[tor-commits] [tor/master] In test_tortls_classify_client_ciphers(), s/ECDH/ECDHE/

nickm at torproject.org nickm at torproject.org
Mon Nov 7 01:25:03 UTC 2016


commit def41e93bdcce741c7eb87a06690fb36a133b8bb
Author: Nick Mathewson <nickm at torproject.org>
Date:   Sun Nov 6 20:23:40 2016 -0500

    In test_tortls_classify_client_ciphers(), s/ECDH/ECDHE/
    
    (We weren't actually using these ciphers; we were just requing that
    ciphers of that name existed.)
    
    Patch from rubiate.  Fixes 20460
---
 changes/20460          | 4 ++++
 src/test/test_tortls.c | 8 ++++----
 2 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/changes/20460 b/changes/20460
new file mode 100644
index 0000000..d51ec3a
--- /dev/null
+++ b/changes/20460
@@ -0,0 +1,4 @@
+  o Minor bugfixes (testing)
+    - Use ECDHE ciphers instead of ECDH in tortls tests. LibreSSL has
+      removed the ECDH ciphers which caused the tests to fail on
+      platforms which use it. Closes ticket 20460.
diff --git a/src/test/test_tortls.c b/src/test/test_tortls.c
index 8efcac2..1cba617 100644
--- a/src/test/test_tortls.c
+++ b/src/test/test_tortls.c
@@ -834,9 +834,9 @@ test_tortls_classify_client_ciphers(void *ignored)
 
   sk_SSL_CIPHER_zero(ciphers);
 
-  one = get_cipher_by_name("ECDH-RSA-AES256-GCM-SHA384");
+  one = get_cipher_by_name("ECDHE-RSA-AES256-GCM-SHA384");
   one->id = 0x00ff;
-  two = get_cipher_by_name("ECDH-RSA-AES128-GCM-SHA256");
+  two = get_cipher_by_name("ECDHE-RSA-AES128-GCM-SHA256");
   two->id = 0x0000;
   sk_SSL_CIPHER_push(ciphers, one);
   tls->client_cipher_list_type = 0;
@@ -906,7 +906,7 @@ test_tortls_client_is_using_v2_ciphers(void *ignored)
   tt_int_op(ret, OP_EQ, 0);
 
   ciphers = sk_SSL_CIPHER_new_null();
-  SSL_CIPHER *one = get_cipher_by_name("ECDH-RSA-AES256-GCM-SHA384");
+  SSL_CIPHER *one = get_cipher_by_name("ECDHE-RSA-AES256-GCM-SHA384");
   one->id = 0x00ff;
   sk_SSL_CIPHER_push(ciphers, one);
   sess->ciphers = ciphers;
@@ -1551,7 +1551,7 @@ test_tortls_session_secret_cb(void *ignored)
   tor_tls_session_secret_cb(tls->ssl, NULL, NULL, NULL, NULL, NULL);
   tt_assert(!tls->ssl->tls_session_secret_cb);
 
-  one = get_cipher_by_name("ECDH-RSA-AES256-GCM-SHA384");
+  one = get_cipher_by_name("ECDHE-RSA-AES256-GCM-SHA384");
   one->id = 0x00ff;
   ciphers = sk_SSL_CIPHER_new_null();
   sk_SSL_CIPHER_push(ciphers, one);





More information about the tor-commits mailing list