mirror of https://github.com/ctz/rustls
Get new bogo version working
This commit is contained in:
parent
42c3a8c17c
commit
339923fc53
203
bogo/config.json
203
bogo/config.json
|
@ -34,20 +34,27 @@
|
|||
"SendHelloRetryRequest-2-TLS13": "we accept any supported keyshare",
|
||||
"OmitExtensions-ServerHello-TLS12": "bug in bogo if sct offered",
|
||||
"EmptyExtensions-ServerHello-TLS12": "",
|
||||
"Server-JDK11*": "workarounds for oracle engineering quality",
|
||||
"Client-RejectJDK11DowngradeRandom": "",
|
||||
"CBCRecordSplitting*": "insane ciphersuites",
|
||||
"*CBCPadding*": "",
|
||||
"RSAEphemeralKey": "",
|
||||
"BadRSAClientKeyExchange-*": "",
|
||||
"SendClientVersion-RSA": "",
|
||||
"Basic-Server-RSA-*": "",
|
||||
"RSAKeyUsage-*": "",
|
||||
"*-3DES-*": "",
|
||||
"*-RSA_WITH_3DES_EDE_CBC_SHA-*": "",
|
||||
"*-AES128-SHA*": "",
|
||||
"*-AES256-SHA*": "",
|
||||
"*-ECDSA-SHA1-*": "no ecdsa-sha1",
|
||||
"*-Sign-RSA-PKCS1-SHA1-*": "no sha1",
|
||||
"*-P-224-*": "no p224",
|
||||
"*-P224-*": "",
|
||||
"*-P521-*": "no p521",
|
||||
"*_WITH_AES_128_CBC_*": "",
|
||||
"*_WITH_AES_256_CBC_*": "",
|
||||
"*-ECDSA_SHA1-*": "no ecdsa-sha1",
|
||||
"*-Sign-RSA_PKCS1_SHA1-*": "no sha1",
|
||||
"*-VerifyDefault-RSA_PKCS1_SHA1-*": "no sha1",
|
||||
"*_P224_*": "no p224",
|
||||
"*-P-224-*": "",
|
||||
"*_P521_*": "no p521",
|
||||
"CurveTest-Client-P-521-TLS12": "",
|
||||
"CurveTest-Server-P-521-TLS12": "",
|
||||
"CurveTest-Client-Compressed-P-521-TLS12": "",
|
||||
|
@ -60,8 +67,15 @@
|
|||
"*-Ed25519-*": "",
|
||||
"GREASE-*": "not implemented",
|
||||
"LargeMessage-Reject": "",
|
||||
"DelegatedCredentials-*": "not implemented",
|
||||
"CECPQ2*": "no PQC experiments",
|
||||
"*CECPQ2*": "",
|
||||
"KeyUpdate-FromClient": "not implemented (no API yet)",
|
||||
"KeyUpdate-FromServer": "",
|
||||
"ExportTrafficSecrets-*": "",
|
||||
"SkipEarlyData*": "no 0rtt support",
|
||||
"TLS13-DuplicateTicketEarlyDataInfo": "",
|
||||
"TLS13-DuplicateTicketEarlyDataSupport": "",
|
||||
"*-InvalidSignature-*-SHA1-*": "no sha1",
|
||||
"NoCommonCurves": "nothing to fall back to",
|
||||
"ClientHelloPadding": "hello padding extension not implemented",
|
||||
|
@ -70,12 +84,18 @@
|
|||
"RSA-PSS-Large": "",
|
||||
"TLS12-AES128-GCM-*": "no pfs",
|
||||
"TLS12-AES256-GCM-*": "",
|
||||
"*-RSA_WITH_AES_128_GCM_SHA256-*": "",
|
||||
"*-RSA_WITH_AES_256_GCM_SHA384-*": "",
|
||||
"*-RSA_WITH_AES_128_CBC_SHA-*": "",
|
||||
"*-RSA_WITH_AES_256_CBC_SHA-*": "",
|
||||
"OmitExtensions-ClientHello-TLS12": "",
|
||||
"EmptyExtensions-ClientHello-TLS12": "",
|
||||
"Resume-Server-OmitPSKsOnSecondClientHello": "not required by RFC",
|
||||
"FallbackSCSV*": "fallback countermeasure not yet implemented",
|
||||
"RequireAnyClientCertificate-TLS12": "we don't send an alert in this case",
|
