test/openssl/test_ssl: allow kRSA tests to failky/ssl-test-fixups

Non-forward-secrecy cipher suites may be disabled when OpenSSL's security level is set to 3 or higher.
author: Kazuki Yamaguchi <k@rhe.jp> 2020-02-19 08:37:24 +0000
committer: Kazuki Yamaguchi <k@rhe.jp> 2020-02-19 08:37:24 +0000
commit: 3a68ea4519235bbf1a5b1583b6c447c4d8ed02cf (patch)
tree: 04f40f2ed33edb6d20b366645a0fd8567ace80cf
parent: d099986cdecac2f19d3d3ffc9d902318fbd03d5c (diff)
download: ruby-openssl-ky/ssl-test-fixups.tar.gz
1 files changed, 7 insertions, 2 deletions
diff --git a/test/openssl/test_ssl.rb b/test/openssl/test_ssl.rb
index fb42aa76..d31ccacc 100644
--- a/test/openssl/test_ssl.rb
+++ b/test/openssl/test_ssl.rb
@@ -1369,11 +1369,16 @@ end
         ctx.ssl_version = :TLSv1_2
         ctx.ciphers = "kRSA"
       }
-      start_server(ctx_proc: ctx_proc1) do |port|
+      start_server(ctx_proc: ctx_proc1, ignore_listener_error: true) do |port|
         ctx = OpenSSL::SSL::SSLContext.new
         ctx.ssl_version = :TLSv1_2
         ctx.ciphers = "kRSA"
-        server_connect(port, ctx) { |ssl| assert_nil ssl.tmp_key }
+        begin
+          server_connect(port, ctx) { |ssl| assert_nil ssl.tmp_key }
+        rescue OpenSSL::SSL::SSLError
+          # kRSA seems disabled
+          raise unless $!.message =~ /no cipher/
+        end
       end
     end
author	Kazuki Yamaguchi <k@rhe.jp>	2020-02-19 08:37:24 +0000
committer	Kazuki Yamaguchi <k@rhe.jp>	2020-02-19 08:37:24 +0000
commit	3a68ea4519235bbf1a5b1583b6c447c4d8ed02cf (patch)
tree	04f40f2ed33edb6d20b366645a0fd8567ace80cf
parent	d099986cdecac2f19d3d3ffc9d902318fbd03d5c (diff)
download	ruby-openssl-ky/ssl-test-fixups.tar.gz