diff options
| author | Jeff Forcier <jeff@bitprophet.org> | 2023-12-16 17:12:42 -0500 |
|---|---|---|
| committer | Jeff Forcier <jeff@bitprophet.org> | 2023-12-16 19:40:43 -0500 |
| commit | fa46de7feeeb8a01dc471581a0258252ce4f2db6 (patch) | |
| tree | 6c5baf8b6354580a5f9ee1d729ae0d1fc604ac4f /tests | |
| parent | 75e311d3c0845a316b6e7b3fae2488d86ad5a270 (diff) | |
Reset sequence numbers on rekey
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/test_transport.py | 25 |
1 files changed, 23 insertions, 2 deletions
diff --git a/tests/test_transport.py b/tests/test_transport.py index 6cd9398a..f9bb89db 100644 --- a/tests/test_transport.py +++ b/tests/test_transport.py @@ -1345,5 +1345,26 @@ class TestStrictKex: ): pass # kexinit happens at connect... - def test_sequence_numbers_reset_on_newkeys(self): - skip() + def test_sequence_numbers_reset_on_newkeys_when_strict(self): + with server(defer=True) as (tc, ts): + # When in strict mode, these should all be zero or close to it + # (post-kexinit, pre-auth). + # Server->client will be 1 (EXT_INFO got sent after NEWKEYS) + assert tc.packetizer._Packetizer__sequence_number_in == 1 + assert ts.packetizer._Packetizer__sequence_number_out == 1 + # Client->server will be 0 + assert tc.packetizer._Packetizer__sequence_number_out == 0 + assert ts.packetizer._Packetizer__sequence_number_in == 0 + + def test_sequence_numbers_not_reset_on_newkeys_when_not_strict(self): + with server(defer=True, client_init=dict(strict_kex=False)) as ( + tc, + ts, + ): + # When not in strict mode, these will all be ~3-4 or so + # (post-kexinit, pre-auth). Not encoding exact values as it will + # change anytime we mess with the test harness... + assert tc.packetizer._Packetizer__sequence_number_in != 0 + assert tc.packetizer._Packetizer__sequence_number_out != 0 + assert ts.packetizer._Packetizer__sequence_number_in != 0 + assert ts.packetizer._Packetizer__sequence_number_out != 0 |