||||
"TooManyKeyUpdates": "no limit implemented",
|
||||
"TooManyChangeCipherSpec-*": "",
|
||||
"SendUserCanceledAlerts-TooMany-TLS13": "",
|
||||
"ServerBogusVersion": "we ignore legacy_version if there's an extension",
|
||||
"Renegotiate-Client-*": "no reneg",
|
||||
"Shutdown-Shim-Renegotiate-*": "",
|
||||
|
@ -90,7 +110,10 @@
|
|||
"Draft-Downgrade-Server": "not implemented; TODO",
|
||||
"EarlyData-*ALPN*-*": "no alpn change in resumed sessions",
|
||||
"*EarlyKeyingMaterial-Client-*": "early exporter NYI",
|
||||
"QUICTransportParams-*": "Bogo assumes this can be tested over TLS1.3 framing"
|
||||
"QUICTransportParams-*": "Bogo assumes this can be tested over TLS1.3 framing",
|
||||
"*-QUIC-*" :"",
|
||||
"QUIC-*": "",
|
||||
"*-QUIC": ""
|
||||
},
|
||||
"ErrorMap": {
|
||||
":HTTP_REQUEST:": ":GARBAGE:",
|
||||
|
@ -110,26 +133,28 @@
|
|||
"NoSharedCipher-TLS13": ":HANDSHAKE_FAILURE:",
|
||||
"InvalidECDHPoint-Client": ":PEER_MISBEHAVIOUR:",
|
||||
"InvalidECDHPoint-Server": ":PEER_MISBEHAVIOUR:",
|
||||
"TrailingMessageData-ClientHello": ":BAD_HANDSHAKE_MSG:",
|
||||
"TrailingMessageData-ServerHello": ":BAD_HANDSHAKE_MSG:",
|
||||
"TrailingMessageData-ServerCertificate": ":BAD_HANDSHAKE_MSG:",
|
||||
"TrailingMessageData-CertificateRequest": ":BAD_HANDSHAKE_MSG:",
|
||||
"TrailingMessageData-ClientCertificate": ":BAD_HANDSHAKE_MSG:",
|
||||
"TrailingMessageData-CertificateVerify": ":BAD_HANDSHAKE_MSG:",
|
||||
"TrailingMessageData-NewSessionTicket": ":BAD_HANDSHAKE_MSG:",
|
||||
"TrailingMessageData-ServerHelloDone": ":BAD_HANDSHAKE_MSG:",
|
||||
"TrailingMessageData-ServerKeyExchange": ":BAD_HANDSHAKE_MSG:",
|
||||
"TrailingMessageData-ClientKeyExchange": ":BAD_HANDSHAKE_MSG:",
|
||||
"TrailingMessageData-CertificateStatus": ":BAD_HANDSHAKE_MSG:",
|
||||
"TrailingMessageData-TLS13-ClientHello": ":BAD_HANDSHAKE_MSG:",
|
||||
"TrailingMessageData-TLS13-ServerHello": ":BAD_HANDSHAKE_MSG:",
|
||||
"TrailingMessageData-TLS13-EncryptedExtensions": ":BAD_HANDSHAKE_MSG:",
|
||||
"TrailingMessageData-TLS13-CertificateRequest": ":BAD_HANDSHAKE_MSG:",
|
||||
"TrailingMessageData-TLS13-ServerCertificate": ":BAD_HANDSHAKE_MSG:",
|
||||
"TrailingMessageData-TLS13-ServerCertificateVerify": ":BAD_HANDSHAKE_MSG:",
|
||||
"TrailingMessageData-TLS13-ServerFinished": ":DECRYPTION_FAILED_OR_BAD_RECORD_MAC:",
|
||||
"TrailingMessageData-TLS13-ClientCertificate": ":BAD_HANDSHAKE_MSG:",
|
||||
"TrailingMessageData-TLS13-ClientCertificateVerify": ":BAD_HANDSHAKE_MSG:",
|
||||
"TrailingMessageData-ClientHello-TLS": ":BAD_HANDSHAKE_MSG:",
|
||||
"TrailingMessageData-ServerHello-TLS": ":BAD_HANDSHAKE_MSG:",
|
||||
"TrailingMessageData-ServerCertificate-TLS": ":BAD_HANDSHAKE_MSG:",
|
||||
"TrailingMessageData-CertificateRequest-TLS": ":BAD_HANDSHAKE_MSG:",
|
||||
