wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix no-dh builds

Browse source 
One of the new tests uses a DH based ciphersuite. That test should be
disabled if DH is disabled.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2217)
This commit is contained in:
Matt Caswell 2017-01-12 09:48:38 +00:00
parent e3bc1305ec
commit 928933f92f
1 changed files with 13 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
test/recipes/70-test_sslsignature.t
View file

@ -93,14 +93,19 @@ SKIP: {
$proxy->start();
ok(TLSProxy::Message->fail, "Corrupt <=TLSv1.2 CertVerify");
#Test 4: Corrupting a ServerKeyExchange signature in <=TLSv1.2 should fail
$proxy->clear();
$testtype = CORRUPT_TLS1_2_SERVER_KEY_EXCHANGE;
$proxy->clientflags("-no_tls1_3");
$proxy->cipherc('DHE-RSA-AES128-SHA');
$proxy->ciphers('DHE-RSA-AES128-SHA');
$proxy->start();
ok(TLSProxy::Message->fail, "Corrupt <=TLSv1.2 ServerKeyExchange");
SKIP: {
skip "DH disabled", 1 if disabled("dh");
#Test 4: Corrupting a ServerKeyExchange signature in <=TLSv1.2 should
#fail
$proxy->clear();
$testtype = CORRUPT_TLS1_2_SERVER_KEY_EXCHANGE;
$proxy->clientflags("-no_tls1_3");
$proxy->cipherc('DHE-RSA-AES128-SHA');
$proxy->ciphers('DHE-RSA-AES128-SHA');
$proxy->start();
ok(TLSProxy::Message->fail, "Corrupt <=TLSv1.2 ServerKeyExchange");
}
}
sub signature_filter