Suppress some BoringSSL test failures

The external BoringSSL tests had some failures as a result of
the extensions refactor. This was due to a deliberate relaxation
of the duplicate extensions checking code. We now only check
known extensions for duplicates. Unknown extensions are ignored.
This is allowed behaviour, so we suppress those BoringSSL tests.

Perl changes reviewed by Richard Levitte. Non-perl changes reviewed by Rich
Salz

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>

diff --git a/test/ossl_shim/ossl_config.json b/test/ossl_shim/ossl_config.json
index 690dc6683f7b48bc5744c2aada14b1f1f363b062..c4a42541354453c4930c26c847dc5625343b3e3b 100644 (file)
--- a/test/ossl_shim/ossl_config.json
+++ b/test/ossl_shim/ossl_config.json
@@ -2,6 +2,12 @@
 {
     "DisabledTests" : {
             "*TLS13*":"No TLS1.3 support yet",
+            "DuplicateExtensionClient-TLS1":"OpenSSL, by design, only checks for duplicates of known extensions and ignores others",
+            "DuplicateExtensionServer-TLS1":"OpenSSL, by design, only checks for duplicates of known extensions and ignores others",
+            "DuplicateExtensionClient-TLS11":"OpenSSL, by design, only checks for duplicates of known extensions and ignores others",
+            "DuplicateExtensionServer-TLS11":"OpenSSL, by design, only checks for duplicates of known extensions and ignores others",
+            "DuplicateExtensionServer-TLS12":"OpenSSL, by design, only checks for duplicates of known extensions and ignores others",
+            "DuplicateExtensionClient-TLS12":"OpenSSL, by design, only checks for duplicates of known extensions and ignores others",
             "UnauthenticatedECDH":"Test failure - reason unknown",
             "SkipServerKeyExchange":"Test failure - reason unknown",
             "FragmentAlert-DTLS":"Test failure - reason unknown",