Mercurial > hg > nginx-tests
comparison ssl_ocsp.t @ 1966:c924ae8d7104
Tests: session reuse handling with Net::SSLeay with LibreSSL.
LibreSSL does not support session reuse with TLSv1.3, and this causes
various test failures if Net::SSLeay is compiled with LibreSSL. Notably,
this affects macOS, where Net::SSLeay compiled with LibreSSL is shipped
with the OS.
Fix is to mark relevant tests as TODO if Net::SSLeay is compiled with
LibreSSL, similarly to what we already do for LibreSSL on the server side.
| author | Maxim Dounin <mdounin@mdounin.ru> |
|---|---|
| date | Mon, 06 May 2024 00:01:46 +0300 |
| parents | 0b5ec15c62ed |
| children |
comparison
equal
deleted
inserted
replaced
| 1965:84f4d4930835 | 1966:c924ae8d7104 |
|---|---|
| 359 if $Net::SSLeay::VERSION < 1.88 && test_tls13(); | 359 if $Net::SSLeay::VERSION < 1.88 && test_tls13(); |
| 360 local $TODO = 'no TLSv1.3 sessions, old IO::Socket::SSL' | 360 local $TODO = 'no TLSv1.3 sessions, old IO::Socket::SSL' |
| 361 if $IO::Socket::SSL::VERSION < 2.061 && test_tls13(); | 361 if $IO::Socket::SSL::VERSION < 2.061 && test_tls13(); |
| 362 local $TODO = 'no TLSv1.3 sessions in LibreSSL' | 362 local $TODO = 'no TLSv1.3 sessions in LibreSSL' |
| 363 if $t->has_module('LibreSSL') && test_tls13(); | 363 if $t->has_module('LibreSSL') && test_tls13(); |
| 364 local $TODO = 'no TLSv1.3 sessions in Net::SSLeay (LibreSSL)' | |
| 365 if Net::SSLeay::constant("LIBRESSL_VERSION_NUMBER") && test_tls13(); | |
| 364 | 366 |
| 365 like(get('ec-end', ses => $s), | 367 like(get('ec-end', ses => $s), |
| 366 qr/200 OK.*SUCCESS:r/s, 'session reused'); | 368 qr/200 OK.*SUCCESS:r/s, 'session reused'); |
| 367 | 369 |
| 368 } | 370 } |
| 391 if $Net::SSLeay::VERSION < 1.88 && test_tls13(); | 393 if $Net::SSLeay::VERSION < 1.88 && test_tls13(); |
| 392 local $TODO = 'no TLSv1.3 sessions, old IO::Socket::SSL' | 394 local $TODO = 'no TLSv1.3 sessions, old IO::Socket::SSL' |
| 393 if $IO::Socket::SSL::VERSION < 2.061 && test_tls13(); | 395 if $IO::Socket::SSL::VERSION < 2.061 && test_tls13(); |
| 394 local $TODO = 'no TLSv1.3 sessions in LibreSSL' | 396 local $TODO = 'no TLSv1.3 sessions in LibreSSL' |
| 395 if $t->has_module('LibreSSL') && test_tls13(); | 397 if $t->has_module('LibreSSL') && test_tls13(); |
| 398 local $TODO = 'no TLSv1.3 sessions in Net::SSLeay (LibreSSL)' | |
| 399 if Net::SSLeay::constant("LIBRESSL_VERSION_NUMBER") && test_tls13(); | |
| 396 | 400 |
| 397 like(get('ec-end', ses => $s), | 401 like(get('ec-end', ses => $s), |
| 398 qr/400 Bad.*FAILED:certificate revoked:r/s, 'session reused - revoked'); | 402 qr/400 Bad.*FAILED:certificate revoked:r/s, 'session reused - revoked'); |
| 399 | 403 |
| 400 } | 404 } |