Merge branch 'development' into dtls
* development:
Adapt tests to new defaults/errors.
Fix typos/cosmetics in Changelog
Disable RC4 by default in example programs.
Add ssl_set_arc4_support()
Set min version to TLS 1.0 in programs
Conflicts:
include/polarssl/ssl.h
library/ssl_cli.c
library/ssl_srv.c
tests/compat.sh
diff --git a/ChangeLog b/ChangeLog
index 42d1c7c..65c1792 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -30,9 +30,9 @@
(found using Codenomicon Defensics).
Features
- * Add support for FALLBACK_SCSV (draft-ietf-tls-downgrade-scsv)
- * Add support for Extended Master Secret (draft-ietf-tls-session-hash)
- * Add support for Encrypt-then-MAC (RFC 7366)
+ * Add support for FALLBACK_SCSV (draft-ietf-tls-downgrade-scsv).
+ * Add support for Extended Master Secret (draft-ietf-tls-session-hash).
+ * Add support for Encrypt-then-MAC (RFC 7366).
* Add function pk_check_pair() to test if public and private keys match.
* Add x509_crl_parse_der().
* Add compile-time option POLARSSL_X509_MAX_INTERMEDIATE_CA to limit the
@@ -43,14 +43,16 @@
for pre-1.2 clients when multiple certificates are available.
* Add support for getrandom() syscall on recent Linux kernels with Glibc or
a compatible enough libc (eg uClibc).
+ * Add ssl_set_arc4_support() to make it easier to disable RC4 at runtime
+ while using the default ciphersuite list.
Bugfix
* Stack buffer overflow if ctr_drbg_update() is called with too large
add_len (found by Jean-Philippe Aumasson) (not triggerable remotely).
* Possible buffer overflow of length at most POLARSSL_MEMORY_ALIGN_MULTIPLE
if memory_buffer_alloc_init() was called with buf not aligned and len not
- a multiple of POLARSSL_MEMORY_ALIGN_MULTIPLE.
- * User set CFLAGS were ignore by Cmake with gcc (introduced in 1.3.9, found
+ a multiple of POLARSSL_MEMORY_ALIGN_MULTIPLE (not triggerable remotely).
+ * User set CFLAGS were ignored by Cmake with gcc (introduced in 1.3.9, found
by Julian Ospald).
* Fix potential undefined behaviour in Camellia.
* Fix potential failure in ECDSA signatures when POLARSSL_ECP_MAX_BITS is a
@@ -68,8 +70,10 @@
* A specific error is now returned when there are ciphersuites in common
but none of them is usable due to external factors such as no certificate
with a suitable (extended)KeyUsage or curve or no PSK set.
- * It is now possible to disable neogtiation of truncated HMAC server-side
+ * It is now possible to disable negotiation of truncated HMAC server-side
at runtime with ssl_set_truncated_hmac().
+ * Example programs for SSL client and server now disable SSLv3 by default.
+ * Example programs for SSL client and server now disable RC4 by default.
= PolarSSL 1.3.9 released 2014-10-20
Security
diff --git a/include/polarssl/ssl.h b/include/polarssl/ssl.h
index 2af34cb..15cd288 100644
--- a/include/polarssl/ssl.h
+++ b/include/polarssl/ssl.h
@@ -269,6 +269,9 @@
#define SSL_CBC_RECORD_SPLITTING_DISABLED -1
#define SSL_CBC_RECORD_SPLITTING_ENABLED 0
+#define SSL_ARC4_ENABLED 0
+#define SSL_ARC4_DISABLED 1
+
/*
* DTLS retransmission states, see RFC 6347 4.2.4
*
@@ -830,6 +833,7 @@
#if defined(POLARSSL_SSL_EXTENDED_MASTER_SECRET)
char extended_ms; /*!< flag for extended master secret */
#endif
+ char arc4_disabled; /*!< flag for disabling RC4 */
/*
* Callbacks (RNG, debug, I/O, verification)
@@ -1766,6 +1770,11 @@
* \brief Set the minimum accepted SSL/TLS protocol version
* (Default: SSL_MIN_MAJOR_VERSION, SSL_MIN_MINOR_VERSION)
*
+ * \note Input outside of the SSL_MAX_XXXXX_VERSION and
+ * SSL_MIN_XXXXX_VERSION range is ignored.
