(t *testing.T)
| 800 | } |
| 801 | |
| 802 | func (s) TestTLSVersions(t *testing.T) { |
| 803 | cs := &testutils.CertStore{} |
| 804 | if err := cs.LoadCerts(); err != nil { |
| 805 | t.Fatalf("cs.LoadCerts() failed, err: %v", err) |
| 806 | } |
| 807 | for _, test := range []struct { |
| 808 | desc string |
| 809 | expectError bool |
| 810 | clientMinVersion uint16 |
| 811 | clientMaxVersion uint16 |
| 812 | serverMinVersion uint16 |
| 813 | serverMaxVersion uint16 |
| 814 | }{ |
| 815 | // Client side sets TLS version that is higher than required from the server side. |
| 816 | { |
| 817 | desc: "Client TLS version higher than server", |
| 818 | clientMinVersion: tls.VersionTLS13, |
| 819 | clientMaxVersion: tls.VersionTLS13, |
| 820 | serverMinVersion: tls.VersionTLS12, |
| 821 | serverMaxVersion: tls.VersionTLS12, |
| 822 | expectError: true, |
| 823 | }, |
| 824 | // Server side sets TLS version that is higher than required from the client side. |
| 825 | { |
| 826 | desc: "Server TLS version higher than client", |
| 827 | clientMinVersion: tls.VersionTLS12, |
| 828 | clientMaxVersion: tls.VersionTLS12, |
| 829 | serverMinVersion: tls.VersionTLS13, |
| 830 | serverMaxVersion: tls.VersionTLS13, |
| 831 | expectError: true, |
| 832 | }, |
| 833 | // Client and server set proper TLS versions. |
| 834 | { |
| 835 | desc: "Good TLS version settings", |
| 836 | clientMinVersion: tls.VersionTLS12, |
| 837 | clientMaxVersion: tls.VersionTLS13, |
| 838 | serverMinVersion: tls.VersionTLS12, |
| 839 | serverMaxVersion: tls.VersionTLS13, |
| 840 | expectError: false, |
| 841 | }, |
| 842 | { |
| 843 | desc: "Client 1.2 - 1.3 and server 1.2", |
| 844 | clientMinVersion: tls.VersionTLS12, |
| 845 | clientMaxVersion: tls.VersionTLS13, |
| 846 | serverMinVersion: tls.VersionTLS12, |
| 847 | serverMaxVersion: tls.VersionTLS12, |
| 848 | expectError: false, |
| 849 | }, |
| 850 | { |
| 851 | desc: "Client 1.2 - 1.3 and server 1.1 - 1.2", |
| 852 | clientMinVersion: tls.VersionTLS12, |
| 853 | clientMaxVersion: tls.VersionTLS13, |
| 854 | serverMinVersion: tls.VersionTLS11, |
| 855 | serverMaxVersion: tls.VersionTLS12, |
| 856 | expectError: false, |
| 857 | }, |
| 858 | { |
| 859 | desc: "Client 1.2 - 1.3 and server 1.3", |
nothing calls this directly
no test coverage detected