2017-01-09 21:47:43 +00:00
|
|
|
{
|
|
|
|
"DisabledTests": {
|
2017-01-09 23:24:36 +00:00
|
|
|
"*HelloRetryRequest*": "HelloRetryRequest not implemented yet",
|
|
|
|
"*HRR*": "HelloRetryRequest not implemented yet",
|
|
|
|
"*SecondClientHello*": "HelloRetryRequest not implemented yet",
|
|
|
|
|
2017-01-18 17:47:47 +00:00
|
|
|
"SupportTicketsWithSessionID": "Session IDs not supported",
|
2017-01-09 23:24:36 +00:00
|
|
|
"*-NoTickets-*": "Session IDs not supported",
|
2017-10-02 16:54:31 +01:00
|
|
|
"*-AES128-SHA256-*": "AES128-CBC-SHA256 not supported",
|
|
|
|
"*-AES256-SHA256-*": "AES256-CBC-SHA256 not supported",
|
2017-01-09 23:24:36 +00:00
|
|
|
"*-AES256-SHA384-*": "AES256-CBC-SHA384 not supported",
|
|
|
|
|
2017-01-18 17:47:47 +00:00
|
|
|
"BadRSAClientKeyExchange-4": "See comment in processClientKeyExchange",
|
|
|
|
|
|
|
|
"GREASE-Server-TLS13": "TODO",
|
|
|
|
"DuplicateExtensionServer-*": "TODO",
|
|
|
|
"DuplicateKeyShares": "TODO",
|
|
|
|
"SkipEarlyData-TooMuchData": "TODO",
|
2017-09-04 16:18:58 +01:00
|
|
|
"KeyUpdate-*": "TODO",
|
2017-01-18 17:47:47 +00:00
|
|
|
|
2017-01-24 13:22:51 +00:00
|
|
|
"Renegotiate-Server-Forbidden": "9b812d006d made OpenSSL tests lock up",
|
|
|
|
|
2017-10-02 16:54:31 +01:00
|
|
|
"SendEmptyRecords*": "client: no protection implemented against flood of empty records",
|
|
|
|
"SendWarningAlerts*": "client: no protection implemented against flood of warning alerts",
|
|
|
|
"SendBogusAlertType": "client: TODO send IllegalParam instead of UnexpectedMessage",
|
|
|
|
"SkipNewSessionTicket": "client: TODO enable session cache",
|
|
|
|
"InvalidCompressionMethod": "client: TODO send IllegalParam instead of UnexpectedMessage",
|
|
|
|
"LargeMessage": "client: TODO unexpected bad record MAC error / recordOverflow alert",
|
|
|
|
"TLS13-AEAD-CHACHA20-POLY1305-LargeRecord": "client: TODO unexpected record Overflow error",
|
|
|
|
"TLS13-AEAD-AES128-GCM-SHA256-LargeRecord": "client: TODO unexpected record Overflow error",
|
|
|
|
"TLS13-AEAD-AES256-GCM-SHA384-LargeRecord": "client: TODO unexpected record Overflow error",
|
|
|
|
"BadCBCPadding255": "client: TODO investigate",
|
|
|
|
"NoClientCertificate-TLS13": "client: TODO implement client certs",
|
|
|
|
"TLS13-Client-CertAuth-*": "client: TODO implement client certs",
|
|
|
|
"SupportedVersionSelection-TLS12": "client: TODO send Unexpected Extension if server sends SV",
|
|
|
|
"DuplicateExtensionClient-*": "TODO",
|
|
|
|
"UnsolicitedServerNameAck-*": "client: TODO send Unexpected Extension if SNI was not advertised",
|
|
|
|
"RenegotiationInfo-Forbidden-TLS13": "client: TODO reject ext",
|
|
|
|
"EMS-Forbidden-TLS13": "client: TODO reject ext",
|
|
|
|
|
|
|
|
"SendUnsolicitedOCSPOnCertificate-TLS13": "client: N/A, we always send status_request",
|
|
|
|
