| Message ID | 20210618204532.257773-1-seth.forshee@canonical.com |
|---|---|
| State | New |
| Headers | show |
| Series | selftests/tls: don't change cipher type in bidirectional test | expand |
On Fri, Jun 18, 2021 at 02:41:49PM -0700, Jakub Kicinski wrote: > On Fri, 18 Jun 2021 15:45:32 -0500 Seth Forshee wrote: > > The bidirectional test attempts to change the cipher to > > TLS_CIPHER_AES_GCM_128. The test fixture setup will have already set > > the cipher to be tested, and if it was different than the one set by > > the bidir test setsockopt() will fail on account of having different > > ciphers for rx and tx, causing the test to fail. > > It's setting it up in the opposite direction, TLS is uni-directional. > I've posted this earlier: Ah, so it is, I missed that detail. > https://patchwork.kernel.org/project/netdevbpf/patch/20210618202504.1435179-2-kuba@kernel.org/ > > Sorry for not CCing you. No worries. Thanks, Seth
diff --git a/tools/testing/selftests/net/tls.c b/tools/testing/selftests/net/tls.c index 426d07875a48..9f4c87f4ce1e 100644 --- a/tools/testing/selftests/net/tls.c +++ b/tools/testing/selftests/net/tls.c @@ -831,23 +831,6 @@ TEST_F(tls, bidir) char const *test_str = "test_read"; int send_len = 10; char buf[10]; - int ret; - - if (!self->notls) { - struct tls12_crypto_info_aes_gcm_128 tls12; - - memset(&tls12, 0, sizeof(tls12)); - tls12.info.version = variant->tls_version; - tls12.info.cipher_type = TLS_CIPHER_AES_GCM_128; - - ret = setsockopt(self->fd, SOL_TLS, TLS_RX, &tls12, - sizeof(tls12)); - ASSERT_EQ(ret, 0); - - ret = setsockopt(self->cfd, SOL_TLS, TLS_TX, &tls12, - sizeof(tls12)); - ASSERT_EQ(ret, 0); - } ASSERT_EQ(strlen(test_str) + 1, send_len);
The bidirectional test attempts to change the cipher to TLS_CIPHER_AES_GCM_128. The test fixture setup will have already set the cipher to be tested, and if it was different than the one set by the bidir test setsockopt() will fail on account of having different ciphers for rx and tx, causing the test to fail. Forcing the use of GCM when testing ChaCha doesn't make sense anyway, so just use the cipher configured by the test fixture setup. Fixes: 4f336e88a870 ("selftests/tls: add CHACHA20-POLY1305 to tls selftests") Signed-off-by: Seth Forshee <seth.forshee@canonical.com> --- tools/testing/selftests/net/tls.c | 17 ----------------- 1 file changed, 17 deletions(-)