Extend ServerKeyExchange parsing to work with a signature

Previously SKE in TLSProxy only knew about one anonymous ciphersuite so there was never a signature. Extend that to include a ciphersuite that is not anonymous. This also fixes a bug where the existing SKE processing was checking against the wrong anon ciphersuite value. This has a knock on impact on the sslskewith0p test. The bug meant the test was working...but entirely by accident! Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2157)
author: Matt Caswell <matt@openssl.org> 2017-01-05 12:32:06 +0000
committer: Matt Caswell <matt@openssl.org> 2017-01-10 23:02:50 +0000
commit: 79d8c167857d1c776a6fbdb2aff166a126cab03e (patch)
tree: d766256c0022c8462304b8bef8755140073d23ba /test
parent: adb403dea90cd3e2fb028bb16d44364a7b5d75d1 (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/test/recipes/70-test_sslskewith0p.t b/test/recipes/70-test_sslskewith0p.t
index bfdee8b739..dc3d9d9165 100755
--- a/test/recipes/70-test_sslskewith0p.t
+++ b/test/recipes/70-test_sslskewith0p.t
@@ -41,6 +41,7 @@ my $proxy = TLSProxy::Proxy->new(
 $proxy->cipherc('ADH-AES128-SHA:@SECLEVEL=0');
 $proxy->ciphers('ADH-AES128-SHA:@SECLEVEL=0');
 
+$proxy->clientflags("-no_tls1_3");
 $proxy->start() or plan skip_all => "Unable to start up Proxy for tests";
 plan tests => 1;
 ok(TLSProxy::Message->fail, "ServerKeyExchange with 0 p");
author	Matt Caswell <matt@openssl.org>	2017-01-05 12:32:06 +0000
committer	Matt Caswell <matt@openssl.org>	2017-01-10 23:02:50 +0000
commit	79d8c167857d1c776a6fbdb2aff166a126cab03e (patch)
tree	d766256c0022c8462304b8bef8755140073d23ba /test
parent	adb403dea90cd3e2fb028bb16d44364a7b5d75d1 (diff)