# HG changeset patch
# User Maxim Dounin <mdou...@mdounin.ru>
# Date 1679107858 -10800
# Sat Mar 18 05:50:58 2023 +0300
# Node ID 3ab3b2d1c2e67bc1f05e386218ceb08da873a477
# Parent 97b09b6633f69747c0d6ef13c76739bdd6b7f3bb
Tests: LibreSSL and BoringSSL session reuse with TLSv1.3 in mail.
LibreSSL does not support session reuse with TLSv1.3 at all. BoringSSL
with TLSv1.3 only supports session tickets, but not server-side session
cache.
diff --git a/mail_ssl_session_reuse.t b/mail_ssl_session_reuse.t
--- a/mail_ssl_session_reuse.t
+++ b/mail_ssl_session_reuse.t
@@ -144,16 +144,34 @@ my ($ssl, $ses);
# - only cache none
# - only cache off
+TODO: {
+local $TODO = 'no TLSv1.3 sessions in LibreSSL'
+ if $t->has_module('LibreSSL') && test_tls13();
+
is(test_reuse(8993), 1, 'tickets reused');
is(test_reuse(8994), 1, 'tickets and cache reused');
+
+TODO: {
+local $TODO = 'no TLSv1.3 session cache in BoringSSL'
+ if $t->has_module('BoringSSL') && test_tls13();
+
is(test_reuse(8995), 1, 'cache shared reused');
is(test_reuse(8996), 1, 'cache builtin reused');
is(test_reuse(8997), 1, 'cache builtin size reused');
+
+}
+}
+
is(test_reuse(8998), 0, 'cache none not reused');
is(test_reuse(8999), 0, 'cache off not reused');
###############################################################################
+sub test_tls13 {
+ my ($s, $ssl) = get_ssl_socket(8993);
+ return (Net::SSLeay::version($ssl) > 0x303);
+}
+
sub test_reuse {
my ($port) = @_;
my ($s, $ssl) = get_ssl_socket($port);
_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
https://mailman.nginx.org/mailman/listinfo/nginx-devel
