From dbc6268f68e50b2e49d7c5b1157b4f6bcea5d6f9 Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Thu, 13 Jun 2019 11:06:12 +0100 Subject: Allow TLSv1.3 in a no-ec build Now that we have TLSv1.3 FFDHE support there is no reason why we should not allow TLSv1.3 to be used in a no-ec build. This commit enables that to happen. It also fixes no-ec which was previously broken. Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/9156) --- test/recipes/70-test_tls13cookie.t | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) (limited to 'test/recipes/70-test_tls13cookie.t') diff --git a/test/recipes/70-test_tls13cookie.t b/test/recipes/70-test_tls13cookie.t index 3f324e3a01..aef2cf8848 100644 --- a/test/recipes/70-test_tls13cookie.t +++ b/test/recipes/70-test_tls13cookie.t @@ -46,17 +46,27 @@ my $testtype; #Test 1: Inserting a cookie into an HRR should see it echoed in the ClientHello $testtype = COOKIE_ONLY; $proxy->filter(\&cookie_filter); -$proxy->serverflags("-curves X25519"); +$proxy->serverflags("-curves X25519") if !disabled("ec"); $proxy->start() or plan skip_all => "Unable to start up Proxy for tests"; plan tests => 2; -ok(TLSProxy::Message->success() && $cookieseen == 1, "Cookie seen"); +SKIP: { + skip "EC disabled", 1, if disabled("ec"); + ok(TLSProxy::Message->success() && $cookieseen == 1, "Cookie seen"); +} + + #Test 2: Same as test 1 but should also work where a new key_share is also # required $testtype = COOKIE_AND_KEY_SHARE; $proxy->clear(); -$proxy->clientflags("-curves P-256:X25519"); -$proxy->serverflags("-curves X25519"); +if (disabled("ec")) { + $proxy->clientflags("-curves ffdhe3072:ffdhe2048"); + $proxy->serverflags("-curves ffdhe2048"); +} else { + $proxy->clientflags("-curves P-256:X25519"); + $proxy->serverflags("-curves X25519"); +} $proxy->start(); ok(TLSProxy::Message->success() && $cookieseen == 1, "Cookie seen"); -- cgit v1.2.3