Mercurial > hg > nginx-tests
diff ssl.t @ 1830:8dec885fa3da
Tests: LibreSSL and BoringSSL session reuse with TLSv1.3.
LibreSSL does not support session reuse with TLSv1.3 at all. BoringSSL
with TLSv1.3 only supports session tickets, but not server-side session
cache.
| author | Maxim Dounin <mdounin@mdounin.ru> |
|---|---|
| date | Thu, 23 Mar 2023 19:49:49 +0300 |
| parents | a78c32419f02 |
| children | cdcd75657e52 |
line wrap: on
line diff
--- a/ssl.t +++ b/ssl.t @@ -185,6 +185,8 @@ local $TODO = 'no TLSv1.3 sessions, old if $Net::SSLeay::VERSION < 1.88 && test_tls13(); local $TODO = 'no TLSv1.3 sessions, old IO::Socket::SSL' if $IO::Socket::SSL::VERSION < 2.061 && test_tls13(); +local $TODO = 'no TLSv1.3 sessions in LibreSSL' + if $t->has_module('LibreSSL') && test_tls13(); like(get('/', 8085, $ctx), qr/^body r$/m, 'session reused'); @@ -211,8 +213,17 @@ like(get('/', 8086, $ctx), qr/^body \.$/ $ctx = get_ssl_context(); like(get('/id', 8085, $ctx), qr/^body (\w{64})?$/m, 'session id'); + +TODO: { +local $TODO = 'no TLSv1.3 sessions in LibreSSL' + if $t->has_module('LibreSSL') && test_tls13(); +local $TODO = 'no TLSv1.3 sessions ids in BoringSSL' + if $t->has_module('BoringSSL') && test_tls13(); + like(get('/id', 8085, $ctx), qr/^body \w{64}$/m, 'session id reused'); +} + unlike(http_get('/id'), qr/body \w/, 'session id no ssl'); like(get('/cipher', 8085), qr/^body [\w-]+$/m, 'cipher');