+ *
+ * \note SSL_MINOR_VERSION_0 (SSL v3) should be avoided.
+ *
* \param ssl SSL context
* \param major Major version number (only SSL_MAJOR_VERSION_3 supported)
* \param minor Minor version number (SSL_MINOR_VERSION_0,
@@ -1831,6 +1840,21 @@
void ssl_set_extended_master_secret( ssl_context *ssl, char ems );
#endif /* POLARSSL_SSL_EXTENDED_MASTER_SECRET */
+/**
+ * \brief Disable or enable support for RC4
+ * (Default: SSL_ARC4_ENABLED)
+ *
+ * \note Though the default is RC4 for compatibility reasons in the
+ * 1.3 branch, the recommended value is SSL_ARC4_DISABLED.
+ *
+ * \note This function will likely be removed in future versions as
+ * RC4 will then be disabled by default at compile time.
+ *
+ * \param ssl SSL context
+ * \param arc4 SSL_ARC4_ENABLED or SSL_ARC4_DISABLED
+ */
+void ssl_set_arc4_support( ssl_context *ssl, char arc4 );
+
#if defined(POLARSSL_SSL_MAX_FRAGMENT_LENGTH)
/**
* \brief Set the maximum fragment length to emit and/or negotiate
diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index 98711cc..774cce4 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -720,6 +720,10 @@
continue;
#endif
+ if( ssl->arc4_disabled == SSL_ARC4_DISABLED &&
+ ciphersuite_info->cipher == POLARSSL_CIPHER_ARC4_128 )
+ continue;
+
SSL_DEBUG_MSG( 3, ( "client hello, add ciphersuite: %2d",
ciphersuites[i] ) );
@@ -1174,6 +1178,7 @@
int renegotiation_info_seen = 0;
#endif
int handshake_failure = 0;
+ const ssl_ciphersuite_t *suite_info;
#if defined(POLARSSL_DEBUG_C)
uint32_t t;
#endif
@@ -1396,6 +1401,16 @@
SSL_DEBUG_MSG( 3, ( "server hello, chosen ciphersuite: %d", i ) );
SSL_DEBUG_MSG( 3, ( "server hello, compress alg.: %d", buf[37 + n] ) );
+ suite_info = ssl_ciphersuite_from_id( ssl->session_negotiate->ciphersuite );
+ if( suite_info == NULL ||
+ ( ssl->arc4_disabled &&
+ suite_info->cipher == POLARSSL_CIPHER_ARC4_128 ) )
+ {
+ SSL_DEBUG_MSG( 1, ( "bad server hello message" ) );
+ return( POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO );
+ }
+
+
i = 0;
while( 1 )
{
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index d83c560..e6948ef 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -956,6 +956,10 @@
return( 0 );
#endif
+ if( ssl->arc4_disabled == SSL_ARC4_DISABLED &&
+ suite_info->cipher == POLARSSL_CIPHER_ARC4_128 )
+ return( 0 );
+
#if defined(POLARSSL_ECDH_C) || defined(POLARSSL_ECDSA_C)
if( ssl_ciphersuite_uses_ec( suite_info ) &&
( ssl->handshake->curves == NULL ||
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index c78b1a7..ca5241f 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -5679,6 +5679,11 @@
}
#endif
+void ssl_set_arc4_support( ssl_context *ssl, char arc4 )
+{
+ ssl->arc4_disabled = arc4;
+}
+
#if defined(POLARSSL_SSL_MAX_FRAGMENT_LENGTH)
int ssl_set_max_frag_len( ssl_context *ssl, unsigned char mfl_code )
{
diff --git a/programs/ssl/ssl_client1.c b/programs/ssl/ssl_client1.c
index f1b4e6d..f69abbb 100644
--- a/programs/ssl/ssl_client1.c
+++ b/programs/ssl/ssl_client1.c
@@ -168,6 +168,11 @@
ssl_set_authmode( &ssl, SSL_VERIFY_OPTIONAL );
