TclTLS: Artifact [6a27bcfa89]

Artifact 6a27bcfa89f79d6772c5dfbdb76cabd908055b1e6c7c981636dfe99ff42d6a2b:

File tests/ssllabs.test — part of check-in [7f29e7252a] at 2026-01-20 03:02:49 on branch tls-2.0 — Updated tests to fix the remaining failing test cases (user: bohagan, size: 3192) [annotate] [blame] [check-ins using] [more...]
# Auto generated test cases for ssllabs.csv

# Load Tcl Test package
if {[lsearch [namespace children] ::tcltest] < 0} {
	package require tcltest
	namespace import ::tcltest::*
}

set ::auto_path [concat [list [file dirname [file dirname [info script]]]] $::auto_path]

package prefer latest
package require tls

# Constraints
set dir [file join [pwd] [file dirname [info script]]]
source [file join $dir common.tcl]

# Helper functions
set ::cafile [file join $dir certs cacert.pem]
set ::env(SSL_CERT_FILE) $::cafile
proc connect {url} {
    set port 443
    lassign [split $url ":"] url port
    if {$port eq ""} {
	set port 443
    }
    set ch [tls::socket -autoservername 1 -require 1 -cafile $::cafile $url $port]
    if {[catch {tls::handshake $ch} err]} {
	close $ch
	return -code error $err
    } else {
	close $ch
    }
}

# clienttest.ssllabs.com Tests


test SSLLabs-1.1 {CVE_2020_0601 (CurveBall) Vulnerability} -constraints {win OpenSSL1.1.1} -body {
	connect www.ssllabs.com:10446
    } -result {handshake failed: certificate verify failed due to "self signed certificate in certificate chain"} -returnCodes {1}

test SSLLabs-1.2 {CVE_2020_0601 (CurveBall) Vulnerability} -constraints {win !OpenSSL1.1.1} -body {
	connect www.ssllabs.com:10446
    } -result {handshake failed: certificate verify failed due to "self-signed certificate in certificate chain"} -returnCodes {1}

test SSLLabs-1.3 {CVE_2020_0601 (CurveBall) Vulnerability} -constraints {mac} -body {
	connect www.ssllabs.com:10446
    } -result {handshake failed: certificate verify failed due to "self-signed certificate in certificate chain"} -returnCodes {1}

test SSLLabs-1.4 {CVE_2020_0601 (CurveBall) Vulnerability} -constraints {unix !mac} -body {
	connect www.ssllabs.com:10446
    } -result {handshake failed: decode error due to "unable to get local issuer certificate"} -returnCodes {1}

test SSLLabs-1.5 {Logjam Vulnerability} -constraints {win OpenSSL3.0} -body {
	connect www.ssllabs.com:10445
    } -result {handshake failed: certificate verify failed due to "unable to get local issuer certificate"} -returnCodes {1}

test SSLLabs-1.6 {Logjam Vulnerability} -constraints {unix OpenSSL3.0} -body {
	connect www.ssllabs.com:10445
    } -result {handshake failed: dh key too small} -returnCodes {1}

test SSLLabs-1.7 {Logjam Vulnerability} -constraints {win OpenSSL3.2} -body {
	connect www.ssllabs.com:10445
    } -result {handshake failed: unknown security bits} -returnCodes {1}

test SSLLabs-1.8 {Logjam Vulnerability} -constraints {unix !mac OpenSSL3.2} -body {
	connect www.ssllabs.com:10445
    } -result {handshake failed: unknown security bits} -returnCodes {1}

test SSLLabs-1.9 {Logjam Vulnerability} -constraints {mac OpenSSL3.2} -body {
	connect www.ssllabs.com:10445
    } -result {handshake failed: unknown security bits} -returnCodes {1}

test SSLLabs-1.10 {FREAK Vulnerability} -body {
	connect www.ssllabs.com:10444
    } -result {handshake failed: unsupported protocol} -returnCodes {1}

test SSLLabs-1.11 {POODLE Vulnerability} -body {
	connect www.ssllabs.com:10443
    } -result {handshake failed: unsupported protocol} -returnCodes {1}

# Cleanup
::tcltest::cleanupTests
return