test_tortls_dn_indicates_v3_cert(void *ignored) -{ - (void)ignored; - int ret; - X509_NAME *name; - - name = X509_NAME_new(); - X509_NAME_add_entry_by_txt(name, "C", MBSTRING_ASC, - (const unsigned char *)"US", -1, -1, 0); - X509_NAME_add_entry_by_txt(name, "O", MBSTRING_ASC, - (const unsigned char *)"Foobar", -1, -1, 0); - ret = dn_indicates_v3_cert(name); - tt_int_op(ret, OP_EQ, 1); - - X509_NAME_free(name); - name = X509_NAME_new(); - X509_NAME_add_entry_by_txt(name, "C", MBSTRING_ASC, - (const unsigned char *)"US", -1, -1, 0); - ret = dn_indicates_v3_cert(name); - tt_int_op(ret, OP_EQ, 1); - - X509_NAME_free(name); - name = X509_NAME_new(); - X509_NAME_add_entry_by_txt(name, "commonName", V_ASN1_REAL, - (const unsigned char *)"123", -1, -1, 0); - ret = dn_indicates_v3_cert(name); - tt_int_op(ret, OP_EQ, 0); - - X509_NAME_free(name); - name = X509_NAME_new(); - X509_NAME_add_entry_by_txt(name, "commonName", MBSTRING_ASC, - (const unsigned char *)"hello.com", -1, -1, 0); - ret = dn_indicates_v3_cert(name); - tt_int_op(ret, OP_EQ, 1); - - X509_NAME_free(name); - name = X509_NAME_new(); - X509_NAME_add_entry_by_txt(name, "commonName", MBSTRING_ASC, - (const unsigned char *)"hello.net", -1, -1, 0); - ret = dn_indicates_v3_cert(name); - tt_int_op(ret, OP_EQ, 0); - - X509_NAME_free(name); - name = X509_NAME_new(); - X509_NAME_add_entry_by_txt(name, "commonName", MBSTRING_ASC, - (const unsigned char *)"x.s", -1, -1, 0); - ret = dn_indicates_v3_cert(name); - tt_int_op(ret, OP_EQ, 1); - - done: - X509_NAME_free(name); -} - -#ifndef OPENSSL_OPAQUE -static void -test_tortls_received_v3_certificate(void *ignored) -{ - (void)ignored; - int ret; - tor_tls_t *tls; - X509 *validCert = read_cert_from(validCertString); - X509_NAME *subject=NULL, *issuer=NULL; - - tls = tor_malloc_zero(sizeof(tor_tls_t)); - tls->ssl = tor_malloc_zero(sizeof(SSL)); - tls->ssl->session = tor_malloc_zero(sizeof(SSL_SESSION)); - - ret = tor_tls_received_v3_certificate(tls); - tt_int_op(ret, OP_EQ, 0); - - tls->ssl->session->peer = validCert; - - subject = X509_NAME_new(); - X509_NAME_add_entry_by_txt(subject, "commonName", MBSTRING_ASC, - (const unsigned char *)"same.com", -1, -1, 0); - X509_set_subject_name(validCert, subject); - - issuer = X509_NAME_new(); - X509_NAME_add_entry_by_txt(issuer, "commonName", MBSTRING_ASC, - (const unsigned char *)"same.com", -1, -1, 0); - X509_set_issuer_name(validCert, issuer); - - ret = tor_tls_received_v3_certificate(tls); - tt_int_op(ret, OP_EQ, 1); - - X509_NAME_free(subject); - subject = X509_NAME_new(); - X509_NAME_add_entry_by_txt(subject, "commonName", MBSTRING_ASC, - (const unsigned char *)"different.net", -1, -1, 0); - X509_set_subject_name(validCert, subject); - - ret = tor_tls_received_v3_certificate(tls); - tt_int_op(ret, OP_EQ, 1); - - X509_NAME_free(subject); - subject = X509_NAME_new(); - X509_NAME_add_entry_by_txt(subject, "commonName", MBSTRING_ASC, - (const unsigned char *)"same.com", -1, -1, 0); - X509_set_subject_name(validCert, subject); - - X509_NAME_free(issuer); - issuer = X509_NAME_new(); - X509_NAME_add_entry_by_txt(issuer, "commonName", MBSTRING_ASC, - (const unsigned char *)"different.net", -1, -1, 0); - X509_set_issuer_name(validCert, issuer); - - ret = tor_tls_received_v3_certificate(tls); - tt_int_op(ret, OP_EQ, 1); - - X509_NAME_free(subject); - subject = X509_NAME_new(); - X509_NAME_add_entry_by_txt(subject, "commonName", MBSTRING_ASC, - (const unsigned char *)"different2.net", -1, -1, 0); - X509_set_subject_name(validCert, subject); - ret = tor_tls_received_v3_certificate(tls); - tt_int_op(ret, OP_EQ, 0); - - EVP_PKEY *key = X509_get_pubkey(validCert); - key->type = 5; - ret = tor_tls_received_v3_certificate(tls); - tt_int_op(ret, OP_EQ, 1); - - key->type = 6; - key->ameth = NULL; - ret = tor_tls_received_v3_certificate(tls); - tt_int_op(ret, OP_EQ, 1); - - done: - X509_NAME_free(subject); - X509_NAME_free(issuer); - tor_free(tls->ssl->session); - tor_free(tls->ssl); - tor_free(tls); -} -#endif - -static void test_tortls_get_num_server_handshakes(void *ignored) { (void)ignored; @@ -2913,8 +2776,6 @@ struct testcase_t tortls_tests[] = { LOCAL_TEST_CASE(get_forced_write_size, 0), LOCAL_TEST_CASE(get_write_overhead_ratio, TT_FORK), LOCAL_TEST_CASE(used_v1_handshake, TT_FORK), - LOCAL_TEST_CASE(dn_indicates_v3_cert, 0), - INTRUSIVE_TEST_CASE(received_v3_certificate, 0), LOCAL_TEST_CASE(get_num_server_handshakes, 0), LOCAL_TEST_CASE(server_got_renegotiate, 0), INTRUSIVE_TEST_CASE(SSL_SESSION_get_master_key, 0), |