ssl_set_ca_chain( &ssl, &cacert, NULL, "PolarSSL Server 1" );
+ /* SSLv3 is deprecated, set minimum to TLS 1.0 */
+ ssl_set_min_version( &ssl, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1 );
+ /* RC4 is deprecated, disable it */
+ ssl_set_arc4_support( &ssl, SSL_ARC4_DISABLED );
+
ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg );
ssl_set_dbg( &ssl, my_debug, stdout );
ssl_set_bio( &ssl, net_recv, &server_fd,
diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index 9313499..a4ae359 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -88,8 +88,9 @@
#define DFL_ALLOW_LEGACY -2
#define DFL_RENEGOTIATE 0
#define DFL_EXCHANGES 1
-#define DFL_MIN_VERSION -1
+#define DFL_MIN_VERSION SSL_MINOR_VERSION_1
#define DFL_MAX_VERSION -1
+#define DFL_ARC4 SSL_ARC4_DISABLED
#define DFL_AUTH_MODE SSL_VERIFY_REQUIRED
#define DFL_MFL_CODE SSL_MAX_FRAG_LEN_NONE
#define DFL_TRUNC_HMAC -1
@@ -136,6 +137,7 @@
int exchanges; /* number of data exchanges */
int min_version; /* minimum protocol version accepted */
int max_version; /* maximum protocol version accepted */
+ int arc4; /* flag for arc4 suites support */
int auth_mode; /* verify mode for connection */
unsigned char mfl_code; /* code for maximum fragment length */
int trunc_hmac; /* negotiate truncated hmac or not */
@@ -386,6 +388,7 @@
"\n" \
" min_version=%%s default: \"\" (ssl3)\n" \
" max_version=%%s default: \"\" (tls1_2)\n" \
+ " arc4=%%d default: 0 (disabled)\n" \
" force_version=%%s default: \"\" (none)\n" \
" options: ssl3, tls1, tls1_1, tls1_2, dtls1, dtls1_2\n" \
" auth_mode=%%s default: \"required\"\n" \
@@ -478,6 +481,7 @@
opt.exchanges = DFL_EXCHANGES;
opt.min_version = DFL_MIN_VERSION;
opt.max_version = DFL_MAX_VERSION;
+ opt.arc4 = DFL_ARC4;
opt.auth_mode = DFL_AUTH_MODE;
opt.mfl_code = DFL_MFL_CODE;
opt.trunc_hmac = DFL_TRUNC_HMAC;
@@ -677,6 +681,15 @@
else
goto usage;
}
+ else if( strcmp( p, "arc4" ) == 0 )
+ {
+ switch( atoi( q ) )
+ {
+ case 0: opt.arc4 = SSL_ARC4_DISABLED; break;
+ case 1: opt.arc4 = SSL_ARC4_ENABLED; break;
+ default: goto usage;
+ }
+ }
else if( strcmp( p, "force_version" ) == 0 )
{
if( strcmp( q, "ssl3" ) == 0 )
@@ -1113,8 +1126,11 @@
}
#endif
+ /* RC4 setting is redundant if we use only one ciphersuite */
if( opt.force_ciphersuite[0] != DFL_FORCE_CIPHER )
ssl_set_ciphersuites( &ssl, opt.force_ciphersuite );
+ else
+ ssl_set_arc4_support( &ssl, opt.arc4 );
if( opt.allow_legacy != DFL_ALLOW_LEGACY )
ssl_legacy_renegotiation( &ssl, opt.allow_legacy );
diff --git a/programs/ssl/ssl_fork_server.c b/programs/ssl/ssl_fork_server.c
index 7c759a2..603a710 100644
--- a/programs/ssl/ssl_fork_server.c
+++ b/programs/ssl/ssl_fork_server.c
@@ -264,6 +264,12 @@
ssl_set_endpoint( &ssl, SSL_IS_SERVER );
ssl_set_authmode( &ssl, SSL_VERIFY_NONE );
+ /* SSLv3 is deprecated, set minimum to TLS 1.0 */
+ ssl_set_min_version( &ssl, SSL_MAJOR_VERSION_3,
+ SSL_MINOR_VERSION_1 );
+ /* RC4 is deprecated, disable it */
+ ssl_set_arc4_support( &ssl, SSL_ARC4_DISABLED );
+
ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg );
ssl_set_dbg( &ssl, my_debug, stdout );
ssl_set_bio( &ssl, net_recv, &client_fd,
diff --git a/programs/ssl/ssl_mail_client.c b/programs/ssl/ssl_mail_client.c
index 4e6602a..954ee0a 100644
--- a/programs/ssl/ssl_mail_client.c
+++ b/programs/ssl/ssl_mail_client.c
@@ -601,6 +601,11 @@
* but makes interop easier in this simplified example */
ssl_set_authmode( &ssl, SSL_VERIFY_OPTIONAL );
+ /* SSLv3 is deprecated, set minimum to TLS 1.0 */
+ ssl_set_min_version( &ssl, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1 );
+ /* RC4 is deprecated, disable it */
+ ssl_set_arc4_support( &ssl, SSL_ARC4_DISABLED );
+
ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg );
ssl_set_dbg( &ssl, my_debug, stdout );
ssl_set_bio( &ssl, net_recv, &server_fd,
diff --git a/programs/ssl/ssl_pthread_server.c b/programs/ssl/ssl_pthread_server.c
index c19e3e0..240bba9 100644
--- a/programs/ssl/ssl_pthread_server.c
+++ b/programs/ssl/ssl_pthread_server.c
@@ -165,6 +165,11 @@
ssl_set_endpoint( &ssl, SSL_IS_SERVER );
ssl_set_authmode( &ssl, SSL_VERIFY_NONE );
+ /* SSLv3 is deprecated, set minimum to TLS 1.0 */
+ ssl_set_min_version( &ssl, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1 );
+ /* RC4 is deprecated, disable it */
+ ssl_set_arc4_support( &ssl, SSL_ARC4_DISABLED );
+
ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg );
ssl_set_dbg( &ssl, my_mutexed_debug, stdout );
diff --git a/programs/ssl/ssl_server.c b/programs/ssl/ssl_server.c
index 962b098..1b4d0fc 100644
--- a/programs/ssl/ssl_server.c
+++ b/programs/ssl/ssl_server.c
@@ -198,6 +198,11 @@
ssl_set_endpoint( &ssl, SSL_IS_SERVER );
ssl_set_authmode( &ssl, SSL_VERIFY_NONE );
+ /* SSLv3 is deprecated, set minimum to TLS 1.0 */
+ ssl_set_min_version( &ssl, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1 );
+ /* RC4 is deprecated, disable it */
+ ssl_set_arc4_support( &ssl, SSL_ARC4_DISABLED );
+
ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg );
ssl_set_dbg( &ssl, my_debug, stdout );
diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index 85189bd..53e0fac 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -111,8 +111,9 @@
#define DFL_RENEGO_DELAY -2
#define DFL_RENEGO_PERIOD -1
#define DFL_EXCHANGES 1
-#define DFL_MIN_VERSION -1
+#define DFL_MIN_VERSION SSL_MINOR_VERSION_1
#define DFL_MAX_VERSION -1
+#define DFL_ARC4 SSL_ARC4_DISABLED
#define DFL_AUTH_MODE SSL_VERIFY_OPTIONAL
#define DFL_MFL_CODE SSL_MAX_FRAG_LEN_NONE
#define DFL_TRUNC_HMAC -1
@@ -184,6 +185,7 @@
int exchanges; /* number of data exchanges */
int min_version; /* minimum protocol version accepted */
int max_version; /* maximum protocol version accepted */
+ int arc4; /* flag for arc4 suites support */
int auth_mode; /* verify mode for connection */
unsigned char mfl_code; /* code for maximum fragment length */
int trunc_hmac; /* accept truncated hmac? */
@@ -423,6 +425,7 @@
"\n" \
" min_version=%%s default: \"ssl3\"\n" \
" max_version=%%s default: \"tls1_2\"\n" \
+ " arc4=%%d default: 0 (disabled)\n" \
