Mercurial > hg > nginx-tests

diff ssl_sni_reneg.t @ 1411:a8243ed8adcb

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Tests: expect ssl_sni_reneg.t failures on stable in certain cases. Notably, if built with OpenSSL 1.1.1 on Linux, SSL renegotiation could be handled too late if client manages to keep recv buffer filled on server.
author Sergey Kandaurov <pluknet@nginx.com>
date Wed, 05 Dec 2018 17:10:01 +0300
parents 0bc5bd58d9de
children 4e48bf51714f
line wrap: on
line diff
--- a/ssl_sni_reneg.t
+++ b/ssl_sni_reneg.t
@@ -104,6 +104,8 @@ foreach my $name ('localhost') {
 
 ###############################################################################
 
+my ($ossl) = $t->{_configure_args} =~ /OpenSSL ([\d\.]+)/;
+
 my ($s, $ssl) = get_ssl_socket(8080);
 ok($s, 'connection');
 
@@ -119,10 +121,16 @@ ok(Net::SSLeay::set_tlsext_host_name($ss
 
 Net::SSLeay::write($ssl, 'Host: localhost' . CRLF . CRLF);
 
+TODO: {
+local $TODO = 'not yet' if $ossl ge '1.1.1' and $^O eq 'linux'
+	and !$t->has_version('1.15.2');
+
 ok(!Net::SSLeay::read($ssl), 'response');
 
 }
 
+}
+
 # virtual servers
 # in [1.15.4..1.15.5) SSL_OP_NO_RENEGOTIATION is cleared in servername callback
 
@@ -141,10 +149,16 @@ ok(Net::SSLeay::set_tlsext_host_name($ss
 
 Net::SSLeay::write($ssl, 'Host: localhost' . CRLF . CRLF);
 
+TODO: {
+local $TODO = 'not yet' if $ossl ge '1.1.1' and $^O eq 'linux'
+	and !$t->has_version('1.15.2');
+
 ok(!Net::SSLeay::read($ssl), 'virtual servers');
 
 }
 
+}
+
 ###############################################################################
 
 sub get_ssl_socket {