# HG changeset patch
# User Sergey Kandaurov <pluknet@nginx.com>
# Date 1544019001 -10800
# Node ID a8243ed8adcb15ff18ec1b0d9894636ac42a1a2b
# Parent  a1a3164faec84eff3a98b76ebb9511e1fe040486
Tests: expect ssl_sni_reneg.t failures on stable in certain cases.

Notably, if built with OpenSSL 1.1.1 on Linux, SSL renegotiation could be
handled too late if client manages to keep recv buffer filled on server.

diff --git a/ssl_sni_reneg.t b/ssl_sni_reneg.t
--- a/ssl_sni_reneg.t
+++ b/ssl_sni_reneg.t
@@ -104,6 +104,8 @@ foreach my $name ('localhost') {
 
 ###############################################################################
 
+my ($ossl) = $t->{_configure_args} =~ /OpenSSL ([\d\.]+)/;
+
 my ($s, $ssl) = get_ssl_socket(8080);
 ok($s, 'connection');
 
@@ -119,10 +121,16 @@ ok(Net::SSLeay::set_tlsext_host_name($ss
 
 Net::SSLeay::write($ssl, 'Host: localhost' . CRLF . CRLF);
 
+TODO: {
+local $TODO = 'not yet' if $ossl ge '1.1.1' and $^O eq 'linux'
+	and !$t->has_version('1.15.2');
+
 ok(!Net::SSLeay::read($ssl), 'response');
 
 }
 
+}
+
 # virtual servers
 # in [1.15.4..1.15.5) SSL_OP_NO_RENEGOTIATION is cleared in servername callback
 
@@ -141,10 +149,16 @@ ok(Net::SSLeay::set_tlsext_host_name($ss
 
 Net::SSLeay::write($ssl, 'Host: localhost' . CRLF . CRLF);
 
+TODO: {
+local $TODO = 'not yet' if $ossl ge '1.1.1' and $^O eq 'linux'
+	and !$t->has_version('1.15.2');
+
 ok(!Net::SSLeay::read($ssl), 'virtual servers');
 
 }
 
+}
+
 ###############################################################################
 
 sub get_ssl_socket {