tlspuffin
diff --git a/‎website/api/search-index.js‎
Lines changed: 2 additions & 2 deletions b/‎website/api/search-index.js‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎website/api/search.desc/tlspuffin/tlspuffin-desc-0-.js‎
Lines changed: 1 addition & 1 deletion b/‎website/api/search.desc/tlspuffin/tlspuffin-desc-0-.js‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎website/api/src/tlspuffin/home/runner/work/tlspuffin/tlspuffin/target/debug/build/tlspuffin-6b665250d7faafbd/out/bindings.rs.html‎
Lines changed: 31 additions & 9 deletions b/‎website/api/src/tlspuffin/home/runner/work/tlspuffin/tlspuffin/target/debug/build/tlspuffin-6b665250d7faafbd/out/bindings.rs.html‎
Lines changed: 31 additions & 9 deletions
diff --git a/‎website/api/src/tlspuffin/protocol.rs.html‎
Lines changed: 13 additions & 3 deletions b/‎website/api/src/tlspuffin/protocol.rs.html‎
Lines changed: 13 additions & 3 deletions
diff --git a/‎website/api/src/tlspuffin/put.rs.html‎
Lines changed: 42 additions & 6 deletions b/‎website/api/src/tlspuffin/put.rs.html‎
Lines changed: 42 additions & 6 deletions
diff --git a/‎website/api/src/tlspuffin/tls/seeds.rs.html‎
Lines changed: 94 additions & 0 deletions b/‎website/api/src/tlspuffin/tls/seeds.rs.html‎
Lines changed: 94 additions & 0 deletions
diff --git a/‎website/api/tlspuffin/all.html‎
Lines changed: 1 addition & 1 deletion b/‎website/api/tlspuffin/all.html‎
Lines changed: 1 addition & 1 deletion
@@ -574,6 +574,17 @@
 <a href="#574" id="574">574</a>
 <a href="#575" id="575">575</a>
 <a href="#576" id="576">576</a>
+<a href="#577" id="577">577</a>
+<a href="#578" id="578">578</a>
+<a href="#579" id="579">579</a>
+<a href="#580" id="580">580</a>
+<a href="#581" id="581">581</a>
+<a href="#582" id="582">582</a>
+<a href="#583" id="583">583</a>
+<a href="#584" id="584">584</a>
+<a href="#585" id="585">585</a>
+<a href="#586" id="586">586</a>
+<a href="#587" id="587">587</a>
 </pre></div><pre class="rust"><code><span class="comment">/* automatically generated by rust-bindgen 0.69.1 */
 
 </span><span class="attr">#[repr(C)]
@@ -943,7 +954,8 @@
     <span class="kw">pub </span>tls_version: TLS_VERSION,
     <span class="kw">pub </span>client_authentication: bool,
     <span class="kw">pub </span>server_authentication: bool,
-    <span class="kw">pub </span>cipher_string: <span class="kw-2">*const </span>::libc::c_char,
+    <span class="kw">pub </span>cipher_string_tls13: <span class="kw-2">*const </span>::libc::c_char,
+    <span class="kw">pub </span>cipher_string_tls12: <span class="kw-2">*const </span>::libc::c_char,
     <span class="kw">pub </span>group_list: <span class="kw-2">*const </span>::libc::c_char,
     <span class="kw">pub </span>cert: <span class="kw-2">*const </span>PEM,
     <span class="kw">pub </span>pkey: <span class="kw-2">*const </span>PEM,
@@ -956,7 +968,7 @@
     <span class="kw">let </span>ptr = UNINIT.as_ptr();
     <span class="macro">assert_eq!</span>(
         ::std::mem::size_of::&lt;TLS_AGENT_DESCRIPTOR&gt;(),
-        <span class="number">64usize</span>,
+        <span class="number">72usize</span>,
         <span class="macro">concat!</span>(<span class="string">"Size of: "</span>, <span class="macro">stringify!</span>(TLS_AGENT_DESCRIPTOR))
     );
     <span class="macro">assert_eq!</span>(
@@ -1015,18 +1027,28 @@
         )
     );
     <span class="macro">assert_eq!</span>(
-        <span class="kw">unsafe </span>{ <span class="macro">::std::ptr::addr_of!</span>((<span class="kw-2">*</span>ptr).cipher_string) <span class="kw">as </span>usize - ptr <span class="kw">as </span>usize },
+        <span class="kw">unsafe </span>{ <span class="macro">::std::ptr::addr_of!</span>((<span class="kw-2">*</span>ptr).cipher_string_tls13) <span class="kw">as </span>usize - ptr <span class="kw">as </span>usize },
         <span class="number">16usize</span>,
         <span class="macro">concat!</span>(
             <span class="string">"Offset of field: "</span>,
             <span class="macro">stringify!</span>(TLS_AGENT_DESCRIPTOR),
             <span class="string">"::"</span>,
-            <span class="macro">stringify!</span>(cipher_string)