"TrailingMessageData-ClientCertificate-TLS": ":BAD_HANDSHAKE_MSG:",
|
||||
"TrailingMessageData-CertificateVerify-TLS": ":BAD_HANDSHAKE_MSG:",
|
||||
"TrailingMessageData-NewSessionTicket-TLS": ":BAD_HANDSHAKE_MSG:",
|
||||
"TrailingMessageData-ServerHelloDone-TLS": ":BAD_HANDSHAKE_MSG:",
|
||||
"TrailingMessageData-ServerKeyExchange-TLS": ":BAD_HANDSHAKE_MSG:",
|
||||
"TrailingMessageData-ClientKeyExchange-TLS": ":BAD_HANDSHAKE_MSG:",
|
||||
"TrailingMessageData-CertificateStatus-TLS": ":BAD_HANDSHAKE_MSG:",
|
||||
"TrailingMessageData-TLS13-ClientHello-TLS": ":BAD_HANDSHAKE_MSG:",
|
||||
"TrailingMessageData-TLS13-ServerHello-TLS": ":BAD_HANDSHAKE_MSG:",
|
||||
"TrailingMessageData-TLS13-EncryptedExtensions-TLS": ":BAD_HANDSHAKE_MSG:",
|
||||
"TrailingMessageData-TLS13-CertificateRequest-TLS": ":BAD_HANDSHAKE_MSG:",
|
||||
"TrailingMessageData-TLS13-ServerCertificate-TLS": ":BAD_HANDSHAKE_MSG:",
|
||||
"TrailingMessageData-TLS13-ServerCertificateVerify-TLS": ":BAD_HANDSHAKE_MSG:",
|
||||
"TrailingMessageData-TLS13-ServerFinished-TLS": ":DECRYPTION_FAILED_OR_BAD_RECORD_MAC:",
|
||||
"TrailingMessageData-TLS13-ClientCertificate-TLS": ":BAD_HANDSHAKE_MSG:",
|
||||
"TrailingMessageData-TLS13-ClientCertificateVerify-TLS": ":BAD_HANDSHAKE_MSG:",
|
||||
"TrailingDataWithFinished-Server-TLS13": ":PEER_MISBEHAVIOUR:",
|
||||
"TrailingDataWithFinished-Resume-Server-TLS13": ":PEER_MISBEHAVIOUR:",
|
||||
"MissingKeyShare-Client-TLS13": ":PEER_MISBEHAVIOUR:",
|
||||
"MissingKeyShare-Server-TLS13": ":INCOMPATIBLE:",
|
||||
"EmptyEncryptedExtensions-TLS13": ":BAD_HANDSHAKE_MSG:",
|
||||
|
@ -157,53 +182,62 @@
|
|||
"TLS13-AES128-GCM-client": ":PEER_MISBEHAVIOUR:",
|
||||
"TLS13-AES256-GCM-server": ":INCOMPATIBLE:",
|
||||
"TLS13-AES256-GCM-client": ":PEER_MISBEHAVIOUR:",
|
||||
"TLS13-ECDHE-ECDSA-AES128-GCM-server": ":INCOMPATIBLE:",
|
||||
"TLS13-ECDHE-ECDSA-AES128-GCM-client": ":PEER_MISBEHAVIOUR:",
|
||||
"TLS13-ECDHE-ECDSA-AES256-GCM-server": ":INCOMPATIBLE:",
|
||||
"TLS13-ECDHE-ECDSA-AES256-GCM-client": ":PEER_MISBEHAVIOUR:",
|
||||
"TLS13-ECDHE-ECDSA-CHACHA20-POLY1305-server": ":INCOMPATIBLE:",
|
||||
"TLS13-ECDHE-ECDSA-CHACHA20-POLY1305-client": ":PEER_MISBEHAVIOUR:",
|
||||
"TLS13-ECDHE-RSA-AES128-GCM-server": ":INCOMPATIBLE:",
|
||||
"TLS13-ECDHE-RSA-AES128-GCM-client": ":PEER_MISBEHAVIOUR:",
|
||||
"TLS13-ECDHE-RSA-AES256-GCM-server": ":INCOMPATIBLE:",
|
||||
"TLS13-ECDHE-RSA-AES256-GCM-client": ":PEER_MISBEHAVIOUR:",
|
||||
"TLS13-ECDHE-RSA-CHACHA20-POLY1305-server": ":INCOMPATIBLE:",
|
||||
"TLS13-ECDHE-RSA-CHACHA20-POLY1305-client": ":PEER_MISBEHAVIOUR:",
|
||||
"TLS12-AEAD-CHACHA20-POLY1305-server": ":INCOMPATIBLE:",
|
||||
"TLS12-AEAD-CHACHA20-POLY1305-client": ":PEER_MISBEHAVIOUR:",
|
||||
"TLS12-AEAD-AES128-GCM-SHA256-server": ":INCOMPATIBLE:",
|
||||
