summaryrefslogtreecommitdiffstats
path: root/security/nss/gtests/nss_bogo_shim/config.json
diff options
context:
space:
mode:
Diffstat (limited to 'security/nss/gtests/nss_bogo_shim/config.json')
-rw-r--r--security/nss/gtests/nss_bogo_shim/config.json21
1 files changed, 11 insertions, 10 deletions
diff --git a/security/nss/gtests/nss_bogo_shim/config.json b/security/nss/gtests/nss_bogo_shim/config.json
index 0a6864f73..4109bd2ca 100644
--- a/security/nss/gtests/nss_bogo_shim/config.json
+++ b/security/nss/gtests/nss_bogo_shim/config.json
@@ -5,7 +5,6 @@
"#*HelloRetryRequest*":"(NSS=18, BoGo=16)",
"#*KeyShare*":"(NSS=18, BoGo=16)",
"#*EncryptedExtensions*":"(NSS=18, BoGo=16)",
- "#*ServerHelloSignatureAlgorithms*":"(NSS=18, BoGo=16)",
"#*SecondClientHello*":"(NSS=18, BoGo=16)",
"#*IgnoreClientVersionOrder*":"(NSS=18, BoGo=16)",
"Resume-Server-BinderWrongLength":"Alert disagreement (Bug 1317633)",
@@ -13,27 +12,21 @@
"CheckRecordVersion-TLS*":"Bug 1317634",
"GREASE-Server-TLS13":"BoringSSL GREASEs without a flag, but we ignore it",
"TLS13-ExpectNoSessionTicketOnBadKEMode-Server":"Bug in NSS. Don't send ticket when not permitted by KE modes (Bug 1317635)",
- "Resume-Server-InvalidPSKBinder":"(Bogo incorrectly expects 'illegal_parameter')",
- "FallbackSCSV-VersionMatch":"Draft version mismatch (NSS=15, BoGo=14)",
"*KeyUpdate*":"KeyUpdate Unimplemented",
"ClientAuth-NoFallback-TLS13":"Disagreement about alerts. Bug 1294975",
- "ClientAuth-SHA1-Fallback":"Disagreement about alerts. Bug 1294975",
"SendWarningAlerts-TLS13":"NSS needs to trigger on warning alerts",
"NoSupportedCurves":"This tests a non-spec behavior for TLS 1.2 and expects the wrong alert for TLS 1.3",
"SendEmptyRecords":"Tests a non-spec behavior in BoGo where it chokes on too many empty records",
"LargePlaintext":"NSS needs to check for over-long records. Bug 1294978",
"TLS13-RC4-MD5-server":"This fails properly but returns an unexpected error. Not a bug but needs cleanup",
- "*VersionTolerance":"BoGo expects us to negotiate 1.3 but we negotiate 1.2 because BoGo didn't send draft version",
"*SSL3*":"NSS disables SSLv3",
"*SSLv3*":"NSS disables SSLv3",
"*AES256*":"Inconsistent support for AES256",
"*AES128-SHA256*":"No support for Suite B ciphers",
- "*CHACHA20-POLY1305-OLD*":"Old ChaCha/Poly",
"DuplicateExtension*":"NSS sends unexpected_extension alert",
"WeakDH":"NSS supports 768-bit DH",
"SillyDH":"NSS supports 4097-bit DH",
"SendWarningAlerts":"This appears to be Boring-specific",
- "V2ClientHello-WarningAlertPrefix":"Bug 1292893",
"TLS12-AES128-GCM-client":"Bug 1292895",
"*TLS12-AES128-GCM-LargeRecord*":"Bug 1292895",
"Renegotiate-Client-Forbidden-1":"Bug 1292898",
@@ -51,11 +44,19 @@
"WrongMessageType-TLS13-ServerFinished":"nss updated/broken",
"EncryptedExtensionsWithKeyShare":"nss updated/broken",
"EmptyEncryptedExtensions":"nss updated/broken",
- "ClientAuth-SHA1-Fallback-RSA":"We fail when the sig_algs_ext is empty",
- "Downgrade-TLS12-*":"NSS implements downgrade detection",
"TrailingMessageData-*": "Bug 1304575",
"DuplicateKeyShares":"Bug 1304578",
- "Resume-Server-TLS13-TLS13":"Bug 1314351"
+ "Resume-Server-TLS13-TLS13":"Bug 1314351",
+ "SkipEarlyData-Interleaved":"Bug 1336916",
+ "ECDSAKeyUsage-TLS1*":"Bug 1338194",
+ "PointFormat-Client-MissingUncompressed":"We ignore ec_point_formats extensions sent by servers.",
+ "SkipEarlyData-SecondClientHelloEarlyData":"Boring doesn't reject early_data in the 2nd CH but fails later with bad_record_mac.",
+ "SkipEarlyData-*TooMuchData":"Bug 1339373",
+ "UnsolicitedServerNameAck-TLS1*":"Boring wants us to fail with an unexpected_extension alert, we simply ignore ssl_server_name_xtn.",
+ "RequireAnyClientCertificate-TLS1*":"Bug 1339387",
+ "SendExtensionOnClientCertificate-TLS13":"Bug 1339392",
+ "ALPNClient-Mismatch-TLS13":"NSS sends alerts in response to errors in protected handshake messages in the clear",
+ "P224-Server":"NSS doesn't support P-224"
},
"ErrorMap" : {
":HANDSHAKE_FAILURE_ON_CLIENT_HELLO:":"SSL_ERROR_NO_CYPHER_OVERLAP",