" force_version=%%s default: \"\" (none)\n" \
" options: ssl3, tls1, tls1_1, tls1_2, dtls1, dtls1_2\n" \
"\n" \
@@ -813,6 +816,7 @@
opt.exchanges = DFL_EXCHANGES;
opt.min_version = DFL_MIN_VERSION;
opt.max_version = DFL_MAX_VERSION;
+ opt.arc4 = DFL_ARC4;
opt.auth_mode = DFL_AUTH_MODE;
opt.mfl_code = DFL_MFL_CODE;
opt.trunc_hmac = DFL_TRUNC_HMAC;
@@ -971,6 +975,15 @@
else
goto usage;
}
+ else if( strcmp( p, "arc4" ) == 0 )
+ {
+ switch( atoi( q ) )
+ {
+ case 0: opt.arc4 = SSL_ARC4_DISABLED; break;
+ case 1: opt.arc4 = SSL_ARC4_ENABLED; break;
+ default: goto usage;
+ }
+ }
else if( strcmp( p, "force_version" ) == 0 )
{
if( strcmp( q, "ssl3" ) == 0 )
@@ -1587,6 +1600,8 @@
if( opt.force_ciphersuite[0] != DFL_FORCE_CIPHER )
ssl_set_ciphersuites( &ssl, opt.force_ciphersuite );
+ else
+ ssl_set_arc4_support( &ssl, opt.arc4 );
if( opt.version_suites != NULL )
{
diff --git a/tests/compat.sh b/tests/compat.sh
index 8e0fa4f..b20a5d0 100755
--- a/tests/compat.sh
+++ b/tests/compat.sh
@@ -748,7 +748,7 @@
exit 1;
esac
- P_SERVER_ARGS="server_port=$PORT server_addr=0.0.0.0 force_version=$MODE"
+ P_SERVER_ARGS="server_port=$PORT server_addr=0.0.0.0 force_version=$MODE arc4=1"
O_SERVER_ARGS="-accept $PORT -cipher NULL,ALL -$MODE"
G_SERVER_ARGS="-p $PORT --http $G_MODE"
G_SERVER_PRIO="EXPORT:+NULL:+MD5:+PSK:+DHE-PSK:+ECDHE-PSK:+RSA-PSK:-VERS-TLS-ALL:$G_PRIO_MODE"
diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index 1bd2a73..888ebab 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -537,6 +537,27 @@
-S "error" \
-C "error"
+# Tests for rc4 option
+
+run_test "RC4: server disabled, client enabled" \
+ "$P_SRV" \
+ "$P_CLI force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
+ 1 \
+ -s "SSL - None of the common ciphersuites is usable"
+
+run_test "RC4: server enabled, client disabled" \
+ "$P_SRV force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
+ "$P_CLI" \
+ 1 \
+ -s "SSL - The server has no ciphersuites in common"
+
+run_test "RC4: both enabled" \
+ "$P_SRV arc4=1" \
+ "$P_CLI force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
+ 0 \
+ -S "SSL - None of the common ciphersuites is usable" \
+ -S "SSL - The server has no ciphersuites in common"
+
# Test for SSLv2 ClientHello
requires_openssl_with_sslv2
@@ -638,7 +659,7 @@
run_test "Encrypt then MAC: client enabled, stream cipher" \
"$P_SRV debug_level=3 etm=1 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
- "$P_CLI debug_level=3 etm=1" \
+ "$P_CLI debug_level=3 etm=1 arc4=1" \
0 \
-c "client hello, adding encrypt_then_mac extension" \
-s "found encrypt then mac extension" \
@@ -660,7 +681,7 @@
-S "using encrypt then mac"
run_test "Encrypt then MAC: client SSLv3, server enabled" \
- "$P_SRV debug_level=3 \
+ "$P_SRV debug_level=3 min_version=ssl3 \
force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
"$P_CLI debug_level=3 force_version=ssl3" \
0 \
@@ -674,7 +695,7 @@
run_test "Encrypt then MAC: client enabled, server SSLv3" \
"$P_SRV debug_level=3 force_version=ssl3 \
force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