"TLS12-AEAD-AES128-GCM-SHA256-client": ":PEER_MISBEHAVIOUR:",
|
||||
"TLS12-AEAD-AES256-GCM-SHA384-server": ":INCOMPATIBLE:",
|
||||
"TLS12-AEAD-AES256-GCM-SHA384-client": ":PEER_MISBEHAVIOUR:",
|
||||
"TLS-TLS13-ECDHE_ECDSA_WITH_AES_128_GCM_SHA256-server": ":INCOMPATIBLE:",
|
||||
"TLS-TLS13-ECDHE_ECDSA_WITH_AES_128_GCM_SHA256-client": ":PEER_MISBEHAVIOUR:",
|
||||
"TLS-TLS13-ECDHE_ECDSA_WITH_AES_256_GCM_SHA384-server": ":INCOMPATIBLE:",
|
||||
"TLS-TLS13-ECDHE_ECDSA_WITH_AES_256_GCM_SHA384-client": ":PEER_MISBEHAVIOUR:",
|
||||
"TLS-TLS13-ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256-server": ":INCOMPATIBLE:",
|
||||
"TLS-TLS13-ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256-client": ":PEER_MISBEHAVIOUR:",
|
||||
"TLS-TLS13-ECDHE_RSA_WITH_AES_128_GCM_SHA256-server": ":INCOMPATIBLE:",
|
||||
"TLS-TLS13-ECDHE_RSA_WITH_AES_128_GCM_SHA256-client": ":PEER_MISBEHAVIOUR:",
|
||||
"TLS-TLS13-ECDHE_RSA_WITH_AES_256_GCM_SHA384-server": ":INCOMPATIBLE:",
|
||||
"TLS-TLS13-ECDHE_RSA_WITH_AES_256_GCM_SHA384-client": ":PEER_MISBEHAVIOUR:",
|
||||
"TLS-TLS13-ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256-server": ":INCOMPATIBLE:",
|
||||
"TLS-TLS13-ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256-client": ":PEER_MISBEHAVIOUR:",
|
||||
"TLS-TLS12-CHACHA20_POLY1305_SHA256-server": ":INCOMPATIBLE:",
|
||||
"TLS-TLS12-CHACHA20_POLY1305_SHA256-client": ":PEER_MISBEHAVIOUR:",
|
||||
"TLS-TLS12-AES_128_GCM_SHA256-server": ":INCOMPATIBLE:",
|
||||
"TLS-TLS12-AES_128_GCM_SHA256-client": ":PEER_MISBEHAVIOUR:",
|
||||
"TLS-TLS12-AES_256_GCM_SHA384-server": ":INCOMPATIBLE:",
|
||||
"TLS-TLS12-AES_256_GCM_SHA384-client": ":PEER_MISBEHAVIOUR:",
|
||||
"SkipHelloRetryRequest-TLS13": ":PEER_MISBEHAVIOUR:",
|
||||
"NoSupportedVersions": ":INCOMPATIBLE:",
|
||||
"ClientAuth-Verify-RSA-PKCS1-SHA1-TLS12": ":PEER_ALERT_INTERNAL_ERROR:",
|
||||
"ServerAuth-Verify-RSA-PKCS1-SHA1-TLS12": ":HANDSHAKE_FAILURE:",
|
||||
"ClientAuth-Verify-RSA-PKCS1-SHA1-TLS13": ":PEER_MISBEHAVIOUR:",
|
||||
"ServerAuth-Verify-RSA-PKCS1-SHA1-TLS13": ":PEER_MISBEHAVIOUR:",
|
||||
"ClientAuth-Verify-RSA-PKCS1-SHA256-TLS13": ":PEER_MISBEHAVIOUR:",
|
||||
"ServerAuth-Verify-RSA-PKCS1-SHA256-TLS13": ":PEER_MISBEHAVIOUR:",
|
||||
"ClientAuth-Verify-RSA-PKCS1-SHA384-TLS13": ":PEER_MISBEHAVIOUR:",
|
||||
"ServerAuth-Verify-RSA-PKCS1-SHA384-TLS13": ":PEER_MISBEHAVIOUR:",
|
||||
"ClientAuth-Verify-RSA-PKCS1-SHA512-TLS13": ":PEER_MISBEHAVIOUR:",
|
||||
"ServerAuth-Verify-RSA-PKCS1-SHA512-TLS13": ":PEER_MISBEHAVIOUR:",
|
||||
"Client-VerifyDefault-RSA_PKCS1_SHA1-TLS12": ":PEER_ALERT_INTERNAL_ERROR:",
|
||||
"Server-VerifyDefault-RSA_PKCS1_SHA1-TLS12": ":HANDSHAKE_FAILURE:",
|
||||
"Client-VerifyDefault-RSA_PKCS1_SHA1-TLS13": ":PEER_MISBEHAVIOUR:",
|
||||
"Server-VerifyDefault-RSA_PKCS1_SHA1-TLS13": ":PEER_MISBEHAVIOUR:",
