[PATCH] Tests: stick ssl_sni_reneg.t with TLSv1.2
Maxim Dounin
mdounin at mdounin.ru
Sat Apr 8 21:05:48 UTC 2023
Hello!
On Fri, Apr 07, 2023 at 07:05:09PM +0400, Sergey Kandaurov wrote:
> # HG changeset patch
> # User Sergey Kandaurov <pluknet at nginx.com>
> # Date 1680879680 -14400
> # Fri Apr 07 19:01:20 2023 +0400
> # Node ID f1f9fe0d4d7e2cda34cfb85721e4888f5991df49
> # Parent 1197c152215b640aef0bdd3c3072f686298347b3
> Tests: stick ssl_sni_reneg.t with TLSv1.2.
>
> To make it run after enabling TLSv1.3 by default in nginx 1.23.4.
>
> diff --git a/ssl_sni_reneg.t b/ssl_sni_reneg.t
> --- a/ssl_sni_reneg.t
> +++ b/ssl_sni_reneg.t
> @@ -55,6 +55,7 @@ http {
>
> ssl_certificate_key localhost.key;
> ssl_certificate localhost.crt;
> + ssl_protocols TLSv1.2;
>
> server {
> listen 127.0.0.1:8080 ssl;
> @@ -93,13 +94,6 @@ foreach my $name ('localhost') {
> }
>
> $t->run();
> -
> -{
> - my (undef, $ssl) = get_ssl_socket(8080);
> - plan(skip_all => "TLS 1.3 forbids renegotiation")
> - if Net::SSLeay::version($ssl) > 0x0303;
> -}
> -
> $t->plan(8);
>
> ###############################################################################
Looks good.
--
Maxim Dounin
http://mdounin.ru/
More information about the nginx-devel
mailing list