From e37e0bfa989bccf219e82ad7a73d415a8b7add80 Mon Sep 17 00:00:00 2001
From: Yusuke Endoh <mame@ruby-lang.org>
Date: Sun, 16 Feb 2020 20:48:40 +0900
Subject: test/openssl/test_ssl.rb: skip a test on OpenSSL 1.1.d or later

It fails due to "error:140AB18F:SSL routines:SSL_CTX_use_certificate:ee
key too small".  This is a tentative measurement to avoid the failure.

https://rubyci.org/logs/rubyci.s3.amazonaws.com/debian/ruby-master/log/20200216T093010Z.fail.html.gz

test/openssl/fixture/chain/server.key should be longer.
It should be documented how to create the files.
BTW, it would be a good idea to dynamically create a key during test
instead of fixed files.
---
 test/openssl/test_ssl.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'test/openssl')

diff --git a/test/openssl/test_ssl.rb b/test/openssl/test_ssl.rb
index eb5b77be02..4ce677fe80 100644
--- a/test/openssl/test_ssl.rb
+++ b/test/openssl/test_ssl.rb
@@ -188,7 +188,7 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase
   def test_add_certificate_chain_file
     ctx = OpenSSL::SSL::SSLContext.new
     assert ctx.add_certificate_chain_file(Fixtures.file_path("chain", "server.crt"))
-  end
+  end if OpenSSL::OPENSSL_VERSION_NUMBER < 0x10101040 # XXX: The current server.crt seems too short for OpenSSL 1.1.1d or later
 
   def test_sysread_and_syswrite
     start_server { |port|
-- 
cgit v1.2.3