Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

crypto/tls: run BoringSSL test suite (BoGo) #51434

Closed
FiloSottile opened this issue Mar 2, 2022 · 12 comments
Closed

crypto/tls: run BoringSSL test suite (BoGo) #51434

FiloSottile opened this issue Mar 2, 2022 · 12 comments
Assignees
Labels
NeedsFix The path to resolution is known, but the work has not been done. Testing An issue that has been verified to require only test changes, not just a test failure.
Milestone

Comments

@FiloSottile
Copy link
Contributor

BoringSSL has an extensive TLS test suite with a mechanism to run it against other TLS stacks. We should hook it up to crypto/tls.

@FiloSottile FiloSottile added Testing An issue that has been verified to require only test changes, not just a test failure. NeedsFix The path to resolution is known, but the work has not been done. labels Mar 2, 2022
@FiloSottile FiloSottile added this to the Go1.19 milestone Mar 2, 2022
@FiloSottile FiloSottile self-assigned this Mar 2, 2022
@ianlancetaylor
Copy link
Member

CC @golang/security

Looks like this didn't make 1.19. Moving to Backlog. Please recategorize as appropriate. Thanks.

@ianlancetaylor ianlancetaylor modified the milestones: Go1.19, Backlog Jun 24, 2022
@FiloSottile
Copy link
Contributor Author

In the same vein, we should consider running the https://github.com/tlsfuzzer/tlsfuzzer test suite, too.

@gopherbot
Copy link
Contributor

Change https://go.dev/cl/486495 mentions this issue: crypto/tls: add a bogo shim

@gopherbot
Copy link
Contributor

Change https://go.dev/cl/592198 mentions this issue: crypto/tls: add support for -reject-alpn and -decline-alpn flags to bogo_shim_test

@gopherbot
Copy link
Contributor

Change https://go.dev/cl/592635 mentions this issue: crypto/tls: add support for -expect-version to bogo_shim_test

gopherbot pushed a commit that referenced this issue Jun 21, 2024
The existing implementation of bogo_shim_test does not support tests
that use the expect-version flag.
This change adds support for this flag.

Updates #51434.

Change-Id: Ie23fdb06d15ec0593ca58f28144e83f93ef7f200
Reviewed-on: https://go-review.googlesource.com/c/go/+/592635
Auto-Submit: Roland Shoemaker <roland@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Reviewed-by: David Chase <drchase@google.com>
@gopherbot
Copy link
Contributor

Change https://go.dev/cl/594835 mentions this issue: crypto/tls: add support for -expect-no-hrr to bogo_shim_test

@gopherbot
Copy link
Contributor

Change https://go.dev/cl/595655 mentions this issue: crypto/tls: add support for additional alpn flags to bogo_shim_test

@gopherbot
Copy link
Contributor

Change https://go.dev/cl/595775 mentions this issue: crypto/tls: add exclude tls flags to bogo_shim_test

@gopherbot
Copy link
Contributor

Change https://go.dev/cl/597195 mentions this issue: crypto/tls: support signed cert timestamps flags in bogo_shim_test

Mchnan pushed a commit to Mchnan/go-sylixos that referenced this issue Jul 9, 2024
The existing implementation of bogo_shim_test does not support tests
that use the expect-version flag.
This change adds support for this flag.

Updates golang#51434.

Change-Id: Ie23fdb06d15ec0593ca58f28144e83f93ef7f200
Reviewed-on: https://go-review.googlesource.com/c/go/+/592635
Auto-Submit: Roland Shoemaker <roland@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Reviewed-by: David Chase <drchase@google.com>
gopherbot pushed a commit that referenced this issue Jul 9, 2024
…ogo_shim_test

The existing implementation of bogo_shim_test does not support tests
which use the reject-alpn or the decline-alpn flag.
This change adds support for these flags in bogo_shim_test.

Updates #51434
Updates #46310

Cq-Include-Trybots: luci.golang.try:gotip-linux-amd64-longtest
Change-Id: I3ff23ff4edd8f4c6c37ee6c9f2ee4689066c4e00
Reviewed-on: https://go-review.googlesource.com/c/go/+/592198
Reviewed-by: Roland Shoemaker <roland@golang.org>
Reviewed-by: David Chase <drchase@google.com>
Auto-Submit: Roland Shoemaker <roland@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
gopherbot pushed a commit that referenced this issue Jul 10, 2024
The existing implementation of bogo_shim_test does not support tests
that use the expect-no-hrr flag. This change adds support for this flag.

Updates #51434

Change-Id: Iadb38fc2262783cab144a7b52904d0443e7fc2c2
Reviewed-on: https://go-review.googlesource.com/c/go/+/594835
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Reviewed-by: Russell Webb <russell.webb@protonmail.com>
Reviewed-by: Carlos Amedee <carlos@golang.org>
Auto-Submit: Roland Shoemaker <roland@golang.org>
@gopherbot
Copy link
Contributor

Change https://go.dev/cl/597895 mentions this issue: crypto/tls: add support for cipher flags to bogo_shim_test

gopherbot pushed a commit that referenced this issue Jul 16, 2024
The existing implementation of bogo_shim_test does not support tests
that use the -no-tls1, -no-tls11, or -no-tls12 flags.
This change adds support for these flags.

Updates #51434

Change-Id: I43eaea9f5ec6da6811b150630a7dde24d108017e
Reviewed-on: https://go-review.googlesource.com/c/go/+/595775
Auto-Submit: Roland Shoemaker <roland@golang.org>
Reviewed-by: Russell Webb <russell.webb@protonmail.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Cherry Mui <cherryyz@google.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>
@gopherbot
Copy link
Contributor

Change https://go.dev/cl/599035 mentions this issue: crypto/tls: add -expect-certificate-types flag to bogo_shim_test

@gopherbot
Copy link
Contributor

Change https://go.dev/cl/599615 mentions this issue: crypto/tls: support signed cert timestamps flags in bogo_shim_test

@dmitshur dmitshur modified the milestones: Backlog, Go1.23 Jul 22, 2024
gopherbot pushed a commit that referenced this issue Aug 14, 2024
The existing implementation of bogo_shim_test does not support tests
that use the -expect-advertised-alpn flag or the -select-alpn flag. This
change allows bogo_shim_test to receive and enforce these flags.

Support for these flags is added in the same change because these flags are set together.

Updates #51434

Change-Id: Ia37f9e7403d4a43e6da68c16039a4bcb56ebd032
Reviewed-on: https://go-review.googlesource.com/c/go/+/595655
Auto-Submit: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Carlos Amedee <carlos@golang.org>
Reviewed-by: Russell Webb <russell.webb@protonmail.com>
Reviewed-by: Clide Stefani <cstefani.sites@gmail.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Roland Shoemaker <roland@golang.org>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
NeedsFix The path to resolution is known, but the work has not been done. Testing An issue that has been verified to require only test changes, not just a test failure.
Projects
Status: Done
Development

No branches or pull requests

5 participants