|
||||
"Client-VerifyDefault-RSA_PKCS1_SHA256-TLS13": ":PEER_MISBEHAVIOUR:",
|
||||
"Server-VerifyDefault-RSA_PKCS1_SHA256-TLS13": ":PEER_MISBEHAVIOUR:",
|
||||
"Client-VerifyDefault-RSA_PKCS1_SHA384-TLS13": ":PEER_MISBEHAVIOUR:",
|
||||
"Server-VerifyDefault-RSA_PKCS1_SHA384-TLS13": ":PEER_MISBEHAVIOUR:",
|
||||
"Client-VerifyDefault-RSA_PKCS1_SHA512-TLS13": ":PEER_MISBEHAVIOUR:",
|
||||
"Server-VerifyDefault-RSA_PKCS1_SHA512-TLS13": ":PEER_MISBEHAVIOUR:",
|
||||
"ClientAuth-InvalidSignature-RSA-PKCS1-SHA1-TLS12": ":PEER_MISBEHAVIOUR:",
|
||||
"ServerAuth-InvalidSignature-RSA-PKCS1-SHA1-TLS12": ":PEER_MISBEHAVIOUR:",
|
||||
"ServerAuth-Sign-RSA-PKCS1-SHA256-TLS13": ":INCOMPATIBLE:",
|
||||
"ServerAuth-Sign-RSA-PKCS1-SHA384-TLS13": ":INCOMPATIBLE:",
|
||||
"ServerAuth-Sign-RSA-PKCS1-SHA512-TLS13": ":INCOMPATIBLE:",
|
||||
"ClientAuth-Sign-RSA-PKCS1-SHA256-TLS13": ":INCOMPATIBLE:",
|
||||
"ClientAuth-Sign-RSA-PKCS1-SHA384-TLS13": ":INCOMPATIBLE:",
|
||||
"ClientAuth-Sign-RSA-PKCS1-SHA512-TLS13": ":INCOMPATIBLE:",
|
||||
"Server-Sign-RSA_PKCS1_SHA256-TLS13": ":INCOMPATIBLE:",
|
||||
"Server-Sign-RSA_PKCS1_SHA384-TLS13": ":INCOMPATIBLE:",
|
||||
"Server-Sign-RSA_PKCS1_SHA512-TLS13": ":INCOMPATIBLE:",
|
||||
"Client-Sign-RSA_PKCS1_SHA256-TLS13": ":INCOMPATIBLE:",
|
||||
"Client-Sign-RSA_PKCS1_SHA384-TLS13": ":INCOMPATIBLE:",
|
||||
"Client-Sign-RSA_PKCS1_SHA512-TLS13": ":INCOMPATIBLE:",
|
||||
"ALPNClient-EmptyProtocolName-TLS13": ":PEER_MISBEHAVIOUR:",
|
||||
"ALPNServer-EmptyProtocolName-TLS13": ":PEER_MISBEHAVIOUR:",
|
||||
"ALPNClient-RejectUnknown-TLS13": ":PEER_MISBEHAVIOUR:",
|
||||
"ClientAuth-NoFallback-RSA": ":BAD_HANDSHAKE_MSG:",
|
||||
"ClientAuth-NoFallback-ECDSA": ":BAD_HANDSHAKE_MSG:",
|
||||
"ClientAuth-NoFallback-TLS13": ":BAD_HANDSHAKE_MSG:",
|
||||
"ServerAuth-NoFallback-TLS13": ":INCOMPATIBLE:",
|
||||
"ClientAuth-Enforced-TLS13": ":PEER_MISBEHAVIOUR:",
|
||||
"ServerAuth-Enforced-TLS13": ":PEER_MISBEHAVIOUR:",
|
||||
"SecondClientHelloWrongCurve-TLS13": ":PEER_MISBEHAVIOUR:",
|
||||
"SecondClientHelloMissingKeyShare-TLS13": ":INCOMPATIBLE:",
|
||||
"Resume-Server-BinderWrongLength-SecondBinder": ":PEER_MISBEHAVIOUR:",
|
||||
"Resume-Server-NoPSKBinder-SecondBinder": ":PEER_MISBEHAVIOUR:",
|
||||
"Resume-Server-ExtraPSKBinder-SecondBinder": ":PEER_MISBEHAVIOUR:",
|
||||
"Resume-Server-ExtraIdentityNoBinder-SecondBinder": ":PEER_MISBEHAVIOUR:",
|
||||
"Resume-Server-InvalidPSKBinder-SecondBinder": ":PEER_MISBEHAVIOUR:",
|
||||
"Resume-Server-PSKBinderFirstExtension-SecondBinder": ":PEER_MISBEHAVIOUR:",
|
||||
"Resume-Server-OmitPSKsOnSecondClientHello": ":PEER_MISBEHAVIOUR:",
|
||||
"Resume-Server-BinderWrongLength": ":PEER_MISBEHAVIOUR:",
|
||||
"Resume-Server-NoPSKBinder": ":PEER_MISBEHAVIOUR:",
|
||||
"Resume-Server-ExtraPSKBinder": ":PEER_MISBEHAVIOUR:",
