(tomcat) branch 11.0.x updated: Test OCSP with BoringSSL and LibreSSL

Fri, 17 Oct 2025 17:10:36 -0700 

This is an automated email from the ASF dual-hosted git repository.

remm pushed a commit to branch 11.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/11.0.x by this push:
     new e1c5f8ea38 Test OCSP with BoringSSL and LibreSSL
e1c5f8ea38 is described below

commit e1c5f8ea38110571f6bf132ad527de44102a45e8
Author: remm <[email protected]>
AuthorDate: Fri Oct 10 15:39:10 2025 +0200

    Test OCSP with BoringSSL and LibreSSL
    
    BoringSSL does not work anymore due to:
    
https://boringssl.googlesource.com/boringssl/+/1749dc9a70fd9cbb3221c47ef30cffd6fda06846
---
 test/org/apache/tomcat/util/net/ocsp/TestOcspIntegration.java | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/test/org/apache/tomcat/util/net/ocsp/TestOcspIntegration.java 
b/test/org/apache/tomcat/util/net/ocsp/TestOcspIntegration.java
index 2f4f819557..f42ff0d64f 100644
--- a/test/org/apache/tomcat/util/net/ocsp/TestOcspIntegration.java
+++ b/test/org/apache/tomcat/util/net/ocsp/TestOcspIntegration.java
@@ -75,6 +75,7 @@ import org.apache.tomcat.util.net.Constants;
 import org.apache.tomcat.util.net.SSLHostConfig;
 import org.apache.tomcat.util.net.SSLHostConfigCertificate;
 import org.apache.tomcat.util.net.TesterSupport;
+import org.apache.tomcat.util.net.openssl.OpenSSLStatus;
 
 import com.sun.net.httpserver.Headers;
 import com.sun.net.httpserver.HttpServer;
@@ -206,6 +207,10 @@ public class TestOcspIntegration extends TomcatBaseTest {
     private int testOCSP(String pathToOcspResponse, boolean 
serverSideVerificationEnabled,
             boolean clientSideOcspVerificationEnabled, boolean 
clientDiscoversResponderFromAIA, int ocspResponderPort)
             throws Exception {
+
+        Assume.assumeFalse("BoringSSL does not allow supporting OCSP",
+                TesterSupport.isOpenSSLVariant(sslImplementationName, 
OpenSSLStatus.Name.BORINGSSL));
+
         File certificateFile = new File(getPath(SERVER_CERTIFICATE_PATH));
         File certificateKeyFile = new 
File(getPath(SERVER_CERTIFICATE_KEY_PATH));
         File certificateChainFile = new File(getPath(CA_CERTIFICATE_PATH));


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to