[PATCH 06 of 20] Tests: LibreSSL and BoringSSL session reuse with TLSv1.3 in mail
Maxim Dounin
mdounin at mdounin.ru
Sat Mar 18 14:15:01 UTC 2023
# HG changeset patch
# User Maxim Dounin <mdounin at mdounin.ru>
# Date 1679140402 -10800
# Sat Mar 18 14:53:22 2023 +0300
# Node ID d90fe31a80d5e85b59e525e874d24f409716b64c
# Parent 530336cb449dcb028a55a5a401a122d07521e3a4
Tests: LibreSSL and BoringSSL session reuse with TLSv1.3 in mail.
LibreSSL does not support session reuse with TLSv1.3 at all. BoringSSL
with TLSv1.3 only supports session tickets, but not server-side session
cache.
diff --git a/stream_ssl_session_reuse.t b/stream_ssl_session_reuse.t
--- a/stream_ssl_session_reuse.t
+++ b/stream_ssl_session_reuse.t
@@ -147,16 +147,35 @@ my $ctx = Net::SSLeay::CTX_new() or die(
# - only cache none
# - only cache off
+TODO: {
+local $TODO = 'no TLSv1.3 sessions in LibreSSL'
+ if $t->has_module('LibreSSL') && test_tls13();
+
is(test_reuse(8443), 1, 'tickets reused');
is(test_reuse(8444), 1, 'tickets and cache reused');
+
+TODO: {
+local $TODO = 'no TLSv1.3 session cache in BoringSSL'
+ if $t->has_module('BoringSSL') && test_tls13();
+
is(test_reuse(8445), 1, 'cache shared reused');
is(test_reuse(8446), 1, 'cache builtin reused');
is(test_reuse(8447), 1, 'cache builtin size reused');
+
+}
+}
+
is(test_reuse(8448), 0, 'cache none not reused');
is(test_reuse(8449), 0, 'cache off not reused');
+
###############################################################################
+sub test_tls13 {
+ my ($s, $ssl) = get_ssl_socket(8443);
+ return (Net::SSLeay::version($ssl) > 0x303);
+}
+
sub test_reuse {
my ($port) = @_;
my ($s, $ssl) = get_ssl_socket($port);
More information about the nginx-devel
mailing list