]> Cypherpunks repositories - gostls13.git/commitdiff
projects / gostls13.git / commitdiff
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 3e468df)
crypto/tls: update BoGo SessionID test skip reasons
authorDaniel McCarney <daniel@binaryparadox.net>
Fri, 16 May 2025 19:05:43 +0000 (15:05 -0400)
committerDaniel McCarney <daniel@binaryparadox.net>
Wed, 21 May 2025 19:59:03 +0000 (12:59 -0700)
Updates the skip reason for the following BoGo tests:

  * TLS-ECH-Client-TLS12SessionID
  * SupportTicketsWithSessionID
  * ResumeTLS12SessionID-TLS13

The crypto/tls package does not support session ID based resumption at
this time, and so any tests that rely on this support need to be
skipped.

Updates #72006
Updates #25228

Change-Id: I27a2cd231e4b8762b0d9e2dbd3d8ddd5b87fd5d0
Reviewed-on: https://go-review.googlesource.com/c/go/+/673737
TryBot-Bypass: Daniel McCarney <daniel@binaryparadox.net>
Reviewed-by: David Chase <drchase@google.com>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Roland Shoemaker <roland@golang.org>
src/crypto/tls/bogo_config.json patch | blob | history

diff --git a/src/crypto/tls/bogo_config.json b/src/crypto/tls/bogo_config.json
index d46b073029ce6bfd20b5bfbb16622291baff23c5..6d764daa614d3c29c3a3d7535e9a51737f979f77 100644 (file)
--- a/src/crypto/tls/bogo_config.json
+++ b/src/crypto/tls/bogo_config.json
@@ -8,7 +8,7 @@
         "TLS-ECH-Client-Rejected-OverrideName-TLS12": "We won't attempt to negotiate 1.2 if ECH is enabled",
         "TLS-ECH-Client-Reject-TLS12-NoFalseStart": "We won't attempt to negotiate 1.2 if ECH is enabled",
         "TLS-ECH-Client-TLS12SessionTicket": "We won't attempt to negotiate 1.2 if ECH is enabled",
-        "TLS-ECH-Client-TLS12SessionID": "We won't attempt to negotiate 1.2 if ECH is enabled",
+        "TLS-ECH-Client-TLS12SessionID": "We won't attempt to negotiate 1.2 if ECH is enabled, and we don't support session ID resumption",
 
         "TLS-ECH-Client-Reject-ResumeInnerSession-TLS12": "We won't attempt to negotiate 1.2 if ECH is enabled (we could possibly test this if we had the ability to indicate not to send ECH on resumption?)",
 
@@ -61,7 +61,7 @@
         "BadRSAClientKeyExchange-4": "crypto/tls doesn't check the version number in the premaster secret - see processClientKeyExchange comment",
         "BadRSAClientKeyExchange-5": "crypto/tls doesn't check the version number in the premaster secret - see processClientKeyExchange comment",
         "CheckLeafCurve": "TODO: first pass, this should be fixed",
-        "SupportTicketsWithSessionID": "TODO: first pass, this should be fixed",
+        "SupportTicketsWithSessionID": "We don't support session ID resumption",
         "KeyUpdate-RequestACK": "TODO: first pass, this should be fixed",
         "SupportedVersionSelection-TLS12": "TODO: first pass, this should be fixed",
         "DuplicateExtensionServer-TLS-TLS1": "TODO: first pass, this should be fixed",
@@ -159,7 +159,7 @@
         "TrailingMessageData-TLS13-ClientCertificate-TLS": "TODO: first pass, this should be fixed",
         "TrailingMessageData-TLS13-ClientCertificateVerify-TLS": "TODO: first pass, this should be fixed",
         "TrailingMessageData-TLS13-ServerCertificate-TLS": "TODO: first pass, this should be fixed",
-        "ResumeTLS12SessionID-TLS13": "TODO: first pass, this should be fixed",
+        "ResumeTLS12SessionID-TLS13": "We don't support session ID resumption",
         "SkipEarlyData-TLS13": "TODO: first pass, this should be fixed",
         "DuplicateKeyShares-TLS13": "TODO: first pass, this should be fixed",
         "Server-TooLongSessionID-TLS13": "TODO: first pass, this should be fixed",
Go GOST TLS 1.3