Mercurial > hg > nginx-tests
comparison ssl_ocsp.t @ 1966:c924ae8d7104
Tests: session reuse handling with Net::SSLeay with LibreSSL.
LibreSSL does not support session reuse with TLSv1.3, and this causes
various test failures if Net::SSLeay is compiled with LibreSSL. Notably,
this affects macOS, where Net::SSLeay compiled with LibreSSL is shipped
with the OS.
Fix is to mark relevant tests as TODO if Net::SSLeay is compiled with
LibreSSL, similarly to what we already do for LibreSSL on the server side.
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Mon, 06 May 2024 00:01:46 +0300 |
parents | 0b5ec15c62ed |
children |
comparison
equal
deleted
inserted
replaced
1965:84f4d4930835 | 1966:c924ae8d7104 |
---|---|
359 if $Net::SSLeay::VERSION < 1.88 && test_tls13(); | 359 if $Net::SSLeay::VERSION < 1.88 && test_tls13(); |
360 local $TODO = 'no TLSv1.3 sessions, old IO::Socket::SSL' | 360 local $TODO = 'no TLSv1.3 sessions, old IO::Socket::SSL' |
361 if $IO::Socket::SSL::VERSION < 2.061 && test_tls13(); | 361 if $IO::Socket::SSL::VERSION < 2.061 && test_tls13(); |
362 local $TODO = 'no TLSv1.3 sessions in LibreSSL' | 362 local $TODO = 'no TLSv1.3 sessions in LibreSSL' |
363 if $t->has_module('LibreSSL') && test_tls13(); | 363 if $t->has_module('LibreSSL') && test_tls13(); |
364 local $TODO = 'no TLSv1.3 sessions in Net::SSLeay (LibreSSL)' | |
365 if Net::SSLeay::constant("LIBRESSL_VERSION_NUMBER") && test_tls13(); | |
364 | 366 |
365 like(get('ec-end', ses => $s), | 367 like(get('ec-end', ses => $s), |
366 qr/200 OK.*SUCCESS:r/s, 'session reused'); | 368 qr/200 OK.*SUCCESS:r/s, 'session reused'); |
367 | 369 |
368 } | 370 } |
391 if $Net::SSLeay::VERSION < 1.88 && test_tls13(); | 393 if $Net::SSLeay::VERSION < 1.88 && test_tls13(); |
392 local $TODO = 'no TLSv1.3 sessions, old IO::Socket::SSL' | 394 local $TODO = 'no TLSv1.3 sessions, old IO::Socket::SSL' |
393 if $IO::Socket::SSL::VERSION < 2.061 && test_tls13(); | 395 if $IO::Socket::SSL::VERSION < 2.061 && test_tls13(); |
394 local $TODO = 'no TLSv1.3 sessions in LibreSSL' | 396 local $TODO = 'no TLSv1.3 sessions in LibreSSL' |
395 if $t->has_module('LibreSSL') && test_tls13(); | 397 if $t->has_module('LibreSSL') && test_tls13(); |
398 local $TODO = 'no TLSv1.3 sessions in Net::SSLeay (LibreSSL)' | |
399 if Net::SSLeay::constant("LIBRESSL_VERSION_NUMBER") && test_tls13(); | |
396 | 400 |
397 like(get('ec-end', ses => $s), | 401 like(get('ec-end', ses => $s), |
398 qr/400 Bad.*FAILED:certificate revoked:r/s, 'session reused - revoked'); | 402 qr/400 Bad.*FAILED:certificate revoked:r/s, 'session reused - revoked'); |
399 | 403 |
400 } | 404 } |