|
||||
|
@ -211,8 +245,8 @@
|
|||
"Resume-Server-InvalidPSKBinder": ":PEER_MISBEHAVIOUR:",
|
||||
"Resume-Server-PSKBinderFirstExtension": ":PEER_MISBEHAVIOUR:",
|
||||
"Resume-Client-PRFMismatch-TLS13": ":PEER_MISBEHAVIOUR:",
|
||||
"Resume-Client-Mismatch-TLS12-TLS13": ":PEER_MISBEHAVIOUR:",
|
||||
"Resume-Client-Mismatch-TLS13-TLS12": ":PEER_MISBEHAVIOUR:",
|
||||
"Resume-Client-Mismatch-TLS12-TLS13-TLS": ":PEER_MISBEHAVIOUR:",
|
||||
"Resume-Client-Mismatch-TLS13-TLS12-TLS": ":PEER_MISBEHAVIOUR:",
|
||||
"NoSupportedCurves-TLS13": ":INCOMPATIBLE:",
|
||||
"BadECDHECurve-TLS13": ":PEER_MISBEHAVIOUR:",
|
||||
"InvalidECDHPoint-Client-TLS13": ":PEER_MISBEHAVIOUR:",
|
||||
|
@ -236,10 +270,35 @@
|
|||
"HelloRetryRequest-Empty-TLS13": ":PEER_MISBEHAVIOUR:",
|
||||
"HelloRetryRequest-EmptyCookie-TLS13": ":PEER_MISBEHAVIOUR:",
|
||||
"HelloRetryRequest-Unknown-TLS13": ":INCOMPATIBLE:",
|
||||
"MinimumVersion-Client-TLS13-TLS12": ":INCOMPATIBLE:",
|
||||
"MinimumVersion-Client2-TLS13-TLS12": ":INCOMPATIBLE:",
|
||||
"MinimumVersion-Server-TLS13-TLS12": ":INCOMPATIBLE:",
|
||||
"MinimumVersion-Server2-TLS13-TLS12": ":INCOMPATIBLE:",
|
||||
"TrailingDataWithFinished-Client-TLS12": ":PEER_MISBEHAVIOUR:",
|
||||
"TrailingDataWithFinished-Resume-Client-TLS12": ":PEER_MISBEHAVIOUR:",
|
||||
"TrailingDataWithFinished-Server-TLS12": ":PEER_MISBEHAVIOUR:",
|
||||
"TrailingDataWithFinished-Resume-Server-TLS12": ":PEER_MISBEHAVIOUR:",
|
||||
"TrailingDataWithFinished-Client-TLS13": ":PEER_MISBEHAVIOUR:",
|
||||
"TrailingDataWithFinished-Server-TLS13": ":PEER_MISBEHAVIOUR:",
|
||||
"TrailingDataWithFinished-Resume-Client-TLS13": ":PEER_MISBEHAVIOUR:",
|
||||
"TrailingDataWithFinished-Resume-Server-TLS13": ":PEER_MISBEHAVIOUR:",
|
||||
"PartialSecondClientHelloAfterFirst": ":PEER_MISBEHAVIOUR:",
|
||||
"PartialClientFinishedWithSecondClientHello": ":PEER_MISBEHAVIOUR:",
|
||||
"PartialClientFinishedWithClientHello-TLS12-Resume": ":PEER_MISBEHAVIOUR:",
|
||||
"PartialServerHelloWithHelloRetryRequest": ":PEER_MISBEHAVIOUR:",
|
||||
"PartialNewSessionTicketWithServerHelloDone": ":PEER_MISBEHAVIOUR:",
|
||||
"FragmentAcrossChangeCipherSpec-Client": ":PEER_MISBEHAVIOUR:",
|
||||
"FragmentAcrossChangeCipherSpec-Server-Packed": ":PEER_MISBEHAVIOUR:",
|
||||
"FragmentAcrossChangeCipherSpec-Client-Resume-Packed": ":PEER_MISBEHAVIOUR:",
|
||||
"FragmentAcrossChangeCipherSpec-Client-Resume": ":PEER_MISBEHAVIOUR:",
|
||||
"FragmentAcrossChangeCipherSpec-Server-Resume": ":PEER_MISBEHAVIOUR:",
|
||||
"FragmentAcrossChangeCipherSpec-Server": ":PEER_MISBEHAVIOUR:",
|
||||
"FragmentAcrossChangeCipherSpec-Client-Packed": ":PEER_MISBEHAVIOUR:",
|
||||
"FragmentAcrossChangeCipherSpec-Server-Resume-Packed": ":PEER_MISBEHAVIOUR:",
|
||||
"PartialFinishedWithServerHelloDone": ":PEER_MISBEHAVIOUR:",
