diff options
| author | Damien George <damien@micropython.org> | 2024-01-29 15:11:46 +1100 |
|---|---|---|
| committer | Damien George <damien@micropython.org> | 2024-01-29 15:11:46 +1100 |
| commit | d5b96813dcdd40e19a59e220d73a4fba5ab85fbe (patch) | |
| tree | 2b0dd580ea8d11a6712fb38c78f98dc0f05c9c85 | |
| parent | 46e833b071174ca18fbeae993a725d8c57da88a6 (diff) | |
extmod/modssl_mbedtls: Fix cipher iteration in SSLContext.get_ciphers.
Prior to this commit it would skip every second cipher returned from
mbedtls.
The corresponding test is also updated and now passes on esp32, rp2, stm32
and unix.
Signed-off-by: Damien George <damien@micropython.org>
| -rw-r--r-- | extmod/modssl_mbedtls.c | 4 | ||||
| -rw-r--r-- | tests/extmod/ssl_sslcontext_ciphers.py | 4 | ||||
| -rw-r--r-- | tests/extmod/ssl_sslcontext_ciphers.py.exp | 4 |
3 files changed, 7 insertions, 5 deletions
diff --git a/extmod/modssl_mbedtls.c b/extmod/modssl_mbedtls.c index 0190c96a9..b6275d8d8 100644 --- a/extmod/modssl_mbedtls.c +++ b/extmod/modssl_mbedtls.c @@ -311,10 +311,6 @@ STATIC mp_obj_t ssl_context_get_ciphers(mp_obj_t self_in) { for (const int *cipher_list = mbedtls_ssl_list_ciphersuites(); *cipher_list; ++cipher_list) { const char *cipher_name = mbedtls_ssl_get_ciphersuite_name(*cipher_list); mp_obj_list_append(list, MP_OBJ_FROM_PTR(mp_obj_new_str(cipher_name, strlen(cipher_name)))); - cipher_list++; - if (!*cipher_list) { - break; - } } return list; } diff --git a/tests/extmod/ssl_sslcontext_ciphers.py b/tests/extmod/ssl_sslcontext_ciphers.py index d87e96afd..20c00b917 100644 --- a/tests/extmod/ssl_sslcontext_ciphers.py +++ b/tests/extmod/ssl_sslcontext_ciphers.py @@ -12,7 +12,9 @@ ctx = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT) ciphers = ctx.get_ciphers() for ci in ciphers: - print(ci) + # Only print those ciphers know to exist on all ports. + if ("TLS-ECDHE-ECDSA-WITH-AES" in ci or "TLS-RSA-WITH-AES" in ci) and "CBC" in ci: + print(ci) ctx.set_ciphers(ciphers[:1]) diff --git a/tests/extmod/ssl_sslcontext_ciphers.py.exp b/tests/extmod/ssl_sslcontext_ciphers.py.exp index 4d243a788..0d21a3bd2 100644 --- a/tests/extmod/ssl_sslcontext_ciphers.py.exp +++ b/tests/extmod/ssl_sslcontext_ciphers.py.exp @@ -1,6 +1,10 @@ TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384 +TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256 +TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA TLS-RSA-WITH-AES-256-CBC-SHA256 +TLS-RSA-WITH-AES-256-CBC-SHA TLS-RSA-WITH-AES-128-CBC-SHA256 +TLS-RSA-WITH-AES-128-CBC-SHA object 'str' isn't a tuple or list (-24192, 'MBEDTLS_ERR_SSL_BAD_CONFIG') |