- "$P_CLI debug_level=3" \
+ "$P_CLI debug_level=3 min_version=ssl3" \
0 \
-c "client hello, adding encrypt_then_mac extension" \
-s "found encrypt then mac extension" \
@@ -719,7 +740,7 @@
-S "using extended master secret"
run_test "Extended Master Secret: client SSLv3, server enabled" \
- "$P_SRV debug_level=3" \
+ "$P_SRV debug_level=3 min_version=ssl3" \
"$P_CLI debug_level=3 force_version=ssl3" \
0 \
-C "client hello, adding extended_master_secret extension" \
@@ -731,7 +752,7 @@
run_test "Extended Master Secret: client enabled, server SSLv3" \
"$P_SRV debug_level=3 force_version=ssl3" \
- "$P_CLI debug_level=3" \
+ "$P_CLI debug_level=3 min_version=ssl3" \
0 \
-c "client hello, adding extended_master_secret extension" \
-s "found extended master secret extension" \
@@ -848,7 +869,7 @@
-s "122 bytes read"
run_test "CBC Record splitting: SSLv3, splitting" \
- "$P_SRV" \
+ "$P_SRV min_version=ssl3" \
"$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \
request_size=123 force_version=ssl3" \
0 \
@@ -857,7 +878,7 @@
-s "122 bytes read"
run_test "CBC Record splitting: TLS 1.0 RC4, no splitting" \
- "$P_SRV" \
+ "$P_SRV arc4=1" \
"$P_CLI force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
request_size=123 force_version=tls1" \
0 \
@@ -1616,7 +1637,7 @@
run_test "Authentication: client no cert, ssl3" \
"$P_SRV debug_level=3 auth_mode=optional force_version=ssl3" \
- "$P_CLI debug_level=3 crt_file=none key_file=none" \
+ "$P_CLI debug_level=3 crt_file=none key_file=none min_version=ssl3" \
0 \
-S "skip write certificate request" \
-C "skip parse certificate request" \
@@ -2294,14 +2315,14 @@
# Tests for ciphersuites per version
run_test "Per-version suites: SSL3" \
- "$P_SRV version_suites=TLS-RSA-WITH-3DES-EDE-CBC-SHA,TLS-RSA-WITH-RC4-128-SHA,TLS-RSA-WITH-AES-128-CBC-SHA,TLS-RSA-WITH-AES-128-GCM-SHA256" \
+ "$P_SRV min_version=ssl3 version_suites=TLS-RSA-WITH-3DES-EDE-CBC-SHA,TLS-RSA-WITH-RC4-128-SHA,TLS-RSA-WITH-AES-128-CBC-SHA,TLS-RSA-WITH-AES-128-GCM-SHA256" \
"$P_CLI force_version=ssl3" \
0 \
-c "Ciphersuite is TLS-RSA-WITH-3DES-EDE-CBC-SHA"
run_test "Per-version suites: TLS 1.0" \
- "$P_SRV version_suites=TLS-RSA-WITH-3DES-EDE-CBC-SHA,TLS-RSA-WITH-RC4-128-SHA,TLS-RSA-WITH-AES-128-CBC-SHA,TLS-RSA-WITH-AES-128-GCM-SHA256" \
- "$P_CLI force_version=tls1" \
+ "$P_SRV arc4=1 version_suites=TLS-RSA-WITH-3DES-EDE-CBC-SHA,TLS-RSA-WITH-RC4-128-SHA,TLS-RSA-WITH-AES-128-CBC-SHA,TLS-RSA-WITH-AES-128-GCM-SHA256" \
+ "$P_CLI force_version=tls1 arc4=1" \
0 \
-c "Ciphersuite is TLS-RSA-WITH-RC4-128-SHA"
@@ -2334,14 +2355,14 @@
# Tests for small packets
run_test "Small packet SSLv3 BlockCipher" \
- "$P_SRV" \
+ "$P_SRV min_version=ssl3" \
"$P_CLI request_size=1 force_version=ssl3 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
0 \
-s "Read from client: 1 bytes read"
run_test "Small packet SSLv3 StreamCipher" \
- "$P_SRV" \
+ "$P_SRV min_version=ssl3 arc4=1" \
"$P_CLI request_size=1 force_version=ssl3 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
0 \