+            <span class="macro">stringify!</span>(cipher_string_tls13)
         )
     );
     <span class="macro">assert_eq!</span>(
-        <span class="kw">unsafe </span>{ <span class="macro">::std::ptr::addr_of!</span>((<span class="kw-2">*</span>ptr).group_list) <span class="kw">as </span>usize - ptr <span class="kw">as </span>usize },
+        <span class="kw">unsafe </span>{ <span class="macro">::std::ptr::addr_of!</span>((<span class="kw-2">*</span>ptr).cipher_string_tls12) <span class="kw">as </span>usize - ptr <span class="kw">as </span>usize },
         <span class="number">24usize</span>,
+        <span class="macro">concat!</span>(
+            <span class="string">"Offset of field: "</span>,
+            <span class="macro">stringify!</span>(TLS_AGENT_DESCRIPTOR),
+            <span class="string">"::"</span>,
+            <span class="macro">stringify!</span>(cipher_string_tls12)
+        )
+    );
+    <span class="macro">assert_eq!</span>(
+        <span class="kw">unsafe </span>{ <span class="macro">::std::ptr::addr_of!</span>((<span class="kw-2">*</span>ptr).group_list) <span class="kw">as </span>usize - ptr <span class="kw">as </span>usize },
+        <span class="number">32usize</span>,
         <span class="macro">concat!</span>(
             <span class="string">"Offset of field: "</span>,
             <span class="macro">stringify!</span>(TLS_AGENT_DESCRIPTOR),
@@ -1036,7 +1058,7 @@
     );
     <span class="macro">assert_eq!</span>(
         <span class="kw">unsafe </span>{ <span class="macro">::std::ptr::addr_of!</span>((<span class="kw-2">*</span>ptr).cert) <span class="kw">as </span>usize - ptr <span class="kw">as </span>usize },
-        <span class="number">32usize</span>,
+        <span class="number">40usize</span>,
         <span class="macro">concat!</span>(
             <span class="string">"Offset of field: "</span>,
             <span class="macro">stringify!</span>(TLS_AGENT_DESCRIPTOR),
@@ -1046,7 +1068,7 @@
     );
     <span class="macro">assert_eq!</span>(
         <span class="kw">unsafe </span>{ <span class="macro">::std::ptr::addr_of!</span>((<span class="kw-2">*</span>ptr).pkey) <span class="kw">as </span>usize - ptr <span class="kw">as </span>usize },
-        <span class="number">40usize</span>,
+        <span class="number">48usize</span>,
         <span class="macro">concat!</span>(
             <span class="string">"Offset of field: "</span>,
             <span class="macro">stringify!</span>(TLS_AGENT_DESCRIPTOR),
@@ -1056,7 +1078,7 @@
     );
     <span class="macro">assert_eq!</span>(
         <span class="kw">unsafe </span>{ <span class="macro">::std::ptr::addr_of!</span>((<span class="kw-2">*</span>ptr).store) <span class="kw">as </span>usize - ptr <span class="kw">as </span>usize },
-        <span class="number">48usize</span>,
+        <span class="number">56usize</span>,
         <span class="macro">concat!</span>(
             <span class="string">"Offset of field: "</span>,
             <span class="macro">stringify!</span>(TLS_AGENT_DESCRIPTOR),
@@ -1066,7 +1088,7 @@
     );
     <span class="macro">assert_eq!</span>(
         <span class="kw">unsafe </span>{ <span class="macro">::std::ptr::addr_of!</span>((<span class="kw-2">*</span>ptr).store_length) <span class="kw">as </span>usize - ptr <span class="kw">as </span>usize },
-        <span class="number">56usize</span>,
+        <span class="number">64usize</span>,
         <span class="macro">concat!</span>(
             <span class="string">"Offset of field: "</span>,
             <span class="macro">stringify!</span>(TLS_AGENT_DESCRIPTOR),
 
@@ -390,6 +390,11 @@
 <a href="#390" id="390">390</a>
 <a href="#391" id="391">391</a>
 <a href="#392" id="392">392</a>
+<a href="#393" id="393">393</a>
+<a href="#394" id="394">394</a>
+<a href="#395" id="395">395</a>
+<a href="#396" id="396">396</a>
+<a href="#397" id="397">397</a>
 </pre></div><pre class="rust"><code><span class="kw">use </span>core::any::TypeId;
 
 <span class="kw">use </span>extractable_macro::Extractable;
@@ -680,7 +685,8 @@
     /// as openssl agents rotate ticket keys if they are recreated.
