# HG changeset patch
# User Maxim Dounin <mdou...@mdounin.ru>
# Date 1714527846 -10800
# Wed May 01 04:44:06 2024 +0300
# Node ID 1d4089d4b7b14afef191fb6b28152f841d3eb2be
# Parent aaba4e48aa7d327e49dee8cca02cd1a7b9b6e0c3
Tests: guarded ssl_certificates.t for old OpenSSL versions.
The ssl_certificates.t test uses ECDSA ciphers, which are only available
starting with OpenSSL 0.9.8b. In previous versions, notably in OpenSSL 0.9.8
and 0.9.8a, only non-standard example ciphers where available, which cannot
be used with any other clients.
The same applies to ssl_stapling.t, but it also requires the certificate
status TLS extension, which is only available since OpenSSL 0.9.8h, and
therefore no additional checks are needed.
diff --git a/ssl_certificates.t b/ssl_certificates.t
--- a/ssl_certificates.t
+++ b/ssl_certificates.t
@@ -25,7 +25,10 @@ select STDOUT; $| = 1;
my $t = Test::Nginx->new()->has(qw/http http_ssl socket_ssl/)
->has_daemon('openssl');
-plan(skip_all => 'no multiple certificates') if $t->has_module('BoringSSL');
+plan(skip_all => 'no multiple certificates')
+ if $t->has_module('BoringSSL');
+plan(skip_all => 'no ECDSA support')
+ if $t->has_module('OpenSSL') and not $t->has_feature('openssl:0.9.8b');
$t->write_file_expand('nginx.conf', <<'EOF');
--
nginx-devel mailing list
nginx-devel@freenginx.org
https://freenginx.org/mailman/listinfo/nginx-devel
