summaryrefslogtreecommitdiff
path: root/test/openssl/utils.rb
diff options
context:
space:
mode:
authorKazuki Yamaguchi <k@rhe.jp>2021-02-25 17:28:23 +0900
committerKazuki Yamaguchi <k@rhe.jp>2021-03-16 19:37:06 +0900
commita3f97007bbd1012a4b7662b8166118b81b52527a (patch)
tree4a823205701e927c4650c6ca6de5127de8e35a10 /test/openssl/utils.rb
parent1eb6d8aa63d7ada403adb0db12382d264dea5521 (diff)
[ruby/openssl] test: adjust test cases for LibreSSL 3.2.4
LibreSSL 3.2.4 made the certificate verification logic back closer to pre-3.2.2 one, which is more compatible with OpenSSL. Part of the fixes added by commit a0e98d48c91f ("Enhance TLS 1.3 support on LibreSSL 3.2/3.3", 2020-12-03) is required for 3.2.2 and 3.2.3 only (and ~3.3.1, however 3.3 does not have a stable release yet). Since both releases are security fix, it should be safe to remove those special treatment from our test suite. While we are at it, TestSSL#test_ecdh_curves is split into TLS 1.2 and TLS 1.3 variants for clarity. https://github.com/ruby/openssl/commit/a9954bac22
Notes
Notes: Merged: https://github.com/ruby/ruby/pull/4275
Diffstat (limited to 'test/openssl/utils.rb')
-rw-r--r--test/openssl/utils.rb8
1 files changed, 8 insertions, 0 deletions
diff --git a/test/openssl/utils.rb b/test/openssl/utils.rb
index c1d737b2ab1..8ee0116412e 100644
--- a/test/openssl/utils.rb
+++ b/test/openssl/utils.rb
@@ -196,6 +196,14 @@ class OpenSSL::SSLTestCase < OpenSSL::TestCase
rescue
end
+ def tls13_supported?
+ return false unless defined?(OpenSSL::SSL::TLS1_3_VERSION)
+ ctx = OpenSSL::SSL::SSLContext.new
+ ctx.min_version = ctx.max_version = OpenSSL::SSL::TLS1_3_VERSION
+ true
+ rescue
+ end
+
def readwrite_loop(ctx, ssl)
while line = ssl.gets
ssl.write(line)