commit a3ce7049bd27700a39eef6ffd03ea23078231098
parent fc649c7bf3ba670371ff42d06bcdb48e50467c63
Author: Evgeny Grin (Karlson2k) <k2k@narod.ru>
Date: Thu, 21 Apr 2022 13:39:45 +0300
test_https_sni: limit to libcrul with certain TLS backends.
NSS can't be used with SSL_VERIFYPEER disabled, while SSL_VERIFYHOST is
enabled, other backends may have some problems as well.
Diffstat:
2 files changed, 31 insertions(+), 1 deletion(-)
diff --git a/src/testcurl/https/test_https_sni.c b/src/testcurl/https/test_https_sni.c
@@ -257,6 +257,7 @@ main (int argc, char *const *argv)
struct MHD_Daemon *d;
int port;
(void) argc; /* Unused. Silent compiler warning. */
+ const char *tls_backend;
if (MHD_NO != MHD_is_feature_supported (MHD_FEATURE_AUTODETECT_BIND_PORT))
port = 0;
@@ -271,12 +272,21 @@ main (int argc, char *const *argv)
#endif /* MHD_HTTPS_REQUIRE_GRYPT */
if (! testsuite_curl_global_init ())
return 99;
- if (NULL == curl_version_info (CURLVERSION_NOW)->ssl_version)
+ tls_backend = curl_version_info (CURLVERSION_NOW)->ssl_version;
+ if (NULL == tls_backend)
{
fprintf (stderr, "Curl does not support SSL. Cannot run the test.\n");
curl_global_cleanup ();
return 77;
}
+ if (! curl_tls_is_gnutls () && ! curl_tls_is_openssl ())
+ {
+ fprintf (stderr, "This test is reliable only with libcurl with GnuTLS or "
+ "OpenSSL backends.\nSkipping the test as libcurl has '%s' "
+ "backend.\n", tls_backend);
+ curl_global_cleanup ();
+ return 77;
+ }
load_keys ("mhdhost1", ABS_SRCDIR "/mhdhost1.crt",
ABS_SRCDIR "/mhdhost1.key");
diff --git a/src/testcurl/https/tls_test_common.c b/src/testcurl/https/tls_test_common.c
@@ -602,6 +602,26 @@ curl_tls_is_gnutls (void)
int
+curl_tls_is_openssl (void)
+{
+ const char *tlslib;
+ if (inited_tls_is_gnutls)
+ return 0;
+ if (inited_tls_is_openssl)
+ return 1;
+
+ tlslib = curl_version_info (CURLVERSION_NOW)->ssl_version;
+ if (NULL == tlslib)
+ return 0;
+ if (0 == strncmp (tlslib, "OpenSSL/", 8))
+ return 1;
+
+ /* Multi-backends handled during initialization by setting variable */
+ return 0;
+}
+
+
+int
curl_tls_is_nss (void)
{
const char *tlslib;
