aboutsummaryrefslogtreecommitdiffstats
path: root/test/openssl/test_ssl.rb
diff options
context:
space:
mode:
Diffstat (limited to 'test/openssl/test_ssl.rb')
-rw-r--r--test/openssl/test_ssl.rb30
1 files changed, 30 insertions, 0 deletions
diff --git a/test/openssl/test_ssl.rb b/test/openssl/test_ssl.rb
index 58a1990dc4..5644d5db08 100644
--- a/test/openssl/test_ssl.rb
+++ b/test/openssl/test_ssl.rb
@@ -1206,6 +1206,36 @@ end
end
end
+ def test_set_elliptic_curves
+ return unless OpenSSL::SSL::SSLSocket.method_defined?(:tmp_key) and
+ OpenSSL::SSL::SSLContext.method_defined?(:set_elliptic_curves)
+ sock1, sock2 = socketpair
+
+ ctx1 = OpenSSL::SSL::SSLContext.new
+ ctx1.ciphers = "AECDH-AES256-SHA"
+ ctx1.security_level = 0
+ s1 = OpenSSL::SSL::SSLSocket.new(sock1, ctx1)
+
+ ctx2 = OpenSSL::SSL::SSLContext.new
+ ctx2.ciphers = "AECDH-AES256-SHA"
+ ctx2.security_level = 0
+ ctx2.set_elliptic_curves("P-521")
+ s2 = OpenSSL::SSL::SSLSocket.new(sock2, ctx2)
+
+ th = Thread.new { s1.connect }
+ s2.accept
+
+ assert s2.cipher[0].start_with?("AECDH"), "AECDH should be used"
+ # TODO: how to detect what curve was used?
+ # test that the curve is secp521r1
+ ensure
+ th.join if th
+ s1.close if s1
+ s2.close if s2
+ sock1.close if sock1
+ sock2.close if sock2
+ end
+
private
def start_server_version(version, ctx_proc=nil, server_proc=nil, &blk)
generated by cgit v1.2.3 (git 2.39.1) at 2024-04-30 03:25:22 +0000