{"name" : "test-record-size-limit.py",
"comment" : "changed extension after HRR is not supported #617",
"arguments" : ["-p", "@PORT@", "--reply-AD-size", "685",
- "--minimal-size", "512",
"-e", "change size in TLS 1.2 resumption",
"-e", "change size in TLS 1.3 session resumption",
"-e", "check if server accepts maximum size in TLS 1.0",
"-e", "removed extension in 2nd CH in HRR handshake"] },
{"name" : "test-record-size-limit.py",
"arguments" : ["-p", "@PORT@", "--reply-AD-size", "672",
- "--minimal-size", "512",
"change size in TLS 1.3 session resumption",
"drop extension in TLS 1.3 session resumption"] },
{"name" : "test-tls13-0rtt-garbage.py",
{"name" : "test-record-size-limit.py",
"comment" : "TLS 1.3 tests are done separately; 1/n-1 splitting is not supported in TLS 1.0",
"arguments" : ["-p", "@PORT@", "--reply-AD-size", "821",
- "--minimal-size", "512",
"-e", "check if server accepts maximum size in TLS 1.0",
"-e", "check if server accepts maximum size in TLS 1.3",
"-e", "check if server accepts minimal size in TLS 1.0",
srcdir="${srcdir:-.}"
tls_fuzzer_prepare() {
-PRIORITY="NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+VERS-TLS1.1"
+PRIORITY="NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+VERS-TLS1.1:%ALLOW_SMALL_RECORDS"
sed -e "s|@SERVER@|$SERV|g" -e "s/@PORT@/$PORT/g" -e "s/@PRIORITY@/$PRIORITY/g" ../gnutls-nocert-tls13.json >${TMPFILE}
}
tls_fuzzer_prepare() {
VERSIONS="-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0"
-PRIORITY="NORMAL:%VERIFY_ALLOW_SIGN_WITH_SHA1:+ARCFOUR-128:+3DES-CBC:+DHE-DSS:+SIGN-DSA-SHA256:+SIGN-DSA-SHA1:-CURVE-SECP192R1:${VERSIONS}:+SHA256"
+PRIORITY="NORMAL:%VERIFY_ALLOW_SIGN_WITH_SHA1:+ARCFOUR-128:+3DES-CBC:+DHE-DSS:+SIGN-DSA-SHA256:+SIGN-DSA-SHA1:-CURVE-SECP192R1:${VERSIONS}:+SHA256:%ALLOW_SMALL_RECORDS"
${CLI} --list --priority "${PRIORITY}" >/dev/null 2>&1
if test $? != 0;then
- PRIORITY="NORMAL:%VERIFY_ALLOW_SIGN_WITH_SHA1:+ARCFOUR-128:+3DES-CBC:+DHE-DSS:+SIGN-DSA-SHA256:+SIGN-DSA-SHA1:${VERSIONS}:+SHA256"
+ PRIORITY="NORMAL:%VERIFY_ALLOW_SIGN_WITH_SHA1:+ARCFOUR-128:+3DES-CBC:+DHE-DSS:+SIGN-DSA-SHA256:+SIGN-DSA-SHA1:${VERSIONS}:+SHA256:%ALLOW_SMALL_RECORDS"
fi
sed -e "s|@SERVER@|$SERV|g" -e "s/@PORT@/$PORT/g" -e "s/@PRIORITY@/$PRIORITY/g" ../gnutls-nocert.json >${TMPFILE}