Mercurial > hg > nginx-tests

changeset 1848:727741cdff74

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Tests: fixed ssl_ocsp.t with LibreSSL and TLSv1.3. LibreSSL does not support session reuse with TLSv1.3.
author Maxim Dounin <mdounin@mdounin.ru>
date Thu, 23 Mar 2023 19:50:29 +0300
parents a9704b9ed7a2
children 72d206b37df1
files ssl_ocsp.t
diffstat 1 files changed, 12 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- a/ssl_ocsp.t
+++ b/ssl_ocsp.t
@@ -369,9 +369,15 @@ like(get('ec-end'), qr/200 OK.*SUCCESS/s
 my ($s, $ssl) = get('ec-end');
 my $ses = Net::SSLeay::get_session($ssl);
 
+TODO: {
+local $TODO = 'no TLSv1.3 sessions in LibreSSL'
+	if $t->has_module('LibreSSL') and $version > 0x303;
+
 like(get('ec-end', ses => $ses),
 	qr/200 OK.*SUCCESS:r/s, 'session reused');
 
+}
+
 # revoke with saved session
 
 system("openssl ca -config $d/ca.conf -revoke $d/ec-end.crt "
@@ -391,9 +397,15 @@ system("openssl ocsp -index $d/certindex
 
 # reusing session with revoked certificate
 
+TODO: {
+local $TODO = 'no TLSv1.3 sessions in LibreSSL'
+	if $t->has_module('LibreSSL') and $version > 0x303;
+
 like(get('ec-end', ses => $ses),
 	qr/400 Bad.*FAILED:certificate revoked:r/s, 'session reused - revoked');
 
+}
+
 # regression test for self-signed
 
 like(get('root', port => 8447), qr/200 OK.*SUCCESS/s, 'ocsp one');