aboutsummaryrefslogtreecommitdiffstats
path: root/test/openssl/test_pair.rb
diff options
context:
space:
mode:
Diffstat (limited to 'test/openssl/test_pair.rb')
-rw-r--r--test/openssl/test_pair.rb18
1 files changed, 6 insertions, 12 deletions
diff --git a/test/openssl/test_pair.rb b/test/openssl/test_pair.rb
index eafaee2503..5279f6010f 100644
--- a/test/openssl/test_pair.rb
+++ b/test/openssl/test_pair.rb
@@ -380,24 +380,17 @@ module OpenSSL::TestPairM
accepted.close if accepted.respond_to?(:close)
end
- def test_ecdh_callback
- if OpenSSL::OPENSSL_VERSION_NUMBER >= 0x10100000
- skip "OpenSSL 1.1.0 removed SSL_CTX_set_tmp_ecdh_callback()"
- end
- called = false
+ def test_set_elliptic_curves
ctx2 = OpenSSL::SSL::SSLContext.new
- ctx2.ciphers = "ECDH"
+ ctx2.ciphers = "ECDH:DH"
ctx2.security_level = 0
- ctx2.tmp_ecdh_callback = ->(*args) {
- called = true
- OpenSSL::PKey::EC.new "prime256v1"
- }
+ ctx2.set_elliptic_curves("P-384")
sock1, sock2 = tcp_pair
s2 = OpenSSL::SSL::SSLSocket.new(sock2, ctx2)
ctx1 = OpenSSL::SSL::SSLContext.new
- ctx1.ciphers = "ECDH"
+ ctx1.ciphers = "ECDH:DH"
ctx1.security_level = 0
s1 = OpenSSL::SSL::SSLSocket.new(sock1, ctx1)
@@ -415,7 +408,8 @@ module OpenSSL::TestPairM
accepted = s2.accept
- assert called, 'ecdh callback should be called'
+ assert accepted.cipher[0].start_with?("AECDH"), "AECDH should be used"
+ # TODO: how to detect what curve was used?
rescue OpenSSL::SSL::SSLError => e
if e.message =~ /no cipher match/
skip "ECDH cipher not supported."
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-07 10:01:31 +0000