diff options
Diffstat (limited to 'src/bogo_shim')
| -rw-r--r-- | src/bogo_shim/bogo_shim.cpp | 10 | ||||
| -rw-r--r-- | src/bogo_shim/config.json | 3 |
2 files changed, 5 insertions, 8 deletions
diff --git a/src/bogo_shim/bogo_shim.cpp b/src/bogo_shim/bogo_shim.cpp index 0d1fa587d..a2abcef28 100644 --- a/src/bogo_shim/bogo_shim.cpp +++ b/src/bogo_shim/bogo_shim.cpp @@ -96,6 +96,7 @@ std::string map_to_bogo_error(const std::string& e) { "Client certificate does not support signing", ":KEY_USAGE_BIT_INCORRECT:" }, { "Client did not offer NULL compression", ":INVALID_COMPRESSION_LIST:" }, { "Client offered DTLS version with major version 0xFF", ":UNSUPPORTED_PROTOCOL:" }, + { "Client offered SSLv3 which is not supported", ":UNSUPPORTED_PROTOCOL:" }, { "Client offered TLS version with major version under 3", ":UNSUPPORTED_PROTOCOL:" }, { "Client policy prohibits insecure renegotiation", ":RENEGOTIATION_MISMATCH:" }, { "Client policy prohibits renegotiation", ":NO_RENEGOTIATION:" }, @@ -135,10 +136,11 @@ std::string map_to_bogo_error(const std::string& e) { "Policy refuses to accept signing with any hash supported by peer", ":NO_COMMON_SIGNATURE_ALGORITHMS:" }, { "Policy requires client send a certificate, but it did not", ":PEER_DID_NOT_RETURN_A_CERTIFICATE:" }, { "Received a record that exceeds maximum size", ":ENCRYPTED_LENGTH_TOO_LONG:" }, - { "Received unexpected record version in initial record", ":WRONG_VERSION_NUMBER:" }, - { "Received unexpected record version", ":WRONG_VERSION_NUMBER:" }, { "Received application data after connection closure", ":APPLICATION_DATA_ON_SHUTDOWN:" }, { "Received handshake data after connection closure", ":NO_RENEGOTIATION:" }, + { "Received unexpected record version in initial record", ":WRONG_VERSION_NUMBER:" }, + { "Received unexpected record version", ":WRONG_VERSION_NUMBER:" }, + { "Server attempting to negotiate SSLv3 which is not supported", ":UNSUPPORTED_PROTOCOL:" }, { "Server certificate changed during renegotiation", ":SERVER_CERT_CHANGED:" }, { "Server changed its mind about extended master secret", ":RENEGOTIATION_EMS_MISMATCH:" }, { "Server changed its mind about secure renegotiation", ":RENEGOTIATION_MISMATCH:" }, @@ -174,7 +176,6 @@ std::string map_to_bogo_error(const std::string& e) { "Test requires rejecting cert", ":CERTIFICATE_VERIFY_FAILED:" }, { "Unexpected ALPN protocol", ":INVALID_ALPN_PROTOCOL:" }, { "Unexpected record type 42 from counterparty", ":UNEXPECTED_RECORD:" }, - { "Unexpected state transition in handshake got a certificate_request expected server_hello_done seen server_hello+server_key_exchange", ":UNEXPECTED_MESSAGE:" }, { "Unexpected state transition in handshake got a certificate_request expected server_key_exchange|server_hello_done seen server_hello", ":UNEXPECTED_MESSAGE:" }, { "Unexpected state transition in handshake got a certificate_status expected certificate seen server_hello", ":UNEXPECTED_MESSAGE:" }, @@ -188,9 +189,8 @@ std::string map_to_bogo_error(const std::string& e) { "Unexpected state transition in handshake got a finished expected change_cipher_spec seen server_hello+certificate+certificate_status+server_key_exchange+server_hello_done+new_session_ticket", ":UNEXPECTED_RECORD:" }, { "Unexpected state transition in handshake got a hello_request expected server_hello", ":UNEXPECTED_MESSAGE:" }, { "Unexpected state transition in handshake got a server_hello_done expected server_key_exchange seen server_hello+certificate+certificate_status", ":UNEXPECTED_MESSAGE:" }, - { "Unexpected state transition in handshake got a server_key_exchange not expecting messages", ":BAD_HELLO_REQUEST:" }, { "Unexpected state transition in handshake got a server_key_exchange expected certificate_request|server_hello_done seen server_hello+certificate+certificate_status", ":UNEXPECTED_MESSAGE:" }, - + { "Unexpected state transition in handshake got a server_key_exchange not expecting messages", ":BAD_HELLO_REQUEST:" }, { "Unknown TLS handshake message type 43", ":UNEXPECTED_MESSAGE:" }, { "Unknown TLS handshake message type 44", ":UNEXPECTED_MESSAGE:" }, { "Unknown TLS handshake message type 45", ":UNEXPECTED_MESSAGE:" }, diff --git a/src/bogo_shim/config.json b/src/bogo_shim/config.json index b16025976..8aaf123db 100644 --- a/src/bogo_shim/config.json +++ b/src/bogo_shim/config.json @@ -35,9 +35,6 @@ "Downgrade-*-Client-Ignore": "Not possible to ignore downgrade indicator", "Downgrade-TLS12-*": "Not a downgrade when we don't support v1.3", - "*SSL3*": "No SSLv3", - "*SSLv3*": "No SSLv3", - "*QUIC*": "No QUIC", "ALPS*": "No ALPS", |