[PATCH 4 of 5] Tests: fixed ssl_certificates.t with LibreSSL client

[Maxim Dounin]

# HG changeset patch
# User Maxim Dounin <mdounin at mdounin.ru>
# Date 1752891917 -10800
#      Sat Jul 19 05:25:17 2025 +0300
# Node ID 05796ad34858cbaaa6d63b405d873be6df9d0c08
# Parent  0f089661084dfb37a525fb33221dab288985be6e
Tests: fixed ssl_certificates.t with LibreSSL client.

When Net::SSLeay is built with LibreSSL, it is not possible to control
signature algorithms sent to the server, which results in incorrect
certificate selection with TLSv1.3.  Notably, with LibreSSL on server
an ECDSA certificate is always used, and with OpenSSL an RSA certificate.

Following 2005:00307a7f3cad, TODO in a test expecting an RSA certificate is
no longer used for LibreSSL 4.0.0 and above.  This works with OpenSSL on
the server, but breaks when LibreSSL is used on the server.

Fix is to mark the test as TODO when LibreSSL (any version) is used both
on the server and by the Net::SSLeay library.

diff --git a/ssl_certificates.t b/ssl_certificates.t
--- a/ssl_certificates.t
+++ b/ssl_certificates.t
@@ -99,6 +99,10 @@ local $TODO = 'broken TLSv1.3 sigalgs in
 	if $t->has_module('LibreSSL')
 	&& !$t->has_feature('libressl:4.0.0')
 	&& test_tls13();
+local $TODO = 'no TLSv1.3 sigalgs in Net::SSLeay (LibreSSL)'
+	if Net::SSLeay::constant("LIBRESSL_VERSION_NUMBER")
+	&& $t->has_module('LibreSSL')
+	&& test_tls13();
 
 like(cert('RSA'), qr/CN=rsa/, 'ssl cert RSA');