[nginx-tests] Tests: guarded ssl_certificates.t for old OpenSSL ...
Maxim Dounin
mdounin at mdounin.ru
Sun May 5 21:05:01 UTC 2024
details: http://freenginx.org/hg/nginx-tests/rev/94e0390dc64f
branches:
changeset: 1973:94e0390dc64f
user: Maxim Dounin <mdounin at mdounin.ru>
date: Mon May 06 00:04:24 2024 +0300
description:
Tests: guarded ssl_certificates.t for old OpenSSL versions.
The ssl_certificates.t test uses ECDSA ciphers, which are only available
starting with OpenSSL 0.9.8b. In previous versions, notably in OpenSSL 0.9.8
and 0.9.8a, only non-standard example ciphers where available, which cannot
be used with any other clients.
The same applies to ssl_stapling.t, but it also requires the certificate
status TLS extension, which is only available since OpenSSL 0.9.8h, and
therefore no additional checks are needed.
diffstat:
ssl_certificates.t | 5 ++++-
1 files changed, 4 insertions(+), 1 deletions(-)
diffs (15 lines):
diff --git a/ssl_certificates.t b/ssl_certificates.t
--- a/ssl_certificates.t
+++ b/ssl_certificates.t
@@ -25,7 +25,10 @@ select STDOUT; $| = 1;
my $t = Test::Nginx->new()->has(qw/http http_ssl socket_ssl/)
->has_daemon('openssl');
-plan(skip_all => 'no multiple certificates') if $t->has_module('BoringSSL');
+plan(skip_all => 'no multiple certificates')
+ if $t->has_module('BoringSSL');
+plan(skip_all => 'no ECDSA support')
+ if $t->has_module('OpenSSL') and not $t->has_feature('openssl:0.9.8b');
$t->write_file_expand('nginx.conf', <<'EOF');
More information about the nginx-devel
mailing list