     </span><span class="kw">pub </span>try_reuse: bool,
     <span class="doccomment">/// List of available TLS ciphers
-    </span><span class="kw">pub </span>cipher_string: String,
+    </span><span class="kw">pub </span>cipher_string_tls13: String,
+    <span class="kw">pub </span>cipher_string_tls12: String,
     <span class="doccomment">/// List of available TLS groups/curves
     /// If `None`, use the default PUT groups
     </span><span class="kw">pub </span>groups: <span class="prelude-ty">Option</span>&lt;String&gt;,
@@ -718,11 +724,14 @@
     <span class="kw">fn </span>is_reusable_with(<span class="kw-2">&amp;</span><span class="self">self</span>, other: <span class="kw-2">&amp;</span><span class="self">Self</span>) -&gt; bool {
         <span class="self">self</span>.typ == other.typ
             &amp;&amp; <span class="self">self</span>.tls_version == other.tls_version
-            &amp;&amp; <span class="self">self</span>.cipher_string == other.cipher_string
+            &amp;&amp; <span class="self">self</span>.cipher_string_tls13 == other.cipher_string_tls13
+            &amp;&amp; <span class="self">self</span>.cipher_string_tls12 == other.cipher_string_tls12
             &amp;&amp; <span class="self">self</span>.groups == other.groups
     }
 }
 
+<span class="kw">const </span>TLS_DEFAULT_CIPHER: <span class="kw-2">&amp;</span>str = <span class="string">"ALL:!EXPORT:!LOW:!aNULL:!eNULL:!SSLv2"</span>;
+
 <span class="kw">impl </span>Default <span class="kw">for </span>TLSDescriptorConfig {
     <span class="kw">fn </span>default() -&gt; <span class="self">Self </span>{
         <span class="self">Self </span>{
@@ -731,7 +740,8 @@
             server_authentication: <span class="bool-val">true</span>,
             try_reuse: <span class="bool-val">false</span>,
             typ: AgentType::Server,
-            cipher_string: String::from(<span class="string">"ALL:!EXPORT:!LOW:!aNULL:!eNULL:!SSLv2"</span>),
+            cipher_string_tls13: TLS_DEFAULT_CIPHER.into(),
+            cipher_string_tls12: TLS_DEFAULT_CIPHER.into(),
             groups: <span class="prelude-val">None</span>,
         }
     }
 
@@ -451,6 +451,24 @@
 <a href="#451" id="451">451</a>
 <a href="#452" id="452">452</a>
 <a href="#453" id="453">453</a>
+<a href="#454" id="454">454</a>
+<a href="#455" id="455">455</a>
+<a href="#456" id="456">456</a>
+<a href="#457" id="457">457</a>
+<a href="#458" id="458">458</a>
+<a href="#459" id="459">459</a>
+<a href="#460" id="460">460</a>
+<a href="#461" id="461">461</a>
+<a href="#462" id="462">462</a>
+<a href="#463" id="463">463</a>
+<a href="#464" id="464">464</a>
+<a href="#465" id="465">465</a>
+<a href="#466" id="466">466</a>
+<a href="#467" id="467">467</a>
+<a href="#468" id="468">468</a>
+<a href="#469" id="469">469</a>
+<a href="#470" id="470">470</a>
+<a href="#471" id="471">471</a>
 </pre></div><pre class="rust"><code><span class="kw">use </span>std::cell::RefCell;
 <span class="kw">use </span>std::collections::HashSet;
 <span class="kw">use </span>std::ffi::CString;
@@ -637,8 +655,22 @@
 
         <span class="kw">let </span>server_store = [<span class="kw-2">&amp;</span>client_cert <span class="kw">as </span><span class="kw-2">*const </span><span class="kw">_</span>, <span class="kw-2">&amp;</span>other_cert];
         <span class="kw">let </span>client_store = [<span class="kw-2">&amp;</span>server_cert <span class="kw">as </span><span class="kw-2">*const </span><span class="kw">_</span>, <span class="kw-2">&amp;</span>other_cert];
-        <span class="kw">let </span>ciphers =
-            CString::new(config.descriptor.protocol_config.cipher_string.clone()).unwrap();
