Revision 4264ecd4cebf7cee4bd437f1739e9f4297ae5b70 authored by Matt Caswell on 01 May 2020, 08:17:40 UTC, committed by Matt Caswell on 06 May 2020, 10:49:59 UTC
We were not correctly detecting whether TLSv1.3 ciphersuites could actually be supported by the available provider implementations. For example a FIPS client would still offer CHACHA20-POLY1305 based ciphersuites even though it couldn't actually use them. Similarly on the server would try to use CHACHA20-POLY1305 and then fail the handshake. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/11700)
1 parent 15dd075
95-test_external_krb5.t
#! /usr/bin/env perl
# Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the Apache License 2.0 (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html
use OpenSSL::Test;
use OpenSSL::Test::Utils;
use OpenSSL::Test qw/:DEFAULT data_file srctop_file bldtop_dir/;
use Cwd qw(abs_path);
setup("test_external_krb5");
plan skip_all => "No external tests in this configuration"
if disabled("external-tests");
plan skip_all => "krb5 not available"
if ! -f srctop_file("krb5", "README");
plan tests => 1;
$ENV{OPENSSL_MODULES} = abs_path(bldtop_dir("providers"));
$ENV{OPENSSL_CONF} = abs_path(srctop_file("test", "default-and-legacy.cnf"));
ok(run(cmd([data_file("krb5.sh")])), "running krb5 tests");
Computing file changes ...
