[PATCH 04 of 20] Tests: LibreSSL and BoringSSL session reuse with TLSv1.3 in mail

Maxim Dounin mdounin at mdounin.ru
Sat Mar 18 14:14:59 UTC 2023


# HG changeset patch
# User Maxim Dounin <mdounin at mdounin.ru>
# Date 1679107858 -10800
#      Sat Mar 18 05:50:58 2023 +0300
# Node ID 3ab3b2d1c2e67bc1f05e386218ceb08da873a477
# Parent  97b09b6633f69747c0d6ef13c76739bdd6b7f3bb
Tests: LibreSSL and BoringSSL session reuse with TLSv1.3 in mail.

LibreSSL does not support session reuse with TLSv1.3 at all.  BoringSSL
with TLSv1.3 only supports session tickets, but not server-side session
cache.

diff --git a/mail_ssl_session_reuse.t b/mail_ssl_session_reuse.t
--- a/mail_ssl_session_reuse.t
+++ b/mail_ssl_session_reuse.t
@@ -144,16 +144,34 @@ my ($ssl, $ses);
 # - only cache none
 # - only cache off
 
+TODO: {
+local $TODO = 'no TLSv1.3 sessions in LibreSSL'
+	if $t->has_module('LibreSSL') && test_tls13();
+
 is(test_reuse(8993), 1, 'tickets reused');
 is(test_reuse(8994), 1, 'tickets and cache reused');
+
+TODO: {
+local $TODO = 'no TLSv1.3 session cache in BoringSSL'
+	if $t->has_module('BoringSSL') && test_tls13();
+
 is(test_reuse(8995), 1, 'cache shared reused');
 is(test_reuse(8996), 1, 'cache builtin reused');
 is(test_reuse(8997), 1, 'cache builtin size reused');
+
+}
+}
+
 is(test_reuse(8998), 0, 'cache none not reused');
 is(test_reuse(8999), 0, 'cache off not reused');
 
 ###############################################################################
 
+sub test_tls13 {
+	my ($s, $ssl) = get_ssl_socket(8993);
+	return (Net::SSLeay::version($ssl) > 0x303);
+}
+
 sub test_reuse {
 	my ($port) = @_;
 	my ($s, $ssl) = get_ssl_socket($port);


More information about the nginx-devel mailing list