diff options
author | Kazuki Yamaguchi <k@rhe.jp> | 2022-10-17 17:33:37 +0900 |
---|---|---|
committer | Kazuki Yamaguchi <k@rhe.jp> | 2022-12-23 03:45:52 +0900 |
commit | 289f6e0e1f232d5e4bfc7ec4a3fac5636ab284a3 (patch) | |
tree | 49db29beddb83e33b3a7e694c3093e1cf73a9bc0 /test | |
parent | 935698e9f913c3743c7f2c36c283a93a1b405bb5 (diff) | |
download | ruby-openssl-289f6e0e1f232d5e4bfc7ec4a3fac5636ab284a3.tar.gz |
ssl: disable NPN support on LibreSSLky/libressl-3.7.0
As noted in commit a2ed156cc9f1 ("test/test_ssl: do not run NPN tests
for LibreSSL >= 2.6.1", 2017-08-13), NPN is known not to work properly
on LibreSSL.
Disable NPN support on LibreSSL, whether OPENSSL_NO_NEXTPROTONEG is
defined or not.
NPN is less relevant today anyway. Let's also silence test suite when
it's not available.
Diffstat (limited to 'test')
-rw-r--r-- | test/openssl/test_ssl.rb | 20 |
1 files changed, 5 insertions, 15 deletions
diff --git a/test/openssl/test_ssl.rb b/test/openssl/test_ssl.rb index 945cc7c4..1fa2e691 100644 --- a/test/openssl/test_ssl.rb +++ b/test/openssl/test_ssl.rb @@ -1379,9 +1379,7 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase end def test_npn_protocol_selection_ary - pend "NPN is not supported" unless \ - OpenSSL::SSL::SSLContext.method_defined?(:npn_select_cb) - pend "LibreSSL 2.6 has broken NPN functions" if libressl?(2, 6, 1) + return unless OpenSSL::SSL::SSLContext.method_defined?(:npn_select_cb) advertised = ["http/1.1", "spdy/2"] ctx_proc = proc { |ctx| ctx.npn_protocols = advertised } @@ -1399,9 +1397,7 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase end def test_npn_protocol_selection_enum - pend "NPN is not supported" unless \ - OpenSSL::SSL::SSLContext.method_defined?(:npn_select_cb) - pend "LibreSSL 2.6 has broken NPN functions" if libressl?(2, 6, 1) + return unless OpenSSL::SSL::SSLContext.method_defined?(:npn_select_cb) advertised = Object.new def advertised.each @@ -1423,9 +1419,7 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase end def test_npn_protocol_selection_cancel - pend "NPN is not supported" unless \ - OpenSSL::SSL::SSLContext.method_defined?(:npn_select_cb) - pend "LibreSSL 2.6 has broken NPN functions" if libressl?(2, 6, 1) + return unless OpenSSL::SSL::SSLContext.method_defined?(:npn_select_cb) ctx_proc = Proc.new { |ctx| ctx.npn_protocols = ["http/1.1"] } start_server_version(:TLSv1_2, ctx_proc) { |port| @@ -1436,9 +1430,7 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase end def test_npn_advertised_protocol_too_long - pend "NPN is not supported" unless \ - OpenSSL::SSL::SSLContext.method_defined?(:npn_select_cb) - pend "LibreSSL 2.6 has broken NPN functions" if libressl?(2, 6, 1) + return unless OpenSSL::SSL::SSLContext.method_defined?(:npn_select_cb) ctx_proc = Proc.new { |ctx| ctx.npn_protocols = ["a" * 256] } start_server_version(:TLSv1_2, ctx_proc) { |port| @@ -1449,9 +1441,7 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase end def test_npn_selected_protocol_too_long - pend "NPN is not supported" unless \ - OpenSSL::SSL::SSLContext.method_defined?(:npn_select_cb) - pend "LibreSSL 2.6 has broken NPN functions" if libressl?(2, 6, 1) + return unless OpenSSL::SSL::SSLContext.method_defined?(:npn_select_cb) ctx_proc = Proc.new { |ctx| ctx.npn_protocols = ["http/1.1"] } start_server_version(:TLSv1_2, ctx_proc) { |port| |