"SendUnsolicitedSCTOnCertificate-TLS13": "client: N/A, we always send SCT",
|
|
|
|
"SendUnknownExtensionOnCertificate-TLS13": "client: TODO reject unknown exts",
|
|
|
|
"Resume-Client-CipherMismatch-TLS13": "client: TODO implement resumption",
|
|
|
|
"ExtendedMasterSecret-NoToNo-Client": "client: TODO implement resumption",
|
|
|
|
"Renegotiate-Client-Forbidden-1": "client: TODO correct alert was sent, but why is the local error EOF?",
|
|
|
|
"TLS13-Client-ClientAuth-*": "client: TODO implement client certs",
|
|
|
|
"ClientAuth-*-TLS13*": "client: TODO implement client certs",
|
|
|
|
"ClientAuth-SHA1-Fallback-*": "client: what to do on empty SigAlg ext?",
|
|
|
|
|
|
|
|
"RSA-PSS-Default-Verify": "client: TODO enable PSS by default for TLS 1.2",
|
|
|
|
"ECDSACurveMismatch-Verify-TLS13": "client: we do advertise the SigAlg by default",
|
|
|
|
"Ed25519DefaultDisable-NoAccept": "client: expected IllegalParam instead of Unsupported Cert",
|
|
|
|
"UnofferedExtension-Client*": "client: TODO reject unadvertised extension",
|
|
|
|
"UnknownExtension-Client*": "client: TODO reject unadvertised extension",
|
|
|
|
"PointFormat-EncryptedExtensions-TLS13": "client: TODO reject forbidden extension",
|
|
|
|
"PointFormat-Client-MissingUncompressed": "client: TODO should reject",
|
|
|
|
"TLS13-TestBadTicketAge-Client": "client: TODO implement resumption",
|
|
|
|
"TLS13-DuplicateTicketEarlyDataInfo": "client: TODO implement resumption",
|
|
|
|
|
|
|
|
"TLS13-WrongOuterRecord": "client: TODO reject wrong content type",
|
|
|
|
"Basic-Client-*":"client: TODO implement resumption",
|
|
|
|
"TLS13-1RTT-Client-*": "client: TODO implement resumption",
|
|
|
|
|
|
|
|
"PartialEncryptedExtensionsWithServerHello": "client: TODO prevent overlap SH and EE exts",
|
|
|
|
"WrongMessageType-*": "client: TODO expected different alert",
|
|
|
|
"TrailingMessageData-*": "client: TODO expected different alert",
|
|
|
|
"EncryptedExtensionsWithKeyShare": "client: TODO reject invalid extension",
|
|
|
|
"EmptyEncryptedExtensions": "client: TODO require non-empty EE",
|
|
|
|
"TLS13-*PSKIdentity": "client: TODO",
|
|
|
|
"TLS13-ClientSkipCertificateVerify": "client: TODO implement client certs",
|
|
|
|
"CheckRecordVersion-*": "client: enforce record version",
|
|
|
|
"GarbageCertificate-Client-*": "client: TODO implement client certs",
|
|
|
|
|
|
|
|
"OmitExtensions-ServerHello-*": "client: N/A, we always send status_request and SCT",
|
|
|
|
"EmptyExtensions-ServerHello-*": "client: N/A, we always send status_request and SCT",
|
|
|
|
|
|
|
|
"ECDSAKeyUsage-*": "client: TODO reject cert with invalid KU",
|
|
|
|
|
2017-01-09 23:24:36 +00:00
|
|
|
"*V2ClientHello*": "Yeah, no.",
|
|
|
|
"*SSL3*": "Fuck that.",
|
|
|
|
"*SSLv3*": "Really."
|
2017-01-09 21:47:43 +00:00
|
|
|
}
|
|
|
|
}
|