From patchwork Thu May 12 22:36:35 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arne Schwabe X-Patchwork-Id: 2457 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director9.mail.ord1d.rsapps.net ([172.28.255.1]) by backend41.mail.ord1d.rsapps.net with LMTP id 0IH3C90YfmJzMQAAqwncew (envelope-from ) for ; Fri, 13 May 2022 04:37:49 -0400 Received: from proxy6.mail.ord1c.rsapps.net ([172.28.255.1]) by director9.mail.ord1d.rsapps.net with LMTP id sCvlKt0YfmJtcgAAalYnBA (envelope-from ) for ; Fri, 13 May 2022 04:37:49 -0400 Received: from smtp1.gate.ord1c ([172.28.255.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy6.mail.ord1c.rsapps.net with LMTPS id 0CV2Kt0YfmKbaQAA9sKXow (envelope-from ) for ; Fri, 13 May 2022 04:37:49 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp1.gate.ord1c.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dmarc=none (p=nil; dis=none) header.from=rfc2549.org X-Suspicious-Flag: YES X-Classification-ID: f813ac4e-d297-11ec-a135-842b2b47c027-1-1 Received: from [216.105.38.7] ([216.105.38.7:58434] helo=lists.sourceforge.net) by smtp1.gate.ord1c.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id 2D/C5-29618-CD81E726; Fri, 13 May 2022 04:37:49 -0400 Received: from [127.0.0.1] (helo=sfs-ml-1.v29.lw.sourceforge.com) by sfs-ml-1.v29.lw.sourceforge.com with esmtp (Exim 4.94.2) (envelope-from ) id 1npQmx-0003fP-L5; Fri, 13 May 2022 08:36:44 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-1.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1npQmw-0003eo-P4 for openvpn-devel@lists.sourceforge.net; Fri, 13 May 2022 08:36:43 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=MkXg+Gm9vq7d4ojsyb1jhv16jG7tDUkscJGqB6QGBFI=; b=D41iypWBSqk40Rw9Iibz56BvIC iv0hm6N0o54f90t1vRbJ6GLsJuSxrdARfS9jSMldG0TP7cvA+KNj8Mr6dNqGwS9hfjXF3Peny+aJp YVDQpak1fPaM8Eo2f704fkbu/FdLprsWmjQMWoIyJ9FbAbKXG/i2t0crYbVFcAndSyGQ=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-Id: Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=MkXg+Gm9vq7d4ojsyb1jhv16jG7tDUkscJGqB6QGBFI=; b=ByCH0X3vAm+VaXvPjvdpS5bjY7 KqdrxMwKpkJa9WR730AgjGpnW5oiTp3r5FMOT2Wmcgx9m2HmmnZrNgNhT3JDcpM7K1jfSgtNNvItG uaw5lpxe+/nvTI+Clt2gW9iDOuPQaXhNZ2kV1LAAplsx6sZ8wEHSX5Rg8hN79Ss0EUG4=; Received: from mail.blinkt.de ([192.26.174.232]) by sfi-mx-1.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.94.2) id 1npQmw-00Ag7W-4R for openvpn-devel@lists.sourceforge.net; Fri, 13 May 2022 08:36:42 +0000 Received: from kamera.blinkt.de ([2001:638:502:390:20c:29ff:fec8:535c]) by mail.blinkt.de with smtp (Exim 4.95 (FreeBSD)) (envelope-from ) id 1npQmp-000AFZ-Hj for openvpn-devel@lists.sourceforge.net; Fri, 13 May 2022 10:36:35 +0200 Received: (nullmailer pid 2199177 invoked by uid 10006); Fri, 13 May 2022 08:36:35 -0000 From: Arne Schwabe To: openvpn-devel@lists.sourceforge.net Date: Fri, 13 May 2022 10:36:35 +0200 Message-Id: <20220513083635.2199131-1-arne@rfc2549.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220512121429.2096164-1-arne@rfc2549.org> References: <20220512121429.2096164-1-arne@rfc2549.org> MIME-Version: 1.0 X-Spam-Report: Spam detection software, running on the system "util-spamd-2.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: The test_check_ncp_ciphers_list test assumed that BF-CBC is always available, which is no longer the case with OpenSSL 3.0. Rewrite the test to not rely on BF-CBC to be available. This is a cherry-pick from c07f95f3 Content analysis details: (0.2 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 SPF_NONE SPF: sender does not publish an SPF Record 0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail domains are different 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 T_SCC_BODY_TEXT_LINE No description available. X-Headers-End: 1npQmw-00Ag7W-4R Subject: [Openvpn-devel] [PATCH v2 7/7] Remove dependency on BF-CBC existance from test_ncp X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox The test_check_ncp_ciphers_list test assumed that BF-CBC is always available, which is no longer the case with OpenSSL 3.0. Rewrite the test to not rely on BF-CBC to be available. This is a cherry-pick from c07f95f3 Patch V2: manually fix if condition. Somehow the git cherry-pick ended up with a broken if condition. Acked-by: Gert Doering --- tests/unit_tests/openvpn/test_ncp.c | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/tests/unit_tests/openvpn/test_ncp.c b/tests/unit_tests/openvpn/test_ncp.c index e38a5738e..4337f6df7 100644 --- a/tests/unit_tests/openvpn/test_ncp.c +++ b/tests/unit_tests/openvpn/test_ncp.c @@ -42,6 +42,7 @@ /* Defines for use in the tests and the mock parse_line() */ const char *bf_chacha = "BF-CBC:CHACHA20-POLY1305"; +const char *aes_chacha = "AES-128-CBC:CHACHA20-POLY1305"; const char *aes_ciphers = "AES-256-GCM:AES-128-GCM"; static void @@ -57,6 +58,11 @@ test_check_ncp_ciphers_list(void **state) assert_string_equal(mutate_ncp_cipher_list(aes_ciphers, &gc), aes_ciphers); + if (have_chacha) + { + assert_string_equal(mutate_ncp_cipher_list(aes_chacha, &gc), aes_chacha); + } + if (have_chacha && have_blowfish) { assert_string_equal(mutate_ncp_cipher_list(bf_chacha, &gc), bf_chacha); @@ -73,8 +79,8 @@ test_check_ncp_ciphers_list(void **state) bool have_chacha_mixed_case = cipher_kt_get("ChaCha20-Poly1305"); if (have_chacha_mixed_case) { - assert_string_equal(mutate_ncp_cipher_list("BF-CBC:ChaCha20-Poly1305", &gc), - bf_chacha); + assert_string_equal(mutate_ncp_cipher_list("AES-128-CBC:ChaCha20-Poly1305", &gc), + aes_chacha); } assert_ptr_equal(mutate_ncp_cipher_list("vollbit", &gc), NULL);