+        <span class="kw">let </span>ciphers_tls13 = CString::new(
+            config
+                .descriptor
+                .protocol_config
+                .cipher_string_tls13
+                .clone(),
+        )
+        .unwrap();
+        <span class="kw">let </span>ciphers_tls12 = CString::new(
+            config
+                .descriptor
+                .protocol_config
+                .cipher_string_tls12
+                .clone(),
+        )
+        .unwrap();
         <span class="kw">let </span>groups = config
             .descriptor
             .protocol_config
@@ -652,15 +684,17 @@
                 <span class="kw-2">&amp;</span>server_cert,
                 <span class="kw-2">&amp;</span>server_pkey,
                 <span class="kw-2">&amp;</span>server_store,
-                <span class="kw-2">&amp;</span>ciphers,
+                <span class="kw-2">&amp;</span>ciphers_tls13,
+                <span class="kw-2">&amp;</span>ciphers_tls12,
                 <span class="kw-2">&amp;</span>groups,
             ),
             AgentType::Client =&gt; make_descriptor(
                 <span class="kw-2">&amp;</span>config,
                 <span class="kw-2">&amp;</span>client_cert,
                 <span class="kw-2">&amp;</span>client_pkey,
                 <span class="kw-2">&amp;</span>client_store,
-                <span class="kw-2">&amp;</span>ciphers,
+                <span class="kw-2">&amp;</span>ciphers_tls13,
+                <span class="kw-2">&amp;</span>ciphers_tls12,
                 <span class="kw-2">&amp;</span>groups,
             ),
         };
@@ -815,7 +849,8 @@
     cert: <span class="kw-2">*const </span>PEM,
     pkey: <span class="kw-2">*const </span>PEM,
     store: <span class="kw-2">&amp;</span>[<span class="kw-2">*const </span>PEM],
-    ciphers: <span class="kw-2">&amp;</span>CString,
+    ciphers_tls13: <span class="kw-2">&amp;</span>CString,
+    ciphers_tls12: <span class="kw-2">&amp;</span>CString,
     groups: <span class="kw-2">&amp;</span><span class="prelude-ty">Option</span>&lt;CString&gt;,
 ) -&gt; TLS_AGENT_DESCRIPTOR {
     <span class="comment">// eprintln!("{:?}", cert);
@@ -836,7 +871,8 @@
         },
         client_authentication: config.descriptor.protocol_config.client_authentication,
         server_authentication: config.descriptor.protocol_config.server_authentication,
-        cipher_string: ciphers.as_ptr(),
+        cipher_string_tls13: ciphers_tls13.as_ptr(),
+        cipher_string_tls12: ciphers_tls12.as_ptr(),
         group_list: <span class="kw">if let </span><span class="prelude-val">Some</span>(group_list) = groups {
             group_list.as_ref().as_ptr()
         } <span class="kw">else </span>{
 
@@ -2568,6 +2568,53 @@
 <a href="#2568" id="2568">2568</a>
 <a href="#2569" id="2569">2569</a>
 <a href="#2570" id="2570">2570</a>
+<a href="#2571" id="2571">2571</a>
+<a href="#2572" id="2572">2572</a>
+<a href="#2573" id="2573">2573</a>
+<a href="#2574" id="2574">2574</a>
+<a href="#2575" id="2575">2575</a>
+<a href="#2576" id="2576">2576</a>
+<a href="#2577" id="2577">2577</a>
+<a href="#2578" id="2578">2578</a>
+<a href="#2579" id="2579">2579</a>
+<a href="#2580" id="2580">2580</a>
+<a href="#2581" id="2581">2581</a>
+<a href="#2582" id="2582">2582</a>
+<a href="#2583" id="2583">2583</a>
+<a href="#2584" id="2584">2584</a>
+<a href="#2585" id="2585">2585</a>
+<a href="#2586" id="2586">2586</a>
+<a href="#2587" id="2587">2587</a>
+<a href="#2588" id="2588">2588</a>
+<a href="#2589" id="2589">2589</a>
+<a href="#2590" id="2590">2590</a>
+<a href="#2591" id="2591">2591</a>
+<a href="#2592" id="2592">2592</a>
