Mercurial > hg > nginx-tests
changeset 1848:727741cdff74
Tests: fixed ssl_ocsp.t with LibreSSL and TLSv1.3.
LibreSSL does not support session reuse with TLSv1.3.
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Thu, 23 Mar 2023 19:50:29 +0300 |
parents | a9704b9ed7a2 |
children | 72d206b37df1 |
files | ssl_ocsp.t |
diffstat | 1 files changed, 12 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- a/ssl_ocsp.t Thu Mar 23 19:50:26 2023 +0300 +++ b/ssl_ocsp.t Thu Mar 23 19:50:29 2023 +0300 @@ -369,9 +369,15 @@ my ($s, $ssl) = get('ec-end'); my $ses = Net::SSLeay::get_session($ssl); +TODO: { +local $TODO = 'no TLSv1.3 sessions in LibreSSL' + if $t->has_module('LibreSSL') and $version > 0x303; + like(get('ec-end', ses => $ses), qr/200 OK.*SUCCESS:r/s, 'session reused'); +} + # revoke with saved session system("openssl ca -config $d/ca.conf -revoke $d/ec-end.crt " @@ -391,9 +397,15 @@ # reusing session with revoked certificate +TODO: { +local $TODO = 'no TLSv1.3 sessions in LibreSSL' + if $t->has_module('LibreSSL') and $version > 0x303; + like(get('ec-end', ses => $ses), qr/400 Bad.*FAILED:certificate revoked:r/s, 'session reused - revoked'); +} + # regression test for self-signed like(get('root', port => 8447), qr/200 OK.*SUCCESS/s, 'ocsp one');