From 928933f92fa214fb8b4f9bbcd242ad2c3d16d46f Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Thu, 12 Jan 2017 09:48:38 +0000 Subject: [PATCH] Fix no-dh builds One of the new tests uses a DH based ciphersuite. That test should be disabled if DH is disabled. Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/2217) --- test/recipes/70-test_sslsignature.t | 21 +++++++++++++-------- 1 file changed, 13 insertions(+), 8 deletions(-) diff --git a/test/recipes/70-test_sslsignature.t b/test/recipes/70-test_sslsignature.t index 732e17eb6f..7892823406 100755 --- a/test/recipes/70-test_sslsignature.t +++ b/test/recipes/70-test_sslsignature.t @@ -93,14 +93,19 @@ SKIP: { $proxy->start(); ok(TLSProxy::Message->fail, "Corrupt <=TLSv1.2 CertVerify"); - #Test 4: Corrupting a ServerKeyExchange signature in <=TLSv1.2 should fail - $proxy->clear(); - $testtype = CORRUPT_TLS1_2_SERVER_KEY_EXCHANGE; - $proxy->clientflags("-no_tls1_3"); - $proxy->cipherc('DHE-RSA-AES128-SHA'); - $proxy->ciphers('DHE-RSA-AES128-SHA'); - $proxy->start(); - ok(TLSProxy::Message->fail, "Corrupt <=TLSv1.2 ServerKeyExchange"); + SKIP: { + skip "DH disabled", 1 if disabled("dh"); + + #Test 4: Corrupting a ServerKeyExchange signature in <=TLSv1.2 should + #fail + $proxy->clear(); + $testtype = CORRUPT_TLS1_2_SERVER_KEY_EXCHANGE; + $proxy->clientflags("-no_tls1_3"); + $proxy->cipherc('DHE-RSA-AES128-SHA'); + $proxy->ciphers('DHE-RSA-AES128-SHA'); + $proxy->start(); + ok(TLSProxy::Message->fail, "Corrupt <=TLSv1.2 ServerKeyExchange"); + } } sub signature_filter -- 2.25.1