[PATCH 0 of 5] macOS test improvements
Maxim Dounin
mdounin at mdounin.ru
Wed May 1 01:01:46 UTC 2024
Hello!
The following patch series improves testing on macOS with OS-provided
Net::SSLeay, which is compiled with LibreSSL.
The following issues were identified and addressed:
- Hangs, likely due to SSL_shutdown() misbehaviour.
These seems to be fixed in recent LibreSSL versions, but macOS
ships LibreSSL 3.3.6, which is a bit outdated.
- TLSv1.3 ciphers naming, which used to be different in LibreSSL
before 3.5.0.
- No support for TLSv1.3 session reuse in LibreSSL.
- No support for signature algorithms customization in LibreSSL.
- No support for reading CA lists with TLSv1.3 in LibreSSL.
Most of the issues seems to match those already handled with LibreSSL
on the server side. Notable exception is hangs, but those were easy
enough to work around.
Review and testing appreciated.
--
Maxim Dounin
More information about the nginx-devel
mailing list