tlsfuzzer: use %ALLOW_SMALL_RECORDS for testing

Signed-off-by: Daiki Ueno <dueno@redhat.com>

diff --git a/tests/suite/tls-fuzzer/gnutls-nocert-tls13.json b/tests/suite/tls-fuzzer/gnutls-nocert-tls13.json
index 5a10d615ec6cee2b5d668635044f6fe4847966ef..806cc17b1669cedf46179e023b55437ea122e3bf 100644 (file)
--- a/tests/suite/tls-fuzzer/gnutls-nocert-tls13.json
+++ b/tests/suite/tls-fuzzer/gnutls-nocert-tls13.json
@@ -15,7 +15,6 @@
          {"name" : "test-record-size-limit.py",
           "comment" : "changed extension after HRR is not supported #617",
           "arguments" : ["-p", "@PORT@", "--reply-AD-size", "685",
-                         "--minimal-size", "512",
                          "-e", "change size in TLS 1.2 resumption",
                          "-e", "change size in TLS 1.3 session resumption",
                          "-e", "check if server accepts maximum size in TLS 1.0",
@@ -41,7 +40,6 @@
                          "-e", "removed extension in 2nd CH in HRR handshake"] },
          {"name" : "test-record-size-limit.py",
           "arguments" : ["-p", "@PORT@", "--reply-AD-size", "672",
-                         "--minimal-size", "512",
                          "change size in TLS 1.3 session resumption",
                          "drop extension in TLS 1.3 session resumption"] },
         {"name" : "test-tls13-0rtt-garbage.py",

diff --git a/tests/suite/tls-fuzzer/gnutls-nocert.json b/tests/suite/tls-fuzzer/gnutls-nocert.json
index e25b6b3613269e72da4130c2e4bf489960ef6e83..416eae6ba701aa36cb2fb436d4c7dd132304a857 100644 (file)
--- a/tests/suite/tls-fuzzer/gnutls-nocert.json
+++ b/tests/suite/tls-fuzzer/gnutls-nocert.json
@@ -233,7 +233,6 @@
          {"name" : "test-record-size-limit.py",
          "comment" : "TLS 1.3 tests are done separately; 1/n-1 splitting is not supported in TLS 1.0",
           "arguments" : ["-p", "@PORT@", "--reply-AD-size", "821",
-                         "--minimal-size", "512",
                          "-e", "check if server accepts maximum size in TLS 1.0",
                          "-e", "check if server accepts maximum size in TLS 1.3",
                          "-e", "check if server accepts minimal size in TLS 1.0",

diff --git a/tests/suite/tls-fuzzer/tls-fuzzer-nocert-tls13.sh b/tests/suite/tls-fuzzer/tls-fuzzer-nocert-tls13.sh
index 1b9b0f1765e662bdb07905c94d36a37b0cf79271..d1fe2ed10053b1a54677d2d59c754e5d46152bf8 100755 (executable)
--- a/tests/suite/tls-fuzzer/tls-fuzzer-nocert-tls13.sh
+++ b/tests/suite/tls-fuzzer/tls-fuzzer-nocert-tls13.sh
@@ -21,7 +21,7 @@
 srcdir="${srcdir:-.}"
 
 tls_fuzzer_prepare() {
-PRIORITY="NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+VERS-TLS1.1"
+PRIORITY="NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+VERS-TLS1.1:%ALLOW_SMALL_RECORDS"
 
 sed -e "s|@SERVER@|$SERV|g" -e "s/@PORT@/$PORT/g" -e "s/@PRIORITY@/$PRIORITY/g" ../gnutls-nocert-tls13.json >${TMPFILE}
 }

diff --git a/tests/suite/tls-fuzzer/tls-fuzzer-nocert.sh b/tests/suite/tls-fuzzer/tls-fuzzer-nocert.sh
index 77a1d050cd2131c05214134d94f9363aab38986f..1d23e98c61dc12deb4fc21f5cfe8c4f0dc80a96e 100755 (executable)
--- a/tests/suite/tls-fuzzer/tls-fuzzer-nocert.sh
+++ b/tests/suite/tls-fuzzer/tls-fuzzer-nocert.sh
@@ -22,10 +22,10 @@ srcdir="${srcdir:-.}"
 
 tls_fuzzer_prepare() {
 VERSIONS="-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0"
-PRIORITY="NORMAL:%VERIFY_ALLOW_SIGN_WITH_SHA1:+ARCFOUR-128:+3DES-CBC:+DHE-DSS:+SIGN-DSA-SHA256:+SIGN-DSA-SHA1:-CURVE-SECP192R1:${VERSIONS}:+SHA256"
+PRIORITY="NORMAL:%VERIFY_ALLOW_SIGN_WITH_SHA1:+ARCFOUR-128:+3DES-CBC:+DHE-DSS:+SIGN-DSA-SHA256:+SIGN-DSA-SHA1:-CURVE-SECP192R1:${VERSIONS}:+SHA256:%ALLOW_SMALL_RECORDS"
 ${CLI} --list --priority "${PRIORITY}" >/dev/null 2>&1
 if test $? != 0;then
-       PRIORITY="NORMAL:%VERIFY_ALLOW_SIGN_WITH_SHA1:+ARCFOUR-128:+3DES-CBC:+DHE-DSS:+SIGN-DSA-SHA256:+SIGN-DSA-SHA1:${VERSIONS}:+SHA256"
+       PRIORITY="NORMAL:%VERIFY_ALLOW_SIGN_WITH_SHA1:+ARCFOUR-128:+3DES-CBC:+DHE-DSS:+SIGN-DSA-SHA256:+SIGN-DSA-SHA1:${VERSIONS}:+SHA256:%ALLOW_SMALL_RECORDS"
 fi
 
 sed -e "s|@SERVER@|$SERV|g" -e "s/@PORT@/$PORT/g" -e "s/@PRIORITY@/$PRIORITY/g" ../gnutls-nocert.json >${TMPFILE}