svn commit: r1844837 - in /serf/trunk/test/MockHTTPinC: MockHTTP.h MockHTTP_server.c

Thu, 25 Oct 2018 08:06:03 -0700 

Author: brane
Date: Thu Oct 25 15:05:20 2018
New Revision: 1844837

URL: http://svn.apache.org/viewvc?rev=1844837&view=rev
Log:
Fix test failures with OpenSSL 1.1 and later. The MockHTTPinC server must
also disable TLSv1.3 if the OpenSSL library enables it by default.

* test/MockHTTPinC/MockHTTP.h (mhSSLProtocol_t): Add mhProtoTLSv13.
* test/MockHTTPinC/MockHTTP_server.c
  (initSSLCtx): Handle TLSv1.3 in the context if OpenSSL supports it.
  (sslHandshake): Remove the quite useless printf() "fix".

Modified:
    serf/trunk/test/MockHTTPinC/MockHTTP.h
    serf/trunk/test/MockHTTPinC/MockHTTP_server.c

Modified: serf/trunk/test/MockHTTPinC/MockHTTP.h
URL: 
http://svn.apache.org/viewvc/serf/trunk/test/MockHTTPinC/MockHTTP.h?rev=1844837&r1=1844836&r2=1844837&view=diff
==============================================================================
--- serf/trunk/test/MockHTTPinC/MockHTTP.h (original)
+++ serf/trunk/test/MockHTTPinC/MockHTTP.h Thu Oct 25 15:05:20 2018
@@ -71,6 +71,7 @@ typedef enum mhSSLProtocol_t {
     mhProtoTLSv1  = 0x04,
     mhProtoTLSv11 = 0x08,
     mhProtoTLSv12 = 0x10,
+    mhProtoTLSv13 = 0x20,
 } mhSSLProtocol_t;
 
 typedef enum mhThreading_t {

Modified: serf/trunk/test/MockHTTPinC/MockHTTP_server.c
URL: 
http://svn.apache.org/viewvc/serf/trunk/test/MockHTTPinC/MockHTTP_server.c?rev=1844837&r1=1844836&r2=1844837&view=diff
==============================================================================
--- serf/trunk/test/MockHTTPinC/MockHTTP_server.c (original)
+++ serf/trunk/test/MockHTTPinC/MockHTTP_server.c Thu Oct 25 15:05:20 2018
@@ -2696,6 +2696,10 @@ static apr_status_t initSSLCtx(_mhClient
         if (! (cctx->protocols & mhProtoTLSv12))
             SSL_CTX_set_options(ssl_ctx->ctx, SSL_OP_NO_TLSv1_2);
 #endif
+#ifdef SSL_OP_NO_TLSv1_3
+        if (! (cctx->protocols & mhProtoTLSv13))
+            SSL_CTX_set_options(ssl_ctx->ctx, SSL_OP_NO_TLSv1_3);
+#endif
 
 #if OPENSSL_VERSION_NUMBER >= 0x10002000L /* >= 1.0.2 */
 #  ifndef OPENSSL_NO_TLSEXT
@@ -3045,11 +3049,6 @@ static apr_status_t sslHandshake(_mhClie
                         return APR_EAGAIN;
                     }
 
-                    /* XXX This is magic that makes the tests pass on macOS
-                           with OpenSSL 1.0.2n and later. Please don't ask
-                           for explanations; see above, re: "magic". */
-                    fprintf(stderr, "\n");
-
                     _mhLog(MH_VERBOSE, cctx->skt,
                            "SSL Error %d: Library=%d, Function=%d, Reason=%d",
                            ssl_err, lib, func, reason);

Reply via email to