|
||||
"PartialClientFinishedWithClientHello-TLS12-Resume": ":PEER_MISBEHAVIOUR:",
|
||||
"UnsupportedCurve-ServerHello-TLS13": ":PEER_MISBEHAVIOUR:",
|
||||
"PartialClientKeyExchangeWithClientHello": ":PEER_MISBEHAVIOUR:",
|
||||
"MinimumVersion-Client-TLS13-TLS12-TLS": ":INCOMPATIBLE:",
|
||||
"MinimumVersion-Client2-TLS13-TLS12-TLS": ":INCOMPATIBLE:",
|
||||
"MinimumVersion-Server-TLS13-TLS12-TLS": ":INCOMPATIBLE:",
|
||||
"MinimumVersion-Server2-TLS13-TLS12-TLS": ":INCOMPATIBLE:",
|
||||
"DuplicateKeyShares-TLS13": ":PEER_MISBEHAVIOUR:",
|
||||
"PartialEncryptedExtensionsWithServerHello": ":PEER_MISBEHAVIOUR:",
|
||||
"PartialClientFinishedWithClientHello": ":PEER_MISBEHAVIOUR:",
|
||||
|
@ -284,13 +343,17 @@
|
|||
"CurveTest-Server-Compressed-P-384-TLS12": ":PEER_MISBEHAVIOUR:",
|
||||
"CurveTest-Client-Compressed-P-384-TLS13": ":PEER_MISBEHAVIOUR:",
|
||||
"CurveTest-Server-Compressed-P-384-TLS13": ":PEER_MISBEHAVIOUR:",
|
||||
"Client-Sign-RSA_PKCS1_SHA512-TLS13": ":INCOMPATIBLE:",
|
||||
"ExtendedMasterSecret-NoToYes-Client": ":PEER_MISBEHAVIOUR:",
|
||||
"ExtendedMasterSecret-YesToNo-Server": ":PEER_MISBEHAVIOUR:",
|
||||
"ExtendedMasterSecret-YesToNo-Client": ":PEER_MISBEHAVIOUR:",
|
||||
"ServerAcceptsEarlyDataOnHRR-Client-TLS13": ":PEER_MISBEHAVIOUR:",
|
||||
"Downgrade-TLS12-Client": ":PEER_MISBEHAVIOUR:",
|
||||
"Downgrade-TLS10-Client": ":HANDSHAKE_FAILURE:",
|
||||
"Downgrade-TLS10-Server": ":INCOMPATIBLE:",
|
||||
"SecondServerHelloNoVersion-TLS13": ":PEER_MISBEHAVIOUR:",
|
||||
"SecondServerHelloWrongVersion-TLS13": ":INCOMPATIBLE:",
|
||||
"EarlyData-CipherMismatch-Client-TLS13": ":PEER_MISBEHAVIOUR:",
|
||||
"EarlyDataVersionDowngrade-Client-TLS13": ":WRONG_VERSION:",
|
||||
"EarlyDataWithoutResume-Client-TLS13": ":PEER_MISBEHAVIOUR:",
|
||||
"EarlyDataVersionDowngrade-Client-TLS13": ":PEER_MISBEHAVIOUR:"
|
||||
|
@ -299,7 +362,11 @@
|
|||
"SendServerHelloAsHelloRetryRequest": "remote error: error decoding message",
|
||||
"GarbageCertificate-Server-TLS12": "remote error: access denied",
|
||||
"GarbageCertificate-Server-TLS13": "remote error: access denied",
|
||||
"ClientAuth-Verify-RSA-PKCS1-SHA1-TLS12": "tls: no common signature algorithms",
|
||||
"ServerAuth-Verify-RSA-PKCS1-SHA1-TLS12": "tls: no common signature algorithms"
|
||||
"Client-VerifyDefault-RSA_PKCS1_SHA1-TLS12": "tls: no common signature algorithms",
|
||||
"Server-VerifyDefault-RSA_PKCS1_SHA1-TLS12": "tls: no common signature algorithms",
|
||||
"Downgrade-TLS10-Client": "tls: no cipher suite supported by both client and server",
|
||||
"Downgrade-TLS10-Server": "remote error: protocol version not supported",
|
||||
"TrailingDataWithFinished-Client-TLS13": "local error: bad record MAC",
|
||||
"TrailingDataWithFinished-Resume-Client-TLS13": "local error: bad record MAC"
