Mercurial > hg > nginx-tests

changeset 1972:f3573393f36f

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Tests: guarded ssl_stapling.t for old OpenSSL versions. Stapling requires the certificate status TLS extension. It is implemented in OpenSSL 0.9.8h and available if TLS extensions support is explicitly configured, and by default since 0.9.8j. To properly test if stapling is available, OpenSSL version is checked, and SNI availability is checked to ensure TLS extensions support is compiled in.
author Maxim Dounin <mdounin@mdounin.ru>
date Mon, 06 May 2024 00:04:22 +0300
parents ab45ee8011df
children 94e0390dc64f
files ssl_stapling.t
diffstat 1 files changed, 6 insertions(+), 1 deletions(-) [+]
line wrap: on
line diff
--- a/ssl_stapling.t
+++ b/ssl_stapling.t
@@ -32,7 +32,12 @@ plan(skip_all => 'Net::SSLeay too old') 
 eval { defined &IO::Socket::SSL::SSL_OCSP_TRY_STAPLE or die; };
 plan(skip_all => 'IO::Socket::SSL too old') if $@;
 
-plan(skip_all => 'no OCSP stapling') if $t->has_module('BoringSSL');
+plan(skip_all => 'no OCSP stapling')
+	if $t->has_module('BoringSSL');
+plan(skip_all => 'no OCSP stapling')
+	if $t->has_module('OpenSSL') and not $t->has_feature('openssl:0.9.8h');
+plan(skip_all => 'no OCSP stapling')
+	if not $t->has_module('sni');
 
 $t->plan(10)->write_file_expand('nginx.conf', <<'EOF');