diff options
author | Tomas Mraz <tomas@openssl.org> | 2021-04-21 08:29:28 +0200 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2021-04-22 17:48:07 +0200 |
commit | 64c609e71ef1f0c759dfdf65719e650d04dd5f29 (patch) | |
tree | e21ac8a6097ce1a6e08b43697151d1a5623cd042 /test | |
parent | bf6aeeb481f97e2b7088f151546b9957eaaf44ef (diff) |
test_sslextension: skip tests that cannot work with no-tls1_2
Fixes runchecker failure of no-tls1_2 build.
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14955)
Diffstat (limited to 'test')
-rw-r--r-- | test/recipes/70-test_sslextension.t | 42 |
1 files changed, 22 insertions, 20 deletions
diff --git a/test/recipes/70-test_sslextension.t b/test/recipes/70-test_sslextension.t index 451ffa671f..c1893b8f06 100644 --- a/test/recipes/70-test_sslextension.t +++ b/test/recipes/70-test_sslextension.t @@ -194,15 +194,15 @@ $proxy->start() or plan skip_all => "Unable to start up Proxy for tests"; plan tests => 8; ok($fatal_alert, "Duplicate ClientHello extension"); -$fatal_alert = 0; -$proxy->clear(); -$proxy->filter(\&inject_duplicate_extension_serverhello); -$proxy->clientflags("-no_tls1_3"); -$proxy->start(); -ok($fatal_alert, "Duplicate ServerHello extension"); - SKIP: { - skip "TLS <= 1.2 disabled", 2 if $no_below_tls13; + skip "TLS <= 1.2 disabled", 4 if $no_below_tls13; + + $fatal_alert = 0; + $proxy->clear(); + $proxy->filter(\&inject_duplicate_extension_serverhello); + $proxy->clientflags("-no_tls1_3"); + $proxy->start(); + ok($fatal_alert, "Duplicate ServerHello extension"); #Test 3: Sending a zero length extension block should pass $proxy->clear(); @@ -220,11 +220,21 @@ SKIP: { $proxy->clientflags("-no_tls1_3 -noservername"); $proxy->start(); ok($fatal_alert, "Unsolicited server name extension"); + + #Test 5: Send the cryptopro extension in a ClientHello. Normally this is an + # unsolicited extension only ever seen in the ServerHello. We should + # ignore it in a ClientHello + $proxy->clear(); + $proxy->filter(\&inject_cryptopro_extension); + $proxy->clientflags("-no_tls1_3"); + $proxy->start(); + ok(TLSProxy::Message->success(), "Cryptopro extension in ClientHello"); } + SKIP: { skip "TLS <= 1.2 disabled or EC disabled", 1 if $no_below_tls13 || disabled("ec"); - #Test 5: Inject a noncompliant supported_groups extension (<= TLSv1.2) + #Test 6: Inject a noncompliant supported_groups extension (<= TLSv1.2) $proxy->clear(); $proxy->filter(\&inject_unsolicited_extension); $testtype = NONCOMPLIANT_SUPPORTED_GROUPS; @@ -236,9 +246,10 @@ SKIP: { SKIP: { skip "TLS <= 1.2 or CT disabled", 1 if $no_below_tls13 || disabled("ct"); - #Test 6: Same as above for the SCT extension which has special handling + #Test 7: Same as above for the SCT extension which has special handling $fatal_alert = 0; $proxy->clear(); + $proxy->filter(\&inject_unsolicited_extension); $testtype = UNSOLICITED_SCT; $proxy->clientflags("-no_tls1_3"); $proxy->start(); @@ -248,7 +259,7 @@ SKIP: { SKIP: { skip "TLS 1.3 disabled", 1 if disabled("tls1_3") || (disabled("ec") && disabled("dh")); - #Test 7: Inject an unsolicited extension (TLSv1.3) + #Test 8: Inject an unsolicited extension (TLSv1.3) $fatal_alert = 0; $proxy->clear(); $proxy->filter(\&inject_unsolicited_extension); @@ -257,12 +268,3 @@ SKIP: { $proxy->start(); ok($fatal_alert, "Unsolicited server name extension (TLSv1.3)"); } - -#Test 8: Send the cryptopro extension in a ClientHello. Normally this is an -# unsolicited extension only ever seen in the ServerHello. We should -# ignore it in a ClientHello -$proxy->clear(); -$proxy->filter(\&inject_cryptopro_extension); -$proxy->clientflags("-no_tls1_3"); -$proxy->start(); -ok(TLSProxy::Message->success(), "Cryptopro extension in ClientHello"); |