|
||||
}
|
||||
}
|
||||
|
|
|
@ -716,6 +716,9 @@ fn main() {
|
|||
"-expect-signed-cert-timestamps" |
|
||||
"-expect-certificate-types" |
|
||||
"-expect-client-ca-list" |
|
||||
"-on-retry-expect-early-data-reason" |
|
||||
"-on-resume-expect-early-data-reason" |
|
||||
"-on-initial-expect-early-data-reason" |
|
||||
"-handshaker-path" |
|
||||
"-expect-msg-callback" => {
|
||||
println!("not checking {} {}; NYI", arg, args.remove(0));
|
||||
|
@ -724,6 +727,11 @@ fn main() {
|
|||
"-expect-secure-renegotiation" |
|
||||
"-expect-no-session-id" |
|
||||
"-enable-ed25519" |
|
||||
"-expect-hrr" |
|
||||
"-expect-no-hrr" |
|
||||
"-on-resume-expect-no-offer-early-data" |
|
||||
"-key-update" | //< we could implement an API for this
|
||||
"-expect-tls13-downgrade" |
|
||||
"-expect-session-id" => {
|
||||
println!("not checking {}; NYI", arg);
|
||||
}
|
||||
|
@ -744,7 +752,7 @@ fn main() {
|
|||
opts.quic_transport_params = base64::decode(args.remove(0).as_bytes())
|
||||
.expect("invalid base64");
|
||||
}
|
||||
"-expected-quic-transport-params" => {
|
||||
"-expect-quic-transport-params" => {
|
||||
opts.expect_quic_transport_params = base64::decode(args.remove(0).as_bytes())
|
||||
.expect("invalid base64");
|
||||
}
|
||||
|
@ -804,10 +812,25 @@ fn main() {
|
|||
"-expect-ticket-supports-early-data" => {
|
||||
opts.expect_ticket_supports_early_data = true;
|
||||
}
|
||||
"-expect-accept-early-data" => {
|
||||
"-expect-accept-early-data" |
|
||||
"-on-resume-expect-accept-early-data" => {
|
||||
opts.expect_accept_early_data = true;
|
||||
}
|
||||
"-expect-reject-early-data" => {
|
||||
"-expect-early-data-reason" |
|
||||
"-on-resume-expect-reject-early-data-reason" => {
|
||||
let reason = args.remove(0);
|
||||
match reason.as_str() {
|
||||
"disabled" | "protocol_version" => {
|
||||
opts.expect_reject_early_data = true;
|
||||
}
|
||||
_ => {
|
||||
println!("NYI early data reason: {}", reason);
|
||||
process::exit(1);
|
||||
}
|
||||
}
|
||||
}
|
||||
"-expect-reject-early-data" |
|
||||
"-on-resume-expect-reject-early-data" => {
|
||||
opts.expect_reject_early_data = true;
|
||||
}
|
||||
"-expect-version" => {
|
||||
|
@ -855,6 +878,7 @@ fn main() {
|
|||
"-use-exporter-between-reads" |
|
||||
"-ticket-key" |
|
||||
"-tls-unique" |
|
||||
"-curves" |
|
||||
"-enable-server-custom-extension" |
|
||||
"-enable-client-custom-extension" |
|
||||
"-expect-dhe-group-size" |
|
||||
|
@ -881,6 +905,7 @@ fn main() {
|
|||
"-on-resume-read-with-unfinished-write" |
|
||||
"-expect-peer-cert-file" |
|
||||
"-no-rsa-pss-rsae-certs" |
|
||||
"-ignore-tls13-downgrade" |
|
||||
"-on-initial-expect-peer-cert-file" => {
|
||||
println!("NYI option {:?}", arg);
|
||||
process::exit(BOGO_NACK);
|
||||
|
|
Loading…
Reference in New Issue