From 8f91dc712ad66a41edcfb8e5f55193d8de370c66 Mon Sep 17 00:00:00 2001
From: Kazuki Yamaguchi <k@rhe.jp>
Date: Mon, 17 Feb 2020 08:14:47 +0000
Subject: [ruby/openssl] test/openssl/test_ssl: skip test_fallback_scsv if
 necessary

Run the test case only when the OpenSSL supports both TLS 1.1 and TLS
1.2. Note that the fallback SCSV mechanism is for TLS 1.2 or older and
not for 1.3.

Fixes: https://github.com/ruby/openssl/issues/336

https://github.com/ruby/openssl/commit/6f2e6d7cf7
---
 test/openssl/test_ssl.rb | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/test/openssl/test_ssl.rb b/test/openssl/test_ssl.rb
index c938ec49ee..ee468ad96c 100644
--- a/test/openssl/test_ssl.rb
+++ b/test/openssl/test_ssl.rb
@@ -1420,6 +1420,10 @@ end
   end
 
   def test_fallback_scsv
+    supported = check_supported_protocol_versions
+    return unless supported.include?(OpenSSL::SSL::TLS1_1_VERSION) &&
+      supported.include?(OpenSSL::SSL::TLS1_2_VERSION)
+
     pend "Fallback SCSV is not supported" unless \
       OpenSSL::SSL::SSLContext.method_defined?(:enable_fallback_scsv)
     pend "This test seems to fail on OpenSSL 1.1.1d or later" if OpenSSL::OPENSSL_VERSION_NUMBER >= 0x10101040
-- 
cgit v1.2.3