+<a href="#2593" id="2593">2593</a>
+<a href="#2594" id="2594">2594</a>
+<a href="#2595" id="2595">2595</a>
+<a href="#2596" id="2596">2596</a>
+<a href="#2597" id="2597">2597</a>
+<a href="#2598" id="2598">2598</a>
+<a href="#2599" id="2599">2599</a>
+<a href="#2600" id="2600">2600</a>
+<a href="#2601" id="2601">2601</a>
+<a href="#2602" id="2602">2602</a>
+<a href="#2603" id="2603">2603</a>
+<a href="#2604" id="2604">2604</a>
+<a href="#2605" id="2605">2605</a>
+<a href="#2606" id="2606">2606</a>
+<a href="#2607" id="2607">2607</a>
+<a href="#2608" id="2608">2608</a>
+<a href="#2609" id="2609">2609</a>
+<a href="#2610" id="2610">2610</a>
+<a href="#2611" id="2611">2611</a>
+<a href="#2612" id="2612">2612</a>
+<a href="#2613" id="2613">2613</a>
+<a href="#2614" id="2614">2614</a>
+<a href="#2615" id="2615">2615</a>
+<a href="#2616" id="2616">2616</a>
+<a href="#2617" id="2617">2617</a>
 </pre></div><pre class="rust"><code><span class="doccomment">//! Implementation of  special traces. Each may represent a special TLS execution like a full
 //! handshake or an execution which crashes OpenSSL.
 </span><span class="attr">#![allow(dead_code)]
@@ -2967,6 +3014,53 @@
     }
 }
 
+<span class="doccomment">/// This seed performs a TLS 1.2 handshake between a client and a server by only
+/// forwarding messages between the agents
+</span><span class="kw">pub fn </span>seed_successful12_forward(client: AgentName, server: AgentName) -&gt; Trace&lt;TLSProtocolTypes&gt; {
+    Trace {
+        prior_traces: <span class="macro">vec!</span>[],
+        descriptors: <span class="macro">vec!</span>[
+            TLSDescriptorConfig::new_client(client, TLSVersion::V1_2),
+            TLSDescriptorConfig::new_server(server, TLSVersion::V1_2),
+        ],
+        steps: <span class="macro">vec!</span>[
+            OutputAction::new_step(client),
+            <span class="comment">// Client Hello Client -&gt; Server
+            </span>Step {
+                agent: server,
+                action: Action::Input(<span class="macro">input_action!</span> { <span class="macro">term!</span> {
+                        (client, <span class="number">0</span>)/MessageFlight
+                    }
+                }),
+            },
+            <span class="comment">// ServerHello/EncryptedExtensions/Certificate/CertificateVerify/ServerFinished -&gt;
+            // Client
+            </span>Step {
+                agent: client,
+                action: Action::Input(<span class="macro">input_action!</span> { <span class="macro">term!</span> {
+                        (server, <span class="number">0</span>)/MessageFlight
+                    }
+                }),
+            },
+            <span class="comment">// Client Finished -&gt; server
+            </span>Step {
+                agent: server,
+                action: Action::Input(<span class="macro">input_action!</span> { <span class="macro">term!</span> {
+                        (client, <span class="number">1</span>)/MessageFlight
+                    }
+                }),
+            },
+            Step {
+                agent: client,
+                action: Action::Input(<span class="macro">input_action!</span> { <span class="macro">term!</span> {
+                        (server, <span class="number">1</span>)/MessageFlight
+                    }
+                }),
+            },
+        ],
+    }
+}
+
 <span class="comment">// TODO: `[BAD_DECRYPT] [DECRYPTION_FAILED_OR_BAD_RECORD_MAC]` error with BoringSSL
 </span><span class="kw">pub fn </span>seed_successful_with_ccs(client: AgentName, server: AgentName) -&gt; Trace&lt;TLSProtocolTypes&gt; {
     Trace {