@@ -2370,7 +2391,7 @@
-s "Read from client: 1 bytes read"
run_test "Small packet TLS 1.0 StreamCipher truncated MAC" \
- "$P_SRV" \
+ "$P_SRV arc4=1" \
"$P_CLI request_size=1 force_version=tls1 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
trunc_hmac=1" \
@@ -2392,7 +2413,7 @@
-s "Read from client: 1 bytes read"
run_test "Small packet TLS 1.1 StreamCipher" \
- "$P_SRV" \
+ "$P_SRV arc4=1" \
"$P_CLI request_size=1 force_version=tls1_1 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
0 \
@@ -2407,7 +2428,7 @@
-s "Read from client: 1 bytes read"
run_test "Small packet TLS 1.1 StreamCipher truncated MAC" \
- "$P_SRV" \
+ "$P_SRV arc4=1" \
"$P_CLI request_size=1 force_version=tls1_1 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
trunc_hmac=1" \
@@ -2444,14 +2465,14 @@
-s "Read from client: 1 bytes read"
run_test "Small packet TLS 1.2 StreamCipher" \
- "$P_SRV" \
+ "$P_SRV arc4=1" \
"$P_CLI request_size=1 force_version=tls1_2 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
0 \
-s "Read from client: 1 bytes read"
run_test "Small packet TLS 1.2 StreamCipher truncated MAC" \
- "$P_SRV" \
+ "$P_SRV arc4=1" \
"$P_CLI request_size=1 force_version=tls1_2 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
trunc_hmac=1" \
@@ -2475,14 +2496,14 @@
# Test for large packets
run_test "Large packet SSLv3 BlockCipher" \
- "$P_SRV" \
+ "$P_SRV min_version=ssl3" \
"$P_CLI request_size=16384 force_version=ssl3 recsplit=0 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
0 \
-s "Read from client: 16384 bytes read"
run_test "Large packet SSLv3 StreamCipher" \
- "$P_SRV" \
+ "$P_SRV min_version=ssl3 arc4=1" \
"$P_CLI request_size=16384 force_version=ssl3 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
0 \
@@ -2504,7 +2525,7 @@
-s "Read from client: 16384 bytes read"
run_test "Large packet TLS 1.0 StreamCipher truncated MAC" \
- "$P_SRV" \
+ "$P_SRV arc4=1" \
"$P_CLI request_size=16384 force_version=tls1 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
trunc_hmac=1" \
@@ -2519,7 +2540,7 @@
-s "Read from client: 16384 bytes read"
run_test "Large packet TLS 1.1 StreamCipher" \
- "$P_SRV" \
+ "$P_SRV arc4=1" \
"$P_CLI request_size=16384 force_version=tls1_1 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
0 \
@@ -2534,7 +2555,7 @@
-s "Read from client: 16384 bytes read"
run_test "Large packet TLS 1.1 StreamCipher truncated MAC" \
- "$P_SRV" \
+ "$P_SRV arc4=1" \
"$P_CLI request_size=16384 force_version=tls1_1 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
trunc_hmac=1" \
@@ -2564,14 +2585,14 @@
-s "Read from client: 16384 bytes read"
run_test "Large packet TLS 1.2 StreamCipher" \
- "$P_SRV" \
+ "$P_SRV arc4=1" \
"$P_CLI request_size=16384 force_version=tls1_2 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
0 \
-s "Read from client: 16384 bytes read"
run_test "Large packet TLS 1.2 StreamCipher truncated MAC" \
- "$P_SRV" \
+ "$P_SRV arc4=1" \
"$P_CLI request_size=16384 force_version=tls1_2 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
trunc_hmac=1" \