Fix two issues with AES-CCM KTLS tests.

- Apply the cipher list to the server context as well as the client context. The tests still worked for AES-GCM cipher suites as those are in the default list of ciphers. AES-CCM cipher suites are not in the default list and require the cipher list to be set. - Use the correct cipher name for AES-CCM. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12111)
author: Vadim Fedorenko <vadimjunk@gmail.com> 2020-07-31 11:21:36 -0700
committer: Matt Caswell <matt@openssl.org> 2020-08-31 09:34:19 +0100
commit: ab114c6ddef52384c3c5d579847b989284f51dfc (patch)
tree: ebe19238c5df268a3b477eeb640e9f66acea36d4 /test
parent: 18efb630169a5c2c58a77b0b67fc707a87cb8b93 (diff)
1 files changed, 4 insertions, 2 deletions
diff --git a/test/sslapitest.c b/test/sslapitest.c
index 47a2d8028e..cbb488ca26 100644
--- a/test/sslapitest.c
+++ b/test/sslapitest.c
@@ -993,6 +993,7 @@ static int execute_test_ktls(int cis_ktls_tx, int cis_ktls_rx,
                                        tls_version, tls_version,
                                        &sctx, &cctx, cert, privkey))
             || !TEST_true(SSL_CTX_set_cipher_list(cctx, cipher))
+            || !TEST_true(SSL_CTX_set_cipher_list(sctx, cipher))
             || !TEST_true(create_ssl_objects2(sctx, cctx, &serverssl,
                                           &clientssl, sfd, cfd)))
         goto end;
@@ -1107,6 +1108,7 @@ static int test_ktls_sendfile(int tls_version, const char *cipher)
                                        tls_version, tls_version,
                                        &sctx, &cctx, cert, privkey))
         || !TEST_true(SSL_CTX_set_cipher_list(cctx, cipher))
+        || !TEST_true(SSL_CTX_set_cipher_list(sctx, cipher))
         || !TEST_true(create_ssl_objects2(sctx, cctx, &serverssl,
                                           &clientssl, sfd, cfd)))
         goto end;
@@ -1220,7 +1222,7 @@ static int test_ktls(int test)
 #endif
 #ifdef OPENSSL_KTLS_AES_CCM_128
     testresult &= execute_test_ktls(cis_ktls_tx, cis_ktls_rx, sis_ktls_tx,
-                                    sis_ktls_rx, tlsver, "AES128-CCM-SHA256",
+                                    sis_ktls_rx, tlsver, "AES128-CCM",
                                     TLS_CIPHER_AES_CCM_128_REC_SEQ_SIZE);
 #endif
 #ifdef OPENSSL_KTLS_AES_GCM_256
@@ -1233,7 +1235,7 @@ static int test_ktls(int test)
 
 static int test_ktls_sendfile_anytls(int tst)
 {
-    char *cipher[] = {"AES128-GCM-SHA256","AES128-CCM-SHA256","AES256-GCM-SHA384"};
+    char *cipher[] = {"AES128-GCM-SHA256","AES128-CCM","AES256-GCM-SHA384"};
     int tlsver;
 
     if (tst > 2) {
author	Vadim Fedorenko <vadimjunk@gmail.com>	2020-07-31 11:21:36 -0700
committer	Matt Caswell <matt@openssl.org>	2020-08-31 09:34:19 +0100
commit	ab114c6ddef52384c3c5d579847b989284f51dfc (patch)
tree	ebe19238c5df268a3b477eeb640e9f66acea36d4 /test
parent	18efb630169a5c2c58a77b0b67fc707a87cb8b93 (diff)