Revision 4264ecd4cebf7cee4bd437f1739e9f4297ae5b70 authored by Matt Caswell on 01 May 2020, 08:17:40 UTC, committed by Matt Caswell on 06 May 2020, 10:49:59 UTC
We were not correctly detecting whether TLSv1.3 ciphersuites could actually be supported by the available provider implementations. For example a FIPS client would still offer CHACHA20-POLY1305 based ciphersuites even though it couldn't actually use them. Similarly on the server would try to use CHACHA20-POLY1305 and then fail the handshake. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/11700)
1 parent 15dd075
70-test_servername.t
#! /usr/bin/env perl
# Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 2017 BaishanCloud. All rights reserved.
#
# Licensed under the Apache License 2.0 (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html
use strict;
use warnings;
use OpenSSL::Test::Simple;
use OpenSSL::Test qw/:DEFAULT srctop_file/;
use OpenSSL::Test::Utils qw(alldisabled available_protocols);
setup("test_servername");
plan skip_all => "No TLS/SSL protocols are supported by this OpenSSL build"
if alldisabled(grep { $_ ne "ssl3" } available_protocols("tls"));
plan tests => 1;
ok(run(test(["servername_test", srctop_file("apps", "server.pem"),
srctop_file("apps", "server.pem")])),
"running servername_test");
Computing file changes ...
