59 lines
2.5 KiB
Diff
59 lines
2.5 KiB
Diff
From 752caaf33bf5a752bf2926aa32a1f8851a023fbf Mon Sep 17 00:00:00 2001
|
|
From: Apollon Oikonomopoulos <apoikos@debian.org>
|
|
Date: Fri, 14 Sep 2018 16:44:34 +0300
|
|
Subject: [PATCH] Tests: force TLSv1.2 on s_client invocations
|
|
|
|
The tests are not ready (yet) to handle TLSv1.3 support in OpenSSL, so
|
|
make s_client use TLSv1.2 explicitly.
|
|
|
|
Note that we could pass -no_tls1_3 instead, but this would break with
|
|
older (pre-1.1.1) OpenSSL versions.
|
|
---
|
|
t/40memcached-session-resumption.t | 2 +-
|
|
t/40session-ticket.t | 2 +-
|
|
t/40ssl-cipher-suite.t | 2 +-
|
|
3 files changed, 3 insertions(+), 3 deletions(-)
|
|
|
|
diff --git a/t/40memcached-session-resumption.t b/t/40memcached-session-resumption.t
|
|
index 129affbe..6774bece 100644
|
|
--- a/t/40memcached-session-resumption.t
|
|
+++ b/t/40memcached-session-resumption.t
|
|
@@ -47,7 +47,7 @@ hosts:
|
|
file.dir: @{[ DOC_ROOT ]}
|
|
EOT
|
|
my $lines = do {
|
|
- open my $fh, "-|", "openssl s_client -no_ticket $opts -connect 127.0.0.1:$server->{tls_port} 2>&1 < /dev/null"
|
|
+ open my $fh, "-|", "openssl s_client -tls1_2 -no_ticket $opts -connect 127.0.0.1:$server->{tls_port} 2>&1 < /dev/null"
|
|
or die "failed to open pipe:$!";
|
|
local $/;
|
|
<$fh>;
|
|
diff --git a/t/40session-ticket.t b/t/40session-ticket.t
|
|
index 2e5d5e4a..e712ef18 100644
|
|
--- a/t/40session-ticket.t
|
|
+++ b/t/40session-ticket.t
|
|
@@ -122,7 +122,7 @@ EOT
|
|
sub test {
|
|
my $lines = do {
|
|
my $cmd_opts = (-e "$tempdir/session" ? "-sess_in $tempdir/session" : "") . " -sess_out $tempdir/session";
|
|
- open my $fh, "-|", "openssl s_client $cmd_opts -connect 127.0.0.1:$server->{tls_port} 2>&1 < /dev/null"
|
|
+ open my $fh, "-|", "openssl s_client -tls1_2 $cmd_opts -connect 127.0.0.1:$server->{tls_port} 2>&1 < /dev/null"
|
|
or die "failed to open pipe:$!";
|
|
local $/;
|
|
<$fh>;
|
|
diff --git a/t/40ssl-cipher-suite.t b/t/40ssl-cipher-suite.t
|
|
index bda71842..71bdcf53 100644
|
|
--- a/t/40ssl-cipher-suite.t
|
|
+++ b/t/40ssl-cipher-suite.t
|
|
@@ -32,7 +32,7 @@ my ($guard, $pid) = spawn_server(
|
|
);
|
|
|
|
# connect to the server with AES256-SHA as the first choice, and check that AES128-SHA was selected
|
|
-my $log = `openssl s_client -cipher AES256-SHA:AES128-SHA -host 127.0.0.1 -port $port < /dev/null 2>&1`;
|
|
+my $log = `openssl s_client -tls1_2 -cipher AES256-SHA:AES128-SHA -host 127.0.0.1 -port $port < /dev/null 2>&1`;
|
|
like $log, qr/^\s*Cipher\s*:\s*AES128-SHA\s*$/m;
|
|
|
|
done_testing;
|
|
--
|
|
2.18.0
|
|
|